diff options
author | David S. Miller <davem@davemloft.net> | 2013-11-02 02:13:48 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2013-11-02 02:13:48 -0400 |
commit | 296c10639a33941d0090afa17b7535fcbf81d97a (patch) | |
tree | f85819ef71b07bcf004c7971fa66c9f68a45bd74 /net/ipv4 | |
parent | e139862eeec985d7139b11b09deeb9a32e3f3af2 (diff) | |
parent | 1c5ad13f7c2b2afe30e43858d04fff979dc9d243 (diff) |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
Conflicts:
net/xfrm/xfrm_policy.c
Minor merge conflict in xfrm_policy.c, consisting of overlapping
changes which were trivial to resolve.
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r-- | net/ipv4/esp4.c | 49 |
1 files changed, 15 insertions, 34 deletions
diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c index 109ee89f123e..7785b28061ac 100644 --- a/net/ipv4/esp4.c +++ b/net/ipv4/esp4.c | |||
@@ -121,7 +121,6 @@ static int esp_output(struct xfrm_state *x, struct sk_buff *skb) | |||
121 | struct aead_givcrypt_request *req; | 121 | struct aead_givcrypt_request *req; |
122 | struct scatterlist *sg; | 122 | struct scatterlist *sg; |
123 | struct scatterlist *asg; | 123 | struct scatterlist *asg; |
124 | struct esp_data *esp; | ||
125 | struct sk_buff *trailer; | 124 | struct sk_buff *trailer; |
126 | void *tmp; | 125 | void *tmp; |
127 | u8 *iv; | 126 | u8 *iv; |
@@ -139,8 +138,7 @@ static int esp_output(struct xfrm_state *x, struct sk_buff *skb) | |||
139 | 138 | ||
140 | /* skb is pure payload to encrypt */ | 139 | /* skb is pure payload to encrypt */ |
141 | 140 | ||
142 | esp = x->data; | 141 | aead = x->data; |
143 | aead = esp->aead; | ||
144 | alen = crypto_aead_authsize(aead); | 142 | alen = crypto_aead_authsize(aead); |
145 | 143 | ||
146 | tfclen = 0; | 144 | tfclen = 0; |
@@ -154,8 +152,6 @@ static int esp_output(struct xfrm_state *x, struct sk_buff *skb) | |||
154 | } | 152 | } |
155 | blksize = ALIGN(crypto_aead_blocksize(aead), 4); | 153 | blksize = ALIGN(crypto_aead_blocksize(aead), 4); |
156 | clen = ALIGN(skb->len + 2 + tfclen, blksize); | 154 | clen = ALIGN(skb->len + 2 + tfclen, blksize); |
157 | if (esp->padlen) | ||
158 | clen = ALIGN(clen, esp->padlen); | ||
159 | plen = clen - skb->len - tfclen; | 155 | plen = clen - skb->len - tfclen; |
160 | 156 | ||
161 | err = skb_cow_data(skb, tfclen + plen + alen, &trailer); | 157 | err = skb_cow_data(skb, tfclen + plen + alen, &trailer); |
@@ -280,8 +276,7 @@ static int esp_input_done2(struct sk_buff *skb, int err) | |||
280 | { | 276 | { |
281 | const struct iphdr *iph; | 277 | const struct iphdr *iph; |
282 | struct xfrm_state *x = xfrm_input_state(skb); | 278 | struct xfrm_state *x = xfrm_input_state(skb); |
283 | struct esp_data *esp = x->data; | 279 | struct crypto_aead *aead = x->data; |
284 | struct crypto_aead *aead = esp->aead; | ||
285 | int alen = crypto_aead_authsize(aead); | 280 | int alen = crypto_aead_authsize(aead); |
286 | int hlen = sizeof(struct ip_esp_hdr) + crypto_aead_ivsize(aead); | 281 | int hlen = sizeof(struct ip_esp_hdr) + crypto_aead_ivsize(aead); |
287 | int elen = skb->len - hlen; | 282 | int elen = skb->len - hlen; |
@@ -376,8 +371,7 @@ static void esp_input_done(struct crypto_async_request *base, int err) | |||
376 | static int esp_input(struct xfrm_state *x, struct sk_buff *skb) | 371 | static int esp_input(struct xfrm_state *x, struct sk_buff *skb) |
377 | { | 372 | { |
378 | struct ip_esp_hdr *esph; | 373 | struct ip_esp_hdr *esph; |
379 | struct esp_data *esp = x->data; | 374 | struct crypto_aead *aead = x->data; |
380 | struct crypto_aead *aead = esp->aead; | ||
381 | struct aead_request *req; | 375 | struct aead_request *req; |
382 | struct sk_buff *trailer; | 376 | struct sk_buff *trailer; |
383 | int elen = skb->len - sizeof(*esph) - crypto_aead_ivsize(aead); | 377 | int elen = skb->len - sizeof(*esph) - crypto_aead_ivsize(aead); |
@@ -459,9 +453,8 @@ out: | |||
459 | 453 | ||
460 | static u32 esp4_get_mtu(struct xfrm_state *x, int mtu) | 454 | static u32 esp4_get_mtu(struct xfrm_state *x, int mtu) |
461 | { | 455 | { |
462 | struct esp_data *esp = x->data; | 456 | struct crypto_aead *aead = x->data; |
463 | u32 blksize = ALIGN(crypto_aead_blocksize(esp->aead), 4); | 457 | u32 blksize = ALIGN(crypto_aead_blocksize(aead), 4); |
464 | u32 align = max_t(u32, blksize, esp->padlen); | ||
465 | unsigned int net_adj; | 458 | unsigned int net_adj; |
466 | 459 | ||
467 | switch (x->props.mode) { | 460 | switch (x->props.mode) { |
@@ -476,8 +469,8 @@ static u32 esp4_get_mtu(struct xfrm_state *x, int mtu) | |||
476 | BUG(); | 469 | BUG(); |
477 | } | 470 | } |
478 | 471 | ||
479 | return ((mtu - x->props.header_len - crypto_aead_authsize(esp->aead) - | 472 | return ((mtu - x->props.header_len - crypto_aead_authsize(aead) - |
480 | net_adj) & ~(align - 1)) + net_adj - 2; | 473 | net_adj) & ~(blksize - 1)) + net_adj - 2; |
481 | } | 474 | } |
482 | 475 | ||
483 | static void esp4_err(struct sk_buff *skb, u32 info) | 476 | static void esp4_err(struct sk_buff *skb, u32 info) |
@@ -511,18 +504,16 @@ static void esp4_err(struct sk_buff *skb, u32 info) | |||
511 | 504 | ||
512 | static void esp_destroy(struct xfrm_state *x) | 505 | static void esp_destroy(struct xfrm_state *x) |
513 | { | 506 | { |
514 | struct esp_data *esp = x->data; | 507 | struct crypto_aead *aead = x->data; |
515 | 508 | ||
516 | if (!esp) | 509 | if (!aead) |
517 | return; | 510 | return; |
518 | 511 | ||
519 | crypto_free_aead(esp->aead); | 512 | crypto_free_aead(aead); |
520 | kfree(esp); | ||
521 | } | 513 | } |
522 | 514 | ||
523 | static int esp_init_aead(struct xfrm_state *x) | 515 | static int esp_init_aead(struct xfrm_state *x) |
524 | { | 516 | { |
525 | struct esp_data *esp = x->data; | ||
526 | struct crypto_aead *aead; | 517 | struct crypto_aead *aead; |
527 | int err; | 518 | int err; |
528 | 519 | ||
@@ -531,7 +522,7 @@ static int esp_init_aead(struct xfrm_state *x) | |||
531 | if (IS_ERR(aead)) | 522 | if (IS_ERR(aead)) |
532 | goto error; | 523 | goto error; |
533 | 524 | ||
534 | esp->aead = aead; | 525 | x->data = aead; |
535 | 526 | ||
536 | err = crypto_aead_setkey(aead, x->aead->alg_key, | 527 | err = crypto_aead_setkey(aead, x->aead->alg_key, |
537 | (x->aead->alg_key_len + 7) / 8); | 528 | (x->aead->alg_key_len + 7) / 8); |
@@ -548,7 +539,6 @@ error: | |||
548 | 539 | ||
549 | static int esp_init_authenc(struct xfrm_state *x) | 540 | static int esp_init_authenc(struct xfrm_state *x) |
550 | { | 541 | { |
551 | struct esp_data *esp = x->data; | ||
552 | struct crypto_aead *aead; | 542 | struct crypto_aead *aead; |
553 | struct crypto_authenc_key_param *param; | 543 | struct crypto_authenc_key_param *param; |
554 | struct rtattr *rta; | 544 | struct rtattr *rta; |
@@ -583,7 +573,7 @@ static int esp_init_authenc(struct xfrm_state *x) | |||
583 | if (IS_ERR(aead)) | 573 | if (IS_ERR(aead)) |
584 | goto error; | 574 | goto error; |
585 | 575 | ||
586 | esp->aead = aead; | 576 | x->data = aead; |
587 | 577 | ||
588 | keylen = (x->aalg ? (x->aalg->alg_key_len + 7) / 8 : 0) + | 578 | keylen = (x->aalg ? (x->aalg->alg_key_len + 7) / 8 : 0) + |
589 | (x->ealg->alg_key_len + 7) / 8 + RTA_SPACE(sizeof(*param)); | 579 | (x->ealg->alg_key_len + 7) / 8 + RTA_SPACE(sizeof(*param)); |
@@ -638,16 +628,11 @@ error: | |||
638 | 628 | ||
639 | static int esp_init_state(struct xfrm_state *x) | 629 | static int esp_init_state(struct xfrm_state *x) |
640 | { | 630 | { |
641 | struct esp_data *esp; | ||
642 | struct crypto_aead *aead; | 631 | struct crypto_aead *aead; |
643 | u32 align; | 632 | u32 align; |
644 | int err; | 633 | int err; |
645 | 634 | ||
646 | esp = kzalloc(sizeof(*esp), GFP_KERNEL); | 635 | x->data = NULL; |
647 | if (esp == NULL) | ||
648 | return -ENOMEM; | ||
649 | |||
650 | x->data = esp; | ||
651 | 636 | ||
652 | if (x->aead) | 637 | if (x->aead) |
653 | err = esp_init_aead(x); | 638 | err = esp_init_aead(x); |
@@ -657,9 +642,7 @@ static int esp_init_state(struct xfrm_state *x) | |||
657 | if (err) | 642 | if (err) |
658 | goto error; | 643 | goto error; |
659 | 644 | ||
660 | aead = esp->aead; | 645 | aead = x->data; |
661 | |||
662 | esp->padlen = 0; | ||
663 | 646 | ||
664 | x->props.header_len = sizeof(struct ip_esp_hdr) + | 647 | x->props.header_len = sizeof(struct ip_esp_hdr) + |
665 | crypto_aead_ivsize(aead); | 648 | crypto_aead_ivsize(aead); |
@@ -683,9 +666,7 @@ static int esp_init_state(struct xfrm_state *x) | |||
683 | } | 666 | } |
684 | 667 | ||
685 | align = ALIGN(crypto_aead_blocksize(aead), 4); | 668 | align = ALIGN(crypto_aead_blocksize(aead), 4); |
686 | if (esp->padlen) | 669 | x->props.trailer_len = align + 1 + crypto_aead_authsize(aead); |
687 | align = max_t(u32, align, esp->padlen); | ||
688 | x->props.trailer_len = align + 1 + crypto_aead_authsize(esp->aead); | ||
689 | 670 | ||
690 | error: | 671 | error: |
691 | return err; | 672 | return err; |