diff options
Diffstat (limited to 'net/key/af_key.c')
| -rw-r--r-- | net/key/af_key.c | 40 |
1 files changed, 31 insertions, 9 deletions
diff --git a/net/key/af_key.c b/net/key/af_key.c index cc2630ac8061..7b3ba32ca678 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c | |||
| @@ -203,7 +203,6 @@ static int pfkey_broadcast_one(struct sk_buff *skb, struct sk_buff **skb2, | |||
| 203 | } | 203 | } |
| 204 | if (*skb2 != NULL) { | 204 | if (*skb2 != NULL) { |
| 205 | if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf) { | 205 | if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf) { |
| 206 | skb_orphan(*skb2); | ||
| 207 | skb_set_owner_r(*skb2, sk); | 206 | skb_set_owner_r(*skb2, sk); |
| 208 | skb_queue_tail(&sk->sk_receive_queue, *skb2); | 207 | skb_queue_tail(&sk->sk_receive_queue, *skb2); |
| 209 | sk->sk_data_ready(sk, (*skb2)->len); | 208 | sk->sk_data_ready(sk, (*skb2)->len); |
| @@ -816,18 +815,21 @@ static struct sk_buff *__pfkey_xfrm_state2msg(const struct xfrm_state *x, | |||
| 816 | sa->sadb_sa_auth = 0; | 815 | sa->sadb_sa_auth = 0; |
| 817 | if (x->aalg) { | 816 | if (x->aalg) { |
| 818 | struct xfrm_algo_desc *a = xfrm_aalg_get_byname(x->aalg->alg_name, 0); | 817 | struct xfrm_algo_desc *a = xfrm_aalg_get_byname(x->aalg->alg_name, 0); |
| 819 | sa->sadb_sa_auth = a ? a->desc.sadb_alg_id : 0; | 818 | sa->sadb_sa_auth = (a && a->pfkey_supported) ? |
| 819 | a->desc.sadb_alg_id : 0; | ||
| 820 | } | 820 | } |
| 821 | sa->sadb_sa_encrypt = 0; | 821 | sa->sadb_sa_encrypt = 0; |
| 822 | BUG_ON(x->ealg && x->calg); | 822 | BUG_ON(x->ealg && x->calg); |
| 823 | if (x->ealg) { | 823 | if (x->ealg) { |
| 824 | struct xfrm_algo_desc *a = xfrm_ealg_get_byname(x->ealg->alg_name, 0); | 824 | struct xfrm_algo_desc *a = xfrm_ealg_get_byname(x->ealg->alg_name, 0); |
| 825 | sa->sadb_sa_encrypt = a ? a->desc.sadb_alg_id : 0; | 825 | sa->sadb_sa_encrypt = (a && a->pfkey_supported) ? |
| 826 | a->desc.sadb_alg_id : 0; | ||
| 826 | } | 827 | } |
| 827 | /* KAME compatible: sadb_sa_encrypt is overloaded with calg id */ | 828 | /* KAME compatible: sadb_sa_encrypt is overloaded with calg id */ |
| 828 | if (x->calg) { | 829 | if (x->calg) { |
| 829 | struct xfrm_algo_desc *a = xfrm_calg_get_byname(x->calg->alg_name, 0); | 830 | struct xfrm_algo_desc *a = xfrm_calg_get_byname(x->calg->alg_name, 0); |
| 830 | sa->sadb_sa_encrypt = a ? a->desc.sadb_alg_id : 0; | 831 | sa->sadb_sa_encrypt = (a && a->pfkey_supported) ? |
| 832 | a->desc.sadb_alg_id : 0; | ||
| 831 | } | 833 | } |
| 832 | 834 | ||
| 833 | sa->sadb_sa_flags = 0; | 835 | sa->sadb_sa_flags = 0; |
| @@ -1138,7 +1140,7 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct net *net, | |||
| 1138 | if (sa->sadb_sa_auth) { | 1140 | if (sa->sadb_sa_auth) { |
| 1139 | int keysize = 0; | 1141 | int keysize = 0; |
| 1140 | struct xfrm_algo_desc *a = xfrm_aalg_get_byid(sa->sadb_sa_auth); | 1142 | struct xfrm_algo_desc *a = xfrm_aalg_get_byid(sa->sadb_sa_auth); |
| 1141 | if (!a) { | 1143 | if (!a || !a->pfkey_supported) { |
| 1142 | err = -ENOSYS; | 1144 | err = -ENOSYS; |
| 1143 | goto out; | 1145 | goto out; |
| 1144 | } | 1146 | } |
| @@ -1160,7 +1162,7 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct net *net, | |||
| 1160 | if (sa->sadb_sa_encrypt) { | 1162 | if (sa->sadb_sa_encrypt) { |
| 1161 | if (hdr->sadb_msg_satype == SADB_X_SATYPE_IPCOMP) { | 1163 | if (hdr->sadb_msg_satype == SADB_X_SATYPE_IPCOMP) { |
| 1162 | struct xfrm_algo_desc *a = xfrm_calg_get_byid(sa->sadb_sa_encrypt); | 1164 | struct xfrm_algo_desc *a = xfrm_calg_get_byid(sa->sadb_sa_encrypt); |
| 1163 | if (!a) { | 1165 | if (!a || !a->pfkey_supported) { |
| 1164 | err = -ENOSYS; | 1166 | err = -ENOSYS; |
| 1165 | goto out; | 1167 | goto out; |
| 1166 | } | 1168 | } |
| @@ -1172,7 +1174,7 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct net *net, | |||
| 1172 | } else { | 1174 | } else { |
| 1173 | int keysize = 0; | 1175 | int keysize = 0; |
| 1174 | struct xfrm_algo_desc *a = xfrm_ealg_get_byid(sa->sadb_sa_encrypt); | 1176 | struct xfrm_algo_desc *a = xfrm_ealg_get_byid(sa->sadb_sa_encrypt); |
| 1175 | if (!a) { | 1177 | if (!a || !a->pfkey_supported) { |
| 1176 | err = -ENOSYS; | 1178 | err = -ENOSYS; |
| 1177 | goto out; | 1179 | goto out; |
| 1178 | } | 1180 | } |
| @@ -1578,13 +1580,13 @@ static struct sk_buff *compose_sadb_supported(const struct sadb_msg *orig, | |||
| 1578 | struct sadb_msg *hdr; | 1580 | struct sadb_msg *hdr; |
| 1579 | int len, auth_len, enc_len, i; | 1581 | int len, auth_len, enc_len, i; |
| 1580 | 1582 | ||
| 1581 | auth_len = xfrm_count_auth_supported(); | 1583 | auth_len = xfrm_count_pfkey_auth_supported(); |
| 1582 | if (auth_len) { | 1584 | if (auth_len) { |
| 1583 | auth_len *= sizeof(struct sadb_alg); | 1585 | auth_len *= sizeof(struct sadb_alg); |
| 1584 | auth_len += sizeof(struct sadb_supported); | 1586 | auth_len += sizeof(struct sadb_supported); |
| 1585 | } | 1587 | } |
| 1586 | 1588 | ||
| 1587 | enc_len = xfrm_count_enc_supported(); | 1589 | enc_len = xfrm_count_pfkey_enc_supported(); |
| 1588 | if (enc_len) { | 1590 | if (enc_len) { |
| 1589 | enc_len *= sizeof(struct sadb_alg); | 1591 | enc_len *= sizeof(struct sadb_alg); |
| 1590 | enc_len += sizeof(struct sadb_supported); | 1592 | enc_len += sizeof(struct sadb_supported); |
| @@ -1615,6 +1617,8 @@ static struct sk_buff *compose_sadb_supported(const struct sadb_msg *orig, | |||
| 1615 | struct xfrm_algo_desc *aalg = xfrm_aalg_get_byidx(i); | 1617 | struct xfrm_algo_desc *aalg = xfrm_aalg_get_byidx(i); |
| 1616 | if (!aalg) | 1618 | if (!aalg) |
| 1617 | break; | 1619 | break; |
| 1620 | if (!aalg->pfkey_supported) | ||
| 1621 | continue; | ||
| 1618 | if (aalg->available) | 1622 | if (aalg->available) |
| 1619 | *ap++ = aalg->desc; | 1623 | *ap++ = aalg->desc; |
| 1620 | } | 1624 | } |
| @@ -1634,6 +1638,8 @@ static struct sk_buff *compose_sadb_supported(const struct sadb_msg *orig, | |||
| 1634 | struct xfrm_algo_desc *ealg = xfrm_ealg_get_byidx(i); | 1638 | struct xfrm_algo_desc *ealg = xfrm_ealg_get_byidx(i); |
| 1635 | if (!ealg) | 1639 | if (!ealg) |
| 1636 | break; | 1640 | break; |
| 1641 | if (!ealg->pfkey_supported) | ||
| 1642 | continue; | ||
| 1637 | if (ealg->available) | 1643 | if (ealg->available) |
| 1638 | *ap++ = ealg->desc; | 1644 | *ap++ = ealg->desc; |
| 1639 | } | 1645 | } |
| @@ -2825,6 +2831,8 @@ static int count_ah_combs(const struct xfrm_tmpl *t) | |||
| 2825 | const struct xfrm_algo_desc *aalg = xfrm_aalg_get_byidx(i); | 2831 | const struct xfrm_algo_desc *aalg = xfrm_aalg_get_byidx(i); |
| 2826 | if (!aalg) | 2832 | if (!aalg) |
| 2827 | break; | 2833 | break; |
| 2834 | if (!aalg->pfkey_supported) | ||
| 2835 | continue; | ||
| 2828 | if (aalg_tmpl_set(t, aalg) && aalg->available) | 2836 | if (aalg_tmpl_set(t, aalg) && aalg->available) |
| 2829 | sz += sizeof(struct sadb_comb); | 2837 | sz += sizeof(struct sadb_comb); |
| 2830 | } | 2838 | } |
| @@ -2840,6 +2848,9 @@ static int count_esp_combs(const struct xfrm_tmpl *t) | |||
| 2840 | if (!ealg) | 2848 | if (!ealg) |
| 2841 | break; | 2849 | break; |
| 2842 | 2850 | ||
| 2851 | if (!ealg->pfkey_supported) | ||
| 2852 | continue; | ||
| 2853 | |||
| 2843 | if (!(ealg_tmpl_set(t, ealg) && ealg->available)) | 2854 | if (!(ealg_tmpl_set(t, ealg) && ealg->available)) |
| 2844 | continue; | 2855 | continue; |
| 2845 | 2856 | ||
| @@ -2848,6 +2859,9 @@ static int count_esp_combs(const struct xfrm_tmpl *t) | |||
| 2848 | if (!aalg) | 2859 | if (!aalg) |
| 2849 | break; | 2860 | break; |
| 2850 | 2861 | ||
| 2862 | if (!aalg->pfkey_supported) | ||
| 2863 | continue; | ||
| 2864 | |||
| 2851 | if (aalg_tmpl_set(t, aalg) && aalg->available) | 2865 | if (aalg_tmpl_set(t, aalg) && aalg->available) |
| 2852 | sz += sizeof(struct sadb_comb); | 2866 | sz += sizeof(struct sadb_comb); |
| 2853 | } | 2867 | } |
| @@ -2871,6 +2885,9 @@ static void dump_ah_combs(struct sk_buff *skb, const struct xfrm_tmpl *t) | |||
| 2871 | if (!aalg) | 2885 | if (!aalg) |
| 2872 | break; | 2886 | break; |
| 2873 | 2887 | ||
| 2888 | if (!aalg->pfkey_supported) | ||
| 2889 | continue; | ||
| 2890 | |||
| 2874 | if (aalg_tmpl_set(t, aalg) && aalg->available) { | 2891 | if (aalg_tmpl_set(t, aalg) && aalg->available) { |
| 2875 | struct sadb_comb *c; | 2892 | struct sadb_comb *c; |
| 2876 | c = (struct sadb_comb*)skb_put(skb, sizeof(struct sadb_comb)); | 2893 | c = (struct sadb_comb*)skb_put(skb, sizeof(struct sadb_comb)); |
| @@ -2903,6 +2920,9 @@ static void dump_esp_combs(struct sk_buff *skb, const struct xfrm_tmpl *t) | |||
| 2903 | if (!ealg) | 2920 | if (!ealg) |
| 2904 | break; | 2921 | break; |
| 2905 | 2922 | ||
| 2923 | if (!ealg->pfkey_supported) | ||
| 2924 | continue; | ||
| 2925 | |||
| 2906 | if (!(ealg_tmpl_set(t, ealg) && ealg->available)) | 2926 | if (!(ealg_tmpl_set(t, ealg) && ealg->available)) |
| 2907 | continue; | 2927 | continue; |
| 2908 | 2928 | ||
| @@ -2911,6 +2931,8 @@ static void dump_esp_combs(struct sk_buff *skb, const struct xfrm_tmpl *t) | |||
| 2911 | const struct xfrm_algo_desc *aalg = xfrm_aalg_get_byidx(k); | 2931 | const struct xfrm_algo_desc *aalg = xfrm_aalg_get_byidx(k); |
| 2912 | if (!aalg) | 2932 | if (!aalg) |
| 2913 | break; | 2933 | break; |
| 2934 | if (!aalg->pfkey_supported) | ||
| 2935 | continue; | ||
| 2914 | if (!(aalg_tmpl_set(t, aalg) && aalg->available)) | 2936 | if (!(aalg_tmpl_set(t, aalg) && aalg->available)) |
| 2915 | continue; | 2937 | continue; |
| 2916 | c = (struct sadb_comb*)skb_put(skb, sizeof(struct sadb_comb)); | 2938 | c = (struct sadb_comb*)skb_put(skb, sizeof(struct sadb_comb)); |