net/xfrm/xfrm_policy.c

*4882a593Smuzhiyun// SPDX-License-Identifier: GPL-2.0-only
*4882a593Smuzhiyun/*
*4882a593Smuzhiyun * xfrm_policy.c
*4882a593Smuzhiyun *
*4882a593Smuzhiyun * Changes:
*4882a593Smuzhiyun *	Mitsuru KANDA @USAGI
*4882a593Smuzhiyun * 	Kazunori MIYAZAWA @USAGI
*4882a593Smuzhiyun * 	Kunihiro Ishiguro <kunihiro@ipinfusion.com>
*4882a593Smuzhiyun * 		IPv6 support
*4882a593Smuzhiyun * 	Kazunori MIYAZAWA @USAGI
*4882a593Smuzhiyun * 	YOSHIFUJI Hideaki
*4882a593Smuzhiyun * 		Split up af-specific portion
*4882a593Smuzhiyun *	Derek Atkins <derek@ihtfp.com>		Add the post_input processor
*4882a593Smuzhiyun *
*4882a593Smuzhiyun */
*4882a593Smuzhiyun
*4882a593Smuzhiyun#include <linux/err.h>
*4882a593Smuzhiyun#include <linux/slab.h>
*4882a593Smuzhiyun#include <linux/kmod.h>
*4882a593Smuzhiyun#include <linux/list.h>
*4882a593Smuzhiyun#include <linux/spinlock.h>
*4882a593Smuzhiyun#include <linux/workqueue.h>
*4882a593Smuzhiyun#include <linux/notifier.h>
*4882a593Smuzhiyun#include <linux/netdevice.h>
*4882a593Smuzhiyun#include <linux/netfilter.h>
*4882a593Smuzhiyun#include <linux/module.h>
*4882a593Smuzhiyun#include <linux/cache.h>
*4882a593Smuzhiyun#include <linux/cpu.h>
*4882a593Smuzhiyun#include <linux/audit.h>
*4882a593Smuzhiyun#include <linux/rhashtable.h>
*4882a593Smuzhiyun#include <linux/if_tunnel.h>
*4882a593Smuzhiyun#include <net/dst.h>
*4882a593Smuzhiyun#include <net/flow.h>
*4882a593Smuzhiyun#ifndef __GENKSYMS__
*4882a593Smuzhiyun#include <net/inet_ecn.h>
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun#include <net/xfrm.h>
*4882a593Smuzhiyun#include <net/ip.h>
*4882a593Smuzhiyun#ifndef __GENKSYMS__
*4882a593Smuzhiyun#include <net/gre.h>
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun#if IS_ENABLED(CONFIG_IPV6_MIP6)
*4882a593Smuzhiyun#include <net/mip6.h>
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun#ifdef CONFIG_XFRM_STATISTICS
*4882a593Smuzhiyun#include <net/snmp.h>
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun#ifdef CONFIG_XFRM_ESPINTCP
*4882a593Smuzhiyun#include <net/espintcp.h>
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun
*4882a593Smuzhiyun#include "xfrm_hash.h"
*4882a593Smuzhiyun
*4882a593Smuzhiyun#define XFRM_QUEUE_TMO_MIN ((unsigned)(HZ/10))
*4882a593Smuzhiyun#define XFRM_QUEUE_TMO_MAX ((unsigned)(60*HZ))
*4882a593Smuzhiyun#define XFRM_MAX_QUEUE_LEN	100
*4882a593Smuzhiyun
*4882a593Smuzhiyunstruct xfrm_flo {
*4882a593Smuzhiyun	struct dst_entry *dst_orig;
*4882a593Smuzhiyun	u8 flags;
*4882a593Smuzhiyun};
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* prefixes smaller than this are stored in lists, not trees. */
*4882a593Smuzhiyun#define INEXACT_PREFIXLEN_IPV4	16
*4882a593Smuzhiyun#define INEXACT_PREFIXLEN_IPV6	48
*4882a593Smuzhiyun
*4882a593Smuzhiyunstruct xfrm_pol_inexact_node {
*4882a593Smuzhiyun	struct rb_node node;
*4882a593Smuzhiyun	union {
*4882a593Smuzhiyun		xfrm_address_t addr;
*4882a593Smuzhiyun		struct rcu_head rcu;
*4882a593Smuzhiyun	};
*4882a593Smuzhiyun	u8 prefixlen;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	struct rb_root root;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* the policies matching this node, can be empty list */
*4882a593Smuzhiyun	struct hlist_head hhead;
*4882a593Smuzhiyun};
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* xfrm inexact policy search tree:
*4882a593Smuzhiyun * xfrm_pol_inexact_bin = hash(dir,type,family,if_id);
*4882a593Smuzhiyun *  |
*4882a593Smuzhiyun * +---- root_d: sorted by daddr:prefix
*4882a593Smuzhiyun * |                 |
*4882a593Smuzhiyun * |        xfrm_pol_inexact_node
*4882a593Smuzhiyun * |                 |
*4882a593Smuzhiyun * |                 +- root: sorted by saddr/prefix
*4882a593Smuzhiyun * |                 |              |
*4882a593Smuzhiyun * |                 |         xfrm_pol_inexact_node
*4882a593Smuzhiyun * |                 |              |
*4882a593Smuzhiyun * |                 |              + root: unused
*4882a593Smuzhiyun * |                 |              |
*4882a593Smuzhiyun * |                 |              + hhead: saddr:daddr policies
*4882a593Smuzhiyun * |                 |
*4882a593Smuzhiyun * |                 +- coarse policies and all any:daddr policies
*4882a593Smuzhiyun * |
*4882a593Smuzhiyun * +---- root_s: sorted by saddr:prefix
*4882a593Smuzhiyun * |                 |
*4882a593Smuzhiyun * |        xfrm_pol_inexact_node
*4882a593Smuzhiyun * |                 |
*4882a593Smuzhiyun * |                 + root: unused
*4882a593Smuzhiyun * |                 |
*4882a593Smuzhiyun * |                 + hhead: saddr:any policies
*4882a593Smuzhiyun * |
*4882a593Smuzhiyun * +---- coarse policies and all any:any policies
*4882a593Smuzhiyun *
*4882a593Smuzhiyun * Lookups return four candidate lists:
*4882a593Smuzhiyun * 1. any:any list from top-level xfrm_pol_inexact_bin
*4882a593Smuzhiyun * 2. any:daddr list from daddr tree
*4882a593Smuzhiyun * 3. saddr:daddr list from 2nd level daddr tree
*4882a593Smuzhiyun * 4. saddr:any list from saddr tree
*4882a593Smuzhiyun *
*4882a593Smuzhiyun * This result set then needs to be searched for the policy with
*4882a593Smuzhiyun * the lowest priority.  If two results have same prio, youngest one wins.
*4882a593Smuzhiyun */
*4882a593Smuzhiyun
*4882a593Smuzhiyunstruct xfrm_pol_inexact_key {
*4882a593Smuzhiyun	possible_net_t net;
*4882a593Smuzhiyun	u32 if_id;
*4882a593Smuzhiyun	u16 family;
*4882a593Smuzhiyun	u8 dir, type;
*4882a593Smuzhiyun};
*4882a593Smuzhiyun
*4882a593Smuzhiyunstruct xfrm_pol_inexact_bin {
*4882a593Smuzhiyun	struct xfrm_pol_inexact_key k;
*4882a593Smuzhiyun	struct rhash_head head;
*4882a593Smuzhiyun	/* list containing '*:*' policies */
*4882a593Smuzhiyun	struct hlist_head hhead;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	seqcount_spinlock_t count;
*4882a593Smuzhiyun	/* tree sorted by daddr/prefix */
*4882a593Smuzhiyun	struct rb_root root_d;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* tree sorted by saddr/prefix */
*4882a593Smuzhiyun	struct rb_root root_s;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* slow path below */
*4882a593Smuzhiyun	struct list_head inexact_bins;
*4882a593Smuzhiyun	struct rcu_head rcu;
*4882a593Smuzhiyun};
*4882a593Smuzhiyun
*4882a593Smuzhiyunenum xfrm_pol_inexact_candidate_type {
*4882a593Smuzhiyun	XFRM_POL_CAND_BOTH,
*4882a593Smuzhiyun	XFRM_POL_CAND_SADDR,
*4882a593Smuzhiyun	XFRM_POL_CAND_DADDR,
*4882a593Smuzhiyun	XFRM_POL_CAND_ANY,
*4882a593Smuzhiyun
*4882a593Smuzhiyun	XFRM_POL_CAND_MAX,
*4882a593Smuzhiyun};
*4882a593Smuzhiyun
*4882a593Smuzhiyunstruct xfrm_pol_inexact_candidates {
*4882a593Smuzhiyun	struct hlist_head *res[XFRM_POL_CAND_MAX];
*4882a593Smuzhiyun};
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic DEFINE_SPINLOCK(xfrm_if_cb_lock);
*4882a593Smuzhiyunstatic struct xfrm_if_cb const __rcu *xfrm_if_cb __read_mostly;
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic DEFINE_SPINLOCK(xfrm_policy_afinfo_lock);
*4882a593Smuzhiyunstatic struct xfrm_policy_afinfo const __rcu *xfrm_policy_afinfo[AF_INET6 + 1]
*4882a593Smuzhiyun						__read_mostly;
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct kmem_cache *xfrm_dst_cache __ro_after_init;
*4882a593Smuzhiyunstatic __read_mostly seqcount_mutex_t xfrm_policy_hash_generation;
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct rhashtable xfrm_policy_inexact_table;
*4882a593Smuzhiyunstatic const struct rhashtable_params xfrm_pol_inexact_params;
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_init_pmtu(struct xfrm_dst **bundle, int nr);
*4882a593Smuzhiyunstatic int stale_bundle(struct dst_entry *dst);
*4882a593Smuzhiyunstatic int xfrm_bundle_ok(struct xfrm_dst *xdst);
*4882a593Smuzhiyunstatic void xfrm_policy_queue_process(struct timer_list *t);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void __xfrm_policy_link(struct xfrm_policy *pol, int dir);
*4882a593Smuzhiyunstatic struct xfrm_policy *__xfrm_policy_unlink(struct xfrm_policy *pol,
*4882a593Smuzhiyun						int dir);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_pol_inexact_bin *
*4882a593Smuzhiyunxfrm_policy_inexact_lookup(struct net *net, u8 type, u16 family, u8 dir,
*4882a593Smuzhiyun			   u32 if_id);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_pol_inexact_bin *
*4882a593Smuzhiyunxfrm_policy_inexact_lookup_rcu(struct net *net,
*4882a593Smuzhiyun			       u8 type, u16 family, u8 dir, u32 if_id);
*4882a593Smuzhiyunstatic struct xfrm_policy *
*4882a593Smuzhiyunxfrm_policy_insert_list(struct hlist_head *chain, struct xfrm_policy *policy,
*4882a593Smuzhiyun			bool excl);
*4882a593Smuzhiyunstatic void xfrm_policy_insert_inexact_list(struct hlist_head *chain,
*4882a593Smuzhiyun					    struct xfrm_policy *policy);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic bool
*4882a593Smuzhiyunxfrm_policy_find_inexact_candidates(struct xfrm_pol_inexact_candidates *cand,
*4882a593Smuzhiyun				    struct xfrm_pol_inexact_bin *b,
*4882a593Smuzhiyun				    const xfrm_address_t *saddr,
*4882a593Smuzhiyun				    const xfrm_address_t *daddr);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline bool xfrm_pol_hold_rcu(struct xfrm_policy *policy)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	return refcount_inc_not_zero(&policy->refcnt);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline bool
*4882a593Smuzhiyun__xfrm4_selector_match(const struct xfrm_selector *sel, const struct flowi *fl)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct flowi4 *fl4 = &fl->u.ip4;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return  addr4_match(fl4->daddr, sel->daddr.a4, sel->prefixlen_d) &&
*4882a593Smuzhiyun		addr4_match(fl4->saddr, sel->saddr.a4, sel->prefixlen_s) &&
*4882a593Smuzhiyun		!((xfrm_flowi_dport(fl, &fl4->uli) ^ sel->dport) & sel->dport_mask) &&
*4882a593Smuzhiyun		!((xfrm_flowi_sport(fl, &fl4->uli) ^ sel->sport) & sel->sport_mask) &&
*4882a593Smuzhiyun		(fl4->flowi4_proto == sel->proto || !sel->proto) &&
*4882a593Smuzhiyun		(fl4->flowi4_oif == sel->ifindex || !sel->ifindex);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline bool
*4882a593Smuzhiyun__xfrm6_selector_match(const struct xfrm_selector *sel, const struct flowi *fl)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct flowi6 *fl6 = &fl->u.ip6;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return  addr_match(&fl6->daddr, &sel->daddr, sel->prefixlen_d) &&
*4882a593Smuzhiyun		addr_match(&fl6->saddr, &sel->saddr, sel->prefixlen_s) &&
*4882a593Smuzhiyun		!((xfrm_flowi_dport(fl, &fl6->uli) ^ sel->dport) & sel->dport_mask) &&
*4882a593Smuzhiyun		!((xfrm_flowi_sport(fl, &fl6->uli) ^ sel->sport) & sel->sport_mask) &&
*4882a593Smuzhiyun		(fl6->flowi6_proto == sel->proto || !sel->proto) &&
*4882a593Smuzhiyun		(fl6->flowi6_oif == sel->ifindex || !sel->ifindex);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunbool xfrm_selector_match(const struct xfrm_selector *sel, const struct flowi *fl,
*4882a593Smuzhiyun			 unsigned short family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	switch (family) {
*4882a593Smuzhiyun	case AF_INET:
*4882a593Smuzhiyun		return __xfrm4_selector_match(sel, fl);
*4882a593Smuzhiyun	case AF_INET6:
*4882a593Smuzhiyun		return __xfrm6_selector_match(sel, fl);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	return false;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic const struct xfrm_policy_afinfo *xfrm_policy_get_afinfo(unsigned short family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct xfrm_policy_afinfo *afinfo;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (unlikely(family >= ARRAY_SIZE(xfrm_policy_afinfo)))
*4882a593Smuzhiyun		return NULL;
*4882a593Smuzhiyun	rcu_read_lock();
*4882a593Smuzhiyun	afinfo = rcu_dereference(xfrm_policy_afinfo[family]);
*4882a593Smuzhiyun	if (unlikely(!afinfo))
*4882a593Smuzhiyun		rcu_read_unlock();
*4882a593Smuzhiyun	return afinfo;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Called with rcu_read_lock(). */
*4882a593Smuzhiyunstatic const struct xfrm_if_cb *xfrm_if_get_cb(void)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	return rcu_dereference(xfrm_if_cb);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstruct dst_entry *__xfrm_dst_lookup(struct net *net, int tos, int oif,
*4882a593Smuzhiyun				    const xfrm_address_t *saddr,
*4882a593Smuzhiyun				    const xfrm_address_t *daddr,
*4882a593Smuzhiyun				    int family, u32 mark)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct xfrm_policy_afinfo *afinfo;
*4882a593Smuzhiyun	struct dst_entry *dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	afinfo = xfrm_policy_get_afinfo(family);
*4882a593Smuzhiyun	if (unlikely(afinfo == NULL))
*4882a593Smuzhiyun		return ERR_PTR(-EAFNOSUPPORT);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst = afinfo->dst_lookup(net, tos, oif, saddr, daddr, mark);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	rcu_read_unlock();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return dst;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(__xfrm_dst_lookup);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x,
*4882a593Smuzhiyun						int tos, int oif,
*4882a593Smuzhiyun						xfrm_address_t *prev_saddr,
*4882a593Smuzhiyun						xfrm_address_t *prev_daddr,
*4882a593Smuzhiyun						int family, u32 mark)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = xs_net(x);
*4882a593Smuzhiyun	xfrm_address_t *saddr = &x->props.saddr;
*4882a593Smuzhiyun	xfrm_address_t *daddr = &x->id.daddr;
*4882a593Smuzhiyun	struct dst_entry *dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (x->type->flags & XFRM_TYPE_LOCAL_COADDR) {
*4882a593Smuzhiyun		saddr = x->coaddr;
*4882a593Smuzhiyun		daddr = prev_daddr;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	if (x->type->flags & XFRM_TYPE_REMOTE_COADDR) {
*4882a593Smuzhiyun		saddr = prev_saddr;
*4882a593Smuzhiyun		daddr = x->coaddr;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst = __xfrm_dst_lookup(net, tos, oif, saddr, daddr, family, mark);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!IS_ERR(dst)) {
*4882a593Smuzhiyun		if (prev_saddr != saddr)
*4882a593Smuzhiyun			memcpy(prev_saddr, saddr,  sizeof(*prev_saddr));
*4882a593Smuzhiyun		if (prev_daddr != daddr)
*4882a593Smuzhiyun			memcpy(prev_daddr, daddr,  sizeof(*prev_daddr));
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return dst;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline unsigned long make_jiffies(long secs)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ)
*4882a593Smuzhiyun		return MAX_SCHEDULE_TIMEOUT-1;
*4882a593Smuzhiyun	else
*4882a593Smuzhiyun		return secs*HZ;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_policy_timer(struct timer_list *t)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *xp = from_timer(xp, t, timer);
*4882a593Smuzhiyun	time64_t now = ktime_get_real_seconds();
*4882a593Smuzhiyun	time64_t next = TIME64_MAX;
*4882a593Smuzhiyun	int warn = 0;
*4882a593Smuzhiyun	int dir;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	read_lock(&xp->lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (unlikely(xp->walk.dead))
*4882a593Smuzhiyun		goto out;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dir = xfrm_policy_id2dir(xp->index);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (xp->lft.hard_add_expires_seconds) {
*4882a593Smuzhiyun		time64_t tmo = xp->lft.hard_add_expires_seconds +
*4882a593Smuzhiyun			xp->curlft.add_time - now;
*4882a593Smuzhiyun		if (tmo <= 0)
*4882a593Smuzhiyun			goto expired;
*4882a593Smuzhiyun		if (tmo < next)
*4882a593Smuzhiyun			next = tmo;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	if (xp->lft.hard_use_expires_seconds) {
*4882a593Smuzhiyun		time64_t tmo = xp->lft.hard_use_expires_seconds +
*4882a593Smuzhiyun			(xp->curlft.use_time ? : xp->curlft.add_time) - now;
*4882a593Smuzhiyun		if (tmo <= 0)
*4882a593Smuzhiyun			goto expired;
*4882a593Smuzhiyun		if (tmo < next)
*4882a593Smuzhiyun			next = tmo;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	if (xp->lft.soft_add_expires_seconds) {
*4882a593Smuzhiyun		time64_t tmo = xp->lft.soft_add_expires_seconds +
*4882a593Smuzhiyun			xp->curlft.add_time - now;
*4882a593Smuzhiyun		if (tmo <= 0) {
*4882a593Smuzhiyun			warn = 1;
*4882a593Smuzhiyun			tmo = XFRM_KM_TIMEOUT;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		if (tmo < next)
*4882a593Smuzhiyun			next = tmo;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	if (xp->lft.soft_use_expires_seconds) {
*4882a593Smuzhiyun		time64_t tmo = xp->lft.soft_use_expires_seconds +
*4882a593Smuzhiyun			(xp->curlft.use_time ? : xp->curlft.add_time) - now;
*4882a593Smuzhiyun		if (tmo <= 0) {
*4882a593Smuzhiyun			warn = 1;
*4882a593Smuzhiyun			tmo = XFRM_KM_TIMEOUT;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		if (tmo < next)
*4882a593Smuzhiyun			next = tmo;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (warn)
*4882a593Smuzhiyun		km_policy_expired(xp, dir, 0, 0);
*4882a593Smuzhiyun	if (next != TIME64_MAX &&
*4882a593Smuzhiyun	    !mod_timer(&xp->timer, jiffies + make_jiffies(next)))
*4882a593Smuzhiyun		xfrm_pol_hold(xp);
*4882a593Smuzhiyun
*4882a593Smuzhiyunout:
*4882a593Smuzhiyun	read_unlock(&xp->lock);
*4882a593Smuzhiyun	xfrm_pol_put(xp);
*4882a593Smuzhiyun	return;
*4882a593Smuzhiyun
*4882a593Smuzhiyunexpired:
*4882a593Smuzhiyun	read_unlock(&xp->lock);
*4882a593Smuzhiyun	if (!xfrm_policy_delete(xp, dir))
*4882a593Smuzhiyun		km_policy_expired(xp, dir, 1, 0);
*4882a593Smuzhiyun	xfrm_pol_put(xp);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Allocate xfrm_policy. Not used here, it is supposed to be used by pfkeyv2
*4882a593Smuzhiyun * SPD calls.
*4882a593Smuzhiyun */
*4882a593Smuzhiyun
*4882a593Smuzhiyunstruct xfrm_policy *xfrm_policy_alloc(struct net *net, gfp_t gfp)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *policy;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	policy = kzalloc(sizeof(struct xfrm_policy), gfp);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (policy) {
*4882a593Smuzhiyun		write_pnet(&policy->xp_net, net);
*4882a593Smuzhiyun		INIT_LIST_HEAD(&policy->walk.all);
*4882a593Smuzhiyun		INIT_HLIST_NODE(&policy->bydst_inexact_list);
*4882a593Smuzhiyun		INIT_HLIST_NODE(&policy->bydst);
*4882a593Smuzhiyun		INIT_HLIST_NODE(&policy->byidx);
*4882a593Smuzhiyun		rwlock_init(&policy->lock);
*4882a593Smuzhiyun		refcount_set(&policy->refcnt, 1);
*4882a593Smuzhiyun		skb_queue_head_init(&policy->polq.hold_queue);
*4882a593Smuzhiyun		timer_setup(&policy->timer, xfrm_policy_timer, 0);
*4882a593Smuzhiyun		timer_setup(&policy->polq.hold_timer,
*4882a593Smuzhiyun			    xfrm_policy_queue_process, 0);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	return policy;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_alloc);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_policy_destroy_rcu(struct rcu_head *head)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *policy = container_of(head, struct xfrm_policy, rcu);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	security_xfrm_policy_free(policy->security);
*4882a593Smuzhiyun	kfree(policy);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Destroy xfrm_policy: descendant resources must be released to this moment. */
*4882a593Smuzhiyun
*4882a593Smuzhiyunvoid xfrm_policy_destroy(struct xfrm_policy *policy)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	BUG_ON(!policy->walk.dead);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (del_timer(&policy->timer) || del_timer(&policy->polq.hold_timer))
*4882a593Smuzhiyun		BUG();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	call_rcu(&policy->rcu, xfrm_policy_destroy_rcu);
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_destroy);
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Rule must be locked. Release descendant resources, announce
*4882a593Smuzhiyun * entry dead. The rule must be unlinked from lists to the moment.
*4882a593Smuzhiyun */
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_policy_kill(struct xfrm_policy *policy)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	write_lock_bh(&policy->lock);
*4882a593Smuzhiyun	policy->walk.dead = 1;
*4882a593Smuzhiyun	write_unlock_bh(&policy->lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	atomic_inc(&policy->genid);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (del_timer(&policy->polq.hold_timer))
*4882a593Smuzhiyun		xfrm_pol_put(policy);
*4882a593Smuzhiyun	skb_queue_purge(&policy->polq.hold_queue);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (del_timer(&policy->timer))
*4882a593Smuzhiyun		xfrm_pol_put(policy);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xfrm_pol_put(policy);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic unsigned int xfrm_policy_hashmax __read_mostly = 1 * 1024 * 1024;
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline unsigned int idx_hash(struct net *net, u32 index)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	return __idx_hash(index, net->xfrm.policy_idx_hmask);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* calculate policy hash thresholds */
*4882a593Smuzhiyunstatic void __get_hash_thresh(struct net *net,
*4882a593Smuzhiyun			      unsigned short family, int dir,
*4882a593Smuzhiyun			      u8 *dbits, u8 *sbits)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	switch (family) {
*4882a593Smuzhiyun	case AF_INET:
*4882a593Smuzhiyun		*dbits = net->xfrm.policy_bydst[dir].dbits4;
*4882a593Smuzhiyun		*sbits = net->xfrm.policy_bydst[dir].sbits4;
*4882a593Smuzhiyun		break;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	case AF_INET6:
*4882a593Smuzhiyun		*dbits = net->xfrm.policy_bydst[dir].dbits6;
*4882a593Smuzhiyun		*sbits = net->xfrm.policy_bydst[dir].sbits6;
*4882a593Smuzhiyun		break;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	default:
*4882a593Smuzhiyun		*dbits = 0;
*4882a593Smuzhiyun		*sbits = 0;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct hlist_head *policy_hash_bysel(struct net *net,
*4882a593Smuzhiyun					    const struct xfrm_selector *sel,
*4882a593Smuzhiyun					    unsigned short family, int dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	unsigned int hmask = net->xfrm.policy_bydst[dir].hmask;
*4882a593Smuzhiyun	unsigned int hash;
*4882a593Smuzhiyun	u8 dbits;
*4882a593Smuzhiyun	u8 sbits;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	__get_hash_thresh(net, family, dir, &dbits, &sbits);
*4882a593Smuzhiyun	hash = __sel_hash(sel, family, hmask, dbits, sbits);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (hash == hmask + 1)
*4882a593Smuzhiyun		return NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return rcu_dereference_check(net->xfrm.policy_bydst[dir].table,
*4882a593Smuzhiyun		     lockdep_is_held(&net->xfrm.xfrm_policy_lock)) + hash;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct hlist_head *policy_hash_direct(struct net *net,
*4882a593Smuzhiyun					     const xfrm_address_t *daddr,
*4882a593Smuzhiyun					     const xfrm_address_t *saddr,
*4882a593Smuzhiyun					     unsigned short family, int dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	unsigned int hmask = net->xfrm.policy_bydst[dir].hmask;
*4882a593Smuzhiyun	unsigned int hash;
*4882a593Smuzhiyun	u8 dbits;
*4882a593Smuzhiyun	u8 sbits;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	__get_hash_thresh(net, family, dir, &dbits, &sbits);
*4882a593Smuzhiyun	hash = __addr_hash(daddr, saddr, family, hmask, dbits, sbits);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return rcu_dereference_check(net->xfrm.policy_bydst[dir].table,
*4882a593Smuzhiyun		     lockdep_is_held(&net->xfrm.xfrm_policy_lock)) + hash;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_dst_hash_transfer(struct net *net,
*4882a593Smuzhiyun				   struct hlist_head *list,
*4882a593Smuzhiyun				   struct hlist_head *ndsttable,
*4882a593Smuzhiyun				   unsigned int nhashmask,
*4882a593Smuzhiyun				   int dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct hlist_node *tmp, *entry0 = NULL;
*4882a593Smuzhiyun	struct xfrm_policy *pol;
*4882a593Smuzhiyun	unsigned int h0 = 0;
*4882a593Smuzhiyun	u8 dbits;
*4882a593Smuzhiyun	u8 sbits;
*4882a593Smuzhiyun
*4882a593Smuzhiyunredo:
*4882a593Smuzhiyun	hlist_for_each_entry_safe(pol, tmp, list, bydst) {
*4882a593Smuzhiyun		unsigned int h;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		__get_hash_thresh(net, pol->family, dir, &dbits, &sbits);
*4882a593Smuzhiyun		h = __addr_hash(&pol->selector.daddr, &pol->selector.saddr,
*4882a593Smuzhiyun				pol->family, nhashmask, dbits, sbits);
*4882a593Smuzhiyun		if (!entry0) {
*4882a593Smuzhiyun			hlist_del_rcu(&pol->bydst);
*4882a593Smuzhiyun			hlist_add_head_rcu(&pol->bydst, ndsttable + h);
*4882a593Smuzhiyun			h0 = h;
*4882a593Smuzhiyun		} else {
*4882a593Smuzhiyun			if (h != h0)
*4882a593Smuzhiyun				continue;
*4882a593Smuzhiyun			hlist_del_rcu(&pol->bydst);
*4882a593Smuzhiyun			hlist_add_behind_rcu(&pol->bydst, entry0);
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		entry0 = &pol->bydst;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	if (!hlist_empty(list)) {
*4882a593Smuzhiyun		entry0 = NULL;
*4882a593Smuzhiyun		goto redo;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_idx_hash_transfer(struct hlist_head *list,
*4882a593Smuzhiyun				   struct hlist_head *nidxtable,
*4882a593Smuzhiyun				   unsigned int nhashmask)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct hlist_node *tmp;
*4882a593Smuzhiyun	struct xfrm_policy *pol;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	hlist_for_each_entry_safe(pol, tmp, list, byidx) {
*4882a593Smuzhiyun		unsigned int h;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		h = __idx_hash(pol->index, nhashmask);
*4882a593Smuzhiyun		hlist_add_head(&pol->byidx, nidxtable+h);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic unsigned long xfrm_new_hash_mask(unsigned int old_hmask)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	return ((old_hmask + 1) << 1) - 1;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_bydst_resize(struct net *net, int dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	unsigned int hmask = net->xfrm.policy_bydst[dir].hmask;
*4882a593Smuzhiyun	unsigned int nhashmask = xfrm_new_hash_mask(hmask);
*4882a593Smuzhiyun	unsigned int nsize = (nhashmask + 1) * sizeof(struct hlist_head);
*4882a593Smuzhiyun	struct hlist_head *ndst = xfrm_hash_alloc(nsize);
*4882a593Smuzhiyun	struct hlist_head *odst;
*4882a593Smuzhiyun	int i;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!ndst)
*4882a593Smuzhiyun		return;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	write_seqcount_begin(&xfrm_policy_hash_generation);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	odst = rcu_dereference_protected(net->xfrm.policy_bydst[dir].table,
*4882a593Smuzhiyun				lockdep_is_held(&net->xfrm.xfrm_policy_lock));
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (i = hmask; i >= 0; i--)
*4882a593Smuzhiyun		xfrm_dst_hash_transfer(net, odst + i, ndst, nhashmask, dir);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	rcu_assign_pointer(net->xfrm.policy_bydst[dir].table, ndst);
*4882a593Smuzhiyun	net->xfrm.policy_bydst[dir].hmask = nhashmask;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	write_seqcount_end(&xfrm_policy_hash_generation);
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	synchronize_rcu();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xfrm_hash_free(odst, (hmask + 1) * sizeof(struct hlist_head));
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_byidx_resize(struct net *net, int total)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	unsigned int hmask = net->xfrm.policy_idx_hmask;
*4882a593Smuzhiyun	unsigned int nhashmask = xfrm_new_hash_mask(hmask);
*4882a593Smuzhiyun	unsigned int nsize = (nhashmask + 1) * sizeof(struct hlist_head);
*4882a593Smuzhiyun	struct hlist_head *oidx = net->xfrm.policy_byidx;
*4882a593Smuzhiyun	struct hlist_head *nidx = xfrm_hash_alloc(nsize);
*4882a593Smuzhiyun	int i;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!nidx)
*4882a593Smuzhiyun		return;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (i = hmask; i >= 0; i--)
*4882a593Smuzhiyun		xfrm_idx_hash_transfer(oidx + i, nidx, nhashmask);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	net->xfrm.policy_byidx = nidx;
*4882a593Smuzhiyun	net->xfrm.policy_idx_hmask = nhashmask;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xfrm_hash_free(oidx, (hmask + 1) * sizeof(struct hlist_head));
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline int xfrm_bydst_should_resize(struct net *net, int dir, int *total)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	unsigned int cnt = net->xfrm.policy_count[dir];
*4882a593Smuzhiyun	unsigned int hmask = net->xfrm.policy_bydst[dir].hmask;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (total)
*4882a593Smuzhiyun		*total += cnt;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if ((hmask + 1) < xfrm_policy_hashmax &&
*4882a593Smuzhiyun	    cnt > hmask)
*4882a593Smuzhiyun		return 1;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline int xfrm_byidx_should_resize(struct net *net, int total)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	unsigned int hmask = net->xfrm.policy_idx_hmask;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if ((hmask + 1) < xfrm_policy_hashmax &&
*4882a593Smuzhiyun	    total > hmask)
*4882a593Smuzhiyun		return 1;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunvoid xfrm_spd_getinfo(struct net *net, struct xfrmk_spdinfo *si)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	si->incnt = net->xfrm.policy_count[XFRM_POLICY_IN];
*4882a593Smuzhiyun	si->outcnt = net->xfrm.policy_count[XFRM_POLICY_OUT];
*4882a593Smuzhiyun	si->fwdcnt = net->xfrm.policy_count[XFRM_POLICY_FWD];
*4882a593Smuzhiyun	si->inscnt = net->xfrm.policy_count[XFRM_POLICY_IN+XFRM_POLICY_MAX];
*4882a593Smuzhiyun	si->outscnt = net->xfrm.policy_count[XFRM_POLICY_OUT+XFRM_POLICY_MAX];
*4882a593Smuzhiyun	si->fwdscnt = net->xfrm.policy_count[XFRM_POLICY_FWD+XFRM_POLICY_MAX];
*4882a593Smuzhiyun	si->spdhcnt = net->xfrm.policy_idx_hmask;
*4882a593Smuzhiyun	si->spdhmcnt = xfrm_policy_hashmax;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_spd_getinfo);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic DEFINE_MUTEX(hash_resize_mutex);
*4882a593Smuzhiyunstatic void xfrm_hash_resize(struct work_struct *work)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = container_of(work, struct net, xfrm.policy_hash_work);
*4882a593Smuzhiyun	int dir, total;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	mutex_lock(&hash_resize_mutex);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	total = 0;
*4882a593Smuzhiyun	for (dir = 0; dir < XFRM_POLICY_MAX; dir++) {
*4882a593Smuzhiyun		if (xfrm_bydst_should_resize(net, dir, &total))
*4882a593Smuzhiyun			xfrm_bydst_resize(net, dir);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	if (xfrm_byidx_should_resize(net, total))
*4882a593Smuzhiyun		xfrm_byidx_resize(net, total);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	mutex_unlock(&hash_resize_mutex);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Make sure *pol can be inserted into fastbin.
*4882a593Smuzhiyun * Useful to check that later insert requests will be sucessful
*4882a593Smuzhiyun * (provided xfrm_policy_lock is held throughout).
*4882a593Smuzhiyun */
*4882a593Smuzhiyunstatic struct xfrm_pol_inexact_bin *
*4882a593Smuzhiyunxfrm_policy_inexact_alloc_bin(const struct xfrm_policy *pol, u8 dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_bin *bin, *prev;
*4882a593Smuzhiyun	struct xfrm_pol_inexact_key k = {
*4882a593Smuzhiyun		.family = pol->family,
*4882a593Smuzhiyun		.type = pol->type,
*4882a593Smuzhiyun		.dir = dir,
*4882a593Smuzhiyun		.if_id = pol->if_id,
*4882a593Smuzhiyun	};
*4882a593Smuzhiyun	struct net *net = xp_net(pol);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	lockdep_assert_held(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	write_pnet(&k.net, net);
*4882a593Smuzhiyun	bin = rhashtable_lookup_fast(&xfrm_policy_inexact_table, &k,
*4882a593Smuzhiyun				     xfrm_pol_inexact_params);
*4882a593Smuzhiyun	if (bin)
*4882a593Smuzhiyun		return bin;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	bin = kzalloc(sizeof(*bin), GFP_ATOMIC);
*4882a593Smuzhiyun	if (!bin)
*4882a593Smuzhiyun		return NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	bin->k = k;
*4882a593Smuzhiyun	INIT_HLIST_HEAD(&bin->hhead);
*4882a593Smuzhiyun	bin->root_d = RB_ROOT;
*4882a593Smuzhiyun	bin->root_s = RB_ROOT;
*4882a593Smuzhiyun	seqcount_spinlock_init(&bin->count, &net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	prev = rhashtable_lookup_get_insert_key(&xfrm_policy_inexact_table,
*4882a593Smuzhiyun						&bin->k, &bin->head,
*4882a593Smuzhiyun						xfrm_pol_inexact_params);
*4882a593Smuzhiyun	if (!prev) {
*4882a593Smuzhiyun		list_add(&bin->inexact_bins, &net->xfrm.inexact_bins);
*4882a593Smuzhiyun		return bin;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	kfree(bin);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return IS_ERR(prev) ? NULL : prev;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic bool xfrm_pol_inexact_addr_use_any_list(const xfrm_address_t *addr,
*4882a593Smuzhiyun					       int family, u8 prefixlen)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	if (xfrm_addr_any(addr, family))
*4882a593Smuzhiyun		return true;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (family == AF_INET6 && prefixlen < INEXACT_PREFIXLEN_IPV6)
*4882a593Smuzhiyun		return true;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (family == AF_INET && prefixlen < INEXACT_PREFIXLEN_IPV4)
*4882a593Smuzhiyun		return true;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return false;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic bool
*4882a593Smuzhiyunxfrm_policy_inexact_insert_use_any_list(const struct xfrm_policy *policy)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const xfrm_address_t *addr;
*4882a593Smuzhiyun	bool saddr_any, daddr_any;
*4882a593Smuzhiyun	u8 prefixlen;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	addr = &policy->selector.saddr;
*4882a593Smuzhiyun	prefixlen = policy->selector.prefixlen_s;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	saddr_any = xfrm_pol_inexact_addr_use_any_list(addr,
*4882a593Smuzhiyun						       policy->family,
*4882a593Smuzhiyun						       prefixlen);
*4882a593Smuzhiyun	addr = &policy->selector.daddr;
*4882a593Smuzhiyun	prefixlen = policy->selector.prefixlen_d;
*4882a593Smuzhiyun	daddr_any = xfrm_pol_inexact_addr_use_any_list(addr,
*4882a593Smuzhiyun						       policy->family,
*4882a593Smuzhiyun						       prefixlen);
*4882a593Smuzhiyun	return saddr_any && daddr_any;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_pol_inexact_node_init(struct xfrm_pol_inexact_node *node,
*4882a593Smuzhiyun				       const xfrm_address_t *addr, u8 prefixlen)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	node->addr = *addr;
*4882a593Smuzhiyun	node->prefixlen = prefixlen;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_pol_inexact_node *
*4882a593Smuzhiyunxfrm_pol_inexact_node_alloc(const xfrm_address_t *addr, u8 prefixlen)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_node *node;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	node = kzalloc(sizeof(*node), GFP_ATOMIC);
*4882a593Smuzhiyun	if (node)
*4882a593Smuzhiyun		xfrm_pol_inexact_node_init(node, addr, prefixlen);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return node;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int xfrm_policy_addr_delta(const xfrm_address_t *a,
*4882a593Smuzhiyun				  const xfrm_address_t *b,
*4882a593Smuzhiyun				  u8 prefixlen, u16 family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	u32 ma, mb, mask;
*4882a593Smuzhiyun	unsigned int pdw, pbi;
*4882a593Smuzhiyun	int delta = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	switch (family) {
*4882a593Smuzhiyun	case AF_INET:
*4882a593Smuzhiyun		if (prefixlen == 0)
*4882a593Smuzhiyun			return 0;
*4882a593Smuzhiyun		mask = ~0U << (32 - prefixlen);
*4882a593Smuzhiyun		ma = ntohl(a->a4) & mask;
*4882a593Smuzhiyun		mb = ntohl(b->a4) & mask;
*4882a593Smuzhiyun		if (ma < mb)
*4882a593Smuzhiyun			delta = -1;
*4882a593Smuzhiyun		else if (ma > mb)
*4882a593Smuzhiyun			delta = 1;
*4882a593Smuzhiyun		break;
*4882a593Smuzhiyun	case AF_INET6:
*4882a593Smuzhiyun		pdw = prefixlen >> 5;
*4882a593Smuzhiyun		pbi = prefixlen & 0x1f;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (pdw) {
*4882a593Smuzhiyun			delta = memcmp(a->a6, b->a6, pdw << 2);
*4882a593Smuzhiyun			if (delta)
*4882a593Smuzhiyun				return delta;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		if (pbi) {
*4882a593Smuzhiyun			mask = ~0U << (32 - pbi);
*4882a593Smuzhiyun			ma = ntohl(a->a6[pdw]) & mask;
*4882a593Smuzhiyun			mb = ntohl(b->a6[pdw]) & mask;
*4882a593Smuzhiyun			if (ma < mb)
*4882a593Smuzhiyun				delta = -1;
*4882a593Smuzhiyun			else if (ma > mb)
*4882a593Smuzhiyun				delta = 1;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		break;
*4882a593Smuzhiyun	default:
*4882a593Smuzhiyun		break;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return delta;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_policy_inexact_list_reinsert(struct net *net,
*4882a593Smuzhiyun					      struct xfrm_pol_inexact_node *n,
*4882a593Smuzhiyun					      u16 family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	unsigned int matched_s, matched_d;
*4882a593Smuzhiyun	struct xfrm_policy *policy, *p;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	matched_s = 0;
*4882a593Smuzhiyun	matched_d = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	list_for_each_entry_reverse(policy, &net->xfrm.policy_all, walk.all) {
*4882a593Smuzhiyun		struct hlist_node *newpos = NULL;
*4882a593Smuzhiyun		bool matches_s, matches_d;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (!policy->bydst_reinsert)
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		WARN_ON_ONCE(policy->family != family);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		policy->bydst_reinsert = false;
*4882a593Smuzhiyun		hlist_for_each_entry(p, &n->hhead, bydst) {
*4882a593Smuzhiyun			if (policy->priority > p->priority)
*4882a593Smuzhiyun				newpos = &p->bydst;
*4882a593Smuzhiyun			else if (policy->priority == p->priority &&
*4882a593Smuzhiyun				 policy->pos > p->pos)
*4882a593Smuzhiyun				newpos = &p->bydst;
*4882a593Smuzhiyun			else
*4882a593Smuzhiyun				break;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (newpos)
*4882a593Smuzhiyun			hlist_add_behind_rcu(&policy->bydst, newpos);
*4882a593Smuzhiyun		else
*4882a593Smuzhiyun			hlist_add_head_rcu(&policy->bydst, &n->hhead);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		/* paranoia checks follow.
*4882a593Smuzhiyun		 * Check that the reinserted policy matches at least
*4882a593Smuzhiyun		 * saddr or daddr for current node prefix.
*4882a593Smuzhiyun		 *
*4882a593Smuzhiyun		 * Matching both is fine, matching saddr in one policy
*4882a593Smuzhiyun		 * (but not daddr) and then matching only daddr in another
*4882a593Smuzhiyun		 * is a bug.
*4882a593Smuzhiyun		 */
*4882a593Smuzhiyun		matches_s = xfrm_policy_addr_delta(&policy->selector.saddr,
*4882a593Smuzhiyun						   &n->addr,
*4882a593Smuzhiyun						   n->prefixlen,
*4882a593Smuzhiyun						   family) == 0;
*4882a593Smuzhiyun		matches_d = xfrm_policy_addr_delta(&policy->selector.daddr,
*4882a593Smuzhiyun						   &n->addr,
*4882a593Smuzhiyun						   n->prefixlen,
*4882a593Smuzhiyun						   family) == 0;
*4882a593Smuzhiyun		if (matches_s && matches_d)
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		WARN_ON_ONCE(!matches_s && !matches_d);
*4882a593Smuzhiyun		if (matches_s)
*4882a593Smuzhiyun			matched_s++;
*4882a593Smuzhiyun		if (matches_d)
*4882a593Smuzhiyun			matched_d++;
*4882a593Smuzhiyun		WARN_ON_ONCE(matched_s && matched_d);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_policy_inexact_node_reinsert(struct net *net,
*4882a593Smuzhiyun					      struct xfrm_pol_inexact_node *n,
*4882a593Smuzhiyun					      struct rb_root *new,
*4882a593Smuzhiyun					      u16 family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_node *node;
*4882a593Smuzhiyun	struct rb_node **p, *parent;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* we should not have another subtree here */
*4882a593Smuzhiyun	WARN_ON_ONCE(!RB_EMPTY_ROOT(&n->root));
*4882a593Smuzhiyunrestart:
*4882a593Smuzhiyun	parent = NULL;
*4882a593Smuzhiyun	p = &new->rb_node;
*4882a593Smuzhiyun	while (*p) {
*4882a593Smuzhiyun		u8 prefixlen;
*4882a593Smuzhiyun		int delta;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		parent = *p;
*4882a593Smuzhiyun		node = rb_entry(*p, struct xfrm_pol_inexact_node, node);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		prefixlen = min(node->prefixlen, n->prefixlen);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		delta = xfrm_policy_addr_delta(&n->addr, &node->addr,
*4882a593Smuzhiyun					       prefixlen, family);
*4882a593Smuzhiyun		if (delta < 0) {
*4882a593Smuzhiyun			p = &parent->rb_left;
*4882a593Smuzhiyun		} else if (delta > 0) {
*4882a593Smuzhiyun			p = &parent->rb_right;
*4882a593Smuzhiyun		} else {
*4882a593Smuzhiyun			bool same_prefixlen = node->prefixlen == n->prefixlen;
*4882a593Smuzhiyun			struct xfrm_policy *tmp;
*4882a593Smuzhiyun
*4882a593Smuzhiyun			hlist_for_each_entry(tmp, &n->hhead, bydst) {
*4882a593Smuzhiyun				tmp->bydst_reinsert = true;
*4882a593Smuzhiyun				hlist_del_rcu(&tmp->bydst);
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun
*4882a593Smuzhiyun			node->prefixlen = prefixlen;
*4882a593Smuzhiyun
*4882a593Smuzhiyun			xfrm_policy_inexact_list_reinsert(net, node, family);
*4882a593Smuzhiyun
*4882a593Smuzhiyun			if (same_prefixlen) {
*4882a593Smuzhiyun				kfree_rcu(n, rcu);
*4882a593Smuzhiyun				return;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun
*4882a593Smuzhiyun			rb_erase(*p, new);
*4882a593Smuzhiyun			kfree_rcu(n, rcu);
*4882a593Smuzhiyun			n = node;
*4882a593Smuzhiyun			goto restart;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	rb_link_node_rcu(&n->node, parent, p);
*4882a593Smuzhiyun	rb_insert_color(&n->node, new);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* merge nodes v and n */
*4882a593Smuzhiyunstatic void xfrm_policy_inexact_node_merge(struct net *net,
*4882a593Smuzhiyun					   struct xfrm_pol_inexact_node *v,
*4882a593Smuzhiyun					   struct xfrm_pol_inexact_node *n,
*4882a593Smuzhiyun					   u16 family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_node *node;
*4882a593Smuzhiyun	struct xfrm_policy *tmp;
*4882a593Smuzhiyun	struct rb_node *rnode;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* To-be-merged node v has a subtree.
*4882a593Smuzhiyun	 *
*4882a593Smuzhiyun	 * Dismantle it and insert its nodes to n->root.
*4882a593Smuzhiyun	 */
*4882a593Smuzhiyun	while ((rnode = rb_first(&v->root)) != NULL) {
*4882a593Smuzhiyun		node = rb_entry(rnode, struct xfrm_pol_inexact_node, node);
*4882a593Smuzhiyun		rb_erase(&node->node, &v->root);
*4882a593Smuzhiyun		xfrm_policy_inexact_node_reinsert(net, node, &n->root,
*4882a593Smuzhiyun						  family);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	hlist_for_each_entry(tmp, &v->hhead, bydst) {
*4882a593Smuzhiyun		tmp->bydst_reinsert = true;
*4882a593Smuzhiyun		hlist_del_rcu(&tmp->bydst);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xfrm_policy_inexact_list_reinsert(net, n, family);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_pol_inexact_node *
*4882a593Smuzhiyunxfrm_policy_inexact_insert_node(struct net *net,
*4882a593Smuzhiyun				struct rb_root *root,
*4882a593Smuzhiyun				xfrm_address_t *addr,
*4882a593Smuzhiyun				u16 family, u8 prefixlen, u8 dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_node *cached = NULL;
*4882a593Smuzhiyun	struct rb_node **p, *parent = NULL;
*4882a593Smuzhiyun	struct xfrm_pol_inexact_node *node;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	p = &root->rb_node;
*4882a593Smuzhiyun	while (*p) {
*4882a593Smuzhiyun		int delta;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		parent = *p;
*4882a593Smuzhiyun		node = rb_entry(*p, struct xfrm_pol_inexact_node, node);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		delta = xfrm_policy_addr_delta(addr, &node->addr,
*4882a593Smuzhiyun					       node->prefixlen,
*4882a593Smuzhiyun					       family);
*4882a593Smuzhiyun		if (delta == 0 && prefixlen >= node->prefixlen) {
*4882a593Smuzhiyun			WARN_ON_ONCE(cached); /* ipsec policies got lost */
*4882a593Smuzhiyun			return node;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (delta < 0)
*4882a593Smuzhiyun			p = &parent->rb_left;
*4882a593Smuzhiyun		else
*4882a593Smuzhiyun			p = &parent->rb_right;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (prefixlen < node->prefixlen) {
*4882a593Smuzhiyun			delta = xfrm_policy_addr_delta(addr, &node->addr,
*4882a593Smuzhiyun						       prefixlen,
*4882a593Smuzhiyun						       family);
*4882a593Smuzhiyun			if (delta)
*4882a593Smuzhiyun				continue;
*4882a593Smuzhiyun
*4882a593Smuzhiyun			/* This node is a subnet of the new prefix. It needs
*4882a593Smuzhiyun			 * to be removed and re-inserted with the smaller
*4882a593Smuzhiyun			 * prefix and all nodes that are now also covered
*4882a593Smuzhiyun			 * by the reduced prefixlen.
*4882a593Smuzhiyun			 */
*4882a593Smuzhiyun			rb_erase(&node->node, root);
*4882a593Smuzhiyun
*4882a593Smuzhiyun			if (!cached) {
*4882a593Smuzhiyun				xfrm_pol_inexact_node_init(node, addr,
*4882a593Smuzhiyun							   prefixlen);
*4882a593Smuzhiyun				cached = node;
*4882a593Smuzhiyun			} else {
*4882a593Smuzhiyun				/* This node also falls within the new
*4882a593Smuzhiyun				 * prefixlen. Merge the to-be-reinserted
*4882a593Smuzhiyun				 * node and this one.
*4882a593Smuzhiyun				 */
*4882a593Smuzhiyun				xfrm_policy_inexact_node_merge(net, node,
*4882a593Smuzhiyun							       cached, family);
*4882a593Smuzhiyun				kfree_rcu(node, rcu);
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun
*4882a593Smuzhiyun			/* restart */
*4882a593Smuzhiyun			p = &root->rb_node;
*4882a593Smuzhiyun			parent = NULL;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	node = cached;
*4882a593Smuzhiyun	if (!node) {
*4882a593Smuzhiyun		node = xfrm_pol_inexact_node_alloc(addr, prefixlen);
*4882a593Smuzhiyun		if (!node)
*4882a593Smuzhiyun			return NULL;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	rb_link_node_rcu(&node->node, parent, p);
*4882a593Smuzhiyun	rb_insert_color(&node->node, root);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return node;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_policy_inexact_gc_tree(struct rb_root *r, bool rm)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_node *node;
*4882a593Smuzhiyun	struct rb_node *rn = rb_first(r);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	while (rn) {
*4882a593Smuzhiyun		node = rb_entry(rn, struct xfrm_pol_inexact_node, node);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		xfrm_policy_inexact_gc_tree(&node->root, rm);
*4882a593Smuzhiyun		rn = rb_next(rn);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (!hlist_empty(&node->hhead) || !RB_EMPTY_ROOT(&node->root)) {
*4882a593Smuzhiyun			WARN_ON_ONCE(rm);
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		rb_erase(&node->node, r);
*4882a593Smuzhiyun		kfree_rcu(node, rcu);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void __xfrm_policy_inexact_prune_bin(struct xfrm_pol_inexact_bin *b, bool net_exit)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	write_seqcount_begin(&b->count);
*4882a593Smuzhiyun	xfrm_policy_inexact_gc_tree(&b->root_d, net_exit);
*4882a593Smuzhiyun	xfrm_policy_inexact_gc_tree(&b->root_s, net_exit);
*4882a593Smuzhiyun	write_seqcount_end(&b->count);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!RB_EMPTY_ROOT(&b->root_d) || !RB_EMPTY_ROOT(&b->root_s) ||
*4882a593Smuzhiyun	    !hlist_empty(&b->hhead)) {
*4882a593Smuzhiyun		WARN_ON_ONCE(net_exit);
*4882a593Smuzhiyun		return;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (rhashtable_remove_fast(&xfrm_policy_inexact_table, &b->head,
*4882a593Smuzhiyun				   xfrm_pol_inexact_params) == 0) {
*4882a593Smuzhiyun		list_del(&b->inexact_bins);
*4882a593Smuzhiyun		kfree_rcu(b, rcu);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_policy_inexact_prune_bin(struct xfrm_pol_inexact_bin *b)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = read_pnet(&b->k.net);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	__xfrm_policy_inexact_prune_bin(b, false);
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void __xfrm_policy_inexact_flush(struct net *net)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_bin *bin, *t;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	lockdep_assert_held(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	list_for_each_entry_safe(bin, t, &net->xfrm.inexact_bins, inexact_bins)
*4882a593Smuzhiyun		__xfrm_policy_inexact_prune_bin(bin, false);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct hlist_head *
*4882a593Smuzhiyunxfrm_policy_inexact_alloc_chain(struct xfrm_pol_inexact_bin *bin,
*4882a593Smuzhiyun				struct xfrm_policy *policy, u8 dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_node *n;
*4882a593Smuzhiyun	struct net *net;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	net = xp_net(policy);
*4882a593Smuzhiyun	lockdep_assert_held(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (xfrm_policy_inexact_insert_use_any_list(policy))
*4882a593Smuzhiyun		return &bin->hhead;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (xfrm_pol_inexact_addr_use_any_list(&policy->selector.daddr,
*4882a593Smuzhiyun					       policy->family,
*4882a593Smuzhiyun					       policy->selector.prefixlen_d)) {
*4882a593Smuzhiyun		write_seqcount_begin(&bin->count);
*4882a593Smuzhiyun		n = xfrm_policy_inexact_insert_node(net,
*4882a593Smuzhiyun						    &bin->root_s,
*4882a593Smuzhiyun						    &policy->selector.saddr,
*4882a593Smuzhiyun						    policy->family,
*4882a593Smuzhiyun						    policy->selector.prefixlen_s,
*4882a593Smuzhiyun						    dir);
*4882a593Smuzhiyun		write_seqcount_end(&bin->count);
*4882a593Smuzhiyun		if (!n)
*4882a593Smuzhiyun			return NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		return &n->hhead;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* daddr is fixed */
*4882a593Smuzhiyun	write_seqcount_begin(&bin->count);
*4882a593Smuzhiyun	n = xfrm_policy_inexact_insert_node(net,
*4882a593Smuzhiyun					    &bin->root_d,
*4882a593Smuzhiyun					    &policy->selector.daddr,
*4882a593Smuzhiyun					    policy->family,
*4882a593Smuzhiyun					    policy->selector.prefixlen_d, dir);
*4882a593Smuzhiyun	write_seqcount_end(&bin->count);
*4882a593Smuzhiyun	if (!n)
*4882a593Smuzhiyun		return NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* saddr is wildcard */
*4882a593Smuzhiyun	if (xfrm_pol_inexact_addr_use_any_list(&policy->selector.saddr,
*4882a593Smuzhiyun					       policy->family,
*4882a593Smuzhiyun					       policy->selector.prefixlen_s))
*4882a593Smuzhiyun		return &n->hhead;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	write_seqcount_begin(&bin->count);
*4882a593Smuzhiyun	n = xfrm_policy_inexact_insert_node(net,
*4882a593Smuzhiyun					    &n->root,
*4882a593Smuzhiyun					    &policy->selector.saddr,
*4882a593Smuzhiyun					    policy->family,
*4882a593Smuzhiyun					    policy->selector.prefixlen_s, dir);
*4882a593Smuzhiyun	write_seqcount_end(&bin->count);
*4882a593Smuzhiyun	if (!n)
*4882a593Smuzhiyun		return NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return &n->hhead;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_policy *
*4882a593Smuzhiyunxfrm_policy_inexact_insert(struct xfrm_policy *policy, u8 dir, int excl)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_bin *bin;
*4882a593Smuzhiyun	struct xfrm_policy *delpol;
*4882a593Smuzhiyun	struct hlist_head *chain;
*4882a593Smuzhiyun	struct net *net;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	bin = xfrm_policy_inexact_alloc_bin(policy, dir);
*4882a593Smuzhiyun	if (!bin)
*4882a593Smuzhiyun		return ERR_PTR(-ENOMEM);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	net = xp_net(policy);
*4882a593Smuzhiyun	lockdep_assert_held(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	chain = xfrm_policy_inexact_alloc_chain(bin, policy, dir);
*4882a593Smuzhiyun	if (!chain) {
*4882a593Smuzhiyun		__xfrm_policy_inexact_prune_bin(bin, false);
*4882a593Smuzhiyun		return ERR_PTR(-ENOMEM);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	delpol = xfrm_policy_insert_list(chain, policy, excl);
*4882a593Smuzhiyun	if (delpol && excl) {
*4882a593Smuzhiyun		__xfrm_policy_inexact_prune_bin(bin, false);
*4882a593Smuzhiyun		return ERR_PTR(-EEXIST);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	chain = &net->xfrm.policy_inexact[dir];
*4882a593Smuzhiyun	xfrm_policy_insert_inexact_list(chain, policy);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (delpol)
*4882a593Smuzhiyun		__xfrm_policy_inexact_prune_bin(bin, false);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return delpol;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_hash_rebuild(struct work_struct *work)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = container_of(work, struct net,
*4882a593Smuzhiyun				       xfrm.policy_hthresh.work);
*4882a593Smuzhiyun	unsigned int hmask;
*4882a593Smuzhiyun	struct xfrm_policy *pol;
*4882a593Smuzhiyun	struct xfrm_policy *policy;
*4882a593Smuzhiyun	struct hlist_head *chain;
*4882a593Smuzhiyun	struct hlist_head *odst;
*4882a593Smuzhiyun	struct hlist_node *newpos;
*4882a593Smuzhiyun	int i;
*4882a593Smuzhiyun	int dir;
*4882a593Smuzhiyun	unsigned seq;
*4882a593Smuzhiyun	u8 lbits4, rbits4, lbits6, rbits6;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	mutex_lock(&hash_resize_mutex);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* read selector prefixlen thresholds */
*4882a593Smuzhiyun	do {
*4882a593Smuzhiyun		seq = read_seqbegin(&net->xfrm.policy_hthresh.lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		lbits4 = net->xfrm.policy_hthresh.lbits4;
*4882a593Smuzhiyun		rbits4 = net->xfrm.policy_hthresh.rbits4;
*4882a593Smuzhiyun		lbits6 = net->xfrm.policy_hthresh.lbits6;
*4882a593Smuzhiyun		rbits6 = net->xfrm.policy_hthresh.rbits6;
*4882a593Smuzhiyun	} while (read_seqretry(&net->xfrm.policy_hthresh.lock, seq));
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	write_seqcount_begin(&xfrm_policy_hash_generation);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* make sure that we can insert the indirect policies again before
*4882a593Smuzhiyun	 * we start with destructive action.
*4882a593Smuzhiyun	 */
*4882a593Smuzhiyun	list_for_each_entry(policy, &net->xfrm.policy_all, walk.all) {
*4882a593Smuzhiyun		struct xfrm_pol_inexact_bin *bin;
*4882a593Smuzhiyun		u8 dbits, sbits;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		dir = xfrm_policy_id2dir(policy->index);
*4882a593Smuzhiyun		if (policy->walk.dead || dir >= XFRM_POLICY_MAX)
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if ((dir & XFRM_POLICY_MASK) == XFRM_POLICY_OUT) {
*4882a593Smuzhiyun			if (policy->family == AF_INET) {
*4882a593Smuzhiyun				dbits = rbits4;
*4882a593Smuzhiyun				sbits = lbits4;
*4882a593Smuzhiyun			} else {
*4882a593Smuzhiyun				dbits = rbits6;
*4882a593Smuzhiyun				sbits = lbits6;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun		} else {
*4882a593Smuzhiyun			if (policy->family == AF_INET) {
*4882a593Smuzhiyun				dbits = lbits4;
*4882a593Smuzhiyun				sbits = rbits4;
*4882a593Smuzhiyun			} else {
*4882a593Smuzhiyun				dbits = lbits6;
*4882a593Smuzhiyun				sbits = rbits6;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (policy->selector.prefixlen_d < dbits ||
*4882a593Smuzhiyun		    policy->selector.prefixlen_s < sbits)
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		bin = xfrm_policy_inexact_alloc_bin(policy, dir);
*4882a593Smuzhiyun		if (!bin)
*4882a593Smuzhiyun			goto out_unlock;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (!xfrm_policy_inexact_alloc_chain(bin, policy, dir))
*4882a593Smuzhiyun			goto out_unlock;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* reset the bydst and inexact table in all directions */
*4882a593Smuzhiyun	for (dir = 0; dir < XFRM_POLICY_MAX; dir++) {
*4882a593Smuzhiyun		struct hlist_node *n;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		hlist_for_each_entry_safe(policy, n,
*4882a593Smuzhiyun					  &net->xfrm.policy_inexact[dir],
*4882a593Smuzhiyun					  bydst_inexact_list) {
*4882a593Smuzhiyun			hlist_del_rcu(&policy->bydst);
*4882a593Smuzhiyun			hlist_del_init(&policy->bydst_inexact_list);
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		hmask = net->xfrm.policy_bydst[dir].hmask;
*4882a593Smuzhiyun		odst = net->xfrm.policy_bydst[dir].table;
*4882a593Smuzhiyun		for (i = hmask; i >= 0; i--) {
*4882a593Smuzhiyun			hlist_for_each_entry_safe(policy, n, odst + i, bydst)
*4882a593Smuzhiyun				hlist_del_rcu(&policy->bydst);
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		if ((dir & XFRM_POLICY_MASK) == XFRM_POLICY_OUT) {
*4882a593Smuzhiyun			/* dir out => dst = remote, src = local */
*4882a593Smuzhiyun			net->xfrm.policy_bydst[dir].dbits4 = rbits4;
*4882a593Smuzhiyun			net->xfrm.policy_bydst[dir].sbits4 = lbits4;
*4882a593Smuzhiyun			net->xfrm.policy_bydst[dir].dbits6 = rbits6;
*4882a593Smuzhiyun			net->xfrm.policy_bydst[dir].sbits6 = lbits6;
*4882a593Smuzhiyun		} else {
*4882a593Smuzhiyun			/* dir in/fwd => dst = local, src = remote */
*4882a593Smuzhiyun			net->xfrm.policy_bydst[dir].dbits4 = lbits4;
*4882a593Smuzhiyun			net->xfrm.policy_bydst[dir].sbits4 = rbits4;
*4882a593Smuzhiyun			net->xfrm.policy_bydst[dir].dbits6 = lbits6;
*4882a593Smuzhiyun			net->xfrm.policy_bydst[dir].sbits6 = rbits6;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* re-insert all policies by order of creation */
*4882a593Smuzhiyun	list_for_each_entry_reverse(policy, &net->xfrm.policy_all, walk.all) {
*4882a593Smuzhiyun		if (policy->walk.dead)
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		dir = xfrm_policy_id2dir(policy->index);
*4882a593Smuzhiyun		if (dir >= XFRM_POLICY_MAX) {
*4882a593Smuzhiyun			/* skip socket policies */
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		newpos = NULL;
*4882a593Smuzhiyun		chain = policy_hash_bysel(net, &policy->selector,
*4882a593Smuzhiyun					  policy->family, dir);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (!chain) {
*4882a593Smuzhiyun			void *p = xfrm_policy_inexact_insert(policy, dir, 0);
*4882a593Smuzhiyun
*4882a593Smuzhiyun			WARN_ONCE(IS_ERR(p), "reinsert: %ld\n", PTR_ERR(p));
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		hlist_for_each_entry(pol, chain, bydst) {
*4882a593Smuzhiyun			if (policy->priority >= pol->priority)
*4882a593Smuzhiyun				newpos = &pol->bydst;
*4882a593Smuzhiyun			else
*4882a593Smuzhiyun				break;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		if (newpos)
*4882a593Smuzhiyun			hlist_add_behind_rcu(&policy->bydst, newpos);
*4882a593Smuzhiyun		else
*4882a593Smuzhiyun			hlist_add_head_rcu(&policy->bydst, chain);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyunout_unlock:
*4882a593Smuzhiyun	__xfrm_policy_inexact_flush(net);
*4882a593Smuzhiyun	write_seqcount_end(&xfrm_policy_hash_generation);
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	mutex_unlock(&hash_resize_mutex);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunvoid xfrm_policy_hash_rebuild(struct net *net)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	schedule_work(&net->xfrm.policy_hthresh.work);
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_hash_rebuild);
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Generate new index... KAME seems to generate them ordered by cost
*4882a593Smuzhiyun * of an absolute inpredictability of ordering of rules. This will not pass. */
*4882a593Smuzhiyunstatic u32 xfrm_gen_index(struct net *net, int dir, u32 index)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	static u32 idx_generator;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (;;) {
*4882a593Smuzhiyun		struct hlist_head *list;
*4882a593Smuzhiyun		struct xfrm_policy *p;
*4882a593Smuzhiyun		u32 idx;
*4882a593Smuzhiyun		int found;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (!index) {
*4882a593Smuzhiyun			idx = (idx_generator | dir);
*4882a593Smuzhiyun			idx_generator += 8;
*4882a593Smuzhiyun		} else {
*4882a593Smuzhiyun			idx = index;
*4882a593Smuzhiyun			index = 0;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (idx == 0)
*4882a593Smuzhiyun			idx = 8;
*4882a593Smuzhiyun		list = net->xfrm.policy_byidx + idx_hash(net, idx);
*4882a593Smuzhiyun		found = 0;
*4882a593Smuzhiyun		hlist_for_each_entry(p, list, byidx) {
*4882a593Smuzhiyun			if (p->index == idx) {
*4882a593Smuzhiyun				found = 1;
*4882a593Smuzhiyun				break;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		if (!found)
*4882a593Smuzhiyun			return idx;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline int selector_cmp(struct xfrm_selector *s1, struct xfrm_selector *s2)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	u32 *p1 = (u32 *) s1;
*4882a593Smuzhiyun	u32 *p2 = (u32 *) s2;
*4882a593Smuzhiyun	int len = sizeof(struct xfrm_selector) / sizeof(u32);
*4882a593Smuzhiyun	int i;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (i = 0; i < len; i++) {
*4882a593Smuzhiyun		if (p1[i] != p2[i])
*4882a593Smuzhiyun			return 1;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_policy_requeue(struct xfrm_policy *old,
*4882a593Smuzhiyun				struct xfrm_policy *new)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy_queue *pq = &old->polq;
*4882a593Smuzhiyun	struct sk_buff_head list;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (skb_queue_empty(&pq->hold_queue))
*4882a593Smuzhiyun		return;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	__skb_queue_head_init(&list);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&pq->hold_queue.lock);
*4882a593Smuzhiyun	skb_queue_splice_init(&pq->hold_queue, &list);
*4882a593Smuzhiyun	if (del_timer(&pq->hold_timer))
*4882a593Smuzhiyun		xfrm_pol_put(old);
*4882a593Smuzhiyun	spin_unlock_bh(&pq->hold_queue.lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	pq = &new->polq;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&pq->hold_queue.lock);
*4882a593Smuzhiyun	skb_queue_splice(&list, &pq->hold_queue);
*4882a593Smuzhiyun	pq->timeout = XFRM_QUEUE_TMO_MIN;
*4882a593Smuzhiyun	if (!mod_timer(&pq->hold_timer, jiffies))
*4882a593Smuzhiyun		xfrm_pol_hold(new);
*4882a593Smuzhiyun	spin_unlock_bh(&pq->hold_queue.lock);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline bool xfrm_policy_mark_match(const struct xfrm_mark *mark,
*4882a593Smuzhiyun					  struct xfrm_policy *pol)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	return mark->v == pol->mark.v && mark->m == pol->mark.m;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic u32 xfrm_pol_bin_key(const void *data, u32 len, u32 seed)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct xfrm_pol_inexact_key *k = data;
*4882a593Smuzhiyun	u32 a = k->type << 24 | k->dir << 16 | k->family;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return jhash_3words(a, k->if_id, net_hash_mix(read_pnet(&k->net)),
*4882a593Smuzhiyun			    seed);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic u32 xfrm_pol_bin_obj(const void *data, u32 len, u32 seed)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct xfrm_pol_inexact_bin *b = data;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return xfrm_pol_bin_key(&b->k, 0, seed);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int xfrm_pol_bin_cmp(struct rhashtable_compare_arg *arg,
*4882a593Smuzhiyun			    const void *ptr)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct xfrm_pol_inexact_key *key = arg->key;
*4882a593Smuzhiyun	const struct xfrm_pol_inexact_bin *b = ptr;
*4882a593Smuzhiyun	int ret;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!net_eq(read_pnet(&b->k.net), read_pnet(&key->net)))
*4882a593Smuzhiyun		return -1;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	ret = b->k.dir ^ key->dir;
*4882a593Smuzhiyun	if (ret)
*4882a593Smuzhiyun		return ret;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	ret = b->k.type ^ key->type;
*4882a593Smuzhiyun	if (ret)
*4882a593Smuzhiyun		return ret;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	ret = b->k.family ^ key->family;
*4882a593Smuzhiyun	if (ret)
*4882a593Smuzhiyun		return ret;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return b->k.if_id ^ key->if_id;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic const struct rhashtable_params xfrm_pol_inexact_params = {
*4882a593Smuzhiyun	.head_offset		= offsetof(struct xfrm_pol_inexact_bin, head),
*4882a593Smuzhiyun	.hashfn			= xfrm_pol_bin_key,
*4882a593Smuzhiyun	.obj_hashfn		= xfrm_pol_bin_obj,
*4882a593Smuzhiyun	.obj_cmpfn		= xfrm_pol_bin_cmp,
*4882a593Smuzhiyun	.automatic_shrinking	= true,
*4882a593Smuzhiyun};
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_policy_insert_inexact_list(struct hlist_head *chain,
*4882a593Smuzhiyun					    struct xfrm_policy *policy)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *pol, *delpol = NULL;
*4882a593Smuzhiyun	struct hlist_node *newpos = NULL;
*4882a593Smuzhiyun	int i = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	hlist_for_each_entry(pol, chain, bydst_inexact_list) {
*4882a593Smuzhiyun		if (pol->type == policy->type &&
*4882a593Smuzhiyun		    pol->if_id == policy->if_id &&
*4882a593Smuzhiyun		    !selector_cmp(&pol->selector, &policy->selector) &&
*4882a593Smuzhiyun		    xfrm_policy_mark_match(&policy->mark, pol) &&
*4882a593Smuzhiyun		    xfrm_sec_ctx_match(pol->security, policy->security) &&
*4882a593Smuzhiyun		    !WARN_ON(delpol)) {
*4882a593Smuzhiyun			delpol = pol;
*4882a593Smuzhiyun			if (policy->priority > pol->priority)
*4882a593Smuzhiyun				continue;
*4882a593Smuzhiyun		} else if (policy->priority >= pol->priority) {
*4882a593Smuzhiyun			newpos = &pol->bydst_inexact_list;
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		if (delpol)
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (newpos)
*4882a593Smuzhiyun		hlist_add_behind_rcu(&policy->bydst_inexact_list, newpos);
*4882a593Smuzhiyun	else
*4882a593Smuzhiyun		hlist_add_head_rcu(&policy->bydst_inexact_list, chain);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	hlist_for_each_entry(pol, chain, bydst_inexact_list) {
*4882a593Smuzhiyun		pol->pos = i;
*4882a593Smuzhiyun		i++;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_policy *xfrm_policy_insert_list(struct hlist_head *chain,
*4882a593Smuzhiyun						   struct xfrm_policy *policy,
*4882a593Smuzhiyun						   bool excl)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *pol, *newpos = NULL, *delpol = NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	hlist_for_each_entry(pol, chain, bydst) {
*4882a593Smuzhiyun		if (pol->type == policy->type &&
*4882a593Smuzhiyun		    pol->if_id == policy->if_id &&
*4882a593Smuzhiyun		    !selector_cmp(&pol->selector, &policy->selector) &&
*4882a593Smuzhiyun		    xfrm_policy_mark_match(&policy->mark, pol) &&
*4882a593Smuzhiyun		    xfrm_sec_ctx_match(pol->security, policy->security) &&
*4882a593Smuzhiyun		    !WARN_ON(delpol)) {
*4882a593Smuzhiyun			if (excl)
*4882a593Smuzhiyun				return ERR_PTR(-EEXIST);
*4882a593Smuzhiyun			delpol = pol;
*4882a593Smuzhiyun			if (policy->priority > pol->priority)
*4882a593Smuzhiyun				continue;
*4882a593Smuzhiyun		} else if (policy->priority >= pol->priority) {
*4882a593Smuzhiyun			newpos = pol;
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		if (delpol)
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (newpos)
*4882a593Smuzhiyun		hlist_add_behind_rcu(&policy->bydst, &newpos->bydst);
*4882a593Smuzhiyun	else
*4882a593Smuzhiyun		hlist_add_head_rcu(&policy->bydst, chain);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return delpol;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunint xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = xp_net(policy);
*4882a593Smuzhiyun	struct xfrm_policy *delpol;
*4882a593Smuzhiyun	struct hlist_head *chain;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	chain = policy_hash_bysel(net, &policy->selector, policy->family, dir);
*4882a593Smuzhiyun	if (chain)
*4882a593Smuzhiyun		delpol = xfrm_policy_insert_list(chain, policy, excl);
*4882a593Smuzhiyun	else
*4882a593Smuzhiyun		delpol = xfrm_policy_inexact_insert(policy, dir, excl);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (IS_ERR(delpol)) {
*4882a593Smuzhiyun		spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun		return PTR_ERR(delpol);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	__xfrm_policy_link(policy, dir);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* After previous checking, family can either be AF_INET or AF_INET6 */
*4882a593Smuzhiyun	if (policy->family == AF_INET)
*4882a593Smuzhiyun		rt_genid_bump_ipv4(net);
*4882a593Smuzhiyun	else
*4882a593Smuzhiyun		rt_genid_bump_ipv6(net);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (delpol) {
*4882a593Smuzhiyun		xfrm_policy_requeue(delpol, policy);
*4882a593Smuzhiyun		__xfrm_policy_unlink(delpol, dir);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	policy->index = delpol ? delpol->index : xfrm_gen_index(net, dir, policy->index);
*4882a593Smuzhiyun	hlist_add_head(&policy->byidx, net->xfrm.policy_byidx+idx_hash(net, policy->index));
*4882a593Smuzhiyun	policy->curlft.add_time = ktime_get_real_seconds();
*4882a593Smuzhiyun	policy->curlft.use_time = 0;
*4882a593Smuzhiyun	if (!mod_timer(&policy->timer, jiffies + HZ))
*4882a593Smuzhiyun		xfrm_pol_hold(policy);
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (delpol)
*4882a593Smuzhiyun		xfrm_policy_kill(delpol);
*4882a593Smuzhiyun	else if (xfrm_bydst_should_resize(net, dir, NULL))
*4882a593Smuzhiyun		schedule_work(&net->xfrm.policy_hash_work);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_insert);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_policy *
*4882a593Smuzhiyun__xfrm_policy_bysel_ctx(struct hlist_head *chain, const struct xfrm_mark *mark,
*4882a593Smuzhiyun			u32 if_id, u8 type, int dir, struct xfrm_selector *sel,
*4882a593Smuzhiyun			struct xfrm_sec_ctx *ctx)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *pol;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!chain)
*4882a593Smuzhiyun		return NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	hlist_for_each_entry(pol, chain, bydst) {
*4882a593Smuzhiyun		if (pol->type == type &&
*4882a593Smuzhiyun		    pol->if_id == if_id &&
*4882a593Smuzhiyun		    xfrm_policy_mark_match(mark, pol) &&
*4882a593Smuzhiyun		    !selector_cmp(sel, &pol->selector) &&
*4882a593Smuzhiyun		    xfrm_sec_ctx_match(ctx, pol->security))
*4882a593Smuzhiyun			return pol;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return NULL;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstruct xfrm_policy *
*4882a593Smuzhiyunxfrm_policy_bysel_ctx(struct net *net, const struct xfrm_mark *mark, u32 if_id,
*4882a593Smuzhiyun		      u8 type, int dir, struct xfrm_selector *sel,
*4882a593Smuzhiyun		      struct xfrm_sec_ctx *ctx, int delete, int *err)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_bin *bin = NULL;
*4882a593Smuzhiyun	struct xfrm_policy *pol, *ret = NULL;
*4882a593Smuzhiyun	struct hlist_head *chain;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	*err = 0;
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	chain = policy_hash_bysel(net, sel, sel->family, dir);
*4882a593Smuzhiyun	if (!chain) {
*4882a593Smuzhiyun		struct xfrm_pol_inexact_candidates cand;
*4882a593Smuzhiyun		int i;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		bin = xfrm_policy_inexact_lookup(net, type,
*4882a593Smuzhiyun						 sel->family, dir, if_id);
*4882a593Smuzhiyun		if (!bin) {
*4882a593Smuzhiyun			spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun			return NULL;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (!xfrm_policy_find_inexact_candidates(&cand, bin,
*4882a593Smuzhiyun							 &sel->saddr,
*4882a593Smuzhiyun							 &sel->daddr)) {
*4882a593Smuzhiyun			spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun			return NULL;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		pol = NULL;
*4882a593Smuzhiyun		for (i = 0; i < ARRAY_SIZE(cand.res); i++) {
*4882a593Smuzhiyun			struct xfrm_policy *tmp;
*4882a593Smuzhiyun
*4882a593Smuzhiyun			tmp = __xfrm_policy_bysel_ctx(cand.res[i], mark,
*4882a593Smuzhiyun						      if_id, type, dir,
*4882a593Smuzhiyun						      sel, ctx);
*4882a593Smuzhiyun			if (!tmp)
*4882a593Smuzhiyun				continue;
*4882a593Smuzhiyun
*4882a593Smuzhiyun			if (!pol || tmp->pos < pol->pos)
*4882a593Smuzhiyun				pol = tmp;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	} else {
*4882a593Smuzhiyun		pol = __xfrm_policy_bysel_ctx(chain, mark, if_id, type, dir,
*4882a593Smuzhiyun					      sel, ctx);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (pol) {
*4882a593Smuzhiyun		xfrm_pol_hold(pol);
*4882a593Smuzhiyun		if (delete) {
*4882a593Smuzhiyun			*err = security_xfrm_policy_delete(pol->security);
*4882a593Smuzhiyun			if (*err) {
*4882a593Smuzhiyun				spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun				return pol;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			__xfrm_policy_unlink(pol, dir);
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		ret = pol;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (ret && delete)
*4882a593Smuzhiyun		xfrm_policy_kill(ret);
*4882a593Smuzhiyun	if (bin && delete)
*4882a593Smuzhiyun		xfrm_policy_inexact_prune_bin(bin);
*4882a593Smuzhiyun	return ret;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_bysel_ctx);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstruct xfrm_policy *
*4882a593Smuzhiyunxfrm_policy_byid(struct net *net, const struct xfrm_mark *mark, u32 if_id,
*4882a593Smuzhiyun		 u8 type, int dir, u32 id, int delete, int *err)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *pol, *ret;
*4882a593Smuzhiyun	struct hlist_head *chain;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	*err = -ENOENT;
*4882a593Smuzhiyun	if (xfrm_policy_id2dir(id) != dir)
*4882a593Smuzhiyun		return NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	*err = 0;
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	chain = net->xfrm.policy_byidx + idx_hash(net, id);
*4882a593Smuzhiyun	ret = NULL;
*4882a593Smuzhiyun	hlist_for_each_entry(pol, chain, byidx) {
*4882a593Smuzhiyun		if (pol->type == type && pol->index == id &&
*4882a593Smuzhiyun		    pol->if_id == if_id && xfrm_policy_mark_match(mark, pol)) {
*4882a593Smuzhiyun			xfrm_pol_hold(pol);
*4882a593Smuzhiyun			if (delete) {
*4882a593Smuzhiyun				*err = security_xfrm_policy_delete(
*4882a593Smuzhiyun								pol->security);
*4882a593Smuzhiyun				if (*err) {
*4882a593Smuzhiyun					spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun					return pol;
*4882a593Smuzhiyun				}
*4882a593Smuzhiyun				__xfrm_policy_unlink(pol, dir);
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			ret = pol;
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (ret && delete)
*4882a593Smuzhiyun		xfrm_policy_kill(ret);
*4882a593Smuzhiyun	return ret;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_byid);
*4882a593Smuzhiyun
*4882a593Smuzhiyun#ifdef CONFIG_SECURITY_NETWORK_XFRM
*4882a593Smuzhiyunstatic inline int
*4882a593Smuzhiyunxfrm_policy_flush_secctx_check(struct net *net, u8 type, bool task_valid)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *pol;
*4882a593Smuzhiyun	int err = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	list_for_each_entry(pol, &net->xfrm.policy_all, walk.all) {
*4882a593Smuzhiyun		if (pol->walk.dead ||
*4882a593Smuzhiyun		    xfrm_policy_id2dir(pol->index) >= XFRM_POLICY_MAX ||
*4882a593Smuzhiyun		    pol->type != type)
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		err = security_xfrm_policy_delete(pol->security);
*4882a593Smuzhiyun		if (err) {
*4882a593Smuzhiyun			xfrm_audit_policy_delete(pol, 0, task_valid);
*4882a593Smuzhiyun			return err;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	return err;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun#else
*4882a593Smuzhiyunstatic inline int
*4882a593Smuzhiyunxfrm_policy_flush_secctx_check(struct net *net, u8 type, bool task_valid)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun
*4882a593Smuzhiyunint xfrm_policy_flush(struct net *net, u8 type, bool task_valid)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	int dir, err = 0, cnt = 0;
*4882a593Smuzhiyun	struct xfrm_policy *pol;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	err = xfrm_policy_flush_secctx_check(net, type, task_valid);
*4882a593Smuzhiyun	if (err)
*4882a593Smuzhiyun		goto out;
*4882a593Smuzhiyun
*4882a593Smuzhiyunagain:
*4882a593Smuzhiyun	list_for_each_entry(pol, &net->xfrm.policy_all, walk.all) {
*4882a593Smuzhiyun		dir = xfrm_policy_id2dir(pol->index);
*4882a593Smuzhiyun		if (pol->walk.dead ||
*4882a593Smuzhiyun		    dir >= XFRM_POLICY_MAX ||
*4882a593Smuzhiyun		    pol->type != type)
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		__xfrm_policy_unlink(pol, dir);
*4882a593Smuzhiyun		spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun		cnt++;
*4882a593Smuzhiyun		xfrm_audit_policy_delete(pol, 1, task_valid);
*4882a593Smuzhiyun		xfrm_policy_kill(pol);
*4882a593Smuzhiyun		spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun		goto again;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	if (cnt)
*4882a593Smuzhiyun		__xfrm_policy_inexact_flush(net);
*4882a593Smuzhiyun	else
*4882a593Smuzhiyun		err = -ESRCH;
*4882a593Smuzhiyunout:
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	return err;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_flush);
*4882a593Smuzhiyun
*4882a593Smuzhiyunint xfrm_policy_walk(struct net *net, struct xfrm_policy_walk *walk,
*4882a593Smuzhiyun		     int (*func)(struct xfrm_policy *, int, int, void*),
*4882a593Smuzhiyun		     void *data)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *pol;
*4882a593Smuzhiyun	struct xfrm_policy_walk_entry *x;
*4882a593Smuzhiyun	int error = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (walk->type >= XFRM_POLICY_TYPE_MAX &&
*4882a593Smuzhiyun	    walk->type != XFRM_POLICY_TYPE_ANY)
*4882a593Smuzhiyun		return -EINVAL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (list_empty(&walk->walk.all) && walk->seq != 0)
*4882a593Smuzhiyun		return 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	if (list_empty(&walk->walk.all))
*4882a593Smuzhiyun		x = list_first_entry(&net->xfrm.policy_all, struct xfrm_policy_walk_entry, all);
*4882a593Smuzhiyun	else
*4882a593Smuzhiyun		x = list_first_entry(&walk->walk.all,
*4882a593Smuzhiyun				     struct xfrm_policy_walk_entry, all);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	list_for_each_entry_from(x, &net->xfrm.policy_all, all) {
*4882a593Smuzhiyun		if (x->dead)
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		pol = container_of(x, struct xfrm_policy, walk);
*4882a593Smuzhiyun		if (walk->type != XFRM_POLICY_TYPE_ANY &&
*4882a593Smuzhiyun		    walk->type != pol->type)
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		error = func(pol, xfrm_policy_id2dir(pol->index),
*4882a593Smuzhiyun			     walk->seq, data);
*4882a593Smuzhiyun		if (error) {
*4882a593Smuzhiyun			list_move_tail(&walk->walk.all, &x->all);
*4882a593Smuzhiyun			goto out;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		walk->seq++;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	if (walk->seq == 0) {
*4882a593Smuzhiyun		error = -ENOENT;
*4882a593Smuzhiyun		goto out;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	list_del_init(&walk->walk.all);
*4882a593Smuzhiyunout:
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	return error;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_walk);
*4882a593Smuzhiyun
*4882a593Smuzhiyunvoid xfrm_policy_walk_init(struct xfrm_policy_walk *walk, u8 type)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	INIT_LIST_HEAD(&walk->walk.all);
*4882a593Smuzhiyun	walk->walk.dead = 1;
*4882a593Smuzhiyun	walk->type = type;
*4882a593Smuzhiyun	walk->seq = 0;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_walk_init);
*4882a593Smuzhiyun
*4882a593Smuzhiyunvoid xfrm_policy_walk_done(struct xfrm_policy_walk *walk, struct net *net)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	if (list_empty(&walk->walk.all))
*4882a593Smuzhiyun		return;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock); /*FIXME where is net? */
*4882a593Smuzhiyun	list_del(&walk->walk.all);
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_walk_done);
*4882a593Smuzhiyun
*4882a593Smuzhiyun/*
*4882a593Smuzhiyun * Find policy to apply to this flow.
*4882a593Smuzhiyun *
*4882a593Smuzhiyun * Returns 0 if policy found, else an -errno.
*4882a593Smuzhiyun */
*4882a593Smuzhiyunstatic int xfrm_policy_match(const struct xfrm_policy *pol,
*4882a593Smuzhiyun			     const struct flowi *fl,
*4882a593Smuzhiyun			     u8 type, u16 family, int dir, u32 if_id)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct xfrm_selector *sel = &pol->selector;
*4882a593Smuzhiyun	int ret = -ESRCH;
*4882a593Smuzhiyun	bool match;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (pol->family != family ||
*4882a593Smuzhiyun	    pol->if_id != if_id ||
*4882a593Smuzhiyun	    (fl->flowi_mark & pol->mark.m) != pol->mark.v ||
*4882a593Smuzhiyun	    pol->type != type)
*4882a593Smuzhiyun		return ret;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	match = xfrm_selector_match(sel, fl, family);
*4882a593Smuzhiyun	if (match)
*4882a593Smuzhiyun		ret = security_xfrm_policy_lookup(pol->security, fl->flowi_secid,
*4882a593Smuzhiyun						  dir);
*4882a593Smuzhiyun	return ret;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_pol_inexact_node *
*4882a593Smuzhiyunxfrm_policy_lookup_inexact_addr(const struct rb_root *r,
*4882a593Smuzhiyun				seqcount_spinlock_t *count,
*4882a593Smuzhiyun				const xfrm_address_t *addr, u16 family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct rb_node *parent;
*4882a593Smuzhiyun	int seq;
*4882a593Smuzhiyun
*4882a593Smuzhiyunagain:
*4882a593Smuzhiyun	seq = read_seqcount_begin(count);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	parent = rcu_dereference_raw(r->rb_node);
*4882a593Smuzhiyun	while (parent) {
*4882a593Smuzhiyun		struct xfrm_pol_inexact_node *node;
*4882a593Smuzhiyun		int delta;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		node = rb_entry(parent, struct xfrm_pol_inexact_node, node);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		delta = xfrm_policy_addr_delta(addr, &node->addr,
*4882a593Smuzhiyun					       node->prefixlen, family);
*4882a593Smuzhiyun		if (delta < 0) {
*4882a593Smuzhiyun			parent = rcu_dereference_raw(parent->rb_left);
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		} else if (delta > 0) {
*4882a593Smuzhiyun			parent = rcu_dereference_raw(parent->rb_right);
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		return node;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (read_seqcount_retry(count, seq))
*4882a593Smuzhiyun		goto again;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return NULL;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic bool
*4882a593Smuzhiyunxfrm_policy_find_inexact_candidates(struct xfrm_pol_inexact_candidates *cand,
*4882a593Smuzhiyun				    struct xfrm_pol_inexact_bin *b,
*4882a593Smuzhiyun				    const xfrm_address_t *saddr,
*4882a593Smuzhiyun				    const xfrm_address_t *daddr)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_node *n;
*4882a593Smuzhiyun	u16 family;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!b)
*4882a593Smuzhiyun		return false;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	family = b->k.family;
*4882a593Smuzhiyun	memset(cand, 0, sizeof(*cand));
*4882a593Smuzhiyun	cand->res[XFRM_POL_CAND_ANY] = &b->hhead;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	n = xfrm_policy_lookup_inexact_addr(&b->root_d, &b->count, daddr,
*4882a593Smuzhiyun					    family);
*4882a593Smuzhiyun	if (n) {
*4882a593Smuzhiyun		cand->res[XFRM_POL_CAND_DADDR] = &n->hhead;
*4882a593Smuzhiyun		n = xfrm_policy_lookup_inexact_addr(&n->root, &b->count, saddr,
*4882a593Smuzhiyun						    family);
*4882a593Smuzhiyun		if (n)
*4882a593Smuzhiyun			cand->res[XFRM_POL_CAND_BOTH] = &n->hhead;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	n = xfrm_policy_lookup_inexact_addr(&b->root_s, &b->count, saddr,
*4882a593Smuzhiyun					    family);
*4882a593Smuzhiyun	if (n)
*4882a593Smuzhiyun		cand->res[XFRM_POL_CAND_SADDR] = &n->hhead;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return true;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_pol_inexact_bin *
*4882a593Smuzhiyunxfrm_policy_inexact_lookup_rcu(struct net *net, u8 type, u16 family,
*4882a593Smuzhiyun			       u8 dir, u32 if_id)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_key k = {
*4882a593Smuzhiyun		.family = family,
*4882a593Smuzhiyun		.type = type,
*4882a593Smuzhiyun		.dir = dir,
*4882a593Smuzhiyun		.if_id = if_id,
*4882a593Smuzhiyun	};
*4882a593Smuzhiyun
*4882a593Smuzhiyun	write_pnet(&k.net, net);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return rhashtable_lookup(&xfrm_policy_inexact_table, &k,
*4882a593Smuzhiyun				 xfrm_pol_inexact_params);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_pol_inexact_bin *
*4882a593Smuzhiyunxfrm_policy_inexact_lookup(struct net *net, u8 type, u16 family,
*4882a593Smuzhiyun			   u8 dir, u32 if_id)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_bin *bin;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	lockdep_assert_held(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	rcu_read_lock();
*4882a593Smuzhiyun	bin = xfrm_policy_inexact_lookup_rcu(net, type, family, dir, if_id);
*4882a593Smuzhiyun	rcu_read_unlock();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return bin;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_policy *
*4882a593Smuzhiyun__xfrm_policy_eval_candidates(struct hlist_head *chain,
*4882a593Smuzhiyun			      struct xfrm_policy *prefer,
*4882a593Smuzhiyun			      const struct flowi *fl,
*4882a593Smuzhiyun			      u8 type, u16 family, int dir, u32 if_id)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	u32 priority = prefer ? prefer->priority : ~0u;
*4882a593Smuzhiyun	struct xfrm_policy *pol;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!chain)
*4882a593Smuzhiyun		return NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	hlist_for_each_entry_rcu(pol, chain, bydst) {
*4882a593Smuzhiyun		int err;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (pol->priority > priority)
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		err = xfrm_policy_match(pol, fl, type, family, dir, if_id);
*4882a593Smuzhiyun		if (err) {
*4882a593Smuzhiyun			if (err != -ESRCH)
*4882a593Smuzhiyun				return ERR_PTR(err);
*4882a593Smuzhiyun
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (prefer) {
*4882a593Smuzhiyun			/* matches.  Is it older than *prefer? */
*4882a593Smuzhiyun			if (pol->priority == priority &&
*4882a593Smuzhiyun			    prefer->pos < pol->pos)
*4882a593Smuzhiyun				return prefer;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		return pol;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return NULL;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_policy *
*4882a593Smuzhiyunxfrm_policy_eval_candidates(struct xfrm_pol_inexact_candidates *cand,
*4882a593Smuzhiyun			    struct xfrm_policy *prefer,
*4882a593Smuzhiyun			    const struct flowi *fl,
*4882a593Smuzhiyun			    u8 type, u16 family, int dir, u32 if_id)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *tmp;
*4882a593Smuzhiyun	int i;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (i = 0; i < ARRAY_SIZE(cand->res); i++) {
*4882a593Smuzhiyun		tmp = __xfrm_policy_eval_candidates(cand->res[i],
*4882a593Smuzhiyun						    prefer,
*4882a593Smuzhiyun						    fl, type, family, dir,
*4882a593Smuzhiyun						    if_id);
*4882a593Smuzhiyun		if (!tmp)
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (IS_ERR(tmp))
*4882a593Smuzhiyun			return tmp;
*4882a593Smuzhiyun		prefer = tmp;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return prefer;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type,
*4882a593Smuzhiyun						     const struct flowi *fl,
*4882a593Smuzhiyun						     u16 family, u8 dir,
*4882a593Smuzhiyun						     u32 if_id)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_candidates cand;
*4882a593Smuzhiyun	const xfrm_address_t *daddr, *saddr;
*4882a593Smuzhiyun	struct xfrm_pol_inexact_bin *bin;
*4882a593Smuzhiyun	struct xfrm_policy *pol, *ret;
*4882a593Smuzhiyun	struct hlist_head *chain;
*4882a593Smuzhiyun	unsigned int sequence;
*4882a593Smuzhiyun	int err;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	daddr = xfrm_flowi_daddr(fl, family);
*4882a593Smuzhiyun	saddr = xfrm_flowi_saddr(fl, family);
*4882a593Smuzhiyun	if (unlikely(!daddr || !saddr))
*4882a593Smuzhiyun		return NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	rcu_read_lock();
*4882a593Smuzhiyun retry:
*4882a593Smuzhiyun	do {
*4882a593Smuzhiyun		sequence = read_seqcount_begin(&xfrm_policy_hash_generation);
*4882a593Smuzhiyun		chain = policy_hash_direct(net, daddr, saddr, family, dir);
*4882a593Smuzhiyun	} while (read_seqcount_retry(&xfrm_policy_hash_generation, sequence));
*4882a593Smuzhiyun
*4882a593Smuzhiyun	ret = NULL;
*4882a593Smuzhiyun	hlist_for_each_entry_rcu(pol, chain, bydst) {
*4882a593Smuzhiyun		err = xfrm_policy_match(pol, fl, type, family, dir, if_id);
*4882a593Smuzhiyun		if (err) {
*4882a593Smuzhiyun			if (err == -ESRCH)
*4882a593Smuzhiyun				continue;
*4882a593Smuzhiyun			else {
*4882a593Smuzhiyun				ret = ERR_PTR(err);
*4882a593Smuzhiyun				goto fail;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun		} else {
*4882a593Smuzhiyun			ret = pol;
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	bin = xfrm_policy_inexact_lookup_rcu(net, type, family, dir, if_id);
*4882a593Smuzhiyun	if (!bin || !xfrm_policy_find_inexact_candidates(&cand, bin, saddr,
*4882a593Smuzhiyun							 daddr))
*4882a593Smuzhiyun		goto skip_inexact;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	pol = xfrm_policy_eval_candidates(&cand, ret, fl, type,
*4882a593Smuzhiyun					  family, dir, if_id);
*4882a593Smuzhiyun	if (pol) {
*4882a593Smuzhiyun		ret = pol;
*4882a593Smuzhiyun		if (IS_ERR(pol))
*4882a593Smuzhiyun			goto fail;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyunskip_inexact:
*4882a593Smuzhiyun	if (read_seqcount_retry(&xfrm_policy_hash_generation, sequence))
*4882a593Smuzhiyun		goto retry;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (ret && !xfrm_pol_hold_rcu(ret))
*4882a593Smuzhiyun		goto retry;
*4882a593Smuzhiyunfail:
*4882a593Smuzhiyun	rcu_read_unlock();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return ret;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_policy *xfrm_policy_lookup(struct net *net,
*4882a593Smuzhiyun					      const struct flowi *fl,
*4882a593Smuzhiyun					      u16 family, u8 dir, u32 if_id)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun#ifdef CONFIG_XFRM_SUB_POLICY
*4882a593Smuzhiyun	struct xfrm_policy *pol;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	pol = xfrm_policy_lookup_bytype(net, XFRM_POLICY_TYPE_SUB, fl, family,
*4882a593Smuzhiyun					dir, if_id);
*4882a593Smuzhiyun	if (pol != NULL)
*4882a593Smuzhiyun		return pol;
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun	return xfrm_policy_lookup_bytype(net, XFRM_POLICY_TYPE_MAIN, fl, family,
*4882a593Smuzhiyun					 dir, if_id);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_policy *xfrm_sk_policy_lookup(const struct sock *sk, int dir,
*4882a593Smuzhiyun						 const struct flowi *fl,
*4882a593Smuzhiyun						 u16 family, u32 if_id)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *pol;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	rcu_read_lock();
*4882a593Smuzhiyun again:
*4882a593Smuzhiyun	pol = rcu_dereference(sk->sk_policy[dir]);
*4882a593Smuzhiyun	if (pol != NULL) {
*4882a593Smuzhiyun		bool match;
*4882a593Smuzhiyun		int err = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (pol->family != family) {
*4882a593Smuzhiyun			pol = NULL;
*4882a593Smuzhiyun			goto out;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		match = xfrm_selector_match(&pol->selector, fl, family);
*4882a593Smuzhiyun		if (match) {
*4882a593Smuzhiyun			if ((sk->sk_mark & pol->mark.m) != pol->mark.v ||
*4882a593Smuzhiyun			    pol->if_id != if_id) {
*4882a593Smuzhiyun				pol = NULL;
*4882a593Smuzhiyun				goto out;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			err = security_xfrm_policy_lookup(pol->security,
*4882a593Smuzhiyun						      fl->flowi_secid,
*4882a593Smuzhiyun						      dir);
*4882a593Smuzhiyun			if (!err) {
*4882a593Smuzhiyun				if (!xfrm_pol_hold_rcu(pol))
*4882a593Smuzhiyun					goto again;
*4882a593Smuzhiyun			} else if (err == -ESRCH) {
*4882a593Smuzhiyun				pol = NULL;
*4882a593Smuzhiyun			} else {
*4882a593Smuzhiyun				pol = ERR_PTR(err);
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun		} else
*4882a593Smuzhiyun			pol = NULL;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyunout:
*4882a593Smuzhiyun	rcu_read_unlock();
*4882a593Smuzhiyun	return pol;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void __xfrm_policy_link(struct xfrm_policy *pol, int dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = xp_net(pol);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	list_add(&pol->walk.all, &net->xfrm.policy_all);
*4882a593Smuzhiyun	net->xfrm.policy_count[dir]++;
*4882a593Smuzhiyun	xfrm_pol_hold(pol);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_policy *__xfrm_policy_unlink(struct xfrm_policy *pol,
*4882a593Smuzhiyun						int dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = xp_net(pol);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (list_empty(&pol->walk.all))
*4882a593Smuzhiyun		return NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* Socket policies are not hashed. */
*4882a593Smuzhiyun	if (!hlist_unhashed(&pol->bydst)) {
*4882a593Smuzhiyun		hlist_del_rcu(&pol->bydst);
*4882a593Smuzhiyun		hlist_del_init(&pol->bydst_inexact_list);
*4882a593Smuzhiyun		hlist_del(&pol->byidx);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	list_del_init(&pol->walk.all);
*4882a593Smuzhiyun	net->xfrm.policy_count[dir]--;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return pol;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_sk_policy_link(struct xfrm_policy *pol, int dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	__xfrm_policy_link(pol, XFRM_POLICY_MAX + dir);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_sk_policy_unlink(struct xfrm_policy *pol, int dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	__xfrm_policy_unlink(pol, XFRM_POLICY_MAX + dir);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunint xfrm_policy_delete(struct xfrm_policy *pol, int dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = xp_net(pol);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	pol = __xfrm_policy_unlink(pol, dir);
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	if (pol) {
*4882a593Smuzhiyun		xfrm_policy_kill(pol);
*4882a593Smuzhiyun		return 0;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	return -ENOENT;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_delete);
*4882a593Smuzhiyun
*4882a593Smuzhiyunint xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = sock_net(sk);
*4882a593Smuzhiyun	struct xfrm_policy *old_pol;
*4882a593Smuzhiyun
*4882a593Smuzhiyun#ifdef CONFIG_XFRM_SUB_POLICY
*4882a593Smuzhiyun	if (pol && pol->type != XFRM_POLICY_TYPE_MAIN)
*4882a593Smuzhiyun		return -EINVAL;
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	old_pol = rcu_dereference_protected(sk->sk_policy[dir],
*4882a593Smuzhiyun				lockdep_is_held(&net->xfrm.xfrm_policy_lock));
*4882a593Smuzhiyun	if (pol) {
*4882a593Smuzhiyun		pol->curlft.add_time = ktime_get_real_seconds();
*4882a593Smuzhiyun		pol->index = xfrm_gen_index(net, XFRM_POLICY_MAX+dir, 0);
*4882a593Smuzhiyun		xfrm_sk_policy_link(pol, dir);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	rcu_assign_pointer(sk->sk_policy[dir], pol);
*4882a593Smuzhiyun	if (old_pol) {
*4882a593Smuzhiyun		if (pol)
*4882a593Smuzhiyun			xfrm_policy_requeue(old_pol, pol);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		/* Unlinking succeeds always. This is the only function
*4882a593Smuzhiyun		 * allowed to delete or replace socket policy.
*4882a593Smuzhiyun		 */
*4882a593Smuzhiyun		xfrm_sk_policy_unlink(old_pol, dir);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (old_pol) {
*4882a593Smuzhiyun		xfrm_policy_kill(old_pol);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_policy *clone_policy(const struct xfrm_policy *old, int dir)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *newp = xfrm_policy_alloc(xp_net(old), GFP_ATOMIC);
*4882a593Smuzhiyun	struct net *net = xp_net(old);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (newp) {
*4882a593Smuzhiyun		newp->selector = old->selector;
*4882a593Smuzhiyun		if (security_xfrm_policy_clone(old->security,
*4882a593Smuzhiyun					       &newp->security)) {
*4882a593Smuzhiyun			kfree(newp);
*4882a593Smuzhiyun			return NULL;  /* ENOMEM */
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		newp->lft = old->lft;
*4882a593Smuzhiyun		newp->curlft = old->curlft;
*4882a593Smuzhiyun		newp->mark = old->mark;
*4882a593Smuzhiyun		newp->if_id = old->if_id;
*4882a593Smuzhiyun		newp->action = old->action;
*4882a593Smuzhiyun		newp->flags = old->flags;
*4882a593Smuzhiyun		newp->xfrm_nr = old->xfrm_nr;
*4882a593Smuzhiyun		newp->index = old->index;
*4882a593Smuzhiyun		newp->type = old->type;
*4882a593Smuzhiyun		newp->family = old->family;
*4882a593Smuzhiyun		memcpy(newp->xfrm_vec, old->xfrm_vec,
*4882a593Smuzhiyun		       newp->xfrm_nr*sizeof(struct xfrm_tmpl));
*4882a593Smuzhiyun		spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun		xfrm_sk_policy_link(newp, dir);
*4882a593Smuzhiyun		spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun		xfrm_pol_put(newp);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	return newp;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunint __xfrm_sk_clone_policy(struct sock *sk, const struct sock *osk)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct xfrm_policy *p;
*4882a593Smuzhiyun	struct xfrm_policy *np;
*4882a593Smuzhiyun	int i, ret = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	rcu_read_lock();
*4882a593Smuzhiyun	for (i = 0; i < 2; i++) {
*4882a593Smuzhiyun		p = rcu_dereference(osk->sk_policy[i]);
*4882a593Smuzhiyun		if (p) {
*4882a593Smuzhiyun			np = clone_policy(p, i);
*4882a593Smuzhiyun			if (unlikely(!np)) {
*4882a593Smuzhiyun				ret = -ENOMEM;
*4882a593Smuzhiyun				break;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			rcu_assign_pointer(sk->sk_policy[i], np);
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	rcu_read_unlock();
*4882a593Smuzhiyun	return ret;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int
*4882a593Smuzhiyunxfrm_get_saddr(struct net *net, int oif, xfrm_address_t *local,
*4882a593Smuzhiyun	       xfrm_address_t *remote, unsigned short family, u32 mark)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	int err;
*4882a593Smuzhiyun	const struct xfrm_policy_afinfo *afinfo = xfrm_policy_get_afinfo(family);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (unlikely(afinfo == NULL))
*4882a593Smuzhiyun		return -EINVAL;
*4882a593Smuzhiyun	err = afinfo->get_saddr(net, oif, local, remote, mark);
*4882a593Smuzhiyun	rcu_read_unlock();
*4882a593Smuzhiyun	return err;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Resolve list of templates for the flow, given policy. */
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int
*4882a593Smuzhiyunxfrm_tmpl_resolve_one(struct xfrm_policy *policy, const struct flowi *fl,
*4882a593Smuzhiyun		      struct xfrm_state **xfrm, unsigned short family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = xp_net(policy);
*4882a593Smuzhiyun	int nx;
*4882a593Smuzhiyun	int i, error;
*4882a593Smuzhiyun	xfrm_address_t *daddr = xfrm_flowi_daddr(fl, family);
*4882a593Smuzhiyun	xfrm_address_t *saddr = xfrm_flowi_saddr(fl, family);
*4882a593Smuzhiyun	xfrm_address_t tmp;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (nx = 0, i = 0; i < policy->xfrm_nr; i++) {
*4882a593Smuzhiyun		struct xfrm_state *x;
*4882a593Smuzhiyun		xfrm_address_t *remote = daddr;
*4882a593Smuzhiyun		xfrm_address_t *local  = saddr;
*4882a593Smuzhiyun		struct xfrm_tmpl *tmpl = &policy->xfrm_vec[i];
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (tmpl->mode == XFRM_MODE_TUNNEL ||
*4882a593Smuzhiyun		    tmpl->mode == XFRM_MODE_BEET) {
*4882a593Smuzhiyun			remote = &tmpl->id.daddr;
*4882a593Smuzhiyun			local = &tmpl->saddr;
*4882a593Smuzhiyun			if (xfrm_addr_any(local, tmpl->encap_family)) {
*4882a593Smuzhiyun				error = xfrm_get_saddr(net, fl->flowi_oif,
*4882a593Smuzhiyun						       &tmp, remote,
*4882a593Smuzhiyun						       tmpl->encap_family, 0);
*4882a593Smuzhiyun				if (error)
*4882a593Smuzhiyun					goto fail;
*4882a593Smuzhiyun				local = &tmp;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		x = xfrm_state_find(remote, local, fl, tmpl, policy, &error,
*4882a593Smuzhiyun				    family, policy->if_id);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (x && x->km.state == XFRM_STATE_VALID) {
*4882a593Smuzhiyun			xfrm[nx++] = x;
*4882a593Smuzhiyun			daddr = remote;
*4882a593Smuzhiyun			saddr = local;
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		if (x) {
*4882a593Smuzhiyun			error = (x->km.state == XFRM_STATE_ERROR ?
*4882a593Smuzhiyun				 -EINVAL : -EAGAIN);
*4882a593Smuzhiyun			xfrm_state_put(x);
*4882a593Smuzhiyun		} else if (error == -ESRCH) {
*4882a593Smuzhiyun			error = -EAGAIN;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (!tmpl->optional)
*4882a593Smuzhiyun			goto fail;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	return nx;
*4882a593Smuzhiyun
*4882a593Smuzhiyunfail:
*4882a593Smuzhiyun	for (nx--; nx >= 0; nx--)
*4882a593Smuzhiyun		xfrm_state_put(xfrm[nx]);
*4882a593Smuzhiyun	return error;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int
*4882a593Smuzhiyunxfrm_tmpl_resolve(struct xfrm_policy **pols, int npols, const struct flowi *fl,
*4882a593Smuzhiyun		  struct xfrm_state **xfrm, unsigned short family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_state *tp[XFRM_MAX_DEPTH];
*4882a593Smuzhiyun	struct xfrm_state **tpp = (npols > 1) ? tp : xfrm;
*4882a593Smuzhiyun	int cnx = 0;
*4882a593Smuzhiyun	int error;
*4882a593Smuzhiyun	int ret;
*4882a593Smuzhiyun	int i;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (i = 0; i < npols; i++) {
*4882a593Smuzhiyun		if (cnx + pols[i]->xfrm_nr >= XFRM_MAX_DEPTH) {
*4882a593Smuzhiyun			error = -ENOBUFS;
*4882a593Smuzhiyun			goto fail;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		ret = xfrm_tmpl_resolve_one(pols[i], fl, &tpp[cnx], family);
*4882a593Smuzhiyun		if (ret < 0) {
*4882a593Smuzhiyun			error = ret;
*4882a593Smuzhiyun			goto fail;
*4882a593Smuzhiyun		} else
*4882a593Smuzhiyun			cnx += ret;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* found states are sorted for outbound processing */
*4882a593Smuzhiyun	if (npols > 1)
*4882a593Smuzhiyun		xfrm_state_sort(xfrm, tpp, cnx, family);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return cnx;
*4882a593Smuzhiyun
*4882a593Smuzhiyun fail:
*4882a593Smuzhiyun	for (cnx--; cnx >= 0; cnx--)
*4882a593Smuzhiyun		xfrm_state_put(tpp[cnx]);
*4882a593Smuzhiyun	return error;
*4882a593Smuzhiyun
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int xfrm_get_tos(const struct flowi *fl, int family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	if (family == AF_INET)
*4882a593Smuzhiyun		return IPTOS_RT_MASK & fl->u.ip4.flowi4_tos;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline struct xfrm_dst *xfrm_alloc_dst(struct net *net, int family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct xfrm_policy_afinfo *afinfo = xfrm_policy_get_afinfo(family);
*4882a593Smuzhiyun	struct dst_ops *dst_ops;
*4882a593Smuzhiyun	struct xfrm_dst *xdst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!afinfo)
*4882a593Smuzhiyun		return ERR_PTR(-EINVAL);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	switch (family) {
*4882a593Smuzhiyun	case AF_INET:
*4882a593Smuzhiyun		dst_ops = &net->xfrm.xfrm4_dst_ops;
*4882a593Smuzhiyun		break;
*4882a593Smuzhiyun#if IS_ENABLED(CONFIG_IPV6)
*4882a593Smuzhiyun	case AF_INET6:
*4882a593Smuzhiyun		dst_ops = &net->xfrm.xfrm6_dst_ops;
*4882a593Smuzhiyun		break;
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun	default:
*4882a593Smuzhiyun		BUG();
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	xdst = dst_alloc(dst_ops, NULL, 1, DST_OBSOLETE_NONE, 0);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (likely(xdst)) {
*4882a593Smuzhiyun		struct dst_entry *dst = &xdst->u.dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		memset(dst + 1, 0, sizeof(*xdst) - sizeof(*dst));
*4882a593Smuzhiyun	} else
*4882a593Smuzhiyun		xdst = ERR_PTR(-ENOBUFS);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	rcu_read_unlock();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return xdst;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_init_path(struct xfrm_dst *path, struct dst_entry *dst,
*4882a593Smuzhiyun			   int nfheader_len)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	if (dst->ops->family == AF_INET6) {
*4882a593Smuzhiyun		struct rt6_info *rt = (struct rt6_info *)dst;
*4882a593Smuzhiyun		path->path_cookie = rt6_get_cookie(rt);
*4882a593Smuzhiyun		path->u.rt6.rt6i_nfheader_len = nfheader_len;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline int xfrm_fill_dst(struct xfrm_dst *xdst, struct net_device *dev,
*4882a593Smuzhiyun				const struct flowi *fl)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct xfrm_policy_afinfo *afinfo =
*4882a593Smuzhiyun		xfrm_policy_get_afinfo(xdst->u.dst.ops->family);
*4882a593Smuzhiyun	int err;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!afinfo)
*4882a593Smuzhiyun		return -EINVAL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	err = afinfo->fill_dst(xdst, dev, fl);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	rcu_read_unlock();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return err;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Allocate chain of dst_entry's, attach known xfrm's, calculate
*4882a593Smuzhiyun * all the metrics... Shortly, bundle a bundle.
*4882a593Smuzhiyun */
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
*4882a593Smuzhiyun					    struct xfrm_state **xfrm,
*4882a593Smuzhiyun					    struct xfrm_dst **bundle,
*4882a593Smuzhiyun					    int nx,
*4882a593Smuzhiyun					    const struct flowi *fl,
*4882a593Smuzhiyun					    struct dst_entry *dst)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct xfrm_state_afinfo *afinfo;
*4882a593Smuzhiyun	const struct xfrm_mode *inner_mode;
*4882a593Smuzhiyun	struct net *net = xp_net(policy);
*4882a593Smuzhiyun	unsigned long now = jiffies;
*4882a593Smuzhiyun	struct net_device *dev;
*4882a593Smuzhiyun	struct xfrm_dst *xdst_prev = NULL;
*4882a593Smuzhiyun	struct xfrm_dst *xdst0 = NULL;
*4882a593Smuzhiyun	int i = 0;
*4882a593Smuzhiyun	int err;
*4882a593Smuzhiyun	int header_len = 0;
*4882a593Smuzhiyun	int nfheader_len = 0;
*4882a593Smuzhiyun	int trailer_len = 0;
*4882a593Smuzhiyun	int tos;
*4882a593Smuzhiyun	int family = policy->selector.family;
*4882a593Smuzhiyun	xfrm_address_t saddr, daddr;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xfrm_flowi_addr_get(fl, &saddr, &daddr, family);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	tos = xfrm_get_tos(fl, family);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst_hold(dst);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (; i < nx; i++) {
*4882a593Smuzhiyun		struct xfrm_dst *xdst = xfrm_alloc_dst(net, family);
*4882a593Smuzhiyun		struct dst_entry *dst1 = &xdst->u.dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		err = PTR_ERR(xdst);
*4882a593Smuzhiyun		if (IS_ERR(xdst)) {
*4882a593Smuzhiyun			dst_release(dst);
*4882a593Smuzhiyun			goto put_states;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		bundle[i] = xdst;
*4882a593Smuzhiyun		if (!xdst_prev)
*4882a593Smuzhiyun			xdst0 = xdst;
*4882a593Smuzhiyun		else
*4882a593Smuzhiyun			/* Ref count is taken during xfrm_alloc_dst()
*4882a593Smuzhiyun			 * No need to do dst_clone() on dst1
*4882a593Smuzhiyun			 */
*4882a593Smuzhiyun			xfrm_dst_set_child(xdst_prev, &xdst->u.dst);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (xfrm[i]->sel.family == AF_UNSPEC) {
*4882a593Smuzhiyun			inner_mode = xfrm_ip2inner_mode(xfrm[i],
*4882a593Smuzhiyun							xfrm_af2proto(family));
*4882a593Smuzhiyun			if (!inner_mode) {
*4882a593Smuzhiyun				err = -EAFNOSUPPORT;
*4882a593Smuzhiyun				dst_release(dst);
*4882a593Smuzhiyun				goto put_states;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun		} else
*4882a593Smuzhiyun			inner_mode = &xfrm[i]->inner_mode;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		xdst->route = dst;
*4882a593Smuzhiyun		dst_copy_metrics(dst1, dst);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (xfrm[i]->props.mode != XFRM_MODE_TRANSPORT) {
*4882a593Smuzhiyun			__u32 mark = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun			if (xfrm[i]->props.smark.v || xfrm[i]->props.smark.m)
*4882a593Smuzhiyun				mark = xfrm_smark_get(fl->flowi_mark, xfrm[i]);
*4882a593Smuzhiyun
*4882a593Smuzhiyun			family = xfrm[i]->props.family;
*4882a593Smuzhiyun			dst = xfrm_dst_lookup(xfrm[i], tos, fl->flowi_oif,
*4882a593Smuzhiyun					      &saddr, &daddr, family, mark);
*4882a593Smuzhiyun			err = PTR_ERR(dst);
*4882a593Smuzhiyun			if (IS_ERR(dst))
*4882a593Smuzhiyun				goto put_states;
*4882a593Smuzhiyun		} else
*4882a593Smuzhiyun			dst_hold(dst);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		dst1->xfrm = xfrm[i];
*4882a593Smuzhiyun		xdst->xfrm_genid = xfrm[i]->genid;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		dst1->obsolete = DST_OBSOLETE_FORCE_CHK;
*4882a593Smuzhiyun		dst1->lastuse = now;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		dst1->input = dst_discard;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		rcu_read_lock();
*4882a593Smuzhiyun		afinfo = xfrm_state_afinfo_get_rcu(inner_mode->family);
*4882a593Smuzhiyun		if (likely(afinfo))
*4882a593Smuzhiyun			dst1->output = afinfo->output;
*4882a593Smuzhiyun		else
*4882a593Smuzhiyun			dst1->output = dst_discard_out;
*4882a593Smuzhiyun		rcu_read_unlock();
*4882a593Smuzhiyun
*4882a593Smuzhiyun		xdst_prev = xdst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		header_len += xfrm[i]->props.header_len;
*4882a593Smuzhiyun		if (xfrm[i]->type->flags & XFRM_TYPE_NON_FRAGMENT)
*4882a593Smuzhiyun			nfheader_len += xfrm[i]->props.header_len;
*4882a593Smuzhiyun		trailer_len += xfrm[i]->props.trailer_len;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xfrm_dst_set_child(xdst_prev, dst);
*4882a593Smuzhiyun	xdst0->path = dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	err = -ENODEV;
*4882a593Smuzhiyun	dev = dst->dev;
*4882a593Smuzhiyun	if (!dev)
*4882a593Smuzhiyun		goto free_dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xfrm_init_path(xdst0, dst, nfheader_len);
*4882a593Smuzhiyun	xfrm_init_pmtu(bundle, nx);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (xdst_prev = xdst0; xdst_prev != (struct xfrm_dst *)dst;
*4882a593Smuzhiyun	     xdst_prev = (struct xfrm_dst *) xfrm_dst_child(&xdst_prev->u.dst)) {
*4882a593Smuzhiyun		err = xfrm_fill_dst(xdst_prev, dev, fl);
*4882a593Smuzhiyun		if (err)
*4882a593Smuzhiyun			goto free_dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		xdst_prev->u.dst.header_len = header_len;
*4882a593Smuzhiyun		xdst_prev->u.dst.trailer_len = trailer_len;
*4882a593Smuzhiyun		header_len -= xdst_prev->u.dst.xfrm->props.header_len;
*4882a593Smuzhiyun		trailer_len -= xdst_prev->u.dst.xfrm->props.trailer_len;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return &xdst0->u.dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyunput_states:
*4882a593Smuzhiyun	for (; i < nx; i++)
*4882a593Smuzhiyun		xfrm_state_put(xfrm[i]);
*4882a593Smuzhiyunfree_dst:
*4882a593Smuzhiyun	if (xdst0)
*4882a593Smuzhiyun		dst_release_immediate(&xdst0->u.dst);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return ERR_PTR(err);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int xfrm_expand_policies(const struct flowi *fl, u16 family,
*4882a593Smuzhiyun				struct xfrm_policy **pols,
*4882a593Smuzhiyun				int *num_pols, int *num_xfrms)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	int i;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (*num_pols == 0 || !pols[0]) {
*4882a593Smuzhiyun		*num_pols = 0;
*4882a593Smuzhiyun		*num_xfrms = 0;
*4882a593Smuzhiyun		return 0;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	if (IS_ERR(pols[0])) {
*4882a593Smuzhiyun		*num_pols = 0;
*4882a593Smuzhiyun		return PTR_ERR(pols[0]);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	*num_xfrms = pols[0]->xfrm_nr;
*4882a593Smuzhiyun
*4882a593Smuzhiyun#ifdef CONFIG_XFRM_SUB_POLICY
*4882a593Smuzhiyun	if (pols[0] && pols[0]->action == XFRM_POLICY_ALLOW &&
*4882a593Smuzhiyun	    pols[0]->type != XFRM_POLICY_TYPE_MAIN) {
*4882a593Smuzhiyun		pols[1] = xfrm_policy_lookup_bytype(xp_net(pols[0]),
*4882a593Smuzhiyun						    XFRM_POLICY_TYPE_MAIN,
*4882a593Smuzhiyun						    fl, family,
*4882a593Smuzhiyun						    XFRM_POLICY_OUT,
*4882a593Smuzhiyun						    pols[0]->if_id);
*4882a593Smuzhiyun		if (pols[1]) {
*4882a593Smuzhiyun			if (IS_ERR(pols[1])) {
*4882a593Smuzhiyun				xfrm_pols_put(pols, *num_pols);
*4882a593Smuzhiyun				*num_pols = 0;
*4882a593Smuzhiyun				return PTR_ERR(pols[1]);
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			(*num_pols)++;
*4882a593Smuzhiyun			(*num_xfrms) += pols[1]->xfrm_nr;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun	for (i = 0; i < *num_pols; i++) {
*4882a593Smuzhiyun		if (pols[i]->action != XFRM_POLICY_ALLOW) {
*4882a593Smuzhiyun			*num_xfrms = -1;
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_dst *
*4882a593Smuzhiyunxfrm_resolve_and_create_bundle(struct xfrm_policy **pols, int num_pols,
*4882a593Smuzhiyun			       const struct flowi *fl, u16 family,
*4882a593Smuzhiyun			       struct dst_entry *dst_orig)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = xp_net(pols[0]);
*4882a593Smuzhiyun	struct xfrm_state *xfrm[XFRM_MAX_DEPTH];
*4882a593Smuzhiyun	struct xfrm_dst *bundle[XFRM_MAX_DEPTH];
*4882a593Smuzhiyun	struct xfrm_dst *xdst;
*4882a593Smuzhiyun	struct dst_entry *dst;
*4882a593Smuzhiyun	int err;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* Try to instantiate a bundle */
*4882a593Smuzhiyun	err = xfrm_tmpl_resolve(pols, num_pols, fl, xfrm, family);
*4882a593Smuzhiyun	if (err <= 0) {
*4882a593Smuzhiyun		if (err == 0)
*4882a593Smuzhiyun			return NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (err != -EAGAIN)
*4882a593Smuzhiyun			XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTPOLERROR);
*4882a593Smuzhiyun		return ERR_PTR(err);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst = xfrm_bundle_create(pols[0], xfrm, bundle, err, fl, dst_orig);
*4882a593Smuzhiyun	if (IS_ERR(dst)) {
*4882a593Smuzhiyun		XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTBUNDLEGENERROR);
*4882a593Smuzhiyun		return ERR_CAST(dst);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xdst = (struct xfrm_dst *)dst;
*4882a593Smuzhiyun	xdst->num_xfrms = err;
*4882a593Smuzhiyun	xdst->num_pols = num_pols;
*4882a593Smuzhiyun	memcpy(xdst->pols, pols, sizeof(struct xfrm_policy *) * num_pols);
*4882a593Smuzhiyun	xdst->policy_genid = atomic_read(&pols[0]->genid);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return xdst;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_policy_queue_process(struct timer_list *t)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct sk_buff *skb;
*4882a593Smuzhiyun	struct sock *sk;
*4882a593Smuzhiyun	struct dst_entry *dst;
*4882a593Smuzhiyun	struct xfrm_policy *pol = from_timer(pol, t, polq.hold_timer);
*4882a593Smuzhiyun	struct net *net = xp_net(pol);
*4882a593Smuzhiyun	struct xfrm_policy_queue *pq = &pol->polq;
*4882a593Smuzhiyun	struct flowi fl;
*4882a593Smuzhiyun	struct sk_buff_head list;
*4882a593Smuzhiyun	__u32 skb_mark;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock(&pq->hold_queue.lock);
*4882a593Smuzhiyun	skb = skb_peek(&pq->hold_queue);
*4882a593Smuzhiyun	if (!skb) {
*4882a593Smuzhiyun		spin_unlock(&pq->hold_queue.lock);
*4882a593Smuzhiyun		goto out;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	dst = skb_dst(skb);
*4882a593Smuzhiyun	sk = skb->sk;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* Fixup the mark to support VTI. */
*4882a593Smuzhiyun	skb_mark = skb->mark;
*4882a593Smuzhiyun	skb->mark = pol->mark.v;
*4882a593Smuzhiyun	xfrm_decode_session(skb, &fl, dst->ops->family);
*4882a593Smuzhiyun	skb->mark = skb_mark;
*4882a593Smuzhiyun	spin_unlock(&pq->hold_queue.lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst_hold(xfrm_dst_path(dst));
*4882a593Smuzhiyun	dst = xfrm_lookup(net, xfrm_dst_path(dst), &fl, sk, XFRM_LOOKUP_QUEUE);
*4882a593Smuzhiyun	if (IS_ERR(dst))
*4882a593Smuzhiyun		goto purge_queue;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (dst->flags & DST_XFRM_QUEUE) {
*4882a593Smuzhiyun		dst_release(dst);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (pq->timeout >= XFRM_QUEUE_TMO_MAX)
*4882a593Smuzhiyun			goto purge_queue;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		pq->timeout = pq->timeout << 1;
*4882a593Smuzhiyun		if (!mod_timer(&pq->hold_timer, jiffies + pq->timeout))
*4882a593Smuzhiyun			xfrm_pol_hold(pol);
*4882a593Smuzhiyun		goto out;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst_release(dst);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	__skb_queue_head_init(&list);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock(&pq->hold_queue.lock);
*4882a593Smuzhiyun	pq->timeout = 0;
*4882a593Smuzhiyun	skb_queue_splice_init(&pq->hold_queue, &list);
*4882a593Smuzhiyun	spin_unlock(&pq->hold_queue.lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	while (!skb_queue_empty(&list)) {
*4882a593Smuzhiyun		skb = __skb_dequeue(&list);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		/* Fixup the mark to support VTI. */
*4882a593Smuzhiyun		skb_mark = skb->mark;
*4882a593Smuzhiyun		skb->mark = pol->mark.v;
*4882a593Smuzhiyun		xfrm_decode_session(skb, &fl, skb_dst(skb)->ops->family);
*4882a593Smuzhiyun		skb->mark = skb_mark;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		dst_hold(xfrm_dst_path(skb_dst(skb)));
*4882a593Smuzhiyun		dst = xfrm_lookup(net, xfrm_dst_path(skb_dst(skb)), &fl, skb->sk, 0);
*4882a593Smuzhiyun		if (IS_ERR(dst)) {
*4882a593Smuzhiyun			kfree_skb(skb);
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		nf_reset_ct(skb);
*4882a593Smuzhiyun		skb_dst_drop(skb);
*4882a593Smuzhiyun		skb_dst_set(skb, dst);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		dst_output(net, skb->sk, skb);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyunout:
*4882a593Smuzhiyun	xfrm_pol_put(pol);
*4882a593Smuzhiyun	return;
*4882a593Smuzhiyun
*4882a593Smuzhiyunpurge_queue:
*4882a593Smuzhiyun	pq->timeout = 0;
*4882a593Smuzhiyun	skb_queue_purge(&pq->hold_queue);
*4882a593Smuzhiyun	xfrm_pol_put(pol);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int xdst_queue_output(struct net *net, struct sock *sk, struct sk_buff *skb)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	unsigned long sched_next;
*4882a593Smuzhiyun	struct dst_entry *dst = skb_dst(skb);
*4882a593Smuzhiyun	struct xfrm_dst *xdst = (struct xfrm_dst *) dst;
*4882a593Smuzhiyun	struct xfrm_policy *pol = xdst->pols[0];
*4882a593Smuzhiyun	struct xfrm_policy_queue *pq = &pol->polq;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (unlikely(skb_fclone_busy(sk, skb))) {
*4882a593Smuzhiyun		kfree_skb(skb);
*4882a593Smuzhiyun		return 0;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (pq->hold_queue.qlen > XFRM_MAX_QUEUE_LEN) {
*4882a593Smuzhiyun		kfree_skb(skb);
*4882a593Smuzhiyun		return -EAGAIN;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	skb_dst_force(skb);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&pq->hold_queue.lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!pq->timeout)
*4882a593Smuzhiyun		pq->timeout = XFRM_QUEUE_TMO_MIN;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	sched_next = jiffies + pq->timeout;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (del_timer(&pq->hold_timer)) {
*4882a593Smuzhiyun		if (time_before(pq->hold_timer.expires, sched_next))
*4882a593Smuzhiyun			sched_next = pq->hold_timer.expires;
*4882a593Smuzhiyun		xfrm_pol_put(pol);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	__skb_queue_tail(&pq->hold_queue, skb);
*4882a593Smuzhiyun	if (!mod_timer(&pq->hold_timer, sched_next))
*4882a593Smuzhiyun		xfrm_pol_hold(pol);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_unlock_bh(&pq->hold_queue.lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_dst *xfrm_create_dummy_bundle(struct net *net,
*4882a593Smuzhiyun						 struct xfrm_flo *xflo,
*4882a593Smuzhiyun						 const struct flowi *fl,
*4882a593Smuzhiyun						 int num_xfrms,
*4882a593Smuzhiyun						 u16 family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	int err;
*4882a593Smuzhiyun	struct net_device *dev;
*4882a593Smuzhiyun	struct dst_entry *dst;
*4882a593Smuzhiyun	struct dst_entry *dst1;
*4882a593Smuzhiyun	struct xfrm_dst *xdst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xdst = xfrm_alloc_dst(net, family);
*4882a593Smuzhiyun	if (IS_ERR(xdst))
*4882a593Smuzhiyun		return xdst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!(xflo->flags & XFRM_LOOKUP_QUEUE) ||
*4882a593Smuzhiyun	    net->xfrm.sysctl_larval_drop ||
*4882a593Smuzhiyun	    num_xfrms <= 0)
*4882a593Smuzhiyun		return xdst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst = xflo->dst_orig;
*4882a593Smuzhiyun	dst1 = &xdst->u.dst;
*4882a593Smuzhiyun	dst_hold(dst);
*4882a593Smuzhiyun	xdst->route = dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst_copy_metrics(dst1, dst);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst1->obsolete = DST_OBSOLETE_FORCE_CHK;
*4882a593Smuzhiyun	dst1->flags |= DST_XFRM_QUEUE;
*4882a593Smuzhiyun	dst1->lastuse = jiffies;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst1->input = dst_discard;
*4882a593Smuzhiyun	dst1->output = xdst_queue_output;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst_hold(dst);
*4882a593Smuzhiyun	xfrm_dst_set_child(xdst, dst);
*4882a593Smuzhiyun	xdst->path = dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xfrm_init_path((struct xfrm_dst *)dst1, dst, 0);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	err = -ENODEV;
*4882a593Smuzhiyun	dev = dst->dev;
*4882a593Smuzhiyun	if (!dev)
*4882a593Smuzhiyun		goto free_dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	err = xfrm_fill_dst(xdst, dev, fl);
*4882a593Smuzhiyun	if (err)
*4882a593Smuzhiyun		goto free_dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyunout:
*4882a593Smuzhiyun	return xdst;
*4882a593Smuzhiyun
*4882a593Smuzhiyunfree_dst:
*4882a593Smuzhiyun	dst_release(dst1);
*4882a593Smuzhiyun	xdst = ERR_PTR(err);
*4882a593Smuzhiyun	goto out;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_dst *xfrm_bundle_lookup(struct net *net,
*4882a593Smuzhiyun					   const struct flowi *fl,
*4882a593Smuzhiyun					   u16 family, u8 dir,
*4882a593Smuzhiyun					   struct xfrm_flo *xflo, u32 if_id)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *pols[XFRM_POLICY_TYPE_MAX];
*4882a593Smuzhiyun	int num_pols = 0, num_xfrms = 0, err;
*4882a593Smuzhiyun	struct xfrm_dst *xdst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* Resolve policies to use if we couldn't get them from
*4882a593Smuzhiyun	 * previous cache entry */
*4882a593Smuzhiyun	num_pols = 1;
*4882a593Smuzhiyun	pols[0] = xfrm_policy_lookup(net, fl, family, dir, if_id);
*4882a593Smuzhiyun	err = xfrm_expand_policies(fl, family, pols,
*4882a593Smuzhiyun					   &num_pols, &num_xfrms);
*4882a593Smuzhiyun	if (err < 0)
*4882a593Smuzhiyun		goto inc_error;
*4882a593Smuzhiyun	if (num_pols == 0)
*4882a593Smuzhiyun		return NULL;
*4882a593Smuzhiyun	if (num_xfrms <= 0)
*4882a593Smuzhiyun		goto make_dummy_bundle;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xdst = xfrm_resolve_and_create_bundle(pols, num_pols, fl, family,
*4882a593Smuzhiyun					      xflo->dst_orig);
*4882a593Smuzhiyun	if (IS_ERR(xdst)) {
*4882a593Smuzhiyun		err = PTR_ERR(xdst);
*4882a593Smuzhiyun		if (err == -EREMOTE) {
*4882a593Smuzhiyun			xfrm_pols_put(pols, num_pols);
*4882a593Smuzhiyun			return NULL;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (err != -EAGAIN)
*4882a593Smuzhiyun			goto error;
*4882a593Smuzhiyun		goto make_dummy_bundle;
*4882a593Smuzhiyun	} else if (xdst == NULL) {
*4882a593Smuzhiyun		num_xfrms = 0;
*4882a593Smuzhiyun		goto make_dummy_bundle;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return xdst;
*4882a593Smuzhiyun
*4882a593Smuzhiyunmake_dummy_bundle:
*4882a593Smuzhiyun	/* We found policies, but there's no bundles to instantiate:
*4882a593Smuzhiyun	 * either because the policy blocks, has no transformations or
*4882a593Smuzhiyun	 * we could not build template (no xfrm_states).*/
*4882a593Smuzhiyun	xdst = xfrm_create_dummy_bundle(net, xflo, fl, num_xfrms, family);
*4882a593Smuzhiyun	if (IS_ERR(xdst)) {
*4882a593Smuzhiyun		xfrm_pols_put(pols, num_pols);
*4882a593Smuzhiyun		return ERR_CAST(xdst);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	xdst->num_pols = num_pols;
*4882a593Smuzhiyun	xdst->num_xfrms = num_xfrms;
*4882a593Smuzhiyun	memcpy(xdst->pols, pols, sizeof(struct xfrm_policy *) * num_pols);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return xdst;
*4882a593Smuzhiyun
*4882a593Smuzhiyuninc_error:
*4882a593Smuzhiyun	XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTPOLERROR);
*4882a593Smuzhiyunerror:
*4882a593Smuzhiyun	xfrm_pols_put(pols, num_pols);
*4882a593Smuzhiyun	return ERR_PTR(err);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct dst_entry *make_blackhole(struct net *net, u16 family,
*4882a593Smuzhiyun					struct dst_entry *dst_orig)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct xfrm_policy_afinfo *afinfo = xfrm_policy_get_afinfo(family);
*4882a593Smuzhiyun	struct dst_entry *ret;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!afinfo) {
*4882a593Smuzhiyun		dst_release(dst_orig);
*4882a593Smuzhiyun		return ERR_PTR(-EINVAL);
*4882a593Smuzhiyun	} else {
*4882a593Smuzhiyun		ret = afinfo->blackhole_route(net, dst_orig);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	rcu_read_unlock();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return ret;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Finds/creates a bundle for given flow and if_id
*4882a593Smuzhiyun *
*4882a593Smuzhiyun * At the moment we eat a raw IP route. Mostly to speed up lookups
*4882a593Smuzhiyun * on interfaces with disabled IPsec.
*4882a593Smuzhiyun *
*4882a593Smuzhiyun * xfrm_lookup uses an if_id of 0 by default, and is provided for
*4882a593Smuzhiyun * compatibility
*4882a593Smuzhiyun */
*4882a593Smuzhiyunstruct dst_entry *xfrm_lookup_with_ifid(struct net *net,
*4882a593Smuzhiyun					struct dst_entry *dst_orig,
*4882a593Smuzhiyun					const struct flowi *fl,
*4882a593Smuzhiyun					const struct sock *sk,
*4882a593Smuzhiyun					int flags, u32 if_id)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *pols[XFRM_POLICY_TYPE_MAX];
*4882a593Smuzhiyun	struct xfrm_dst *xdst;
*4882a593Smuzhiyun	struct dst_entry *dst, *route;
*4882a593Smuzhiyun	u16 family = dst_orig->ops->family;
*4882a593Smuzhiyun	u8 dir = XFRM_POLICY_OUT;
*4882a593Smuzhiyun	int i, err, num_pols, num_xfrms = 0, drop_pols = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst = NULL;
*4882a593Smuzhiyun	xdst = NULL;
*4882a593Smuzhiyun	route = NULL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	sk = sk_const_to_full_sk(sk);
*4882a593Smuzhiyun	if (sk && sk->sk_policy[XFRM_POLICY_OUT]) {
*4882a593Smuzhiyun		num_pols = 1;
*4882a593Smuzhiyun		pols[0] = xfrm_sk_policy_lookup(sk, XFRM_POLICY_OUT, fl, family,
*4882a593Smuzhiyun						if_id);
*4882a593Smuzhiyun		err = xfrm_expand_policies(fl, family, pols,
*4882a593Smuzhiyun					   &num_pols, &num_xfrms);
*4882a593Smuzhiyun		if (err < 0)
*4882a593Smuzhiyun			goto dropdst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (num_pols) {
*4882a593Smuzhiyun			if (num_xfrms <= 0) {
*4882a593Smuzhiyun				drop_pols = num_pols;
*4882a593Smuzhiyun				goto no_transform;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun
*4882a593Smuzhiyun			xdst = xfrm_resolve_and_create_bundle(
*4882a593Smuzhiyun					pols, num_pols, fl,
*4882a593Smuzhiyun					family, dst_orig);
*4882a593Smuzhiyun
*4882a593Smuzhiyun			if (IS_ERR(xdst)) {
*4882a593Smuzhiyun				xfrm_pols_put(pols, num_pols);
*4882a593Smuzhiyun				err = PTR_ERR(xdst);
*4882a593Smuzhiyun				if (err == -EREMOTE)
*4882a593Smuzhiyun					goto nopol;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				goto dropdst;
*4882a593Smuzhiyun			} else if (xdst == NULL) {
*4882a593Smuzhiyun				num_xfrms = 0;
*4882a593Smuzhiyun				drop_pols = num_pols;
*4882a593Smuzhiyun				goto no_transform;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun
*4882a593Smuzhiyun			route = xdst->route;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (xdst == NULL) {
*4882a593Smuzhiyun		struct xfrm_flo xflo;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		xflo.dst_orig = dst_orig;
*4882a593Smuzhiyun		xflo.flags = flags;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		/* To accelerate a bit...  */
*4882a593Smuzhiyun		if (!if_id && ((dst_orig->flags & DST_NOXFRM) ||
*4882a593Smuzhiyun			       !net->xfrm.policy_count[XFRM_POLICY_OUT]))
*4882a593Smuzhiyun			goto nopol;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		xdst = xfrm_bundle_lookup(net, fl, family, dir, &xflo, if_id);
*4882a593Smuzhiyun		if (xdst == NULL)
*4882a593Smuzhiyun			goto nopol;
*4882a593Smuzhiyun		if (IS_ERR(xdst)) {
*4882a593Smuzhiyun			err = PTR_ERR(xdst);
*4882a593Smuzhiyun			goto dropdst;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		num_pols = xdst->num_pols;
*4882a593Smuzhiyun		num_xfrms = xdst->num_xfrms;
*4882a593Smuzhiyun		memcpy(pols, xdst->pols, sizeof(struct xfrm_policy *) * num_pols);
*4882a593Smuzhiyun		route = xdst->route;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst = &xdst->u.dst;
*4882a593Smuzhiyun	if (route == NULL && num_xfrms > 0) {
*4882a593Smuzhiyun		/* The only case when xfrm_bundle_lookup() returns a
*4882a593Smuzhiyun		 * bundle with null route, is when the template could
*4882a593Smuzhiyun		 * not be resolved. It means policies are there, but
*4882a593Smuzhiyun		 * bundle could not be created, since we don't yet
*4882a593Smuzhiyun		 * have the xfrm_state's. We need to wait for KM to
*4882a593Smuzhiyun		 * negotiate new SA's or bail out with error.*/
*4882a593Smuzhiyun		if (net->xfrm.sysctl_larval_drop) {
*4882a593Smuzhiyun			XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTNOSTATES);
*4882a593Smuzhiyun			err = -EREMOTE;
*4882a593Smuzhiyun			goto error;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		err = -EAGAIN;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTNOSTATES);
*4882a593Smuzhiyun		goto error;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyunno_transform:
*4882a593Smuzhiyun	if (num_pols == 0)
*4882a593Smuzhiyun		goto nopol;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if ((flags & XFRM_LOOKUP_ICMP) &&
*4882a593Smuzhiyun	    !(pols[0]->flags & XFRM_POLICY_ICMP)) {
*4882a593Smuzhiyun		err = -ENOENT;
*4882a593Smuzhiyun		goto error;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (i = 0; i < num_pols; i++)
*4882a593Smuzhiyun		pols[i]->curlft.use_time = ktime_get_real_seconds();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (num_xfrms < 0) {
*4882a593Smuzhiyun		/* Prohibit the flow */
*4882a593Smuzhiyun		XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTPOLBLOCK);
*4882a593Smuzhiyun		err = -EPERM;
*4882a593Smuzhiyun		goto error;
*4882a593Smuzhiyun	} else if (num_xfrms > 0) {
*4882a593Smuzhiyun		/* Flow transformed */
*4882a593Smuzhiyun		dst_release(dst_orig);
*4882a593Smuzhiyun	} else {
*4882a593Smuzhiyun		/* Flow passes untransformed */
*4882a593Smuzhiyun		dst_release(dst);
*4882a593Smuzhiyun		dst = dst_orig;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyunok:
*4882a593Smuzhiyun	xfrm_pols_put(pols, drop_pols);
*4882a593Smuzhiyun	if (dst && dst->xfrm &&
*4882a593Smuzhiyun	    dst->xfrm->props.mode == XFRM_MODE_TUNNEL)
*4882a593Smuzhiyun		dst->flags |= DST_XFRM_TUNNEL;
*4882a593Smuzhiyun	return dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyunnopol:
*4882a593Smuzhiyun	if (!(flags & XFRM_LOOKUP_ICMP)) {
*4882a593Smuzhiyun		dst = dst_orig;
*4882a593Smuzhiyun		goto ok;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	err = -ENOENT;
*4882a593Smuzhiyunerror:
*4882a593Smuzhiyun	dst_release(dst);
*4882a593Smuzhiyundropdst:
*4882a593Smuzhiyun	if (!(flags & XFRM_LOOKUP_KEEP_DST_REF))
*4882a593Smuzhiyun		dst_release(dst_orig);
*4882a593Smuzhiyun	xfrm_pols_put(pols, drop_pols);
*4882a593Smuzhiyun	return ERR_PTR(err);
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_lookup_with_ifid);
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Main function: finds/creates a bundle for given flow.
*4882a593Smuzhiyun *
*4882a593Smuzhiyun * At the moment we eat a raw IP route. Mostly to speed up lookups
*4882a593Smuzhiyun * on interfaces with disabled IPsec.
*4882a593Smuzhiyun */
*4882a593Smuzhiyunstruct dst_entry *xfrm_lookup(struct net *net, struct dst_entry *dst_orig,
*4882a593Smuzhiyun			      const struct flowi *fl, const struct sock *sk,
*4882a593Smuzhiyun			      int flags)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	return xfrm_lookup_with_ifid(net, dst_orig, fl, sk, flags, 0);
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_lookup);
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Callers of xfrm_lookup_route() must ensure a call to dst_output().
*4882a593Smuzhiyun * Otherwise we may send out blackholed packets.
*4882a593Smuzhiyun */
*4882a593Smuzhiyunstruct dst_entry *xfrm_lookup_route(struct net *net, struct dst_entry *dst_orig,
*4882a593Smuzhiyun				    const struct flowi *fl,
*4882a593Smuzhiyun				    const struct sock *sk, int flags)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct dst_entry *dst = xfrm_lookup(net, dst_orig, fl, sk,
*4882a593Smuzhiyun					    flags | XFRM_LOOKUP_QUEUE |
*4882a593Smuzhiyun					    XFRM_LOOKUP_KEEP_DST_REF);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (PTR_ERR(dst) == -EREMOTE)
*4882a593Smuzhiyun		return make_blackhole(net, dst_orig->ops->family, dst_orig);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (IS_ERR(dst))
*4882a593Smuzhiyun		dst_release(dst_orig);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return dst;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_lookup_route);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline int
*4882a593Smuzhiyunxfrm_secpath_reject(int idx, struct sk_buff *skb, const struct flowi *fl)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct sec_path *sp = skb_sec_path(skb);
*4882a593Smuzhiyun	struct xfrm_state *x;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!sp || idx < 0 || idx >= sp->len)
*4882a593Smuzhiyun		return 0;
*4882a593Smuzhiyun	x = sp->xvec[idx];
*4882a593Smuzhiyun	if (!x->type->reject)
*4882a593Smuzhiyun		return 0;
*4882a593Smuzhiyun	return x->type->reject(x, skb, fl);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* When skb is transformed back to its "native" form, we have to
*4882a593Smuzhiyun * check policy restrictions. At the moment we make this in maximally
*4882a593Smuzhiyun * stupid way. Shame on me. :-) Of course, connected sockets must
*4882a593Smuzhiyun * have policy cached at them.
*4882a593Smuzhiyun */
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline int
*4882a593Smuzhiyunxfrm_state_ok(const struct xfrm_tmpl *tmpl, const struct xfrm_state *x,
*4882a593Smuzhiyun	      unsigned short family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	if (xfrm_state_kern(x))
*4882a593Smuzhiyun		return tmpl->optional && !xfrm_state_addr_cmp(tmpl, x, tmpl->encap_family);
*4882a593Smuzhiyun	return	x->id.proto == tmpl->id.proto &&
*4882a593Smuzhiyun		(x->id.spi == tmpl->id.spi || !tmpl->id.spi) &&
*4882a593Smuzhiyun		(x->props.reqid == tmpl->reqid || !tmpl->reqid) &&
*4882a593Smuzhiyun		x->props.mode == tmpl->mode &&
*4882a593Smuzhiyun		(tmpl->allalgs || (tmpl->aalgos & (1<<x->props.aalgo)) ||
*4882a593Smuzhiyun		 !(xfrm_id_proto_match(tmpl->id.proto, IPSEC_PROTO_ANY))) &&
*4882a593Smuzhiyun		!(x->props.mode != XFRM_MODE_TRANSPORT &&
*4882a593Smuzhiyun		  xfrm_state_addr_cmp(tmpl, x, family));
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun/*
*4882a593Smuzhiyun * 0 or more than 0 is returned when validation is succeeded (either bypass
*4882a593Smuzhiyun * because of optional transport mode, or next index of the mathced secpath
*4882a593Smuzhiyun * state with the template.
*4882a593Smuzhiyun * -1 is returned when no matching template is found.
*4882a593Smuzhiyun * Otherwise "-2 - errored_index" is returned.
*4882a593Smuzhiyun */
*4882a593Smuzhiyunstatic inline int
*4882a593Smuzhiyunxfrm_policy_ok(const struct xfrm_tmpl *tmpl, const struct sec_path *sp, int start,
*4882a593Smuzhiyun	       unsigned short family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	int idx = start;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (tmpl->optional) {
*4882a593Smuzhiyun		if (tmpl->mode == XFRM_MODE_TRANSPORT)
*4882a593Smuzhiyun			return start;
*4882a593Smuzhiyun	} else
*4882a593Smuzhiyun		start = -1;
*4882a593Smuzhiyun	for (; idx < sp->len; idx++) {
*4882a593Smuzhiyun		if (xfrm_state_ok(tmpl, sp->xvec[idx], family))
*4882a593Smuzhiyun			return ++idx;
*4882a593Smuzhiyun		if (sp->xvec[idx]->props.mode != XFRM_MODE_TRANSPORT) {
*4882a593Smuzhiyun			if (start == -1)
*4882a593Smuzhiyun				start = -2-idx;
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	return start;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void
*4882a593Smuzhiyundecode_session4(struct sk_buff *skb, struct flowi *fl, bool reverse)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct iphdr *iph = ip_hdr(skb);
*4882a593Smuzhiyun	int ihl = iph->ihl;
*4882a593Smuzhiyun	u8 *xprth = skb_network_header(skb) + ihl * 4;
*4882a593Smuzhiyun	struct flowi4 *fl4 = &fl->u.ip4;
*4882a593Smuzhiyun	int oif = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (skb_dst(skb) && skb_dst(skb)->dev)
*4882a593Smuzhiyun		oif = skb_dst(skb)->dev->ifindex;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	memset(fl4, 0, sizeof(struct flowi4));
*4882a593Smuzhiyun	fl4->flowi4_mark = skb->mark;
*4882a593Smuzhiyun	fl4->flowi4_oif = reverse ? skb->skb_iif : oif;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	fl4->flowi4_proto = iph->protocol;
*4882a593Smuzhiyun	fl4->daddr = reverse ? iph->saddr : iph->daddr;
*4882a593Smuzhiyun	fl4->saddr = reverse ? iph->daddr : iph->saddr;
*4882a593Smuzhiyun	fl4->flowi4_tos = iph->tos & ~INET_ECN_MASK;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!ip_is_fragment(iph)) {
*4882a593Smuzhiyun		switch (iph->protocol) {
*4882a593Smuzhiyun		case IPPROTO_UDP:
*4882a593Smuzhiyun		case IPPROTO_UDPLITE:
*4882a593Smuzhiyun		case IPPROTO_TCP:
*4882a593Smuzhiyun		case IPPROTO_SCTP:
*4882a593Smuzhiyun		case IPPROTO_DCCP:
*4882a593Smuzhiyun			if (xprth + 4 < skb->data ||
*4882a593Smuzhiyun			    pskb_may_pull(skb, xprth + 4 - skb->data)) {
*4882a593Smuzhiyun				__be16 *ports;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				xprth = skb_network_header(skb) + ihl * 4;
*4882a593Smuzhiyun				ports = (__be16 *)xprth;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				fl4->fl4_sport = ports[!!reverse];
*4882a593Smuzhiyun				fl4->fl4_dport = ports[!reverse];
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		case IPPROTO_ICMP:
*4882a593Smuzhiyun			if (xprth + 2 < skb->data ||
*4882a593Smuzhiyun			    pskb_may_pull(skb, xprth + 2 - skb->data)) {
*4882a593Smuzhiyun				u8 *icmp;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				xprth = skb_network_header(skb) + ihl * 4;
*4882a593Smuzhiyun				icmp = xprth;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				fl4->fl4_icmp_type = icmp[0];
*4882a593Smuzhiyun				fl4->fl4_icmp_code = icmp[1];
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		case IPPROTO_ESP:
*4882a593Smuzhiyun			if (xprth + 4 < skb->data ||
*4882a593Smuzhiyun			    pskb_may_pull(skb, xprth + 4 - skb->data)) {
*4882a593Smuzhiyun				__be32 *ehdr;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				xprth = skb_network_header(skb) + ihl * 4;
*4882a593Smuzhiyun				ehdr = (__be32 *)xprth;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				fl4->fl4_ipsec_spi = ehdr[0];
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		case IPPROTO_AH:
*4882a593Smuzhiyun			if (xprth + 8 < skb->data ||
*4882a593Smuzhiyun			    pskb_may_pull(skb, xprth + 8 - skb->data)) {
*4882a593Smuzhiyun				__be32 *ah_hdr;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				xprth = skb_network_header(skb) + ihl * 4;
*4882a593Smuzhiyun				ah_hdr = (__be32 *)xprth;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				fl4->fl4_ipsec_spi = ah_hdr[1];
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		case IPPROTO_COMP:
*4882a593Smuzhiyun			if (xprth + 4 < skb->data ||
*4882a593Smuzhiyun			    pskb_may_pull(skb, xprth + 4 - skb->data)) {
*4882a593Smuzhiyun				__be16 *ipcomp_hdr;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				xprth = skb_network_header(skb) + ihl * 4;
*4882a593Smuzhiyun				ipcomp_hdr = (__be16 *)xprth;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				fl4->fl4_ipsec_spi = htonl(ntohs(ipcomp_hdr[1]));
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		case IPPROTO_GRE:
*4882a593Smuzhiyun			if (xprth + 12 < skb->data ||
*4882a593Smuzhiyun			    pskb_may_pull(skb, xprth + 12 - skb->data)) {
*4882a593Smuzhiyun				__be16 *greflags;
*4882a593Smuzhiyun				__be32 *gre_hdr;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				xprth = skb_network_header(skb) + ihl * 4;
*4882a593Smuzhiyun				greflags = (__be16 *)xprth;
*4882a593Smuzhiyun				gre_hdr = (__be32 *)xprth;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				if (greflags[0] & GRE_KEY) {
*4882a593Smuzhiyun					if (greflags[0] & GRE_CSUM)
*4882a593Smuzhiyun						gre_hdr++;
*4882a593Smuzhiyun					fl4->fl4_gre_key = gre_hdr[1];
*4882a593Smuzhiyun				}
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		default:
*4882a593Smuzhiyun			fl4->fl4_ipsec_spi = 0;
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun#if IS_ENABLED(CONFIG_IPV6)
*4882a593Smuzhiyunstatic void
*4882a593Smuzhiyundecode_session6(struct sk_buff *skb, struct flowi *fl, bool reverse)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct flowi6 *fl6 = &fl->u.ip6;
*4882a593Smuzhiyun	int onlyproto = 0;
*4882a593Smuzhiyun	const struct ipv6hdr *hdr = ipv6_hdr(skb);
*4882a593Smuzhiyun	u32 offset = sizeof(*hdr);
*4882a593Smuzhiyun	struct ipv6_opt_hdr *exthdr;
*4882a593Smuzhiyun	const unsigned char *nh = skb_network_header(skb);
*4882a593Smuzhiyun	u16 nhoff = IP6CB(skb)->nhoff;
*4882a593Smuzhiyun	int oif = 0;
*4882a593Smuzhiyun	u8 nexthdr;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!nhoff)
*4882a593Smuzhiyun		nhoff = offsetof(struct ipv6hdr, nexthdr);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	nexthdr = nh[nhoff];
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (skb_dst(skb) && skb_dst(skb)->dev)
*4882a593Smuzhiyun		oif = skb_dst(skb)->dev->ifindex;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	memset(fl6, 0, sizeof(struct flowi6));
*4882a593Smuzhiyun	fl6->flowi6_mark = skb->mark;
*4882a593Smuzhiyun	fl6->flowi6_oif = reverse ? skb->skb_iif : oif;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	fl6->daddr = reverse ? hdr->saddr : hdr->daddr;
*4882a593Smuzhiyun	fl6->saddr = reverse ? hdr->daddr : hdr->saddr;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	while (nh + offset + sizeof(*exthdr) < skb->data ||
*4882a593Smuzhiyun	       pskb_may_pull(skb, nh + offset + sizeof(*exthdr) - skb->data)) {
*4882a593Smuzhiyun		nh = skb_network_header(skb);
*4882a593Smuzhiyun		exthdr = (struct ipv6_opt_hdr *)(nh + offset);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		switch (nexthdr) {
*4882a593Smuzhiyun		case NEXTHDR_FRAGMENT:
*4882a593Smuzhiyun			onlyproto = 1;
*4882a593Smuzhiyun			fallthrough;
*4882a593Smuzhiyun		case NEXTHDR_ROUTING:
*4882a593Smuzhiyun		case NEXTHDR_HOP:
*4882a593Smuzhiyun		case NEXTHDR_DEST:
*4882a593Smuzhiyun			offset += ipv6_optlen(exthdr);
*4882a593Smuzhiyun			nexthdr = exthdr->nexthdr;
*4882a593Smuzhiyun			exthdr = (struct ipv6_opt_hdr *)(nh + offset);
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		case IPPROTO_UDP:
*4882a593Smuzhiyun		case IPPROTO_UDPLITE:
*4882a593Smuzhiyun		case IPPROTO_TCP:
*4882a593Smuzhiyun		case IPPROTO_SCTP:
*4882a593Smuzhiyun		case IPPROTO_DCCP:
*4882a593Smuzhiyun			if (!onlyproto && (nh + offset + 4 < skb->data ||
*4882a593Smuzhiyun			     pskb_may_pull(skb, nh + offset + 4 - skb->data))) {
*4882a593Smuzhiyun				__be16 *ports;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				nh = skb_network_header(skb);
*4882a593Smuzhiyun				ports = (__be16 *)(nh + offset);
*4882a593Smuzhiyun				fl6->fl6_sport = ports[!!reverse];
*4882a593Smuzhiyun				fl6->fl6_dport = ports[!reverse];
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			fl6->flowi6_proto = nexthdr;
*4882a593Smuzhiyun			return;
*4882a593Smuzhiyun		case IPPROTO_ICMPV6:
*4882a593Smuzhiyun			if (!onlyproto && (nh + offset + 2 < skb->data ||
*4882a593Smuzhiyun			    pskb_may_pull(skb, nh + offset + 2 - skb->data))) {
*4882a593Smuzhiyun				u8 *icmp;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				nh = skb_network_header(skb);
*4882a593Smuzhiyun				icmp = (u8 *)(nh + offset);
*4882a593Smuzhiyun				fl6->fl6_icmp_type = icmp[0];
*4882a593Smuzhiyun				fl6->fl6_icmp_code = icmp[1];
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			fl6->flowi6_proto = nexthdr;
*4882a593Smuzhiyun			return;
*4882a593Smuzhiyun		case IPPROTO_GRE:
*4882a593Smuzhiyun			if (!onlyproto &&
*4882a593Smuzhiyun			    (nh + offset + 12 < skb->data ||
*4882a593Smuzhiyun			     pskb_may_pull(skb, nh + offset + 12 - skb->data))) {
*4882a593Smuzhiyun				struct gre_base_hdr *gre_hdr;
*4882a593Smuzhiyun				__be32 *gre_key;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				nh = skb_network_header(skb);
*4882a593Smuzhiyun				gre_hdr = (struct gre_base_hdr *)(nh + offset);
*4882a593Smuzhiyun				gre_key = (__be32 *)(gre_hdr + 1);
*4882a593Smuzhiyun
*4882a593Smuzhiyun				if (gre_hdr->flags & GRE_KEY) {
*4882a593Smuzhiyun					if (gre_hdr->flags & GRE_CSUM)
*4882a593Smuzhiyun						gre_key++;
*4882a593Smuzhiyun					fl6->fl6_gre_key = *gre_key;
*4882a593Smuzhiyun				}
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			fl6->flowi6_proto = nexthdr;
*4882a593Smuzhiyun			return;
*4882a593Smuzhiyun
*4882a593Smuzhiyun#if IS_ENABLED(CONFIG_IPV6_MIP6)
*4882a593Smuzhiyun		case IPPROTO_MH:
*4882a593Smuzhiyun			offset += ipv6_optlen(exthdr);
*4882a593Smuzhiyun			if (!onlyproto && (nh + offset + 3 < skb->data ||
*4882a593Smuzhiyun			    pskb_may_pull(skb, nh + offset + 3 - skb->data))) {
*4882a593Smuzhiyun				struct ip6_mh *mh;
*4882a593Smuzhiyun
*4882a593Smuzhiyun				nh = skb_network_header(skb);
*4882a593Smuzhiyun				mh = (struct ip6_mh *)(nh + offset);
*4882a593Smuzhiyun				fl6->fl6_mh_type = mh->ip6mh_type;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			fl6->flowi6_proto = nexthdr;
*4882a593Smuzhiyun			return;
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun		/* XXX Why are there these headers? */
*4882a593Smuzhiyun		case IPPROTO_AH:
*4882a593Smuzhiyun		case IPPROTO_ESP:
*4882a593Smuzhiyun		case IPPROTO_COMP:
*4882a593Smuzhiyun		default:
*4882a593Smuzhiyun			fl6->fl6_ipsec_spi = 0;
*4882a593Smuzhiyun			fl6->flowi6_proto = nexthdr;
*4882a593Smuzhiyun			return;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun
*4882a593Smuzhiyunint __xfrm_decode_session(struct sk_buff *skb, struct flowi *fl,
*4882a593Smuzhiyun			  unsigned int family, int reverse)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	switch (family) {
*4882a593Smuzhiyun	case AF_INET:
*4882a593Smuzhiyun		decode_session4(skb, fl, reverse);
*4882a593Smuzhiyun		break;
*4882a593Smuzhiyun#if IS_ENABLED(CONFIG_IPV6)
*4882a593Smuzhiyun	case AF_INET6:
*4882a593Smuzhiyun		decode_session6(skb, fl, reverse);
*4882a593Smuzhiyun		break;
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun	default:
*4882a593Smuzhiyun		return -EAFNOSUPPORT;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return security_xfrm_decode_session(skb, &fl->flowi_secid);
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(__xfrm_decode_session);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic inline int secpath_has_nontransport(const struct sec_path *sp, int k, int *idxp)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	for (; k < sp->len; k++) {
*4882a593Smuzhiyun		if (sp->xvec[k]->props.mode != XFRM_MODE_TRANSPORT) {
*4882a593Smuzhiyun			*idxp = k;
*4882a593Smuzhiyun			return 1;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunint __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
*4882a593Smuzhiyun			unsigned short family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = dev_net(skb->dev);
*4882a593Smuzhiyun	struct xfrm_policy *pol;
*4882a593Smuzhiyun	struct xfrm_policy *pols[XFRM_POLICY_TYPE_MAX];
*4882a593Smuzhiyun	int npols = 0;
*4882a593Smuzhiyun	int xfrm_nr;
*4882a593Smuzhiyun	int pi;
*4882a593Smuzhiyun	int reverse;
*4882a593Smuzhiyun	struct flowi fl;
*4882a593Smuzhiyun	int xerr_idx = -1;
*4882a593Smuzhiyun	const struct xfrm_if_cb *ifcb;
*4882a593Smuzhiyun	struct sec_path *sp;
*4882a593Smuzhiyun	struct xfrm_if *xi;
*4882a593Smuzhiyun	u32 if_id = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	rcu_read_lock();
*4882a593Smuzhiyun	ifcb = xfrm_if_get_cb();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (ifcb) {
*4882a593Smuzhiyun		xi = ifcb->decode_session(skb, family);
*4882a593Smuzhiyun		if (xi) {
*4882a593Smuzhiyun			if_id = xi->p.if_id;
*4882a593Smuzhiyun			net = xi->net;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	rcu_read_unlock();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	reverse = dir & ~XFRM_POLICY_MASK;
*4882a593Smuzhiyun	dir &= XFRM_POLICY_MASK;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (__xfrm_decode_session(skb, &fl, family, reverse) < 0) {
*4882a593Smuzhiyun		XFRM_INC_STATS(net, LINUX_MIB_XFRMINHDRERROR);
*4882a593Smuzhiyun		return 0;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	nf_nat_decode_session(skb, &fl, family);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* First, check used SA against their selectors. */
*4882a593Smuzhiyun	sp = skb_sec_path(skb);
*4882a593Smuzhiyun	if (sp) {
*4882a593Smuzhiyun		int i;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		for (i = sp->len - 1; i >= 0; i--) {
*4882a593Smuzhiyun			struct xfrm_state *x = sp->xvec[i];
*4882a593Smuzhiyun			if (!xfrm_selector_match(&x->sel, &fl, family)) {
*4882a593Smuzhiyun				XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEMISMATCH);
*4882a593Smuzhiyun				return 0;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	pol = NULL;
*4882a593Smuzhiyun	sk = sk_to_full_sk(sk);
*4882a593Smuzhiyun	if (sk && sk->sk_policy[dir]) {
*4882a593Smuzhiyun		pol = xfrm_sk_policy_lookup(sk, dir, &fl, family, if_id);
*4882a593Smuzhiyun		if (IS_ERR(pol)) {
*4882a593Smuzhiyun			XFRM_INC_STATS(net, LINUX_MIB_XFRMINPOLERROR);
*4882a593Smuzhiyun			return 0;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!pol)
*4882a593Smuzhiyun		pol = xfrm_policy_lookup(net, &fl, family, dir, if_id);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (IS_ERR(pol)) {
*4882a593Smuzhiyun		XFRM_INC_STATS(net, LINUX_MIB_XFRMINPOLERROR);
*4882a593Smuzhiyun		return 0;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!pol) {
*4882a593Smuzhiyun		if (sp && secpath_has_nontransport(sp, 0, &xerr_idx)) {
*4882a593Smuzhiyun			xfrm_secpath_reject(xerr_idx, skb, &fl);
*4882a593Smuzhiyun			XFRM_INC_STATS(net, LINUX_MIB_XFRMINNOPOLS);
*4882a593Smuzhiyun			return 0;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		return 1;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	pol->curlft.use_time = ktime_get_real_seconds();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	pols[0] = pol;
*4882a593Smuzhiyun	npols++;
*4882a593Smuzhiyun#ifdef CONFIG_XFRM_SUB_POLICY
*4882a593Smuzhiyun	if (pols[0]->type != XFRM_POLICY_TYPE_MAIN) {
*4882a593Smuzhiyun		pols[1] = xfrm_policy_lookup_bytype(net, XFRM_POLICY_TYPE_MAIN,
*4882a593Smuzhiyun						    &fl, family,
*4882a593Smuzhiyun						    XFRM_POLICY_IN, if_id);
*4882a593Smuzhiyun		if (pols[1]) {
*4882a593Smuzhiyun			if (IS_ERR(pols[1])) {
*4882a593Smuzhiyun				XFRM_INC_STATS(net, LINUX_MIB_XFRMINPOLERROR);
*4882a593Smuzhiyun				xfrm_pol_put(pols[0]);
*4882a593Smuzhiyun				return 0;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			pols[1]->curlft.use_time = ktime_get_real_seconds();
*4882a593Smuzhiyun			npols++;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (pol->action == XFRM_POLICY_ALLOW) {
*4882a593Smuzhiyun		static struct sec_path dummy;
*4882a593Smuzhiyun		struct xfrm_tmpl *tp[XFRM_MAX_DEPTH];
*4882a593Smuzhiyun		struct xfrm_tmpl *stp[XFRM_MAX_DEPTH];
*4882a593Smuzhiyun		struct xfrm_tmpl **tpp = tp;
*4882a593Smuzhiyun		int ti = 0;
*4882a593Smuzhiyun		int i, k;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		sp = skb_sec_path(skb);
*4882a593Smuzhiyun		if (!sp)
*4882a593Smuzhiyun			sp = &dummy;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		for (pi = 0; pi < npols; pi++) {
*4882a593Smuzhiyun			if (pols[pi] != pol &&
*4882a593Smuzhiyun			    pols[pi]->action != XFRM_POLICY_ALLOW) {
*4882a593Smuzhiyun				XFRM_INC_STATS(net, LINUX_MIB_XFRMINPOLBLOCK);
*4882a593Smuzhiyun				goto reject;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			if (ti + pols[pi]->xfrm_nr >= XFRM_MAX_DEPTH) {
*4882a593Smuzhiyun				XFRM_INC_STATS(net, LINUX_MIB_XFRMINBUFFERERROR);
*4882a593Smuzhiyun				goto reject_error;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			for (i = 0; i < pols[pi]->xfrm_nr; i++)
*4882a593Smuzhiyun				tpp[ti++] = &pols[pi]->xfrm_vec[i];
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun		xfrm_nr = ti;
*4882a593Smuzhiyun		if (npols > 1) {
*4882a593Smuzhiyun			xfrm_tmpl_sort(stp, tpp, xfrm_nr, family);
*4882a593Smuzhiyun			tpp = stp;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		/* For each tunnel xfrm, find the first matching tmpl.
*4882a593Smuzhiyun		 * For each tmpl before that, find corresponding xfrm.
*4882a593Smuzhiyun		 * Order is _important_. Later we will implement
*4882a593Smuzhiyun		 * some barriers, but at the moment barriers
*4882a593Smuzhiyun		 * are implied between each two transformations.
*4882a593Smuzhiyun		 */
*4882a593Smuzhiyun		for (i = xfrm_nr-1, k = 0; i >= 0; i--) {
*4882a593Smuzhiyun			k = xfrm_policy_ok(tpp[i], sp, k, family);
*4882a593Smuzhiyun			if (k < 0) {
*4882a593Smuzhiyun				if (k < -1)
*4882a593Smuzhiyun					/* "-2 - errored_index" returned */
*4882a593Smuzhiyun					xerr_idx = -(2+k);
*4882a593Smuzhiyun				XFRM_INC_STATS(net, LINUX_MIB_XFRMINTMPLMISMATCH);
*4882a593Smuzhiyun				goto reject;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (secpath_has_nontransport(sp, k, &xerr_idx)) {
*4882a593Smuzhiyun			XFRM_INC_STATS(net, LINUX_MIB_XFRMINTMPLMISMATCH);
*4882a593Smuzhiyun			goto reject;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		xfrm_pols_put(pols, npols);
*4882a593Smuzhiyun		return 1;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	XFRM_INC_STATS(net, LINUX_MIB_XFRMINPOLBLOCK);
*4882a593Smuzhiyun
*4882a593Smuzhiyunreject:
*4882a593Smuzhiyun	xfrm_secpath_reject(xerr_idx, skb, &fl);
*4882a593Smuzhiyunreject_error:
*4882a593Smuzhiyun	xfrm_pols_put(pols, npols);
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(__xfrm_policy_check);
*4882a593Smuzhiyun
*4882a593Smuzhiyunint __xfrm_route_forward(struct sk_buff *skb, unsigned short family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct net *net = dev_net(skb->dev);
*4882a593Smuzhiyun	struct flowi fl;
*4882a593Smuzhiyun	struct dst_entry *dst;
*4882a593Smuzhiyun	int res = 1;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (xfrm_decode_session(skb, &fl, family) < 0) {
*4882a593Smuzhiyun		XFRM_INC_STATS(net, LINUX_MIB_XFRMFWDHDRERROR);
*4882a593Smuzhiyun		return 0;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	skb_dst_force(skb);
*4882a593Smuzhiyun	if (!skb_dst(skb)) {
*4882a593Smuzhiyun		XFRM_INC_STATS(net, LINUX_MIB_XFRMFWDHDRERROR);
*4882a593Smuzhiyun		return 0;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst = xfrm_lookup(net, skb_dst(skb), &fl, NULL, XFRM_LOOKUP_QUEUE);
*4882a593Smuzhiyun	if (IS_ERR(dst)) {
*4882a593Smuzhiyun		res = 0;
*4882a593Smuzhiyun		dst = NULL;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	skb_dst_set(skb, dst);
*4882a593Smuzhiyun	return res;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(__xfrm_route_forward);
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Optimize later using cookies and generation ids. */
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct dst_entry *xfrm_dst_check(struct dst_entry *dst, u32 cookie)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	/* Code (such as __xfrm4_bundle_create()) sets dst->obsolete
*4882a593Smuzhiyun	 * to DST_OBSOLETE_FORCE_CHK to force all XFRM destinations to
*4882a593Smuzhiyun	 * get validated by dst_ops->check on every use.  We do this
*4882a593Smuzhiyun	 * because when a normal route referenced by an XFRM dst is
*4882a593Smuzhiyun	 * obsoleted we do not go looking around for all parent
*4882a593Smuzhiyun	 * referencing XFRM dsts so that we can invalidate them.  It
*4882a593Smuzhiyun	 * is just too much work.  Instead we make the checks here on
*4882a593Smuzhiyun	 * every use.  For example:
*4882a593Smuzhiyun	 *
*4882a593Smuzhiyun	 *	XFRM dst A --> IPv4 dst X
*4882a593Smuzhiyun	 *
*4882a593Smuzhiyun	 * X is the "xdst->route" of A (X is also the "dst->path" of A
*4882a593Smuzhiyun	 * in this example).  If X is marked obsolete, "A" will not
*4882a593Smuzhiyun	 * notice.  That's what we are validating here via the
*4882a593Smuzhiyun	 * stale_bundle() check.
*4882a593Smuzhiyun	 *
*4882a593Smuzhiyun	 * When a dst is removed from the fib tree, DST_OBSOLETE_DEAD will
*4882a593Smuzhiyun	 * be marked on it.
*4882a593Smuzhiyun	 * This will force stale_bundle() to fail on any xdst bundle with
*4882a593Smuzhiyun	 * this dst linked in it.
*4882a593Smuzhiyun	 */
*4882a593Smuzhiyun	if (dst->obsolete < 0 && !stale_bundle(dst))
*4882a593Smuzhiyun		return dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return NULL;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int stale_bundle(struct dst_entry *dst)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	return !xfrm_bundle_ok((struct xfrm_dst *)dst);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunvoid xfrm_dst_ifdown(struct dst_entry *dst, struct net_device *dev)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	while ((dst = xfrm_dst_child(dst)) && dst->xfrm && dst->dev == dev) {
*4882a593Smuzhiyun		dst->dev = dev_net(dev)->loopback_dev;
*4882a593Smuzhiyun		dev_hold(dst->dev);
*4882a593Smuzhiyun		dev_put(dev);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_dst_ifdown);
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_link_failure(struct sk_buff *skb)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	/* Impossible. Such dst must be popped before reaches point of failure. */
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct dst_entry *xfrm_negative_advice(struct dst_entry *dst)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	if (dst) {
*4882a593Smuzhiyun		if (dst->obsolete) {
*4882a593Smuzhiyun			dst_release(dst);
*4882a593Smuzhiyun			dst = NULL;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	return dst;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_init_pmtu(struct xfrm_dst **bundle, int nr)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	while (nr--) {
*4882a593Smuzhiyun		struct xfrm_dst *xdst = bundle[nr];
*4882a593Smuzhiyun		u32 pmtu, route_mtu_cached;
*4882a593Smuzhiyun		struct dst_entry *dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		dst = &xdst->u.dst;
*4882a593Smuzhiyun		pmtu = dst_mtu(xfrm_dst_child(dst));
*4882a593Smuzhiyun		xdst->child_mtu_cached = pmtu;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		pmtu = xfrm_state_mtu(dst->xfrm, pmtu);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		route_mtu_cached = dst_mtu(xdst->route);
*4882a593Smuzhiyun		xdst->route_mtu_cached = route_mtu_cached;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (pmtu > route_mtu_cached)
*4882a593Smuzhiyun			pmtu = route_mtu_cached;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		dst_metric_set(dst, RTAX_MTU, pmtu);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* Check that the bundle accepts the flow and its components are
*4882a593Smuzhiyun * still valid.
*4882a593Smuzhiyun */
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int xfrm_bundle_ok(struct xfrm_dst *first)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_dst *bundle[XFRM_MAX_DEPTH];
*4882a593Smuzhiyun	struct dst_entry *dst = &first->u.dst;
*4882a593Smuzhiyun	struct xfrm_dst *xdst;
*4882a593Smuzhiyun	int start_from, nr;
*4882a593Smuzhiyun	u32 mtu;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!dst_check(xfrm_dst_path(dst), ((struct xfrm_dst *)dst)->path_cookie) ||
*4882a593Smuzhiyun	    (dst->dev && !netif_running(dst->dev)))
*4882a593Smuzhiyun		return 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (dst->flags & DST_XFRM_QUEUE)
*4882a593Smuzhiyun		return 1;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	start_from = nr = 0;
*4882a593Smuzhiyun	do {
*4882a593Smuzhiyun		struct xfrm_dst *xdst = (struct xfrm_dst *)dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (dst->xfrm->km.state != XFRM_STATE_VALID)
*4882a593Smuzhiyun			return 0;
*4882a593Smuzhiyun		if (xdst->xfrm_genid != dst->xfrm->genid)
*4882a593Smuzhiyun			return 0;
*4882a593Smuzhiyun		if (xdst->num_pols > 0 &&
*4882a593Smuzhiyun		    xdst->policy_genid != atomic_read(&xdst->pols[0]->genid))
*4882a593Smuzhiyun			return 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		bundle[nr++] = xdst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		mtu = dst_mtu(xfrm_dst_child(dst));
*4882a593Smuzhiyun		if (xdst->child_mtu_cached != mtu) {
*4882a593Smuzhiyun			start_from = nr;
*4882a593Smuzhiyun			xdst->child_mtu_cached = mtu;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (!dst_check(xdst->route, xdst->route_cookie))
*4882a593Smuzhiyun			return 0;
*4882a593Smuzhiyun		mtu = dst_mtu(xdst->route);
*4882a593Smuzhiyun		if (xdst->route_mtu_cached != mtu) {
*4882a593Smuzhiyun			start_from = nr;
*4882a593Smuzhiyun			xdst->route_mtu_cached = mtu;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun
*4882a593Smuzhiyun		dst = xfrm_dst_child(dst);
*4882a593Smuzhiyun	} while (dst->xfrm);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (likely(!start_from))
*4882a593Smuzhiyun		return 1;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xdst = bundle[start_from - 1];
*4882a593Smuzhiyun	mtu = xdst->child_mtu_cached;
*4882a593Smuzhiyun	while (start_from--) {
*4882a593Smuzhiyun		dst = &xdst->u.dst;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		mtu = xfrm_state_mtu(dst->xfrm, mtu);
*4882a593Smuzhiyun		if (mtu > xdst->route_mtu_cached)
*4882a593Smuzhiyun			mtu = xdst->route_mtu_cached;
*4882a593Smuzhiyun		dst_metric_set(dst, RTAX_MTU, mtu);
*4882a593Smuzhiyun		if (!start_from)
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		xdst = bundle[start_from - 1];
*4882a593Smuzhiyun		xdst->child_mtu_cached = mtu;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 1;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic unsigned int xfrm_default_advmss(const struct dst_entry *dst)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	return dst_metric_advmss(xfrm_dst_path(dst));
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic unsigned int xfrm_mtu(const struct dst_entry *dst)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return mtu ? : dst_mtu(xfrm_dst_path(dst));
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic const void *xfrm_get_dst_nexthop(const struct dst_entry *dst,
*4882a593Smuzhiyun					const void *daddr)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	while (dst->xfrm) {
*4882a593Smuzhiyun		const struct xfrm_state *xfrm = dst->xfrm;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		dst = xfrm_dst_child(dst);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if (xfrm->props.mode == XFRM_MODE_TRANSPORT)
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		if (xfrm->type->flags & XFRM_TYPE_REMOTE_COADDR)
*4882a593Smuzhiyun			daddr = xfrm->coaddr;
*4882a593Smuzhiyun		else if (!(xfrm->type->flags & XFRM_TYPE_LOCAL_COADDR))
*4882a593Smuzhiyun			daddr = &xfrm->id.daddr;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	return daddr;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct neighbour *xfrm_neigh_lookup(const struct dst_entry *dst,
*4882a593Smuzhiyun					   struct sk_buff *skb,
*4882a593Smuzhiyun					   const void *daddr)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct dst_entry *path = xfrm_dst_path(dst);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!skb)
*4882a593Smuzhiyun		daddr = xfrm_get_dst_nexthop(dst, daddr);
*4882a593Smuzhiyun	return path->ops->neigh_lookup(path, skb, daddr);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_confirm_neigh(const struct dst_entry *dst, const void *daddr)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	const struct dst_entry *path = xfrm_dst_path(dst);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	daddr = xfrm_get_dst_nexthop(dst, daddr);
*4882a593Smuzhiyun	path->ops->confirm_neigh(path, daddr);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunint xfrm_policy_register_afinfo(const struct xfrm_policy_afinfo *afinfo, int family)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	int err = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (WARN_ON(family >= ARRAY_SIZE(xfrm_policy_afinfo)))
*4882a593Smuzhiyun		return -EAFNOSUPPORT;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock(&xfrm_policy_afinfo_lock);
*4882a593Smuzhiyun	if (unlikely(xfrm_policy_afinfo[family] != NULL))
*4882a593Smuzhiyun		err = -EEXIST;
*4882a593Smuzhiyun	else {
*4882a593Smuzhiyun		struct dst_ops *dst_ops = afinfo->dst_ops;
*4882a593Smuzhiyun		if (likely(dst_ops->kmem_cachep == NULL))
*4882a593Smuzhiyun			dst_ops->kmem_cachep = xfrm_dst_cache;
*4882a593Smuzhiyun		if (likely(dst_ops->check == NULL))
*4882a593Smuzhiyun			dst_ops->check = xfrm_dst_check;
*4882a593Smuzhiyun		if (likely(dst_ops->default_advmss == NULL))
*4882a593Smuzhiyun			dst_ops->default_advmss = xfrm_default_advmss;
*4882a593Smuzhiyun		if (likely(dst_ops->mtu == NULL))
*4882a593Smuzhiyun			dst_ops->mtu = xfrm_mtu;
*4882a593Smuzhiyun		if (likely(dst_ops->negative_advice == NULL))
*4882a593Smuzhiyun			dst_ops->negative_advice = xfrm_negative_advice;
*4882a593Smuzhiyun		if (likely(dst_ops->link_failure == NULL))
*4882a593Smuzhiyun			dst_ops->link_failure = xfrm_link_failure;
*4882a593Smuzhiyun		if (likely(dst_ops->neigh_lookup == NULL))
*4882a593Smuzhiyun			dst_ops->neigh_lookup = xfrm_neigh_lookup;
*4882a593Smuzhiyun		if (likely(!dst_ops->confirm_neigh))
*4882a593Smuzhiyun			dst_ops->confirm_neigh = xfrm_confirm_neigh;
*4882a593Smuzhiyun		rcu_assign_pointer(xfrm_policy_afinfo[family], afinfo);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	spin_unlock(&xfrm_policy_afinfo_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return err;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_register_afinfo);
*4882a593Smuzhiyun
*4882a593Smuzhiyunvoid xfrm_policy_unregister_afinfo(const struct xfrm_policy_afinfo *afinfo)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct dst_ops *dst_ops = afinfo->dst_ops;
*4882a593Smuzhiyun	int i;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (i = 0; i < ARRAY_SIZE(xfrm_policy_afinfo); i++) {
*4882a593Smuzhiyun		if (xfrm_policy_afinfo[i] != afinfo)
*4882a593Smuzhiyun			continue;
*4882a593Smuzhiyun		RCU_INIT_POINTER(xfrm_policy_afinfo[i], NULL);
*4882a593Smuzhiyun		break;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	synchronize_rcu();
*4882a593Smuzhiyun
*4882a593Smuzhiyun	dst_ops->kmem_cachep = NULL;
*4882a593Smuzhiyun	dst_ops->check = NULL;
*4882a593Smuzhiyun	dst_ops->negative_advice = NULL;
*4882a593Smuzhiyun	dst_ops->link_failure = NULL;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_policy_unregister_afinfo);
*4882a593Smuzhiyun
*4882a593Smuzhiyunvoid xfrm_if_register_cb(const struct xfrm_if_cb *ifcb)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	spin_lock(&xfrm_if_cb_lock);
*4882a593Smuzhiyun	rcu_assign_pointer(xfrm_if_cb, ifcb);
*4882a593Smuzhiyun	spin_unlock(&xfrm_if_cb_lock);
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_if_register_cb);
*4882a593Smuzhiyun
*4882a593Smuzhiyunvoid xfrm_if_unregister_cb(void)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	RCU_INIT_POINTER(xfrm_if_cb, NULL);
*4882a593Smuzhiyun	synchronize_rcu();
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_if_unregister_cb);
*4882a593Smuzhiyun
*4882a593Smuzhiyun#ifdef CONFIG_XFRM_STATISTICS
*4882a593Smuzhiyunstatic int __net_init xfrm_statistics_init(struct net *net)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	int rv;
*4882a593Smuzhiyun	net->mib.xfrm_statistics = alloc_percpu(struct linux_xfrm_mib);
*4882a593Smuzhiyun	if (!net->mib.xfrm_statistics)
*4882a593Smuzhiyun		return -ENOMEM;
*4882a593Smuzhiyun	rv = xfrm_proc_init(net);
*4882a593Smuzhiyun	if (rv < 0)
*4882a593Smuzhiyun		free_percpu(net->mib.xfrm_statistics);
*4882a593Smuzhiyun	return rv;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_statistics_fini(struct net *net)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	xfrm_proc_fini(net);
*4882a593Smuzhiyun	free_percpu(net->mib.xfrm_statistics);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun#else
*4882a593Smuzhiyunstatic int __net_init xfrm_statistics_init(struct net *net)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_statistics_fini(struct net *net)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun}
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int __net_init xfrm_policy_init(struct net *net)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	unsigned int hmask, sz;
*4882a593Smuzhiyun	int dir, err;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (net_eq(net, &init_net)) {
*4882a593Smuzhiyun		xfrm_dst_cache = kmem_cache_create("xfrm_dst_cache",
*4882a593Smuzhiyun					   sizeof(struct xfrm_dst),
*4882a593Smuzhiyun					   0, SLAB_HWCACHE_ALIGN|SLAB_PANIC,
*4882a593Smuzhiyun					   NULL);
*4882a593Smuzhiyun		err = rhashtable_init(&xfrm_policy_inexact_table,
*4882a593Smuzhiyun				      &xfrm_pol_inexact_params);
*4882a593Smuzhiyun		BUG_ON(err);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	hmask = 8 - 1;
*4882a593Smuzhiyun	sz = (hmask+1) * sizeof(struct hlist_head);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	net->xfrm.policy_byidx = xfrm_hash_alloc(sz);
*4882a593Smuzhiyun	if (!net->xfrm.policy_byidx)
*4882a593Smuzhiyun		goto out_byidx;
*4882a593Smuzhiyun	net->xfrm.policy_idx_hmask = hmask;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (dir = 0; dir < XFRM_POLICY_MAX; dir++) {
*4882a593Smuzhiyun		struct xfrm_policy_hash *htab;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		net->xfrm.policy_count[dir] = 0;
*4882a593Smuzhiyun		net->xfrm.policy_count[XFRM_POLICY_MAX + dir] = 0;
*4882a593Smuzhiyun		INIT_HLIST_HEAD(&net->xfrm.policy_inexact[dir]);
*4882a593Smuzhiyun
*4882a593Smuzhiyun		htab = &net->xfrm.policy_bydst[dir];
*4882a593Smuzhiyun		htab->table = xfrm_hash_alloc(sz);
*4882a593Smuzhiyun		if (!htab->table)
*4882a593Smuzhiyun			goto out_bydst;
*4882a593Smuzhiyun		htab->hmask = hmask;
*4882a593Smuzhiyun		htab->dbits4 = 32;
*4882a593Smuzhiyun		htab->sbits4 = 32;
*4882a593Smuzhiyun		htab->dbits6 = 128;
*4882a593Smuzhiyun		htab->sbits6 = 128;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	net->xfrm.policy_hthresh.lbits4 = 32;
*4882a593Smuzhiyun	net->xfrm.policy_hthresh.rbits4 = 32;
*4882a593Smuzhiyun	net->xfrm.policy_hthresh.lbits6 = 128;
*4882a593Smuzhiyun	net->xfrm.policy_hthresh.rbits6 = 128;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	seqlock_init(&net->xfrm.policy_hthresh.lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	INIT_LIST_HEAD(&net->xfrm.policy_all);
*4882a593Smuzhiyun	INIT_LIST_HEAD(&net->xfrm.inexact_bins);
*4882a593Smuzhiyun	INIT_WORK(&net->xfrm.policy_hash_work, xfrm_hash_resize);
*4882a593Smuzhiyun	INIT_WORK(&net->xfrm.policy_hthresh.work, xfrm_hash_rebuild);
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyunout_bydst:
*4882a593Smuzhiyun	for (dir--; dir >= 0; dir--) {
*4882a593Smuzhiyun		struct xfrm_policy_hash *htab;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		htab = &net->xfrm.policy_bydst[dir];
*4882a593Smuzhiyun		xfrm_hash_free(htab->table, sz);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	xfrm_hash_free(net->xfrm.policy_byidx, sz);
*4882a593Smuzhiyunout_byidx:
*4882a593Smuzhiyun	return -ENOMEM;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void xfrm_policy_fini(struct net *net)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_pol_inexact_bin *b, *t;
*4882a593Smuzhiyun	unsigned int sz;
*4882a593Smuzhiyun	int dir;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	flush_work(&net->xfrm.policy_hash_work);
*4882a593Smuzhiyun#ifdef CONFIG_XFRM_SUB_POLICY
*4882a593Smuzhiyun	xfrm_policy_flush(net, XFRM_POLICY_TYPE_SUB, false);
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun	xfrm_policy_flush(net, XFRM_POLICY_TYPE_MAIN, false);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	WARN_ON(!list_empty(&net->xfrm.policy_all));
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (dir = 0; dir < XFRM_POLICY_MAX; dir++) {
*4882a593Smuzhiyun		struct xfrm_policy_hash *htab;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		WARN_ON(!hlist_empty(&net->xfrm.policy_inexact[dir]));
*4882a593Smuzhiyun
*4882a593Smuzhiyun		htab = &net->xfrm.policy_bydst[dir];
*4882a593Smuzhiyun		sz = (htab->hmask + 1) * sizeof(struct hlist_head);
*4882a593Smuzhiyun		WARN_ON(!hlist_empty(htab->table));
*4882a593Smuzhiyun		xfrm_hash_free(htab->table, sz);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	sz = (net->xfrm.policy_idx_hmask + 1) * sizeof(struct hlist_head);
*4882a593Smuzhiyun	WARN_ON(!hlist_empty(net->xfrm.policy_byidx));
*4882a593Smuzhiyun	xfrm_hash_free(net->xfrm.policy_byidx, sz);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	list_for_each_entry_safe(b, t, &net->xfrm.inexact_bins, inexact_bins)
*4882a593Smuzhiyun		__xfrm_policy_inexact_prune_bin(b, true);
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int __net_init xfrm_net_init(struct net *net)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	int rv;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* Initialize the per-net locks here */
*4882a593Smuzhiyun	spin_lock_init(&net->xfrm.xfrm_state_lock);
*4882a593Smuzhiyun	spin_lock_init(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	mutex_init(&net->xfrm.xfrm_cfg_mutex);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	rv = xfrm_statistics_init(net);
*4882a593Smuzhiyun	if (rv < 0)
*4882a593Smuzhiyun		goto out_statistics;
*4882a593Smuzhiyun	rv = xfrm_state_init(net);
*4882a593Smuzhiyun	if (rv < 0)
*4882a593Smuzhiyun		goto out_state;
*4882a593Smuzhiyun	rv = xfrm_policy_init(net);
*4882a593Smuzhiyun	if (rv < 0)
*4882a593Smuzhiyun		goto out_policy;
*4882a593Smuzhiyun	rv = xfrm_sysctl_init(net);
*4882a593Smuzhiyun	if (rv < 0)
*4882a593Smuzhiyun		goto out_sysctl;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyunout_sysctl:
*4882a593Smuzhiyun	xfrm_policy_fini(net);
*4882a593Smuzhiyunout_policy:
*4882a593Smuzhiyun	xfrm_state_fini(net);
*4882a593Smuzhiyunout_state:
*4882a593Smuzhiyun	xfrm_statistics_fini(net);
*4882a593Smuzhiyunout_statistics:
*4882a593Smuzhiyun	return rv;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic void __net_exit xfrm_net_exit(struct net *net)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	xfrm_sysctl_fini(net);
*4882a593Smuzhiyun	xfrm_policy_fini(net);
*4882a593Smuzhiyun	xfrm_state_fini(net);
*4882a593Smuzhiyun	xfrm_statistics_fini(net);
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct pernet_operations __net_initdata xfrm_net_ops = {
*4882a593Smuzhiyun	.init = xfrm_net_init,
*4882a593Smuzhiyun	.exit = xfrm_net_exit,
*4882a593Smuzhiyun};
*4882a593Smuzhiyun
*4882a593Smuzhiyunvoid __init xfrm_init(void)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	register_pernet_subsys(&xfrm_net_ops);
*4882a593Smuzhiyun	xfrm_dev_init();
*4882a593Smuzhiyun	seqcount_mutex_init(&xfrm_policy_hash_generation, &hash_resize_mutex);
*4882a593Smuzhiyun	xfrm_input_init();
*4882a593Smuzhiyun
*4882a593Smuzhiyun#ifdef CONFIG_XFRM_ESPINTCP
*4882a593Smuzhiyun	espintcp_init();
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun
*4882a593Smuzhiyun	RCU_INIT_POINTER(xfrm_if_cb, NULL);
*4882a593Smuzhiyun	synchronize_rcu();
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun#ifdef CONFIG_AUDITSYSCALL
*4882a593Smuzhiyunstatic void xfrm_audit_common_policyinfo(struct xfrm_policy *xp,
*4882a593Smuzhiyun					 struct audit_buffer *audit_buf)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_sec_ctx *ctx = xp->security;
*4882a593Smuzhiyun	struct xfrm_selector *sel = &xp->selector;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (ctx)
*4882a593Smuzhiyun		audit_log_format(audit_buf, " sec_alg=%u sec_doi=%u sec_obj=%s",
*4882a593Smuzhiyun				 ctx->ctx_alg, ctx->ctx_doi, ctx->ctx_str);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	switch (sel->family) {
*4882a593Smuzhiyun	case AF_INET:
*4882a593Smuzhiyun		audit_log_format(audit_buf, " src=%pI4", &sel->saddr.a4);
*4882a593Smuzhiyun		if (sel->prefixlen_s != 32)
*4882a593Smuzhiyun			audit_log_format(audit_buf, " src_prefixlen=%d",
*4882a593Smuzhiyun					 sel->prefixlen_s);
*4882a593Smuzhiyun		audit_log_format(audit_buf, " dst=%pI4", &sel->daddr.a4);
*4882a593Smuzhiyun		if (sel->prefixlen_d != 32)
*4882a593Smuzhiyun			audit_log_format(audit_buf, " dst_prefixlen=%d",
*4882a593Smuzhiyun					 sel->prefixlen_d);
*4882a593Smuzhiyun		break;
*4882a593Smuzhiyun	case AF_INET6:
*4882a593Smuzhiyun		audit_log_format(audit_buf, " src=%pI6", sel->saddr.a6);
*4882a593Smuzhiyun		if (sel->prefixlen_s != 128)
*4882a593Smuzhiyun			audit_log_format(audit_buf, " src_prefixlen=%d",
*4882a593Smuzhiyun					 sel->prefixlen_s);
*4882a593Smuzhiyun		audit_log_format(audit_buf, " dst=%pI6", sel->daddr.a6);
*4882a593Smuzhiyun		if (sel->prefixlen_d != 128)
*4882a593Smuzhiyun			audit_log_format(audit_buf, " dst_prefixlen=%d",
*4882a593Smuzhiyun					 sel->prefixlen_d);
*4882a593Smuzhiyun		break;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunvoid xfrm_audit_policy_add(struct xfrm_policy *xp, int result, bool task_valid)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct audit_buffer *audit_buf;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	audit_buf = xfrm_audit_start("SPD-add");
*4882a593Smuzhiyun	if (audit_buf == NULL)
*4882a593Smuzhiyun		return;
*4882a593Smuzhiyun	xfrm_audit_helper_usrinfo(task_valid, audit_buf);
*4882a593Smuzhiyun	audit_log_format(audit_buf, " res=%u", result);
*4882a593Smuzhiyun	xfrm_audit_common_policyinfo(xp, audit_buf);
*4882a593Smuzhiyun	audit_log_end(audit_buf);
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL_GPL(xfrm_audit_policy_add);
*4882a593Smuzhiyun
*4882a593Smuzhiyunvoid xfrm_audit_policy_delete(struct xfrm_policy *xp, int result,
*4882a593Smuzhiyun			      bool task_valid)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct audit_buffer *audit_buf;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	audit_buf = xfrm_audit_start("SPD-delete");
*4882a593Smuzhiyun	if (audit_buf == NULL)
*4882a593Smuzhiyun		return;
*4882a593Smuzhiyun	xfrm_audit_helper_usrinfo(task_valid, audit_buf);
*4882a593Smuzhiyun	audit_log_format(audit_buf, " res=%u", result);
*4882a593Smuzhiyun	xfrm_audit_common_policyinfo(xp, audit_buf);
*4882a593Smuzhiyun	audit_log_end(audit_buf);
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL_GPL(xfrm_audit_policy_delete);
*4882a593Smuzhiyun#endif
*4882a593Smuzhiyun
*4882a593Smuzhiyun#ifdef CONFIG_XFRM_MIGRATE
*4882a593Smuzhiyunstatic bool xfrm_migrate_selector_match(const struct xfrm_selector *sel_cmp,
*4882a593Smuzhiyun					const struct xfrm_selector *sel_tgt)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	if (sel_cmp->proto == IPSEC_ULPROTO_ANY) {
*4882a593Smuzhiyun		if (sel_tgt->family == sel_cmp->family &&
*4882a593Smuzhiyun		    xfrm_addr_equal(&sel_tgt->daddr, &sel_cmp->daddr,
*4882a593Smuzhiyun				    sel_cmp->family) &&
*4882a593Smuzhiyun		    xfrm_addr_equal(&sel_tgt->saddr, &sel_cmp->saddr,
*4882a593Smuzhiyun				    sel_cmp->family) &&
*4882a593Smuzhiyun		    sel_tgt->prefixlen_d == sel_cmp->prefixlen_d &&
*4882a593Smuzhiyun		    sel_tgt->prefixlen_s == sel_cmp->prefixlen_s) {
*4882a593Smuzhiyun			return true;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	} else {
*4882a593Smuzhiyun		if (memcmp(sel_tgt, sel_cmp, sizeof(*sel_tgt)) == 0) {
*4882a593Smuzhiyun			return true;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	return false;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic struct xfrm_policy *xfrm_migrate_policy_find(const struct xfrm_selector *sel,
*4882a593Smuzhiyun						    u8 dir, u8 type, struct net *net, u32 if_id)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_policy *pol, *ret = NULL;
*4882a593Smuzhiyun	struct hlist_head *chain;
*4882a593Smuzhiyun	u32 priority = ~0U;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_lock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun	chain = policy_hash_direct(net, &sel->daddr, &sel->saddr, sel->family, dir);
*4882a593Smuzhiyun	hlist_for_each_entry(pol, chain, bydst) {
*4882a593Smuzhiyun		if ((if_id == 0 || pol->if_id == if_id) &&
*4882a593Smuzhiyun		    xfrm_migrate_selector_match(sel, &pol->selector) &&
*4882a593Smuzhiyun		    pol->type == type) {
*4882a593Smuzhiyun			ret = pol;
*4882a593Smuzhiyun			priority = ret->priority;
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	chain = &net->xfrm.policy_inexact[dir];
*4882a593Smuzhiyun	hlist_for_each_entry(pol, chain, bydst_inexact_list) {
*4882a593Smuzhiyun		if ((pol->priority >= priority) && ret)
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		if ((if_id == 0 || pol->if_id == if_id) &&
*4882a593Smuzhiyun		    xfrm_migrate_selector_match(sel, &pol->selector) &&
*4882a593Smuzhiyun		    pol->type == type) {
*4882a593Smuzhiyun			ret = pol;
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xfrm_pol_hold(ret);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	spin_unlock_bh(&net->xfrm.xfrm_policy_lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return ret;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int migrate_tmpl_match(const struct xfrm_migrate *m, const struct xfrm_tmpl *t)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	int match = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (t->mode == m->mode && t->id.proto == m->proto &&
*4882a593Smuzhiyun	    (m->reqid == 0 || t->reqid == m->reqid)) {
*4882a593Smuzhiyun		switch (t->mode) {
*4882a593Smuzhiyun		case XFRM_MODE_TUNNEL:
*4882a593Smuzhiyun		case XFRM_MODE_BEET:
*4882a593Smuzhiyun			if (xfrm_addr_equal(&t->id.daddr, &m->old_daddr,
*4882a593Smuzhiyun					    m->old_family) &&
*4882a593Smuzhiyun			    xfrm_addr_equal(&t->saddr, &m->old_saddr,
*4882a593Smuzhiyun					    m->old_family)) {
*4882a593Smuzhiyun				match = 1;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		case XFRM_MODE_TRANSPORT:
*4882a593Smuzhiyun			/* in case of transport mode, template does not store
*4882a593Smuzhiyun			   any IP addresses, hence we just compare mode and
*4882a593Smuzhiyun			   protocol */
*4882a593Smuzhiyun			match = 1;
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		default:
*4882a593Smuzhiyun			break;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun	return match;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyun/* update endpoint address(es) of template(s) */
*4882a593Smuzhiyunstatic int xfrm_policy_migrate(struct xfrm_policy *pol,
*4882a593Smuzhiyun			       struct xfrm_migrate *m, int num_migrate)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	struct xfrm_migrate *mp;
*4882a593Smuzhiyun	int i, j, n = 0;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	write_lock_bh(&pol->lock);
*4882a593Smuzhiyun	if (unlikely(pol->walk.dead)) {
*4882a593Smuzhiyun		/* target policy has been deleted */
*4882a593Smuzhiyun		write_unlock_bh(&pol->lock);
*4882a593Smuzhiyun		return -ENOENT;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (i = 0; i < pol->xfrm_nr; i++) {
*4882a593Smuzhiyun		for (j = 0, mp = m; j < num_migrate; j++, mp++) {
*4882a593Smuzhiyun			if (!migrate_tmpl_match(mp, &pol->xfrm_vec[i]))
*4882a593Smuzhiyun				continue;
*4882a593Smuzhiyun			n++;
*4882a593Smuzhiyun			if (pol->xfrm_vec[i].mode != XFRM_MODE_TUNNEL &&
*4882a593Smuzhiyun			    pol->xfrm_vec[i].mode != XFRM_MODE_BEET)
*4882a593Smuzhiyun				continue;
*4882a593Smuzhiyun			/* update endpoints */
*4882a593Smuzhiyun			memcpy(&pol->xfrm_vec[i].id.daddr, &mp->new_daddr,
*4882a593Smuzhiyun			       sizeof(pol->xfrm_vec[i].id.daddr));
*4882a593Smuzhiyun			memcpy(&pol->xfrm_vec[i].saddr, &mp->new_saddr,
*4882a593Smuzhiyun			       sizeof(pol->xfrm_vec[i].saddr));
*4882a593Smuzhiyun			pol->xfrm_vec[i].encap_family = mp->new_family;
*4882a593Smuzhiyun			/* flush bundles */
*4882a593Smuzhiyun			atomic_inc(&pol->genid);
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	write_unlock_bh(&pol->lock);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (!n)
*4882a593Smuzhiyun		return -ENODATA;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunstatic int xfrm_migrate_check(const struct xfrm_migrate *m, int num_migrate)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	int i, j;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (num_migrate < 1 || num_migrate > XFRM_MAX_DEPTH)
*4882a593Smuzhiyun		return -EINVAL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	for (i = 0; i < num_migrate; i++) {
*4882a593Smuzhiyun		if (xfrm_addr_any(&m[i].new_daddr, m[i].new_family) ||
*4882a593Smuzhiyun		    xfrm_addr_any(&m[i].new_saddr, m[i].new_family))
*4882a593Smuzhiyun			return -EINVAL;
*4882a593Smuzhiyun
*4882a593Smuzhiyun		/* check if there is any duplicated entry */
*4882a593Smuzhiyun		for (j = i + 1; j < num_migrate; j++) {
*4882a593Smuzhiyun			if (!memcmp(&m[i].old_daddr, &m[j].old_daddr,
*4882a593Smuzhiyun				    sizeof(m[i].old_daddr)) &&
*4882a593Smuzhiyun			    !memcmp(&m[i].old_saddr, &m[j].old_saddr,
*4882a593Smuzhiyun				    sizeof(m[i].old_saddr)) &&
*4882a593Smuzhiyun			    m[i].proto == m[j].proto &&
*4882a593Smuzhiyun			    m[i].mode == m[j].mode &&
*4882a593Smuzhiyun			    m[i].reqid == m[j].reqid &&
*4882a593Smuzhiyun			    m[i].old_family == m[j].old_family)
*4882a593Smuzhiyun				return -EINVAL;
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyun}
*4882a593Smuzhiyun
*4882a593Smuzhiyunint xfrm_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,
*4882a593Smuzhiyun		 struct xfrm_migrate *m, int num_migrate,
*4882a593Smuzhiyun		 struct xfrm_kmaddress *k, struct net *net,
*4882a593Smuzhiyun		 struct xfrm_encap_tmpl *encap, u32 if_id)
*4882a593Smuzhiyun{
*4882a593Smuzhiyun	int i, err, nx_cur = 0, nx_new = 0;
*4882a593Smuzhiyun	struct xfrm_policy *pol = NULL;
*4882a593Smuzhiyun	struct xfrm_state *x, *xc;
*4882a593Smuzhiyun	struct xfrm_state *x_cur[XFRM_MAX_DEPTH];
*4882a593Smuzhiyun	struct xfrm_state *x_new[XFRM_MAX_DEPTH];
*4882a593Smuzhiyun	struct xfrm_migrate *mp;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* Stage 0 - sanity checks */
*4882a593Smuzhiyun	if ((err = xfrm_migrate_check(m, num_migrate)) < 0)
*4882a593Smuzhiyun		goto out;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	if (dir >= XFRM_POLICY_MAX) {
*4882a593Smuzhiyun		err = -EINVAL;
*4882a593Smuzhiyun		goto out;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* Stage 1 - find policy */
*4882a593Smuzhiyun	if ((pol = xfrm_migrate_policy_find(sel, dir, type, net, if_id)) == NULL) {
*4882a593Smuzhiyun		err = -ENOENT;
*4882a593Smuzhiyun		goto out;
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* Stage 2 - find and update state(s) */
*4882a593Smuzhiyun	for (i = 0, mp = m; i < num_migrate; i++, mp++) {
*4882a593Smuzhiyun		if ((x = xfrm_migrate_state_find(mp, net, if_id))) {
*4882a593Smuzhiyun			x_cur[nx_cur] = x;
*4882a593Smuzhiyun			nx_cur++;
*4882a593Smuzhiyun			xc = xfrm_state_migrate(x, mp, encap);
*4882a593Smuzhiyun			if (xc) {
*4882a593Smuzhiyun				x_new[nx_new] = xc;
*4882a593Smuzhiyun				nx_new++;
*4882a593Smuzhiyun			} else {
*4882a593Smuzhiyun				err = -ENODATA;
*4882a593Smuzhiyun				goto restore_state;
*4882a593Smuzhiyun			}
*4882a593Smuzhiyun		}
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* Stage 3 - update policy */
*4882a593Smuzhiyun	if ((err = xfrm_policy_migrate(pol, m, num_migrate)) < 0)
*4882a593Smuzhiyun		goto restore_state;
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* Stage 4 - delete old state(s) */
*4882a593Smuzhiyun	if (nx_cur) {
*4882a593Smuzhiyun		xfrm_states_put(x_cur, nx_cur);
*4882a593Smuzhiyun		xfrm_states_delete(x_cur, nx_cur);
*4882a593Smuzhiyun	}
*4882a593Smuzhiyun
*4882a593Smuzhiyun	/* Stage 5 - announce */
*4882a593Smuzhiyun	km_migrate(sel, dir, type, m, num_migrate, k, encap);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	xfrm_pol_put(pol);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return 0;
*4882a593Smuzhiyunout:
*4882a593Smuzhiyun	return err;
*4882a593Smuzhiyun
*4882a593Smuzhiyunrestore_state:
*4882a593Smuzhiyun	if (pol)
*4882a593Smuzhiyun		xfrm_pol_put(pol);
*4882a593Smuzhiyun	if (nx_cur)
*4882a593Smuzhiyun		xfrm_states_put(x_cur, nx_cur);
*4882a593Smuzhiyun	if (nx_new)
*4882a593Smuzhiyun		xfrm_states_delete(x_new, nx_new);
*4882a593Smuzhiyun
*4882a593Smuzhiyun	return err;
*4882a593Smuzhiyun}
*4882a593SmuzhiyunEXPORT_SYMBOL(xfrm_migrate);
*4882a593Smuzhiyun#endif