net/ipv6/xfrm6_state.c - android_kernel_htc_msm8960 - Gitiles

 /*
  * xfrm6_state.c: based on xfrm4_state.c
  *
  * Authors:
  *	Mitsuru KANDA @USAGI
  * 	Kazunori MIYAZAWA @USAGI
  * 	Kunihiro Ishiguro <kunihiro@ipinfusion.com>
  * 		IPv6 support
  * 	YOSHIFUJI Hideaki @USAGI
  * 		Split up af-specific portion
  *
  */

 #include <net/xfrm.h>
 #include <linux/pfkeyv2.h>
 #include <linux/ipsec.h>
 #include <linux/netfilter_ipv6.h>
 #include <net/dsfield.h>
 #include <net/ipv6.h>
 #include <net/addrconf.h>

 static struct xfrm_state_afinfo xfrm6_state_afinfo;

 static void
 __xfrm6_init_tempsel(struct xfrm_state *x, struct flowi *fl,
 		     struct xfrm_tmpl *tmpl,
 		     xfrm_address_t *daddr, xfrm_address_t *saddr)
 {
 	/* Initialize temporary selector matching only
 	 * to current session. */
 	ipv6_addr_copy((struct in6_addr *)&x->sel.daddr, &fl->fl6_dst);
 	ipv6_addr_copy((struct in6_addr *)&x->sel.saddr, &fl->fl6_src);
 	x->sel.dport = xfrm_flowi_dport(fl);
 	x->sel.dport_mask = htons(0xffff);
 	x->sel.sport = xfrm_flowi_sport(fl);
 	x->sel.sport_mask = htons(0xffff);
 	x->sel.prefixlen_d = 128;
 	x->sel.prefixlen_s = 128;
 	x->sel.proto = fl->proto;
 	x->sel.ifindex = fl->oif;
 	x->id = tmpl->id;
 	if (ipv6_addr_any((struct in6_addr*)&x->id.daddr))
 		memcpy(&x->id.daddr, daddr, sizeof(x->sel.daddr));
 	memcpy(&x->props.saddr, &tmpl->saddr, sizeof(x->props.saddr));
 	if (ipv6_addr_any((struct in6_addr*)&x->props.saddr))
 		memcpy(&x->props.saddr, saddr, sizeof(x->props.saddr));
 	x->props.mode = tmpl->mode;
 	x->props.reqid = tmpl->reqid;
 	x->props.family = AF_INET6;
 }

 static int
 __xfrm6_state_sort(struct xfrm_state **dst, struct xfrm_state **src, int n)
 {
 	int i;
 	int j = 0;

 	/* Rule 1: select IPsec transport except AH */
 	for (i = 0; i < n; i++) {
 		if (src[i]->props.mode == XFRM_MODE_TRANSPORT &&
 		    src[i]->id.proto != IPPROTO_AH) {
 			dst[j++] = src[i];
 			src[i] = NULL;
 		}
 	}
 	if (j == n)
 		goto end;

 	/* Rule 2: select MIPv6 RO or inbound trigger */
 #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
 	for (i = 0; i < n; i++) {
 		if (src[i] &&
 		    (src[i]->props.mode == XFRM_MODE_ROUTEOPTIMIZATION ||
 		     src[i]->props.mode == XFRM_MODE_IN_TRIGGER)) {
 			dst[j++] = src[i];
 			src[i] = NULL;
 		}
 	}
 	if (j == n)
 		goto end;
 #endif

 	/* Rule 3: select IPsec transport AH */
 	for (i = 0; i < n; i++) {
 		if (src[i] &&
 		    src[i]->props.mode == XFRM_MODE_TRANSPORT &&
 		    src[i]->id.proto == IPPROTO_AH) {
 			dst[j++] = src[i];
 			src[i] = NULL;
 		}
 	}
 	if (j == n)
 		goto end;

 	/* Rule 4: select IPsec tunnel */
 	for (i = 0; i < n; i++) {
 		if (src[i] &&
 		    (src[i]->props.mode == XFRM_MODE_TUNNEL ||
 		     src[i]->props.mode == XFRM_MODE_BEET)) {
 			dst[j++] = src[i];
 			src[i] = NULL;
 		}
 	}
 	if (likely(j == n))
 		goto end;

 	/* Final rule */
 	for (i = 0; i < n; i++) {
 		if (src[i]) {
 			dst[j++] = src[i];
 			src[i] = NULL;
 		}
 	}

  end:
 	return 0;
 }

 static int
 __xfrm6_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n)
 {
 	int i;
 	int j = 0;

 	/* Rule 1: select IPsec transport */
 	for (i = 0; i < n; i++) {
 		if (src[i]->mode == XFRM_MODE_TRANSPORT) {
 			dst[j++] = src[i];
 			src[i] = NULL;
 		}
 	}
 	if (j == n)
 		goto end;

 	/* Rule 2: select MIPv6 RO or inbound trigger */
 #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
 	for (i = 0; i < n; i++) {
 		if (src[i] &&
 		    (src[i]->mode == XFRM_MODE_ROUTEOPTIMIZATION ||
 		     src[i]->mode == XFRM_MODE_IN_TRIGGER)) {
 			dst[j++] = src[i];
 			src[i] = NULL;
 		}
 	}
 	if (j == n)
 		goto end;
 #endif

 	/* Rule 3: select IPsec tunnel */
 	for (i = 0; i < n; i++) {
 		if (src[i] &&
 		    (src[i]->mode == XFRM_MODE_TUNNEL ||
 		     src[i]->mode == XFRM_MODE_BEET)) {
 			dst[j++] = src[i];
 			src[i] = NULL;
 		}
 	}
 	if (likely(j == n))
 		goto end;

 	/* Final rule */
 	for (i = 0; i < n; i++) {
 		if (src[i]) {
 			dst[j++] = src[i];
 			src[i] = NULL;
 		}
 	}

  end:
 	return 0;
 }

 int xfrm6_extract_header(struct sk_buff *skb)
 {
 	struct ipv6hdr *iph = ipv6_hdr(skb);

 	XFRM_MODE_SKB_CB(skb)->id = 0;
 	XFRM_MODE_SKB_CB(skb)->frag_off = htons(IP_DF);
 	XFRM_MODE_SKB_CB(skb)->tos = ipv6_get_dsfield(iph);
 	XFRM_MODE_SKB_CB(skb)->ttl = iph->hop_limit;
 	memcpy(XFRM_MODE_SKB_CB(skb)->flow_lbl, iph->flow_lbl,
 	       sizeof(XFRM_MODE_SKB_CB(skb)->flow_lbl));

 	return 0;
 }

 static struct xfrm_state_afinfo xfrm6_state_afinfo = {
 	.family			= AF_INET6,
 	.proto			= IPPROTO_IPV6,
 	.eth_proto		= htons(ETH_P_IPV6),
 	.owner			= THIS_MODULE,
 	.init_tempsel		= __xfrm6_init_tempsel,
 	.tmpl_sort		= __xfrm6_tmpl_sort,
 	.state_sort		= __xfrm6_state_sort,
 	.output			= xfrm6_output,
 	.extract_input		= xfrm6_extract_input,
 	.extract_output		= xfrm6_extract_output,
 	.transport_finish	= xfrm6_transport_finish,
 };

 int __init xfrm6_state_init(void)
 {
 	return xfrm_state_register_afinfo(&xfrm6_state_afinfo);
 }

 void xfrm6_state_fini(void)
 {
 	xfrm_state_unregister_afinfo(&xfrm6_state_afinfo);
 }
	/*
	* xfrm6_state.c: based on xfrm4_state.c
	*
	* Authors:
	* Mitsuru KANDA @USAGI
	* Kazunori MIYAZAWA @USAGI
	* Kunihiro Ishiguro <kunihiro@ipinfusion.com>
	* IPv6 support
	* YOSHIFUJI Hideaki @USAGI
	* Split up af-specific portion
	*
	*/

	#include <net/xfrm.h>
	#include <linux/pfkeyv2.h>
	#include <linux/ipsec.h>
	#include <linux/netfilter_ipv6.h>
	#include <net/dsfield.h>
	#include <net/ipv6.h>
	#include <net/addrconf.h>

	static struct xfrm_state_afinfo xfrm6_state_afinfo;

	static void
	__xfrm6_init_tempsel(struct xfrm_state x, struct flowi fl,
	struct xfrm_tmpl *tmpl,
	xfrm_address_t daddr, xfrm_address_t saddr)
	{
	/* Initialize temporary selector matching only
	* to current session. */
	ipv6_addr_copy((struct in6_addr *)&x->sel.daddr, &fl->fl6_dst);
	ipv6_addr_copy((struct in6_addr *)&x->sel.saddr, &fl->fl6_src);
	x->sel.dport = xfrm_flowi_dport(fl);
	x->sel.dport_mask = htons(0xffff);
	x->sel.sport = xfrm_flowi_sport(fl);
	x->sel.sport_mask = htons(0xffff);
	x->sel.prefixlen_d = 128;
	x->sel.prefixlen_s = 128;
	x->sel.proto = fl->proto;
	x->sel.ifindex = fl->oif;
	x->id = tmpl->id;
	if (ipv6_addr_any((struct in6_addr*)&x->id.daddr))
	memcpy(&x->id.daddr, daddr, sizeof(x->sel.daddr));
	memcpy(&x->props.saddr, &tmpl->saddr, sizeof(x->props.saddr));
	if (ipv6_addr_any((struct in6_addr*)&x->props.saddr))
	memcpy(&x->props.saddr, saddr, sizeof(x->props.saddr));
	x->props.mode = tmpl->mode;
	x->props.reqid = tmpl->reqid;
	x->props.family = AF_INET6;
	}

	static int
	__xfrm6_state_sort(struct xfrm_state dst, struct xfrm_state src, int n)
	{
	int i;
	int j = 0;

	/* Rule 1: select IPsec transport except AH */
	for (i = 0; i < n; i++) {
	if (src[i]->props.mode == XFRM_MODE_TRANSPORT &&
	src[i]->id.proto != IPPROTO_AH) {
	dst[j++] = src[i];
	src[i] = NULL;
	}
	}
	if (j == n)
	goto end;

	/* Rule 2: select MIPv6 RO or inbound trigger */
	#if defined(CONFIG_IPV6_MIP6) \|\| defined(CONFIG_IPV6_MIP6_MODULE)
	for (i = 0; i < n; i++) {
	if (src[i] &&
	(src[i]->props.mode == XFRM_MODE_ROUTEOPTIMIZATION \|\|
	src[i]->props.mode == XFRM_MODE_IN_TRIGGER)) {
	dst[j++] = src[i];
	src[i] = NULL;
	}
	}
	if (j == n)
	goto end;
	#endif

	/* Rule 3: select IPsec transport AH */
	for (i = 0; i < n; i++) {
	if (src[i] &&
	src[i]->props.mode == XFRM_MODE_TRANSPORT &&
	src[i]->id.proto == IPPROTO_AH) {
	dst[j++] = src[i];
	src[i] = NULL;
	}
	}
	if (j == n)
	goto end;

	/* Rule 4: select IPsec tunnel */
	for (i = 0; i < n; i++) {
	if (src[i] &&
	(src[i]->props.mode == XFRM_MODE_TUNNEL \|\|
	src[i]->props.mode == XFRM_MODE_BEET)) {
	dst[j++] = src[i];
	src[i] = NULL;
	}
	}
	if (likely(j == n))
	goto end;

	/* Final rule */
	for (i = 0; i < n; i++) {
	if (src[i]) {
	dst[j++] = src[i];
	src[i] = NULL;
	}
	}

	end:
	return 0;
	}

	static int
	__xfrm6_tmpl_sort(struct xfrm_tmpl dst, struct xfrm_tmpl src, int n)
	{
	int i;
	int j = 0;

	/* Rule 1: select IPsec transport */
	for (i = 0; i < n; i++) {
	if (src[i]->mode == XFRM_MODE_TRANSPORT) {
	dst[j++] = src[i];
	src[i] = NULL;
	}
	}
	if (j == n)
	goto end;

	/* Rule 2: select MIPv6 RO or inbound trigger */
	#if defined(CONFIG_IPV6_MIP6) \|\| defined(CONFIG_IPV6_MIP6_MODULE)
	for (i = 0; i < n; i++) {
	if (src[i] &&
	(src[i]->mode == XFRM_MODE_ROUTEOPTIMIZATION \|\|
	src[i]->mode == XFRM_MODE_IN_TRIGGER)) {
	dst[j++] = src[i];
	src[i] = NULL;
	}
	}
	if (j == n)
	goto end;
	#endif

	/* Rule 3: select IPsec tunnel */
	for (i = 0; i < n; i++) {
	if (src[i] &&
	(src[i]->mode == XFRM_MODE_TUNNEL \|\|
	src[i]->mode == XFRM_MODE_BEET)) {
	dst[j++] = src[i];
	src[i] = NULL;
	}
	}
	if (likely(j == n))
	goto end;

	/* Final rule */
	for (i = 0; i < n; i++) {
	if (src[i]) {
	dst[j++] = src[i];
	src[i] = NULL;
	}
	}

	end:
	return 0;
	}

	int xfrm6_extract_header(struct sk_buff *skb)
	{
	struct ipv6hdr *iph = ipv6_hdr(skb);

	XFRM_MODE_SKB_CB(skb)->id = 0;
	XFRM_MODE_SKB_CB(skb)->frag_off = htons(IP_DF);
	XFRM_MODE_SKB_CB(skb)->tos = ipv6_get_dsfield(iph);
	XFRM_MODE_SKB_CB(skb)->ttl = iph->hop_limit;
	memcpy(XFRM_MODE_SKB_CB(skb)->flow_lbl, iph->flow_lbl,
	sizeof(XFRM_MODE_SKB_CB(skb)->flow_lbl));

	return 0;
	}

	static struct xfrm_state_afinfo xfrm6_state_afinfo = {
	.family = AF_INET6,
	.proto = IPPROTO_IPV6,
	.eth_proto = htons(ETH_P_IPV6),
	.owner = THIS_MODULE,
	.init_tempsel = __xfrm6_init_tempsel,
	.tmpl_sort = __xfrm6_tmpl_sort,
	.state_sort = __xfrm6_state_sort,
	.output = xfrm6_output,
	.extract_input = xfrm6_extract_input,
	.extract_output = xfrm6_extract_output,
	.transport_finish = xfrm6_transport_finish,
	};

	int __init xfrm6_state_init(void)
	{
	return xfrm_state_register_afinfo(&xfrm6_state_afinfo);
	}

	void xfrm6_state_fini(void)
	{
	xfrm_state_unregister_afinfo(&xfrm6_state_afinfo);
	}