aboutsummaryrefslogtreecommitdiffstats
path: root/net/key
diff options
context:
space:
mode:
authorJussi Kivilinna <jussi.kivilinna@mbnet.fi>2013-01-31 05:40:38 -0500
committerSteffen Klassert <steffen.klassert@secunet.com>2013-02-01 04:13:43 -0500
commit7e50f84c94b82c3b2d23ac8878012b3b60ea0e96 (patch)
tree27bcbe4b323b19de578acd87361490a60e72a594 /net/key
parentcdfa1fe5c0d4f2815acfe8cd7730a0b3d8d0a3e9 (diff)
pf_key/xfrm_algo: prepare pf_key and xfrm_algo for new algorithms without pfkey support
Mark existing algorithms as pfkey supported and make pfkey only use algorithms that have pfkey_supported set. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net/key')
-rw-r--r--net/key/af_key.c39
1 files changed, 31 insertions, 8 deletions
diff --git a/net/key/af_key.c b/net/key/af_key.c
index 6a6e68479b97..cb75f9b3105e 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -815,18 +815,21 @@ static struct sk_buff *__pfkey_xfrm_state2msg(const struct xfrm_state *x,
815 sa->sadb_sa_auth = 0; 815 sa->sadb_sa_auth = 0;
816 if (x->aalg) { 816 if (x->aalg) {
817 struct xfrm_algo_desc *a = xfrm_aalg_get_byname(x->aalg->alg_name, 0); 817 struct xfrm_algo_desc *a = xfrm_aalg_get_byname(x->aalg->alg_name, 0);
818 sa->sadb_sa_auth = a ? a->desc.sadb_alg_id : 0; 818 sa->sadb_sa_auth = (a && a->pfkey_supported) ?
819 a->desc.sadb_alg_id : 0;
819 } 820 }
820 sa->sadb_sa_encrypt = 0; 821 sa->sadb_sa_encrypt = 0;
821 BUG_ON(x->ealg && x->calg); 822 BUG_ON(x->ealg && x->calg);
822 if (x->ealg) { 823 if (x->ealg) {
823 struct xfrm_algo_desc *a = xfrm_ealg_get_byname(x->ealg->alg_name, 0); 824 struct xfrm_algo_desc *a = xfrm_ealg_get_byname(x->ealg->alg_name, 0);
824 sa->sadb_sa_encrypt = a ? a->desc.sadb_alg_id : 0; 825 sa->sadb_sa_encrypt = (a && a->pfkey_supported) ?
826 a->desc.sadb_alg_id : 0;
825 } 827 }
826 /* KAME compatible: sadb_sa_encrypt is overloaded with calg id */ 828 /* KAME compatible: sadb_sa_encrypt is overloaded with calg id */
827 if (x->calg) { 829 if (x->calg) {
828 struct xfrm_algo_desc *a = xfrm_calg_get_byname(x->calg->alg_name, 0); 830 struct xfrm_algo_desc *a = xfrm_calg_get_byname(x->calg->alg_name, 0);
829 sa->sadb_sa_encrypt = a ? a->desc.sadb_alg_id : 0; 831 sa->sadb_sa_encrypt = (a && a->pfkey_supported) ?
832 a->desc.sadb_alg_id : 0;
830 } 833 }
831 834
832 sa->sadb_sa_flags = 0; 835 sa->sadb_sa_flags = 0;
@@ -1137,7 +1140,7 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct net *net,
1137 if (sa->sadb_sa_auth) { 1140 if (sa->sadb_sa_auth) {
1138 int keysize = 0; 1141 int keysize = 0;
1139 struct xfrm_algo_desc *a = xfrm_aalg_get_byid(sa->sadb_sa_auth); 1142 struct xfrm_algo_desc *a = xfrm_aalg_get_byid(sa->sadb_sa_auth);
1140 if (!a) { 1143 if (!a || !a->pfkey_supported) {
1141 err = -ENOSYS; 1144 err = -ENOSYS;
1142 goto out; 1145 goto out;
1143 } 1146 }
@@ -1159,7 +1162,7 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct net *net,
1159 if (sa->sadb_sa_encrypt) { 1162 if (sa->sadb_sa_encrypt) {
1160 if (hdr->sadb_msg_satype == SADB_X_SATYPE_IPCOMP) { 1163 if (hdr->sadb_msg_satype == SADB_X_SATYPE_IPCOMP) {
1161 struct xfrm_algo_desc *a = xfrm_calg_get_byid(sa->sadb_sa_encrypt); 1164 struct xfrm_algo_desc *a = xfrm_calg_get_byid(sa->sadb_sa_encrypt);
1162 if (!a) { 1165 if (!a || !a->pfkey_supported) {
1163 err = -ENOSYS; 1166 err = -ENOSYS;
1164 goto out; 1167 goto out;
1165 } 1168 }
@@ -1171,7 +1174,7 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct net *net,
1171 } else { 1174 } else {
1172 int keysize = 0; 1175 int keysize = 0;
1173 struct xfrm_algo_desc *a = xfrm_ealg_get_byid(sa->sadb_sa_encrypt); 1176 struct xfrm_algo_desc *a = xfrm_ealg_get_byid(sa->sadb_sa_encrypt);
1174 if (!a) { 1177 if (!a || !a->pfkey_supported) {
1175 err = -ENOSYS; 1178 err = -ENOSYS;
1176 goto out; 1179 goto out;
1177 } 1180 }
@@ -1577,13 +1580,13 @@ static struct sk_buff *compose_sadb_supported(const struct sadb_msg *orig,
1577 struct sadb_msg *hdr; 1580 struct sadb_msg *hdr;
1578 int len, auth_len, enc_len, i; 1581 int len, auth_len, enc_len, i;
1579 1582
1580 auth_len = xfrm_count_auth_supported(); 1583 auth_len = xfrm_count_pfkey_auth_supported();
1581 if (auth_len) { 1584 if (auth_len) {
1582 auth_len *= sizeof(struct sadb_alg); 1585 auth_len *= sizeof(struct sadb_alg);
1583 auth_len += sizeof(struct sadb_supported); 1586 auth_len += sizeof(struct sadb_supported);
1584 } 1587 }
1585 1588
1586 enc_len = xfrm_count_enc_supported(); 1589 enc_len = xfrm_count_pfkey_enc_supported();
1587 if (enc_len) { 1590 if (enc_len) {
1588 enc_len *= sizeof(struct sadb_alg); 1591 enc_len *= sizeof(struct sadb_alg);
1589 enc_len += sizeof(struct sadb_supported); 1592 enc_len += sizeof(struct sadb_supported);
@@ -1614,6 +1617,8 @@ static struct sk_buff *compose_sadb_supported(const struct sadb_msg *orig,
1614 struct xfrm_algo_desc *aalg = xfrm_aalg_get_byidx(i); 1617 struct xfrm_algo_desc *aalg = xfrm_aalg_get_byidx(i);
1615 if (!aalg) 1618 if (!aalg)
1616 break; 1619 break;
1620 if (!aalg->pfkey_supported)
1621 continue;
1617 if (aalg->available) 1622 if (aalg->available)
1618 *ap++ = aalg->desc; 1623 *ap++ = aalg->desc;
1619 } 1624 }
@@ -1633,6 +1638,8 @@ static struct sk_buff *compose_sadb_supported(const struct sadb_msg *orig,
1633 struct xfrm_algo_desc *ealg = xfrm_ealg_get_byidx(i); 1638 struct xfrm_algo_desc *ealg = xfrm_ealg_get_byidx(i);
1634 if (!ealg) 1639 if (!ealg)
1635 break; 1640 break;
1641 if (!ealg->pfkey_supported)
1642 continue;
1636 if (ealg->available) 1643 if (ealg->available)
1637 *ap++ = ealg->desc; 1644 *ap++ = ealg->desc;
1638 } 1645 }
@@ -2824,6 +2831,8 @@ static int count_ah_combs(const struct xfrm_tmpl *t)
2824 const struct xfrm_algo_desc *aalg = xfrm_aalg_get_byidx(i); 2831 const struct xfrm_algo_desc *aalg = xfrm_aalg_get_byidx(i);
2825 if (!aalg) 2832 if (!aalg)
2826 break; 2833 break;
2834 if (!aalg->pfkey_supported)
2835 continue;
2827 if (aalg_tmpl_set(t, aalg) && aalg->available) 2836 if (aalg_tmpl_set(t, aalg) && aalg->available)
2828 sz += sizeof(struct sadb_comb); 2837 sz += sizeof(struct sadb_comb);
2829 } 2838 }
@@ -2839,6 +2848,9 @@ static int count_esp_combs(const struct xfrm_tmpl *t)
2839 if (!ealg) 2848 if (!ealg)
2840 break; 2849 break;
2841 2850
2851 if (!ealg->pfkey_supported)
2852 continue;
2853
2842 if (!(ealg_tmpl_set(t, ealg) && ealg->available)) 2854 if (!(ealg_tmpl_set(t, ealg) && ealg->available))
2843 continue; 2855 continue;
2844 2856
@@ -2847,6 +2859,9 @@ static int count_esp_combs(const struct xfrm_tmpl *t)
2847 if (!aalg) 2859 if (!aalg)
2848 break; 2860 break;
2849 2861
2862 if (!aalg->pfkey_supported)
2863 continue;
2864
2850 if (aalg_tmpl_set(t, aalg) && aalg->available) 2865 if (aalg_tmpl_set(t, aalg) && aalg->available)
2851 sz += sizeof(struct sadb_comb); 2866 sz += sizeof(struct sadb_comb);
2852 } 2867 }
@@ -2870,6 +2885,9 @@ static void dump_ah_combs(struct sk_buff *skb, const struct xfrm_tmpl *t)
2870 if (!aalg) 2885 if (!aalg)
2871 break; 2886 break;
2872 2887
2888 if (!aalg->pfkey_supported)
2889 continue;
2890
2873 if (aalg_tmpl_set(t, aalg) && aalg->available) { 2891 if (aalg_tmpl_set(t, aalg) && aalg->available) {
2874 struct sadb_comb *c; 2892 struct sadb_comb *c;
2875 c = (struct sadb_comb*)skb_put(skb, sizeof(struct sadb_comb)); 2893 c = (struct sadb_comb*)skb_put(skb, sizeof(struct sadb_comb));
@@ -2902,6 +2920,9 @@ static void dump_esp_combs(struct sk_buff *skb, const struct xfrm_tmpl *t)
2902 if (!ealg) 2920 if (!ealg)
2903 break; 2921 break;
2904 2922
2923 if (!ealg->pfkey_supported)
2924 continue;
2925
2905 if (!(ealg_tmpl_set(t, ealg) && ealg->available)) 2926 if (!(ealg_tmpl_set(t, ealg) && ealg->available))
2906 continue; 2927 continue;
2907 2928
@@ -2910,6 +2931,8 @@ static void dump_esp_combs(struct sk_buff *skb, const struct xfrm_tmpl *t)
2910 const struct xfrm_algo_desc *aalg = xfrm_aalg_get_byidx(k); 2931 const struct xfrm_algo_desc *aalg = xfrm_aalg_get_byidx(k);
2911 if (!aalg) 2932 if (!aalg)
2912 break; 2933 break;
2934 if (!aalg->pfkey_supported)
2935 continue;
2913 if (!(aalg_tmpl_set(t, aalg) && aalg->available)) 2936 if (!(aalg_tmpl_set(t, aalg) && aalg->available))
2914 continue; 2937 continue;
2915 c = (struct sadb_comb*)skb_put(skb, sizeof(struct sadb_comb)); 2938 c = (struct sadb_comb*)skb_put(skb, sizeof(struct sadb_comb));
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-22 23:30:02 -0500