aboutsummaryrefslogtreecommitdiffstats
path: root/net/xfrm
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2014-01-25 14:17:34 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2014-01-25 14:17:34 -0500
commit4ba9920e5e9c0e16b5ed24292d45322907bb9035 (patch)
tree7d023baea59ed0886ded1f0b6d1c6385690b88f7 /net/xfrm
parent82c477669a4665eb4e52030792051e0559ee2a36 (diff)
parent8b662fe70c68282f78482dc272df0c4f355e49f5 (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Pull networking updates from David Miller: 1) BPF debugger and asm tool by Daniel Borkmann. 2) Speed up create/bind in AF_PACKET, also from Daniel Borkmann. 3) Correct reciprocal_divide and update users, from Hannes Frederic Sowa and Daniel Borkmann. 4) Currently we only have a "set" operation for the hw timestamp socket ioctl, add a "get" operation to match. From Ben Hutchings. 5) Add better trace events for debugging driver datapath problems, also from Ben Hutchings. 6) Implement auto corking in TCP, from Eric Dumazet. Basically, if we have a small send and a previous packet is already in the qdisc or device queue, defer until TX completion or we get more data. 7) Allow userspace to manage ipv6 temporary addresses, from Jiri Pirko. 8) Add a qdisc bypass option for AF_PACKET sockets, from Daniel Borkmann. 9) Share IP header compression code between Bluetooth and IEEE802154 layers, from Jukka Rissanen. 10) Fix ipv6 router reachability probing, from Jiri Benc. 11) Allow packets to be captured on macvtap devices, from Vlad Yasevich. 12) Support tunneling in GRO layer, from Jerry Chu. 13) Allow bonding to be configured fully using netlink, from Scott Feldman. 14) Allow AF_PACKET users to obtain the VLAN TPID, just like they can already get the TCI. From Atzm Watanabe. 15) New "Heavy Hitter" qdisc, from Terry Lam. 16) Significantly improve the IPSEC support in pktgen, from Fan Du. 17) Allow ipv4 tunnels to cache routes, just like sockets. From Tom Herbert. 18) Add Proportional Integral Enhanced packet scheduler, from Vijay Subramanian. 19) Allow openvswitch to mmap'd netlink, from Thomas Graf. 20) Key TCP metrics blobs also by source address, not just destination address. From Christoph Paasch. 21) Support 10G in generic phylib. From Andy Fleming. 22) Try to short-circuit GRO flow compares using device provided RX hash, if provided. From Tom Herbert. The wireless and netfilter folks have been busy little bees too. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (2064 commits) net/cxgb4: Fix referencing freed adapter ipv6: reallocate addrconf router for ipv6 address when lo device up fib_frontend: fix possible NULL pointer dereference rtnetlink: remove IFLA_BOND_SLAVE definition rtnetlink: remove check for fill_slave_info in rtnl_have_link_slave_info qlcnic: update version to 5.3.55 qlcnic: Enhance logic to calculate msix vectors. qlcnic: Refactor interrupt coalescing code for all adapters. qlcnic: Update poll controller code path qlcnic: Interrupt code cleanup qlcnic: Enhance Tx timeout debugging. qlcnic: Use bool for rx_mac_learn. bonding: fix u64 division rtnetlink: add missing IFLA_BOND_AD_INFO_UNSPEC sfc: Use the correct maximum TX DMA ring size for SFC9100 Add Shradha Shah as the sfc driver maintainer. net/vxlan: Share RX skb de-marking and checksum checks with ovs tulip: cleanup by using ARRAY_SIZE() ip_tunnel: clear IPCB in ip_tunnel_xmit() in case dst_link_failure() is called net/cxgb4: Don't retrieve stats during recovery ...
Diffstat (limited to 'net/xfrm')
-rw-r--r--net/xfrm/xfrm_input.c6
-rw-r--r--net/xfrm/xfrm_policy.c195
-rw-r--r--net/xfrm/xfrm_proc.c2
-rw-r--r--net/xfrm/xfrm_state.c191
-rw-r--r--net/xfrm/xfrm_user.c62
5 files changed, 239 insertions, 217 deletions
diff --git a/net/xfrm/xfrm_input.c b/net/xfrm/xfrm_input.c
index 88843996f935..6c7ac016ce3a 100644
--- a/net/xfrm/xfrm_input.c
+++ b/net/xfrm/xfrm_input.c
@@ -67,7 +67,7 @@ int xfrm_parse_spi(struct sk_buff *skb, u8 nexthdr, __be32 *spi, __be32 *seq)
67 case IPPROTO_COMP: 67 case IPPROTO_COMP:
68 if (!pskb_may_pull(skb, sizeof(struct ip_comp_hdr))) 68 if (!pskb_may_pull(skb, sizeof(struct ip_comp_hdr)))
69 return -EINVAL; 69 return -EINVAL;
70 *spi = htonl(ntohs(*(__be16*)(skb_transport_header(skb) + 2))); 70 *spi = htonl(ntohs(*(__be16 *)(skb_transport_header(skb) + 2)));
71 *seq = 0; 71 *seq = 0;
72 return 0; 72 return 0;
73 default: 73 default:
@@ -77,8 +77,8 @@ int xfrm_parse_spi(struct sk_buff *skb, u8 nexthdr, __be32 *spi, __be32 *seq)
77 if (!pskb_may_pull(skb, hlen)) 77 if (!pskb_may_pull(skb, hlen))
78 return -EINVAL; 78 return -EINVAL;
79 79
80 *spi = *(__be32*)(skb_transport_header(skb) + offset); 80 *spi = *(__be32 *)(skb_transport_header(skb) + offset);
81 *seq = *(__be32*)(skb_transport_header(skb) + offset_seq); 81 *seq = *(__be32 *)(skb_transport_header(skb) + offset_seq);
82 return 0; 82 return 0;
83} 83}
84 84
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 0d49945d0b9e..4b98b25793c5 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -39,12 +39,7 @@
39#define XFRM_QUEUE_TMO_MAX ((unsigned)(60*HZ)) 39#define XFRM_QUEUE_TMO_MAX ((unsigned)(60*HZ))
40#define XFRM_MAX_QUEUE_LEN 100 40#define XFRM_MAX_QUEUE_LEN 100
41 41
42DEFINE_MUTEX(xfrm_cfg_mutex);
43EXPORT_SYMBOL(xfrm_cfg_mutex);
44
45static DEFINE_SPINLOCK(xfrm_policy_sk_bundle_lock);
46static struct dst_entry *xfrm_policy_sk_bundles; 42static struct dst_entry *xfrm_policy_sk_bundles;
47static DEFINE_RWLOCK(xfrm_policy_lock);
48 43
49static DEFINE_SPINLOCK(xfrm_policy_afinfo_lock); 44static DEFINE_SPINLOCK(xfrm_policy_afinfo_lock);
50static struct xfrm_policy_afinfo __rcu *xfrm_policy_afinfo[NPROTO] 45static struct xfrm_policy_afinfo __rcu *xfrm_policy_afinfo[NPROTO]
@@ -176,7 +171,7 @@ static inline unsigned long make_jiffies(long secs)
176 171
177static void xfrm_policy_timer(unsigned long data) 172static void xfrm_policy_timer(unsigned long data)
178{ 173{
179 struct xfrm_policy *xp = (struct xfrm_policy*)data; 174 struct xfrm_policy *xp = (struct xfrm_policy *)data;
180 unsigned long now = get_seconds(); 175 unsigned long now = get_seconds();
181 long next = LONG_MAX; 176 long next = LONG_MAX;
182 int warn = 0; 177 int warn = 0;
@@ -438,7 +433,7 @@ static void xfrm_bydst_resize(struct net *net, int dir)
438 if (!ndst) 433 if (!ndst)
439 return; 434 return;
440 435
441 write_lock_bh(&xfrm_policy_lock); 436 write_lock_bh(&net->xfrm.xfrm_policy_lock);
442 437
443 for (i = hmask; i >= 0; i--) 438 for (i = hmask; i >= 0; i--)
444 xfrm_dst_hash_transfer(odst + i, ndst, nhashmask); 439 xfrm_dst_hash_transfer(odst + i, ndst, nhashmask);
@@ -446,7 +441,7 @@ static void xfrm_bydst_resize(struct net *net, int dir)
446 net->xfrm.policy_bydst[dir].table = ndst; 441 net->xfrm.policy_bydst[dir].table = ndst;
447 net->xfrm.policy_bydst[dir].hmask = nhashmask; 442 net->xfrm.policy_bydst[dir].hmask = nhashmask;
448 443
449 write_unlock_bh(&xfrm_policy_lock); 444 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
450 445
451 xfrm_hash_free(odst, (hmask + 1) * sizeof(struct hlist_head)); 446 xfrm_hash_free(odst, (hmask + 1) * sizeof(struct hlist_head));
452} 447}
@@ -463,7 +458,7 @@ static void xfrm_byidx_resize(struct net *net, int total)
463 if (!nidx) 458 if (!nidx)
464 return; 459 return;
465 460
466 write_lock_bh(&xfrm_policy_lock); 461 write_lock_bh(&net->xfrm.xfrm_policy_lock);
467 462
468 for (i = hmask; i >= 0; i--) 463 for (i = hmask; i >= 0; i--)
469 xfrm_idx_hash_transfer(oidx + i, nidx, nhashmask); 464 xfrm_idx_hash_transfer(oidx + i, nidx, nhashmask);
@@ -471,7 +466,7 @@ static void xfrm_byidx_resize(struct net *net, int total)
471 net->xfrm.policy_byidx = nidx; 466 net->xfrm.policy_byidx = nidx;
472 net->xfrm.policy_idx_hmask = nhashmask; 467 net->xfrm.policy_idx_hmask = nhashmask;
473 468
474 write_unlock_bh(&xfrm_policy_lock); 469 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
475 470
476 xfrm_hash_free(oidx, (hmask + 1) * sizeof(struct hlist_head)); 471 xfrm_hash_free(oidx, (hmask + 1) * sizeof(struct hlist_head));
477} 472}
@@ -504,7 +499,7 @@ static inline int xfrm_byidx_should_resize(struct net *net, int total)
504 499
505void xfrm_spd_getinfo(struct net *net, struct xfrmk_spdinfo *si) 500void xfrm_spd_getinfo(struct net *net, struct xfrmk_spdinfo *si)
506{ 501{
507 read_lock_bh(&xfrm_policy_lock); 502 read_lock_bh(&net->xfrm.xfrm_policy_lock);
508 si->incnt = net->xfrm.policy_count[XFRM_POLICY_IN]; 503 si->incnt = net->xfrm.policy_count[XFRM_POLICY_IN];
509 si->outcnt = net->xfrm.policy_count[XFRM_POLICY_OUT]; 504 si->outcnt = net->xfrm.policy_count[XFRM_POLICY_OUT];
510 si->fwdcnt = net->xfrm.policy_count[XFRM_POLICY_FWD]; 505 si->fwdcnt = net->xfrm.policy_count[XFRM_POLICY_FWD];
@@ -513,7 +508,7 @@ void xfrm_spd_getinfo(struct net *net, struct xfrmk_spdinfo *si)
513 si->fwdscnt = net->xfrm.policy_count[XFRM_POLICY_FWD+XFRM_POLICY_MAX]; 508 si->fwdscnt = net->xfrm.policy_count[XFRM_POLICY_FWD+XFRM_POLICY_MAX];
514 si->spdhcnt = net->xfrm.policy_idx_hmask; 509 si->spdhcnt = net->xfrm.policy_idx_hmask;
515 si->spdhmcnt = xfrm_policy_hashmax; 510 si->spdhmcnt = xfrm_policy_hashmax;
516 read_unlock_bh(&xfrm_policy_lock); 511 read_unlock_bh(&net->xfrm.xfrm_policy_lock);
517} 512}
518EXPORT_SYMBOL(xfrm_spd_getinfo); 513EXPORT_SYMBOL(xfrm_spd_getinfo);
519 514
@@ -538,7 +533,7 @@ static void xfrm_hash_resize(struct work_struct *work)
538 533
539/* Generate new index... KAME seems to generate them ordered by cost 534/* Generate new index... KAME seems to generate them ordered by cost
540 * of an absolute inpredictability of ordering of rules. This will not pass. */ 535 * of an absolute inpredictability of ordering of rules. This will not pass. */
541static u32 xfrm_gen_index(struct net *net, int dir) 536static u32 xfrm_gen_index(struct net *net, int dir, u32 index)
542{ 537{
543 static u32 idx_generator; 538 static u32 idx_generator;
544 539
@@ -548,8 +543,14 @@ static u32 xfrm_gen_index(struct net *net, int dir)
548 u32 idx; 543 u32 idx;
549 int found; 544 int found;
550 545
551 idx = (idx_generator | dir); 546 if (!index) {
552 idx_generator += 8; 547 idx = (idx_generator | dir);
548 idx_generator += 8;
549 } else {
550 idx = index;
551 index = 0;
552 }
553
553 if (idx == 0) 554 if (idx == 0)
554 idx = 8; 555 idx = 8;
555 list = net->xfrm.policy_byidx + idx_hash(net, idx); 556 list = net->xfrm.policy_byidx + idx_hash(net, idx);
@@ -630,7 +631,7 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl)
630 struct hlist_head *chain; 631 struct hlist_head *chain;
631 struct hlist_node *newpos; 632 struct hlist_node *newpos;
632 633
633 write_lock_bh(&xfrm_policy_lock); 634 write_lock_bh(&net->xfrm.xfrm_policy_lock);
634 chain = policy_hash_bysel(net, &policy->selector, policy->family, dir); 635 chain = policy_hash_bysel(net, &policy->selector, policy->family, dir);
635 delpol = NULL; 636 delpol = NULL;
636 newpos = NULL; 637 newpos = NULL;
@@ -641,7 +642,7 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl)
641 xfrm_sec_ctx_match(pol->security, policy->security) && 642 xfrm_sec_ctx_match(pol->security, policy->security) &&
642 !WARN_ON(delpol)) { 643 !WARN_ON(delpol)) {
643 if (excl) { 644 if (excl) {
644 write_unlock_bh(&xfrm_policy_lock); 645 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
645 return -EEXIST; 646 return -EEXIST;
646 } 647 }
647 delpol = pol; 648 delpol = pol;
@@ -672,14 +673,14 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl)
672 xfrm_policy_requeue(delpol, policy); 673 xfrm_policy_requeue(delpol, policy);
673 __xfrm_policy_unlink(delpol, dir); 674 __xfrm_policy_unlink(delpol, dir);
674 } 675 }
675 policy->index = delpol ? delpol->index : xfrm_gen_index(net, dir); 676 policy->index = delpol ? delpol->index : xfrm_gen_index(net, dir, policy->index);
676 hlist_add_head(&policy->byidx, net->xfrm.policy_byidx+idx_hash(net, policy->index)); 677 hlist_add_head(&policy->byidx, net->xfrm.policy_byidx+idx_hash(net, policy->index));
677 policy->curlft.add_time = get_seconds(); 678 policy->curlft.add_time = get_seconds();
678 policy->curlft.use_time = 0; 679 policy->curlft.use_time = 0;
679 if (!mod_timer(&policy->timer, jiffies + HZ)) 680 if (!mod_timer(&policy->timer, jiffies + HZ))
680 xfrm_pol_hold(policy); 681 xfrm_pol_hold(policy);
681 list_add(&policy->walk.all, &net->xfrm.policy_all); 682 list_add(&policy->walk.all, &net->xfrm.policy_all);
682 write_unlock_bh(&xfrm_policy_lock); 683 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
683 684
684 if (delpol) 685 if (delpol)
685 xfrm_policy_kill(delpol); 686 xfrm_policy_kill(delpol);
@@ -699,7 +700,7 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u32 mark, u8 type,
699 struct hlist_head *chain; 700 struct hlist_head *chain;
700 701
701 *err = 0; 702 *err = 0;
702 write_lock_bh(&xfrm_policy_lock); 703 write_lock_bh(&net->xfrm.xfrm_policy_lock);
703 chain = policy_hash_bysel(net, sel, sel->family, dir); 704 chain = policy_hash_bysel(net, sel, sel->family, dir);
704 ret = NULL; 705 ret = NULL;
705 hlist_for_each_entry(pol, chain, bydst) { 706 hlist_for_each_entry(pol, chain, bydst) {
@@ -712,7 +713,7 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u32 mark, u8 type,
712 *err = security_xfrm_policy_delete( 713 *err = security_xfrm_policy_delete(
713 pol->security); 714 pol->security);
714 if (*err) { 715 if (*err) {
715 write_unlock_bh(&xfrm_policy_lock); 716 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
716 return pol; 717 return pol;
717 } 718 }
718 __xfrm_policy_unlink(pol, dir); 719 __xfrm_policy_unlink(pol, dir);
@@ -721,7 +722,7 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u32 mark, u8 type,
721 break; 722 break;
722 } 723 }
723 } 724 }
724 write_unlock_bh(&xfrm_policy_lock); 725 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
725 726
726 if (ret && delete) 727 if (ret && delete)
727 xfrm_policy_kill(ret); 728 xfrm_policy_kill(ret);
@@ -740,7 +741,7 @@ struct xfrm_policy *xfrm_policy_byid(struct net *net, u32 mark, u8 type,
740 return NULL; 741 return NULL;
741 742
742 *err = 0; 743 *err = 0;
743 write_lock_bh(&xfrm_policy_lock); 744 write_lock_bh(&net->xfrm.xfrm_policy_lock);
744 chain = net->xfrm.policy_byidx + idx_hash(net, id); 745 chain = net->xfrm.policy_byidx + idx_hash(net, id);
745 ret = NULL; 746 ret = NULL;
746 hlist_for_each_entry(pol, chain, byidx) { 747 hlist_for_each_entry(pol, chain, byidx) {
@@ -751,7 +752,7 @@ struct xfrm_policy *xfrm_policy_byid(struct net *net, u32 mark, u8 type,
751 *err = security_xfrm_policy_delete( 752 *err = security_xfrm_policy_delete(
752 pol->security); 753 pol->security);
753 if (*err) { 754 if (*err) {
754 write_unlock_bh(&xfrm_policy_lock); 755 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
755 return pol; 756 return pol;
756 } 757 }
757 __xfrm_policy_unlink(pol, dir); 758 __xfrm_policy_unlink(pol, dir);
@@ -760,7 +761,7 @@ struct xfrm_policy *xfrm_policy_byid(struct net *net, u32 mark, u8 type,
760 break; 761 break;
761 } 762 }
762 } 763 }
763 write_unlock_bh(&xfrm_policy_lock); 764 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
764 765
765 if (ret && delete) 766 if (ret && delete)
766 xfrm_policy_kill(ret); 767 xfrm_policy_kill(ret);
@@ -823,7 +824,7 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info)
823{ 824{
824 int dir, err = 0, cnt = 0; 825 int dir, err = 0, cnt = 0;
825 826
826 write_lock_bh(&xfrm_policy_lock); 827 write_lock_bh(&net->xfrm.xfrm_policy_lock);
827 828
828 err = xfrm_policy_flush_secctx_check(net, type, audit_info); 829 err = xfrm_policy_flush_secctx_check(net, type, audit_info);
829 if (err) 830 if (err)
@@ -839,7 +840,7 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info)
839 if (pol->type != type) 840 if (pol->type != type)
840 continue; 841 continue;
841 __xfrm_policy_unlink(pol, dir); 842 __xfrm_policy_unlink(pol, dir);
842 write_unlock_bh(&xfrm_policy_lock); 843 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
843 cnt++; 844 cnt++;
844 845
845 xfrm_audit_policy_delete(pol, 1, audit_info->loginuid, 846 xfrm_audit_policy_delete(pol, 1, audit_info->loginuid,
@@ -848,7 +849,7 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info)
848 849
849 xfrm_policy_kill(pol); 850 xfrm_policy_kill(pol);
850 851
851 write_lock_bh(&xfrm_policy_lock); 852 write_lock_bh(&net->xfrm.xfrm_policy_lock);
852 goto again1; 853 goto again1;
853 } 854 }
854 855
@@ -860,7 +861,7 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info)
860 if (pol->type != type) 861 if (pol->type != type)
861 continue; 862 continue;
862 __xfrm_policy_unlink(pol, dir); 863 __xfrm_policy_unlink(pol, dir);
863 write_unlock_bh(&xfrm_policy_lock); 864 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
864 cnt++; 865 cnt++;
865 866
866 xfrm_audit_policy_delete(pol, 1, 867 xfrm_audit_policy_delete(pol, 1,
@@ -869,7 +870,7 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info)
869 audit_info->secid); 870 audit_info->secid);
870 xfrm_policy_kill(pol); 871 xfrm_policy_kill(pol);
871 872
872 write_lock_bh(&xfrm_policy_lock); 873 write_lock_bh(&net->xfrm.xfrm_policy_lock);
873 goto again2; 874 goto again2;
874 } 875 }
875 } 876 }
@@ -878,7 +879,7 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info)
878 if (!cnt) 879 if (!cnt)
879 err = -ESRCH; 880 err = -ESRCH;
880out: 881out:
881 write_unlock_bh(&xfrm_policy_lock); 882 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
882 return err; 883 return err;
883} 884}
884EXPORT_SYMBOL(xfrm_policy_flush); 885EXPORT_SYMBOL(xfrm_policy_flush);
@@ -898,7 +899,7 @@ int xfrm_policy_walk(struct net *net, struct xfrm_policy_walk *walk,
898 if (list_empty(&walk->walk.all) && walk->seq != 0) 899 if (list_empty(&walk->walk.all) && walk->seq != 0)
899 return 0; 900 return 0;
900 901
901 write_lock_bh(&xfrm_policy_lock); 902 write_lock_bh(&net->xfrm.xfrm_policy_lock);
902 if (list_empty(&walk->walk.all)) 903 if (list_empty(&walk->walk.all))
903 x = list_first_entry(&net->xfrm.policy_all, struct xfrm_policy_walk_entry, all); 904 x = list_first_entry(&net->xfrm.policy_all, struct xfrm_policy_walk_entry, all);
904 else 905 else
@@ -924,7 +925,7 @@ int xfrm_policy_walk(struct net *net, struct xfrm_policy_walk *walk,
924 } 925 }
925 list_del_init(&walk->walk.all); 926 list_del_init(&walk->walk.all);
926out: 927out:
927 write_unlock_bh(&xfrm_policy_lock); 928 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
928 return error; 929 return error;
929} 930}
930EXPORT_SYMBOL(xfrm_policy_walk); 931EXPORT_SYMBOL(xfrm_policy_walk);
@@ -938,14 +939,14 @@ void xfrm_policy_walk_init(struct xfrm_policy_walk *walk, u8 type)
938} 939}
939EXPORT_SYMBOL(xfrm_policy_walk_init); 940EXPORT_SYMBOL(xfrm_policy_walk_init);
940 941
941void xfrm_policy_walk_done(struct xfrm_policy_walk *walk) 942void xfrm_policy_walk_done(struct xfrm_policy_walk *walk, struct net *net)
942{ 943{
943 if (list_empty(&walk->walk.all)) 944 if (list_empty(&walk->walk.all))
944 return; 945 return;
945 946
946 write_lock_bh(&xfrm_policy_lock); 947 write_lock_bh(&net->xfrm.xfrm_policy_lock); /*FIXME where is net? */
947 list_del(&walk->walk.all); 948 list_del(&walk->walk.all);
948 write_unlock_bh(&xfrm_policy_lock); 949 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
949} 950}
950EXPORT_SYMBOL(xfrm_policy_walk_done); 951EXPORT_SYMBOL(xfrm_policy_walk_done);
951 952
@@ -990,7 +991,7 @@ static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type,
990 if (unlikely(!daddr || !saddr)) 991 if (unlikely(!daddr || !saddr))
991 return NULL; 992 return NULL;
992 993
993 read_lock_bh(&xfrm_policy_lock); 994 read_lock_bh(&net->xfrm.xfrm_policy_lock);
994 chain = policy_hash_direct(net, daddr, saddr, family, dir); 995 chain = policy_hash_direct(net, daddr, saddr, family, dir);
995 ret = NULL; 996 ret = NULL;
996 hlist_for_each_entry(pol, chain, bydst) { 997 hlist_for_each_entry(pol, chain, bydst) {
@@ -1026,7 +1027,7 @@ static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type,
1026 if (ret) 1027 if (ret)
1027 xfrm_pol_hold(ret); 1028 xfrm_pol_hold(ret);
1028fail: 1029fail:
1029 read_unlock_bh(&xfrm_policy_lock); 1030 read_unlock_bh(&net->xfrm.xfrm_policy_lock);
1030 1031
1031 return ret; 1032 return ret;
1032} 1033}
@@ -1103,8 +1104,9 @@ static struct xfrm_policy *xfrm_sk_policy_lookup(struct sock *sk, int dir,
1103 const struct flowi *fl) 1104 const struct flowi *fl)
1104{ 1105{
1105 struct xfrm_policy *pol; 1106 struct xfrm_policy *pol;
1107 struct net *net = sock_net(sk);
1106 1108
1107 read_lock_bh(&xfrm_policy_lock); 1109 read_lock_bh(&net->xfrm.xfrm_policy_lock);
1108 if ((pol = sk->sk_policy[dir]) != NULL) { 1110 if ((pol = sk->sk_policy[dir]) != NULL) {
1109 bool match = xfrm_selector_match(&pol->selector, fl, 1111 bool match = xfrm_selector_match(&pol->selector, fl,
1110 sk->sk_family); 1112 sk->sk_family);
@@ -1128,7 +1130,7 @@ static struct xfrm_policy *xfrm_sk_policy_lookup(struct sock *sk, int dir,
1128 pol = NULL; 1130 pol = NULL;
1129 } 1131 }
1130out: 1132out:
1131 read_unlock_bh(&xfrm_policy_lock); 1133 read_unlock_bh(&net->xfrm.xfrm_policy_lock);
1132 return pol; 1134 return pol;
1133} 1135}
1134 1136
@@ -1166,9 +1168,11 @@ static struct xfrm_policy *__xfrm_policy_unlink(struct xfrm_policy *pol,
1166 1168
1167int xfrm_policy_delete(struct xfrm_policy *pol, int dir) 1169int xfrm_policy_delete(struct xfrm_policy *pol, int dir)
1168{ 1170{
1169 write_lock_bh(&xfrm_policy_lock); 1171 struct net *net = xp_net(pol);
1172
1173 write_lock_bh(&net->xfrm.xfrm_policy_lock);
1170 pol = __xfrm_policy_unlink(pol, dir); 1174 pol = __xfrm_policy_unlink(pol, dir);
1171 write_unlock_bh(&xfrm_policy_lock); 1175 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
1172 if (pol) { 1176 if (pol) {
1173 xfrm_policy_kill(pol); 1177 xfrm_policy_kill(pol);
1174 return 0; 1178 return 0;
@@ -1187,12 +1191,12 @@ int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol)
1187 return -EINVAL; 1191 return -EINVAL;
1188#endif 1192#endif
1189 1193
1190 write_lock_bh(&xfrm_policy_lock); 1194 write_lock_bh(&net->xfrm.xfrm_policy_lock);
1191 old_pol = sk->sk_policy[dir]; 1195 old_pol = sk->sk_policy[dir];
1192 sk->sk_policy[dir] = pol; 1196 sk->sk_policy[dir] = pol;
1193 if (pol) { 1197 if (pol) {
1194 pol->curlft.add_time = get_seconds(); 1198 pol->curlft.add_time = get_seconds();
1195 pol->index = xfrm_gen_index(net, XFRM_POLICY_MAX+dir); 1199 pol->index = xfrm_gen_index(net, XFRM_POLICY_MAX+dir, 0);
1196 __xfrm_policy_link(pol, XFRM_POLICY_MAX+dir); 1200 __xfrm_policy_link(pol, XFRM_POLICY_MAX+dir);
1197 } 1201 }
1198 if (old_pol) { 1202 if (old_pol) {
@@ -1204,7 +1208,7 @@ int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol)
1204 */ 1208 */
1205 __xfrm_policy_unlink(old_pol, XFRM_POLICY_MAX+dir); 1209 __xfrm_policy_unlink(old_pol, XFRM_POLICY_MAX+dir);
1206 } 1210 }
1207 write_unlock_bh(&xfrm_policy_lock); 1211 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
1208 1212
1209 if (old_pol) { 1213 if (old_pol) {
1210 xfrm_policy_kill(old_pol); 1214 xfrm_policy_kill(old_pol);
@@ -1215,6 +1219,7 @@ int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol)
1215static struct xfrm_policy *clone_policy(const struct xfrm_policy *old, int dir) 1219static struct xfrm_policy *clone_policy(const struct xfrm_policy *old, int dir)
1216{ 1220{
1217 struct xfrm_policy *newp = xfrm_policy_alloc(xp_net(old), GFP_ATOMIC); 1221 struct xfrm_policy *newp = xfrm_policy_alloc(xp_net(old), GFP_ATOMIC);
1222 struct net *net = xp_net(old);
1218 1223
1219 if (newp) { 1224 if (newp) {
1220 newp->selector = old->selector; 1225 newp->selector = old->selector;
@@ -1233,9 +1238,9 @@ static struct xfrm_policy *clone_policy(const struct xfrm_policy *old, int dir)
1233 newp->type = old->type; 1238 newp->type = old->type;
1234 memcpy(newp->xfrm_vec, old->xfrm_vec, 1239 memcpy(newp->xfrm_vec, old->xfrm_vec,
1235 newp->xfrm_nr*sizeof(struct xfrm_tmpl)); 1240 newp->xfrm_nr*sizeof(struct xfrm_tmpl));
1236 write_lock_bh(&xfrm_policy_lock); 1241 write_lock_bh(&net->xfrm.xfrm_policy_lock);
1237 __xfrm_policy_link(newp, XFRM_POLICY_MAX+dir); 1242 __xfrm_policy_link(newp, XFRM_POLICY_MAX+dir);
1238 write_unlock_bh(&xfrm_policy_lock); 1243 write_unlock_bh(&net->xfrm.xfrm_policy_lock);
1239 xfrm_pol_put(newp); 1244 xfrm_pol_put(newp);
1240 } 1245 }
1241 return newp; 1246 return newp;
@@ -1281,7 +1286,7 @@ xfrm_tmpl_resolve_one(struct xfrm_policy *policy, const struct flowi *fl,
1281 xfrm_address_t *saddr = xfrm_flowi_saddr(fl, family); 1286 xfrm_address_t *saddr = xfrm_flowi_saddr(fl, family);
1282 xfrm_address_t tmp; 1287 xfrm_address_t tmp;
1283 1288
1284 for (nx=0, i = 0; i < policy->xfrm_nr; i++) { 1289 for (nx = 0, i = 0; i < policy->xfrm_nr; i++) {
1285 struct xfrm_state *x; 1290 struct xfrm_state *x;
1286 xfrm_address_t *remote = daddr; 1291 xfrm_address_t *remote = daddr;
1287 xfrm_address_t *local = saddr; 1292 xfrm_address_t *local = saddr;
@@ -1311,9 +1316,9 @@ xfrm_tmpl_resolve_one(struct xfrm_policy *policy, const struct flowi *fl,
1311 error = (x->km.state == XFRM_STATE_ERROR ? 1316 error = (x->km.state == XFRM_STATE_ERROR ?
1312 -EINVAL : -EAGAIN); 1317 -EINVAL : -EAGAIN);
1313 xfrm_state_put(x); 1318 xfrm_state_put(x);
1314 } 1319 } else if (error == -ESRCH) {
1315 else if (error == -ESRCH)
1316 error = -EAGAIN; 1320 error = -EAGAIN;
1321 }
1317 1322
1318 if (!tmpl->optional) 1323 if (!tmpl->optional)
1319 goto fail; 1324 goto fail;
@@ -1321,7 +1326,7 @@ xfrm_tmpl_resolve_one(struct xfrm_policy *policy, const struct flowi *fl,
1321 return nx; 1326 return nx;
1322 1327
1323fail: 1328fail:
1324 for (nx--; nx>=0; nx--) 1329 for (nx--; nx >= 0; nx--)
1325 xfrm_state_put(xfrm[nx]); 1330 xfrm_state_put(xfrm[nx]);
1326 return error; 1331 return error;
1327} 1332}
@@ -1358,7 +1363,7 @@ xfrm_tmpl_resolve(struct xfrm_policy **pols, int npols, const struct flowi *fl,
1358 return cnx; 1363 return cnx;
1359 1364
1360 fail: 1365 fail:
1361 for (cnx--; cnx>=0; cnx--) 1366 for (cnx--; cnx >= 0; cnx--)
1362 xfrm_state_put(tpp[cnx]); 1367 xfrm_state_put(tpp[cnx]);
1363 return error; 1368 return error;
1364 1369
@@ -1636,20 +1641,22 @@ free_dst:
1636 goto out; 1641 goto out;
1637} 1642}
1638 1643
1639static int inline 1644#ifdef CONFIG_XFRM_SUB_POLICY
1640xfrm_dst_alloc_copy(void **target, const void *src, int size) 1645static int xfrm_dst_alloc_copy(void **target, const void *src, int size)
1641{ 1646{
1642 if (!*target) { 1647 if (!*target) {
1643 *target = kmalloc(size, GFP_ATOMIC); 1648 *target = kmalloc(size, GFP_ATOMIC);
1644 if (!*target) 1649 if (!*target)
1645 return -ENOMEM; 1650 return -ENOMEM;
1646 } 1651 }
1652
1647 memcpy(*target, src, size); 1653 memcpy(*target, src, size);
1648 return 0; 1654 return 0;
1649} 1655}
1656#endif
1650 1657
1651static int inline 1658static int xfrm_dst_update_parent(struct dst_entry *dst,
1652xfrm_dst_update_parent(struct dst_entry *dst, const struct xfrm_selector *sel) 1659 const struct xfrm_selector *sel)
1653{ 1660{
1654#ifdef CONFIG_XFRM_SUB_POLICY 1661#ifdef CONFIG_XFRM_SUB_POLICY
1655 struct xfrm_dst *xdst = (struct xfrm_dst *)dst; 1662 struct xfrm_dst *xdst = (struct xfrm_dst *)dst;
@@ -1660,8 +1667,8 @@ xfrm_dst_update_parent(struct dst_entry *dst, const struct xfrm_selector *sel)
1660#endif 1667#endif
1661} 1668}
1662 1669
1663static int inline 1670static int xfrm_dst_update_origin(struct dst_entry *dst,
1664xfrm_dst_update_origin(struct dst_entry *dst, const struct flowi *fl) 1671 const struct flowi *fl)
1665{ 1672{
1666#ifdef CONFIG_XFRM_SUB_POLICY 1673#ifdef CONFIG_XFRM_SUB_POLICY
1667 struct xfrm_dst *xdst = (struct xfrm_dst *)dst; 1674 struct xfrm_dst *xdst = (struct xfrm_dst *)dst;
@@ -1699,7 +1706,7 @@ static int xfrm_expand_policies(const struct flowi *fl, u16 family,
1699 xfrm_pols_put(pols, *num_pols); 1706 xfrm_pols_put(pols, *num_pols);
1700 return PTR_ERR(pols[1]); 1707 return PTR_ERR(pols[1]);
1701 } 1708 }
1702 (*num_pols) ++; 1709 (*num_pols)++;
1703 (*num_xfrms) += pols[1]->xfrm_nr; 1710 (*num_xfrms) += pols[1]->xfrm_nr;
1704 } 1711 }
1705 } 1712 }
@@ -1753,7 +1760,7 @@ xfrm_resolve_and_create_bundle(struct xfrm_policy **pols, int num_pols,
1753 } 1760 }
1754 1761
1755 xdst->num_pols = num_pols; 1762 xdst->num_pols = num_pols;
1756 memcpy(xdst->pols, pols, sizeof(struct xfrm_policy*) * num_pols); 1763 memcpy(xdst->pols, pols, sizeof(struct xfrm_policy *) * num_pols);
1757 xdst->policy_genid = atomic_read(&pols[0]->genid); 1764 xdst->policy_genid = atomic_read(&pols[0]->genid);
1758 1765
1759 return xdst; 1766 return xdst;
@@ -1896,8 +1903,7 @@ static struct xfrm_dst *xfrm_create_dummy_bundle(struct net *net,
1896 if (IS_ERR(xdst)) 1903 if (IS_ERR(xdst))
1897 return xdst; 1904 return xdst;
1898 1905
1899 if (net->xfrm.sysctl_larval_drop || num_xfrms <= 0 || 1906 if (net->xfrm.sysctl_larval_drop || num_xfrms <= 0)
1900 (fl->flowi_flags & FLOWI_FLAG_CAN_SLEEP))
1901 return xdst; 1907 return xdst;
1902 1908
1903 dst1 = &xdst->u.dst; 1909 dst1 = &xdst->u.dst;
@@ -2023,7 +2029,7 @@ make_dummy_bundle:
2023 } 2029 }
2024 xdst->num_pols = num_pols; 2030 xdst->num_pols = num_pols;
2025 xdst->num_xfrms = num_xfrms; 2031 xdst->num_xfrms = num_xfrms;
2026 memcpy(xdst->pols, pols, sizeof(struct xfrm_policy*) * num_pols); 2032 memcpy(xdst->pols, pols, sizeof(struct xfrm_policy *) * num_pols);
2027 2033
2028 dst_hold(&xdst->u.dst); 2034 dst_hold(&xdst->u.dst);
2029 return &xdst->flo; 2035 return &xdst->flo;
@@ -2072,7 +2078,6 @@ struct dst_entry *xfrm_lookup(struct net *net, struct dst_entry *dst_orig,
2072 u8 dir = policy_to_flow_dir(XFRM_POLICY_OUT); 2078 u8 dir = policy_to_flow_dir(XFRM_POLICY_OUT);
2073 int i, err, num_pols, num_xfrms = 0, drop_pols = 0; 2079 int i, err, num_pols, num_xfrms = 0, drop_pols = 0;
2074 2080
2075restart:
2076 dst = NULL; 2081 dst = NULL;
2077 xdst = NULL; 2082 xdst = NULL;
2078 route = NULL; 2083 route = NULL;
@@ -2106,10 +2111,10 @@ restart:
2106 2111
2107 dst_hold(&xdst->u.dst); 2112 dst_hold(&xdst->u.dst);
2108 2113
2109 spin_lock_bh(&xfrm_policy_sk_bundle_lock); 2114 spin_lock_bh(&net->xfrm.xfrm_policy_sk_bundle_lock);
2110 xdst->u.dst.next = xfrm_policy_sk_bundles; 2115 xdst->u.dst.next = xfrm_policy_sk_bundles;
2111 xfrm_policy_sk_bundles = &xdst->u.dst; 2116 xfrm_policy_sk_bundles = &xdst->u.dst;
2112 spin_unlock_bh(&xfrm_policy_sk_bundle_lock); 2117 spin_unlock_bh(&net->xfrm.xfrm_policy_sk_bundle_lock);
2113 2118
2114 route = xdst->route; 2119 route = xdst->route;
2115 } 2120 }
@@ -2133,7 +2138,7 @@ restart:
2133 2138
2134 num_pols = xdst->num_pols; 2139 num_pols = xdst->num_pols;
2135 num_xfrms = xdst->num_xfrms; 2140 num_xfrms = xdst->num_xfrms;
2136 memcpy(pols, xdst->pols, sizeof(struct xfrm_policy*) * num_pols); 2141 memcpy(pols, xdst->pols, sizeof(struct xfrm_policy *) * num_pols);
2137 route = xdst->route; 2142 route = xdst->route;
2138 } 2143 }
2139 2144
@@ -2152,23 +2157,8 @@ restart:
2152 2157
2153 return make_blackhole(net, family, dst_orig); 2158 return make_blackhole(net, family, dst_orig);
2154 } 2159 }
2155 if (fl->flowi_flags & FLOWI_FLAG_CAN_SLEEP) {
2156 DECLARE_WAITQUEUE(wait, current);
2157 2160
2158 add_wait_queue(&net->xfrm.km_waitq, &wait); 2161 err = -EAGAIN;
2159 set_current_state(TASK_INTERRUPTIBLE);
2160 schedule();
2161 set_current_state(TASK_RUNNING);
2162 remove_wait_queue(&net->xfrm.km_waitq, &wait);
2163
2164 if (!signal_pending(current)) {
2165 dst_release(dst);
2166 goto restart;
2167 }
2168
2169 err = -ERESTART;
2170 } else
2171 err = -EAGAIN;
2172 2162
2173 XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTNOSTATES); 2163 XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTNOSTATES);
2174 goto error; 2164 goto error;
@@ -2344,7 +2334,7 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
2344 if (skb->sp) { 2334 if (skb->sp) {
2345 int i; 2335 int i;
2346 2336
2347 for (i=skb->sp->len-1; i>=0; i--) { 2337 for (i = skb->sp->len-1; i >= 0; i--) {
2348 struct xfrm_state *x = skb->sp->xvec[i]; 2338 struct xfrm_state *x = skb->sp->xvec[i];
2349 if (!xfrm_selector_match(&x->sel, &fl, family)) { 2339 if (!xfrm_selector_match(&x->sel, &fl, family)) {
2350 XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEMISMATCH); 2340 XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEMISMATCH);
@@ -2390,7 +2380,7 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
2390 pol->curlft.use_time = get_seconds(); 2380 pol->curlft.use_time = get_seconds();
2391 2381
2392 pols[0] = pol; 2382 pols[0] = pol;
2393 npols ++; 2383 npols++;
2394#ifdef CONFIG_XFRM_SUB_POLICY 2384#ifdef CONFIG_XFRM_SUB_POLICY
2395 if (pols[0]->type != XFRM_POLICY_TYPE_MAIN) { 2385 if (pols[0]->type != XFRM_POLICY_TYPE_MAIN) {
2396 pols[1] = xfrm_policy_lookup_bytype(net, XFRM_POLICY_TYPE_MAIN, 2386 pols[1] = xfrm_policy_lookup_bytype(net, XFRM_POLICY_TYPE_MAIN,
@@ -2402,7 +2392,7 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
2402 return 0; 2392 return 0;
2403 } 2393 }
2404 pols[1]->curlft.use_time = get_seconds(); 2394 pols[1]->curlft.use_time = get_seconds();
2405 npols ++; 2395 npols++;
2406 } 2396 }
2407 } 2397 }
2408#endif 2398#endif
@@ -2434,7 +2424,7 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
2434 } 2424 }
2435 xfrm_nr = ti; 2425 xfrm_nr = ti;
2436 if (npols > 1) { 2426 if (npols > 1) {
2437 xfrm_tmpl_sort(stp, tpp, xfrm_nr, family); 2427 xfrm_tmpl_sort(stp, tpp, xfrm_nr, family, net);
2438 tpp = stp; 2428 tpp = stp;
2439 } 2429 }
2440 2430
@@ -2563,10 +2553,10 @@ static void __xfrm_garbage_collect(struct net *net)
2563{ 2553{
2564 struct dst_entry *head, *next; 2554 struct dst_entry *head, *next;
2565 2555
2566 spin_lock_bh(&xfrm_policy_sk_bundle_lock); 2556 spin_lock_bh(&net->xfrm.xfrm_policy_sk_bundle_lock);
2567 head = xfrm_policy_sk_bundles; 2557 head = xfrm_policy_sk_bundles;
2568 xfrm_policy_sk_bundles = NULL; 2558 xfrm_policy_sk_bundles = NULL;
2569 spin_unlock_bh(&xfrm_policy_sk_bundle_lock); 2559 spin_unlock_bh(&net->xfrm.xfrm_policy_sk_bundle_lock);
2570 2560
2571 while (head) { 2561 while (head) {
2572 next = head->next; 2562 next = head->next;
@@ -2950,6 +2940,13 @@ static int __net_init xfrm_net_init(struct net *net)
2950 rv = xfrm_sysctl_init(net); 2940 rv = xfrm_sysctl_init(net);
2951 if (rv < 0) 2941 if (rv < 0)
2952 goto out_sysctl; 2942 goto out_sysctl;
2943
2944 /* Initialize the per-net locks here */
2945 spin_lock_init(&net->xfrm.xfrm_state_lock);
2946 rwlock_init(&net->xfrm.xfrm_policy_lock);
2947 spin_lock_init(&net->xfrm.xfrm_policy_sk_bundle_lock);
2948 mutex_init(&net->xfrm.xfrm_cfg_mutex);
2949
2953 return 0; 2950 return 0;
2954 2951
2955out_sysctl: 2952out_sysctl:
@@ -2992,7 +2989,7 @@ static void xfrm_audit_common_policyinfo(struct xfrm_policy *xp,
2992 audit_log_format(audit_buf, " sec_alg=%u sec_doi=%u sec_obj=%s", 2989 audit_log_format(audit_buf, " sec_alg=%u sec_doi=%u sec_obj=%s",
2993 ctx->ctx_alg, ctx->ctx_doi, ctx->ctx_str); 2990 ctx->ctx_alg, ctx->ctx_doi, ctx->ctx_str);
2994 2991
2995 switch(sel->family) { 2992 switch (sel->family) {
2996 case AF_INET: 2993 case AF_INET:
2997 audit_log_format(audit_buf, " src=%pI4", &sel->saddr.a4); 2994 audit_log_format(audit_buf, " src=%pI4", &sel->saddr.a4);
2998 if (sel->prefixlen_s != 32) 2995 if (sel->prefixlen_s != 32)
@@ -3069,15 +3066,15 @@ static bool xfrm_migrate_selector_match(const struct xfrm_selector *sel_cmp,
3069 return false; 3066 return false;
3070} 3067}
3071 3068
3072static struct xfrm_policy * xfrm_migrate_policy_find(const struct xfrm_selector *sel, 3069static struct xfrm_policy *xfrm_migrate_policy_find(const struct xfrm_selector *sel,
3073 u8 dir, u8 type) 3070 u8 dir, u8 type, struct net *net)
3074{ 3071{
3075 struct xfrm_policy *pol, *ret = NULL; 3072 struct xfrm_policy *pol, *ret = NULL;
3076 struct hlist_head *chain; 3073 struct hlist_head *chain;
3077 u32 priority = ~0U; 3074 u32 priority = ~0U;
3078 3075
3079 read_lock_bh(&xfrm_policy_lock); 3076 read_lock_bh(&net->xfrm.xfrm_policy_lock); /*FIXME*/
3080 chain = policy_hash_direct(&init_net, &sel->daddr, &sel->saddr, sel->family, dir); 3077 chain = policy_hash_direct(net, &sel->daddr, &sel->saddr, sel->family, dir);
3081 hlist_for_each_entry(pol, chain, bydst) { 3078 hlist_for_each_entry(pol, chain, bydst) {
3082 if (xfrm_migrate_selector_match(sel, &pol->selector) && 3079 if (xfrm_migrate_selector_match(sel, &pol->selector) &&
3083 pol->type == type) { 3080 pol->type == type) {
@@ -3086,7 +3083,7 @@ static struct xfrm_policy * xfrm_migrate_policy_find(const struct xfrm_selector
3086 break; 3083 break;
3087 } 3084 }
3088 } 3085 }
3089 chain = &init_net.xfrm.policy_inexact[dir]; 3086 chain = &net->xfrm.policy_inexact[dir];
3090 hlist_for_each_entry(pol, chain, bydst) { 3087 hlist_for_each_entry(pol, chain, bydst) {
3091 if (xfrm_migrate_selector_match(sel, &pol->selector) && 3088 if (xfrm_migrate_selector_match(sel, &pol->selector) &&
3092 pol->type == type && 3089 pol->type == type &&
@@ -3099,7 +3096,7 @@ static struct xfrm_policy * xfrm_migrate_policy_find(const struct xfrm_selector
3099 if (ret) 3096 if (ret)
3100 xfrm_pol_hold(ret); 3097 xfrm_pol_hold(ret);
3101 3098
3102 read_unlock_bh(&xfrm_policy_lock); 3099 read_unlock_bh(&net->xfrm.xfrm_policy_lock);
3103 3100
3104 return ret; 3101 return ret;
3105} 3102}
@@ -3210,7 +3207,7 @@ static int xfrm_migrate_check(const struct xfrm_migrate *m, int num_migrate)
3210 3207
3211int xfrm_migrate(const struct xfrm_selector *sel, u8 dir, u8 type, 3208int xfrm_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,
3212 struct xfrm_migrate *m, int num_migrate, 3209 struct xfrm_migrate *m, int num_migrate,
3213 struct xfrm_kmaddress *k) 3210 struct xfrm_kmaddress *k, struct net *net)
3214{ 3211{
3215 int i, err, nx_cur = 0, nx_new = 0; 3212 int i, err, nx_cur = 0, nx_new = 0;
3216 struct xfrm_policy *pol = NULL; 3213 struct xfrm_policy *pol = NULL;
@@ -3223,14 +3220,14 @@ int xfrm_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,
3223 goto out; 3220 goto out;
3224 3221
3225 /* Stage 1 - find policy */ 3222 /* Stage 1 - find policy */
3226 if ((pol = xfrm_migrate_policy_find(sel, dir, type)) == NULL) { 3223 if ((pol = xfrm_migrate_policy_find(sel, dir, type, net)) == NULL) {
3227 err = -ENOENT; 3224 err = -ENOENT;
3228 goto out; 3225 goto out;
3229 } 3226 }
3230 3227
3231 /* Stage 2 - find and update state(s) */ 3228 /* Stage 2 - find and update state(s) */
3232 for (i = 0, mp = m; i < num_migrate; i++, mp++) { 3229 for (i = 0, mp = m; i < num_migrate; i++, mp++) {
3233 if ((x = xfrm_migrate_state_find(mp))) { 3230 if ((x = xfrm_migrate_state_find(mp, net))) {
3234 x_cur[nx_cur] = x; 3231 x_cur[nx_cur] = x;
3235 nx_cur++; 3232 nx_cur++;
3236 if ((xc = xfrm_state_migrate(x, mp))) { 3233 if ((xc = xfrm_state_migrate(x, mp))) {
diff --git a/net/xfrm/xfrm_proc.c b/net/xfrm/xfrm_proc.c
index 80cd1e55b834..fc5abd0b456f 100644
--- a/net/xfrm/xfrm_proc.c
+++ b/net/xfrm/xfrm_proc.c
@@ -52,7 +52,7 @@ static int xfrm_statistics_seq_show(struct seq_file *seq, void *v)
52{ 52{
53 struct net *net = seq->private; 53 struct net *net = seq->private;
54 int i; 54 int i;
55 for (i=0; xfrm_mib_list[i].name; i++) 55 for (i = 0; xfrm_mib_list[i].name; i++)
56 seq_printf(seq, "%-24s\t%lu\n", xfrm_mib_list[i].name, 56 seq_printf(seq, "%-24s\t%lu\n", xfrm_mib_list[i].name,
57 snmp_fold_field((void __percpu **) 57 snmp_fold_field((void __percpu **)
58 net->mib.xfrm_statistics, 58 net->mib.xfrm_statistics,
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 8ed9d0dd4566..a26b7aa79475 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -35,8 +35,6 @@
35 destination/tunnel endpoint. (output) 35 destination/tunnel endpoint. (output)
36 */ 36 */
37 37
38static DEFINE_SPINLOCK(xfrm_state_lock);
39
40static unsigned int xfrm_state_hashmax __read_mostly = 1 * 1024 * 1024; 38static unsigned int xfrm_state_hashmax __read_mostly = 1 * 1024 * 1024;
41 39
42static inline unsigned int xfrm_dst_hash(struct net *net, 40static inline unsigned int xfrm_dst_hash(struct net *net,
@@ -127,7 +125,7 @@ static void xfrm_hash_resize(struct work_struct *work)
127 goto out_unlock; 125 goto out_unlock;
128 } 126 }
129 127
130 spin_lock_bh(&xfrm_state_lock); 128 spin_lock_bh(&net->xfrm.xfrm_state_lock);
131 129
132 nhashmask = (nsize / sizeof(struct hlist_head)) - 1U; 130 nhashmask = (nsize / sizeof(struct hlist_head)) - 1U;
133 for (i = net->xfrm.state_hmask; i >= 0; i--) 131 for (i = net->xfrm.state_hmask; i >= 0; i--)
@@ -144,7 +142,7 @@ static void xfrm_hash_resize(struct work_struct *work)
144 net->xfrm.state_byspi = nspi; 142 net->xfrm.state_byspi = nspi;
145 net->xfrm.state_hmask = nhashmask; 143 net->xfrm.state_hmask = nhashmask;
146 144
147 spin_unlock_bh(&xfrm_state_lock); 145 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
148 146
149 osize = (ohashmask + 1) * sizeof(struct hlist_head); 147 osize = (ohashmask + 1) * sizeof(struct hlist_head);
150 xfrm_hash_free(odst, osize); 148 xfrm_hash_free(odst, osize);
@@ -374,8 +372,6 @@ static void xfrm_state_gc_task(struct work_struct *work)
374 372
375 hlist_for_each_entry_safe(x, tmp, &gc_list, gclist) 373 hlist_for_each_entry_safe(x, tmp, &gc_list, gclist)
376 xfrm_state_gc_destroy(x); 374 xfrm_state_gc_destroy(x);
377
378 wake_up(&net->xfrm.km_waitq);
379} 375}
380 376
381static inline unsigned long make_jiffies(long secs) 377static inline unsigned long make_jiffies(long secs)
@@ -386,11 +382,10 @@ static inline unsigned long make_jiffies(long secs)
386 return secs*HZ; 382 return secs*HZ;
387} 383}
388 384
389static enum hrtimer_restart xfrm_timer_handler(struct hrtimer * me) 385static enum hrtimer_restart xfrm_timer_handler(struct hrtimer *me)
390{ 386{
391 struct tasklet_hrtimer *thr = container_of(me, struct tasklet_hrtimer, timer); 387 struct tasklet_hrtimer *thr = container_of(me, struct tasklet_hrtimer, timer);
392 struct xfrm_state *x = container_of(thr, struct xfrm_state, mtimer); 388 struct xfrm_state *x = container_of(thr, struct xfrm_state, mtimer);
393 struct net *net = xs_net(x);
394 unsigned long now = get_seconds(); 389 unsigned long now = get_seconds();
395 long next = LONG_MAX; 390 long next = LONG_MAX;
396 int warn = 0; 391 int warn = 0;
@@ -453,19 +448,15 @@ static enum hrtimer_restart xfrm_timer_handler(struct hrtimer * me)
453 if (warn) 448 if (warn)
454 km_state_expired(x, 0, 0); 449 km_state_expired(x, 0, 0);
455resched: 450resched:
456 if (next != LONG_MAX){ 451 if (next != LONG_MAX) {
457 tasklet_hrtimer_start(&x->mtimer, ktime_set(next, 0), HRTIMER_MODE_REL); 452 tasklet_hrtimer_start(&x->mtimer, ktime_set(next, 0), HRTIMER_MODE_REL);
458 } 453 }
459 454
460 goto out; 455 goto out;
461 456
462expired: 457expired:
463 if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0) { 458 if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0)
464 x->km.state = XFRM_STATE_EXPIRED; 459 x->km.state = XFRM_STATE_EXPIRED;
465 wake_up(&net->xfrm.km_waitq);
466 next = 2;
467 goto resched;
468 }
469 460
470 err = __xfrm_state_delete(x); 461 err = __xfrm_state_delete(x);
471 if (!err) 462 if (!err)
@@ -535,14 +526,14 @@ int __xfrm_state_delete(struct xfrm_state *x)
535 526
536 if (x->km.state != XFRM_STATE_DEAD) { 527 if (x->km.state != XFRM_STATE_DEAD) {
537 x->km.state = XFRM_STATE_DEAD; 528 x->km.state = XFRM_STATE_DEAD;
538 spin_lock(&xfrm_state_lock); 529 spin_lock(&net->xfrm.xfrm_state_lock);
539 list_del(&x->km.all); 530 list_del(&x->km.all);
540 hlist_del(&x->bydst); 531 hlist_del(&x->bydst);
541 hlist_del(&x->bysrc); 532 hlist_del(&x->bysrc);
542 if (x->id.spi) 533 if (x->id.spi)
543 hlist_del(&x->byspi); 534 hlist_del(&x->byspi);
544 net->xfrm.state_num--; 535 net->xfrm.state_num--;
545 spin_unlock(&xfrm_state_lock); 536 spin_unlock(&net->xfrm.xfrm_state_lock);
546 537
547 /* All xfrm_state objects are created by xfrm_state_alloc. 538 /* All xfrm_state objects are created by xfrm_state_alloc.
548 * The xfrm_state_alloc call gives a reference, and that 539 * The xfrm_state_alloc call gives a reference, and that
@@ -603,7 +594,7 @@ int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info)
603{ 594{
604 int i, err = 0, cnt = 0; 595 int i, err = 0, cnt = 0;
605 596
606 spin_lock_bh(&xfrm_state_lock); 597 spin_lock_bh(&net->xfrm.xfrm_state_lock);
607 err = xfrm_state_flush_secctx_check(net, proto, audit_info); 598 err = xfrm_state_flush_secctx_check(net, proto, audit_info);
608 if (err) 599 if (err)
609 goto out; 600 goto out;
@@ -616,7 +607,7 @@ restart:
616 if (!xfrm_state_kern(x) && 607 if (!xfrm_state_kern(x) &&
617 xfrm_id_proto_match(x->id.proto, proto)) { 608 xfrm_id_proto_match(x->id.proto, proto)) {
618 xfrm_state_hold(x); 609 xfrm_state_hold(x);
619 spin_unlock_bh(&xfrm_state_lock); 610 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
620 611
621 err = xfrm_state_delete(x); 612 err = xfrm_state_delete(x);
622 xfrm_audit_state_delete(x, err ? 0 : 1, 613 xfrm_audit_state_delete(x, err ? 0 : 1,
@@ -627,7 +618,7 @@ restart:
627 if (!err) 618 if (!err)
628 cnt++; 619 cnt++;
629 620
630 spin_lock_bh(&xfrm_state_lock); 621 spin_lock_bh(&net->xfrm.xfrm_state_lock);
631 goto restart; 622 goto restart;
632 } 623 }
633 } 624 }
@@ -636,19 +627,18 @@ restart:
636 err = 0; 627 err = 0;
637 628
638out: 629out:
639 spin_unlock_bh(&xfrm_state_lock); 630 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
640 wake_up(&net->xfrm.km_waitq);
641 return err; 631 return err;
642} 632}
643EXPORT_SYMBOL(xfrm_state_flush); 633EXPORT_SYMBOL(xfrm_state_flush);
644 634
645void xfrm_sad_getinfo(struct net *net, struct xfrmk_sadinfo *si) 635void xfrm_sad_getinfo(struct net *net, struct xfrmk_sadinfo *si)
646{ 636{
647 spin_lock_bh(&xfrm_state_lock); 637 spin_lock_bh(&net->xfrm.xfrm_state_lock);
648 si->sadcnt = net->xfrm.state_num; 638 si->sadcnt = net->xfrm.state_num;
649 si->sadhcnt = net->xfrm.state_hmask; 639 si->sadhcnt = net->xfrm.state_hmask;
650 si->sadhmcnt = xfrm_state_hashmax; 640 si->sadhmcnt = xfrm_state_hashmax;
651 spin_unlock_bh(&xfrm_state_lock); 641 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
652} 642}
653EXPORT_SYMBOL(xfrm_sad_getinfo); 643EXPORT_SYMBOL(xfrm_sad_getinfo);
654 644
@@ -801,7 +791,7 @@ xfrm_state_find(const xfrm_address_t *daddr, const xfrm_address_t *saddr,
801 791
802 to_put = NULL; 792 to_put = NULL;
803 793
804 spin_lock_bh(&xfrm_state_lock); 794 spin_lock_bh(&net->xfrm.xfrm_state_lock);
805 h = xfrm_dst_hash(net, daddr, saddr, tmpl->reqid, encap_family); 795 h = xfrm_dst_hash(net, daddr, saddr, tmpl->reqid, encap_family);
806 hlist_for_each_entry(x, net->xfrm.state_bydst+h, bydst) { 796 hlist_for_each_entry(x, net->xfrm.state_bydst+h, bydst) {
807 if (x->props.family == encap_family && 797 if (x->props.family == encap_family &&
@@ -886,7 +876,7 @@ out:
886 xfrm_state_hold(x); 876 xfrm_state_hold(x);
887 else 877 else
888 *err = acquire_in_progress ? -EAGAIN : error; 878 *err = acquire_in_progress ? -EAGAIN : error;
889 spin_unlock_bh(&xfrm_state_lock); 879 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
890 if (to_put) 880 if (to_put)
891 xfrm_state_put(to_put); 881 xfrm_state_put(to_put);
892 return x; 882 return x;
@@ -900,7 +890,7 @@ xfrm_stateonly_find(struct net *net, u32 mark,
900 unsigned int h; 890 unsigned int h;
901 struct xfrm_state *rx = NULL, *x = NULL; 891 struct xfrm_state *rx = NULL, *x = NULL;
902 892
903 spin_lock(&xfrm_state_lock); 893 spin_lock_bh(&net->xfrm.xfrm_state_lock);
904 h = xfrm_dst_hash(net, daddr, saddr, reqid, family); 894 h = xfrm_dst_hash(net, daddr, saddr, reqid, family);
905 hlist_for_each_entry(x, net->xfrm.state_bydst+h, bydst) { 895 hlist_for_each_entry(x, net->xfrm.state_bydst+h, bydst) {
906 if (x->props.family == family && 896 if (x->props.family == family &&
@@ -918,13 +908,35 @@ xfrm_stateonly_find(struct net *net, u32 mark,
918 908
919 if (rx) 909 if (rx)
920 xfrm_state_hold(rx); 910 xfrm_state_hold(rx);
921 spin_unlock(&xfrm_state_lock); 911 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
922 912
923 913
924 return rx; 914 return rx;
925} 915}
926EXPORT_SYMBOL(xfrm_stateonly_find); 916EXPORT_SYMBOL(xfrm_stateonly_find);
927 917
918struct xfrm_state *xfrm_state_lookup_byspi(struct net *net, __be32 spi,
919 unsigned short family)
920{
921 struct xfrm_state *x;
922 struct xfrm_state_walk *w;
923
924 spin_lock_bh(&net->xfrm.xfrm_state_lock);
925 list_for_each_entry(w, &net->xfrm.state_all, all) {
926 x = container_of(w, struct xfrm_state, km);
927 if (x->props.family != family ||
928 x->id.spi != spi)
929 continue;
930
931 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
932 xfrm_state_hold(x);
933 return x;
934 }
935 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
936 return NULL;
937}
938EXPORT_SYMBOL(xfrm_state_lookup_byspi);
939
928static void __xfrm_state_insert(struct xfrm_state *x) 940static void __xfrm_state_insert(struct xfrm_state *x)
929{ 941{
930 struct net *net = xs_net(x); 942 struct net *net = xs_net(x);
@@ -950,14 +962,12 @@ static void __xfrm_state_insert(struct xfrm_state *x)
950 if (x->replay_maxage) 962 if (x->replay_maxage)
951 mod_timer(&x->rtimer, jiffies + x->replay_maxage); 963 mod_timer(&x->rtimer, jiffies + x->replay_maxage);
952 964
953 wake_up(&net->xfrm.km_waitq);
954
955 net->xfrm.state_num++; 965 net->xfrm.state_num++;
956 966
957 xfrm_hash_grow_check(net, x->bydst.next != NULL); 967 xfrm_hash_grow_check(net, x->bydst.next != NULL);
958} 968}
959 969
960/* xfrm_state_lock is held */ 970/* net->xfrm.xfrm_state_lock is held */
961static void __xfrm_state_bump_genids(struct xfrm_state *xnew) 971static void __xfrm_state_bump_genids(struct xfrm_state *xnew)
962{ 972{
963 struct net *net = xs_net(xnew); 973 struct net *net = xs_net(xnew);
@@ -980,14 +990,16 @@ static void __xfrm_state_bump_genids(struct xfrm_state *xnew)
980 990
981void xfrm_state_insert(struct xfrm_state *x) 991void xfrm_state_insert(struct xfrm_state *x)
982{ 992{
983 spin_lock_bh(&xfrm_state_lock); 993 struct net *net = xs_net(x);
994
995 spin_lock_bh(&net->xfrm.xfrm_state_lock);
984 __xfrm_state_bump_genids(x); 996 __xfrm_state_bump_genids(x);
985 __xfrm_state_insert(x); 997 __xfrm_state_insert(x);
986 spin_unlock_bh(&xfrm_state_lock); 998 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
987} 999}
988EXPORT_SYMBOL(xfrm_state_insert); 1000EXPORT_SYMBOL(xfrm_state_insert);
989 1001
990/* xfrm_state_lock is held */ 1002/* net->xfrm.xfrm_state_lock is held */
991static struct xfrm_state *__find_acq_core(struct net *net, 1003static struct xfrm_state *__find_acq_core(struct net *net,
992 const struct xfrm_mark *m, 1004 const struct xfrm_mark *m,
993 unsigned short family, u8 mode, 1005 unsigned short family, u8 mode,
@@ -1079,7 +1091,7 @@ int xfrm_state_add(struct xfrm_state *x)
1079 1091
1080 to_put = NULL; 1092 to_put = NULL;
1081 1093
1082 spin_lock_bh(&xfrm_state_lock); 1094 spin_lock_bh(&net->xfrm.xfrm_state_lock);
1083 1095
1084 x1 = __xfrm_state_locate(x, use_spi, family); 1096 x1 = __xfrm_state_locate(x, use_spi, family);
1085 if (x1) { 1097 if (x1) {
@@ -1108,7 +1120,7 @@ int xfrm_state_add(struct xfrm_state *x)
1108 err = 0; 1120 err = 0;
1109 1121
1110out: 1122out:
1111 spin_unlock_bh(&xfrm_state_lock); 1123 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
1112 1124
1113 if (x1) { 1125 if (x1) {
1114 xfrm_state_delete(x1); 1126 xfrm_state_delete(x1);
@@ -1203,16 +1215,16 @@ out:
1203 return NULL; 1215 return NULL;
1204} 1216}
1205 1217
1206/* xfrm_state_lock is held */ 1218/* net->xfrm.xfrm_state_lock is held */
1207struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m) 1219struct xfrm_state *xfrm_migrate_state_find(struct xfrm_migrate *m, struct net *net)
1208{ 1220{
1209 unsigned int h; 1221 unsigned int h;
1210 struct xfrm_state *x; 1222 struct xfrm_state *x;
1211 1223
1212 if (m->reqid) { 1224 if (m->reqid) {
1213 h = xfrm_dst_hash(&init_net, &m->old_daddr, &m->old_saddr, 1225 h = xfrm_dst_hash(net, &m->old_daddr, &m->old_saddr,
1214 m->reqid, m->old_family); 1226 m->reqid, m->old_family);
1215 hlist_for_each_entry(x, init_net.xfrm.state_bydst+h, bydst) { 1227 hlist_for_each_entry(x, net->xfrm.state_bydst+h, bydst) {
1216 if (x->props.mode != m->mode || 1228 if (x->props.mode != m->mode ||
1217 x->id.proto != m->proto) 1229 x->id.proto != m->proto)
1218 continue; 1230 continue;
@@ -1227,9 +1239,9 @@ struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m)
1227 return x; 1239 return x;
1228 } 1240 }
1229 } else { 1241 } else {
1230 h = xfrm_src_hash(&init_net, &m->old_daddr, &m->old_saddr, 1242 h = xfrm_src_hash(net, &m->old_daddr, &m->old_saddr,
1231 m->old_family); 1243 m->old_family);
1232 hlist_for_each_entry(x, init_net.xfrm.state_bysrc+h, bysrc) { 1244 hlist_for_each_entry(x, net->xfrm.state_bysrc+h, bysrc) {
1233 if (x->props.mode != m->mode || 1245 if (x->props.mode != m->mode ||
1234 x->id.proto != m->proto) 1246 x->id.proto != m->proto)
1235 continue; 1247 continue;
@@ -1247,8 +1259,8 @@ struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m)
1247} 1259}
1248EXPORT_SYMBOL(xfrm_migrate_state_find); 1260EXPORT_SYMBOL(xfrm_migrate_state_find);
1249 1261
1250struct xfrm_state * xfrm_state_migrate(struct xfrm_state *x, 1262struct xfrm_state *xfrm_state_migrate(struct xfrm_state *x,
1251 struct xfrm_migrate *m) 1263 struct xfrm_migrate *m)
1252{ 1264{
1253 struct xfrm_state *xc; 1265 struct xfrm_state *xc;
1254 int err; 1266 int err;
@@ -1283,10 +1295,11 @@ int xfrm_state_update(struct xfrm_state *x)
1283 struct xfrm_state *x1, *to_put; 1295 struct xfrm_state *x1, *to_put;
1284 int err; 1296 int err;
1285 int use_spi = xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY); 1297 int use_spi = xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY);
1298 struct net *net = xs_net(x);
1286 1299
1287 to_put = NULL; 1300 to_put = NULL;
1288 1301
1289 spin_lock_bh(&xfrm_state_lock); 1302 spin_lock_bh(&net->xfrm.xfrm_state_lock);
1290 x1 = __xfrm_state_locate(x, use_spi, x->props.family); 1303 x1 = __xfrm_state_locate(x, use_spi, x->props.family);
1291 1304
1292 err = -ESRCH; 1305 err = -ESRCH;
@@ -1306,7 +1319,7 @@ int xfrm_state_update(struct xfrm_state *x)
1306 err = 0; 1319 err = 0;
1307 1320
1308out: 1321out:
1309 spin_unlock_bh(&xfrm_state_lock); 1322 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
1310 1323
1311 if (to_put) 1324 if (to_put)
1312 xfrm_state_put(to_put); 1325 xfrm_state_put(to_put);
@@ -1357,7 +1370,7 @@ int xfrm_state_check_expire(struct xfrm_state *x)
1357 if (x->curlft.bytes >= x->lft.hard_byte_limit || 1370 if (x->curlft.bytes >= x->lft.hard_byte_limit ||
1358 x->curlft.packets >= x->lft.hard_packet_limit) { 1371 x->curlft.packets >= x->lft.hard_packet_limit) {
1359 x->km.state = XFRM_STATE_EXPIRED; 1372 x->km.state = XFRM_STATE_EXPIRED;
1360 tasklet_hrtimer_start(&x->mtimer, ktime_set(0,0), HRTIMER_MODE_REL); 1373 tasklet_hrtimer_start(&x->mtimer, ktime_set(0, 0), HRTIMER_MODE_REL);
1361 return -EINVAL; 1374 return -EINVAL;
1362 } 1375 }
1363 1376
@@ -1377,9 +1390,9 @@ xfrm_state_lookup(struct net *net, u32 mark, const xfrm_address_t *daddr, __be32
1377{ 1390{
1378 struct xfrm_state *x; 1391 struct xfrm_state *x;
1379 1392
1380 spin_lock_bh(&xfrm_state_lock); 1393 spin_lock_bh(&net->xfrm.xfrm_state_lock);
1381 x = __xfrm_state_lookup(net, mark, daddr, spi, proto, family); 1394 x = __xfrm_state_lookup(net, mark, daddr, spi, proto, family);
1382 spin_unlock_bh(&xfrm_state_lock); 1395 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
1383 return x; 1396 return x;
1384} 1397}
1385EXPORT_SYMBOL(xfrm_state_lookup); 1398EXPORT_SYMBOL(xfrm_state_lookup);
@@ -1391,9 +1404,9 @@ xfrm_state_lookup_byaddr(struct net *net, u32 mark,
1391{ 1404{
1392 struct xfrm_state *x; 1405 struct xfrm_state *x;
1393 1406
1394 spin_lock_bh(&xfrm_state_lock); 1407 spin_lock_bh(&net->xfrm.xfrm_state_lock);
1395 x = __xfrm_state_lookup_byaddr(net, mark, daddr, saddr, proto, family); 1408 x = __xfrm_state_lookup_byaddr(net, mark, daddr, saddr, proto, family);
1396 spin_unlock_bh(&xfrm_state_lock); 1409 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
1397 return x; 1410 return x;
1398} 1411}
1399EXPORT_SYMBOL(xfrm_state_lookup_byaddr); 1412EXPORT_SYMBOL(xfrm_state_lookup_byaddr);
@@ -1405,9 +1418,9 @@ xfrm_find_acq(struct net *net, const struct xfrm_mark *mark, u8 mode, u32 reqid,
1405{ 1418{
1406 struct xfrm_state *x; 1419 struct xfrm_state *x;
1407 1420
1408 spin_lock_bh(&xfrm_state_lock); 1421 spin_lock_bh(&net->xfrm.xfrm_state_lock);
1409 x = __find_acq_core(net, mark, family, mode, reqid, proto, daddr, saddr, create); 1422 x = __find_acq_core(net, mark, family, mode, reqid, proto, daddr, saddr, create);
1410 spin_unlock_bh(&xfrm_state_lock); 1423 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
1411 1424
1412 return x; 1425 return x;
1413} 1426}
@@ -1416,17 +1429,17 @@ EXPORT_SYMBOL(xfrm_find_acq);
1416#ifdef CONFIG_XFRM_SUB_POLICY 1429#ifdef CONFIG_XFRM_SUB_POLICY
1417int 1430int
1418xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n, 1431xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n,
1419 unsigned short family) 1432 unsigned short family, struct net *net)
1420{ 1433{
1421 int err = 0; 1434 int err = 0;
1422 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family); 1435 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
1423 if (!afinfo) 1436 if (!afinfo)
1424 return -EAFNOSUPPORT; 1437 return -EAFNOSUPPORT;
1425 1438
1426 spin_lock_bh(&xfrm_state_lock); 1439 spin_lock_bh(&net->xfrm.xfrm_state_lock); /*FIXME*/
1427 if (afinfo->tmpl_sort) 1440 if (afinfo->tmpl_sort)
1428 err = afinfo->tmpl_sort(dst, src, n); 1441 err = afinfo->tmpl_sort(dst, src, n);
1429 spin_unlock_bh(&xfrm_state_lock); 1442 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
1430 xfrm_state_put_afinfo(afinfo); 1443 xfrm_state_put_afinfo(afinfo);
1431 return err; 1444 return err;
1432} 1445}
@@ -1438,13 +1451,15 @@ xfrm_state_sort(struct xfrm_state **dst, struct xfrm_state **src, int n,
1438{ 1451{
1439 int err = 0; 1452 int err = 0;
1440 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family); 1453 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
1454 struct net *net = xs_net(*dst);
1455
1441 if (!afinfo) 1456 if (!afinfo)
1442 return -EAFNOSUPPORT; 1457 return -EAFNOSUPPORT;
1443 1458
1444 spin_lock_bh(&xfrm_state_lock); 1459 spin_lock_bh(&net->xfrm.xfrm_state_lock);
1445 if (afinfo->state_sort) 1460 if (afinfo->state_sort)
1446 err = afinfo->state_sort(dst, src, n); 1461 err = afinfo->state_sort(dst, src, n);
1447 spin_unlock_bh(&xfrm_state_lock); 1462 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
1448 xfrm_state_put_afinfo(afinfo); 1463 xfrm_state_put_afinfo(afinfo);
1449 return err; 1464 return err;
1450} 1465}
@@ -1476,9 +1491,9 @@ struct xfrm_state *xfrm_find_acq_byseq(struct net *net, u32 mark, u32 seq)
1476{ 1491{
1477 struct xfrm_state *x; 1492 struct xfrm_state *x;
1478 1493
1479 spin_lock_bh(&xfrm_state_lock); 1494 spin_lock_bh(&net->xfrm.xfrm_state_lock);
1480 x = __xfrm_find_acq_byseq(net, mark, seq); 1495 x = __xfrm_find_acq_byseq(net, mark, seq);
1481 spin_unlock_bh(&xfrm_state_lock); 1496 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
1482 return x; 1497 return x;
1483} 1498}
1484EXPORT_SYMBOL(xfrm_find_acq_byseq); 1499EXPORT_SYMBOL(xfrm_find_acq_byseq);
@@ -1496,6 +1511,30 @@ u32 xfrm_get_acqseq(void)
1496} 1511}
1497EXPORT_SYMBOL(xfrm_get_acqseq); 1512EXPORT_SYMBOL(xfrm_get_acqseq);
1498 1513
1514int verify_spi_info(u8 proto, u32 min, u32 max)
1515{
1516 switch (proto) {
1517 case IPPROTO_AH:
1518 case IPPROTO_ESP:
1519 break;
1520
1521 case IPPROTO_COMP:
1522 /* IPCOMP spi is 16-bits. */
1523 if (max >= 0x10000)
1524 return -EINVAL;
1525 break;
1526
1527 default:
1528 return -EINVAL;
1529 }
1530
1531 if (min > max)
1532 return -EINVAL;
1533
1534 return 0;
1535}
1536EXPORT_SYMBOL(verify_spi_info);
1537
1499int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high) 1538int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high)
1500{ 1539{
1501 struct net *net = xs_net(x); 1540 struct net *net = xs_net(x);
@@ -1525,8 +1564,8 @@ int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high)
1525 x->id.spi = minspi; 1564 x->id.spi = minspi;
1526 } else { 1565 } else {
1527 u32 spi = 0; 1566 u32 spi = 0;
1528 for (h=0; h<high-low+1; h++) { 1567 for (h = 0; h < high-low+1; h++) {
1529 spi = low + net_random()%(high-low+1); 1568 spi = low + prandom_u32()%(high-low+1);
1530 x0 = xfrm_state_lookup(net, mark, &x->id.daddr, htonl(spi), x->id.proto, x->props.family); 1569 x0 = xfrm_state_lookup(net, mark, &x->id.daddr, htonl(spi), x->id.proto, x->props.family);
1531 if (x0 == NULL) { 1570 if (x0 == NULL) {
1532 x->id.spi = htonl(spi); 1571 x->id.spi = htonl(spi);
@@ -1536,10 +1575,10 @@ int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high)
1536 } 1575 }
1537 } 1576 }
1538 if (x->id.spi) { 1577 if (x->id.spi) {
1539 spin_lock_bh(&xfrm_state_lock); 1578 spin_lock_bh(&net->xfrm.xfrm_state_lock);
1540 h = xfrm_spi_hash(net, &x->id.daddr, x->id.spi, x->id.proto, x->props.family); 1579 h = xfrm_spi_hash(net, &x->id.daddr, x->id.spi, x->id.proto, x->props.family);
1541 hlist_add_head(&x->byspi, net->xfrm.state_byspi+h); 1580 hlist_add_head(&x->byspi, net->xfrm.state_byspi+h);
1542 spin_unlock_bh(&xfrm_state_lock); 1581 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
1543 1582
1544 err = 0; 1583 err = 0;
1545 } 1584 }
@@ -1562,7 +1601,7 @@ int xfrm_state_walk(struct net *net, struct xfrm_state_walk *walk,
1562 if (walk->seq != 0 && list_empty(&walk->all)) 1601 if (walk->seq != 0 && list_empty(&walk->all))
1563 return 0; 1602 return 0;
1564 1603
1565 spin_lock_bh(&xfrm_state_lock); 1604 spin_lock_bh(&net->xfrm.xfrm_state_lock);
1566 if (list_empty(&walk->all)) 1605 if (list_empty(&walk->all))
1567 x = list_first_entry(&net->xfrm.state_all, struct xfrm_state_walk, all); 1606 x = list_first_entry(&net->xfrm.state_all, struct xfrm_state_walk, all);
1568 else 1607 else
@@ -1586,7 +1625,7 @@ int xfrm_state_walk(struct net *net, struct xfrm_state_walk *walk,
1586 } 1625 }
1587 list_del_init(&walk->all); 1626 list_del_init(&walk->all);
1588out: 1627out:
1589 spin_unlock_bh(&xfrm_state_lock); 1628 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
1590 return err; 1629 return err;
1591} 1630}
1592EXPORT_SYMBOL(xfrm_state_walk); 1631EXPORT_SYMBOL(xfrm_state_walk);
@@ -1600,20 +1639,20 @@ void xfrm_state_walk_init(struct xfrm_state_walk *walk, u8 proto)
1600} 1639}
1601EXPORT_SYMBOL(xfrm_state_walk_init); 1640EXPORT_SYMBOL(xfrm_state_walk_init);
1602 1641
1603void xfrm_state_walk_done(struct xfrm_state_walk *walk) 1642void xfrm_state_walk_done(struct xfrm_state_walk *walk, struct net *net)
1604{ 1643{
1605 if (list_empty(&walk->all)) 1644 if (list_empty(&walk->all))
1606 return; 1645 return;
1607 1646
1608 spin_lock_bh(&xfrm_state_lock); 1647 spin_lock_bh(&net->xfrm.xfrm_state_lock);
1609 list_del(&walk->all); 1648 list_del(&walk->all);
1610 spin_unlock_bh(&xfrm_state_lock); 1649 spin_unlock_bh(&net->xfrm.xfrm_state_lock);
1611} 1650}
1612EXPORT_SYMBOL(xfrm_state_walk_done); 1651EXPORT_SYMBOL(xfrm_state_walk_done);
1613 1652
1614static void xfrm_replay_timer_handler(unsigned long data) 1653static void xfrm_replay_timer_handler(unsigned long data)
1615{ 1654{
1616 struct xfrm_state *x = (struct xfrm_state*)data; 1655 struct xfrm_state *x = (struct xfrm_state *)data;
1617 1656
1618 spin_lock(&x->lock); 1657 spin_lock(&x->lock);
1619 1658
@@ -1655,16 +1694,12 @@ EXPORT_SYMBOL(km_state_notify);
1655 1694
1656void km_state_expired(struct xfrm_state *x, int hard, u32 portid) 1695void km_state_expired(struct xfrm_state *x, int hard, u32 portid)
1657{ 1696{
1658 struct net *net = xs_net(x);
1659 struct km_event c; 1697 struct km_event c;
1660 1698
1661 c.data.hard = hard; 1699 c.data.hard = hard;
1662 c.portid = portid; 1700 c.portid = portid;
1663 c.event = XFRM_MSG_EXPIRE; 1701 c.event = XFRM_MSG_EXPIRE;
1664 km_state_notify(x, &c); 1702 km_state_notify(x, &c);
1665
1666 if (hard)
1667 wake_up(&net->xfrm.km_waitq);
1668} 1703}
1669 1704
1670EXPORT_SYMBOL(km_state_expired); 1705EXPORT_SYMBOL(km_state_expired);
@@ -1707,16 +1742,12 @@ EXPORT_SYMBOL(km_new_mapping);
1707 1742
1708void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 portid) 1743void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 portid)
1709{ 1744{
1710 struct net *net = xp_net(pol);
1711 struct km_event c; 1745 struct km_event c;
1712 1746
1713 c.data.hard = hard; 1747 c.data.hard = hard;
1714 c.portid = portid; 1748 c.portid = portid;
1715 c.event = XFRM_MSG_POLEXPIRE; 1749 c.event = XFRM_MSG_POLEXPIRE;
1716 km_policy_notify(pol, dir, &c); 1750 km_policy_notify(pol, dir, &c);
1717
1718 if (hard)
1719 wake_up(&net->xfrm.km_waitq);
1720} 1751}
1721EXPORT_SYMBOL(km_policy_expired); 1752EXPORT_SYMBOL(km_policy_expired);
1722 1753
@@ -2025,7 +2056,7 @@ int __net_init xfrm_state_init(struct net *net)
2025 INIT_WORK(&net->xfrm.state_hash_work, xfrm_hash_resize); 2056 INIT_WORK(&net->xfrm.state_hash_work, xfrm_hash_resize);
2026 INIT_HLIST_HEAD(&net->xfrm.state_gc_list); 2057 INIT_HLIST_HEAD(&net->xfrm.state_gc_list);
2027 INIT_WORK(&net->xfrm.state_gc_work, xfrm_state_gc_task); 2058 INIT_WORK(&net->xfrm.state_gc_work, xfrm_state_gc_task);
2028 init_waitqueue_head(&net->xfrm.km_waitq); 2059 spin_lock_init(&net->xfrm.xfrm_state_lock);
2029 return 0; 2060 return 0;
2030 2061
2031out_byspi: 2062out_byspi:
@@ -2070,7 +2101,7 @@ static void xfrm_audit_helper_sainfo(struct xfrm_state *x,
2070 audit_log_format(audit_buf, " sec_alg=%u sec_doi=%u sec_obj=%s", 2101 audit_log_format(audit_buf, " sec_alg=%u sec_doi=%u sec_obj=%s",
2071 ctx->ctx_alg, ctx->ctx_doi, ctx->ctx_str); 2102 ctx->ctx_alg, ctx->ctx_doi, ctx->ctx_str);
2072 2103
2073 switch(x->props.family) { 2104 switch (x->props.family) {
2074 case AF_INET: 2105 case AF_INET:
2075 audit_log_format(audit_buf, " src=%pI4 dst=%pI4", 2106 audit_log_format(audit_buf, " src=%pI4 dst=%pI4",
2076 &x->props.saddr.a4, &x->id.daddr.a4); 2107 &x->props.saddr.a4, &x->id.daddr.a4);
@@ -2100,7 +2131,7 @@ static void xfrm_audit_helper_pktinfo(struct sk_buff *skb, u16 family,
2100 iph6 = ipv6_hdr(skb); 2131 iph6 = ipv6_hdr(skb);
2101 audit_log_format(audit_buf, 2132 audit_log_format(audit_buf,
2102 " src=%pI6 dst=%pI6 flowlbl=0x%x%02x%02x", 2133 " src=%pI6 dst=%pI6 flowlbl=0x%x%02x%02x",
2103 &iph6->saddr,&iph6->daddr, 2134 &iph6->saddr, &iph6->daddr,
2104 iph6->flow_lbl[0] & 0x0f, 2135 iph6->flow_lbl[0] & 0x0f,
2105 iph6->flow_lbl[1], 2136 iph6->flow_lbl[1],
2106 iph6->flow_lbl[2]); 2137 iph6->flow_lbl[2]);
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index ec97e13743e6..1ae3ec7c18b0 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -181,7 +181,9 @@ static int verify_newsa_info(struct xfrm_usersa_info *p,
181 attrs[XFRMA_ALG_AEAD] || 181 attrs[XFRMA_ALG_AEAD] ||
182 attrs[XFRMA_ALG_CRYPT] || 182 attrs[XFRMA_ALG_CRYPT] ||
183 attrs[XFRMA_ALG_COMP] || 183 attrs[XFRMA_ALG_COMP] ||
184 attrs[XFRMA_TFCPAD]) 184 attrs[XFRMA_TFCPAD] ||
185 (ntohl(p->id.spi) >= 0x10000))
186
185 goto out; 187 goto out;
186 break; 188 break;
187 189
@@ -877,7 +879,10 @@ static int dump_one_state(struct xfrm_state *x, int count, void *ptr)
877static int xfrm_dump_sa_done(struct netlink_callback *cb) 879static int xfrm_dump_sa_done(struct netlink_callback *cb)
878{ 880{
879 struct xfrm_state_walk *walk = (struct xfrm_state_walk *) &cb->args[1]; 881 struct xfrm_state_walk *walk = (struct xfrm_state_walk *) &cb->args[1];
880 xfrm_state_walk_done(walk); 882 struct sock *sk = cb->skb->sk;
883 struct net *net = sock_net(sk);
884
885 xfrm_state_walk_done(walk, net);
881 return 0; 886 return 0;
882} 887}
883 888
@@ -1074,29 +1079,6 @@ out_noput:
1074 return err; 1079 return err;
1075} 1080}
1076 1081
1077static int verify_userspi_info(struct xfrm_userspi_info *p)
1078{
1079 switch (p->info.id.proto) {
1080 case IPPROTO_AH:
1081 case IPPROTO_ESP:
1082 break;
1083
1084 case IPPROTO_COMP:
1085 /* IPCOMP spi is 16-bits. */
1086 if (p->max >= 0x10000)
1087 return -EINVAL;
1088 break;
1089
1090 default:
1091 return -EINVAL;
1092 }
1093
1094 if (p->min > p->max)
1095 return -EINVAL;
1096
1097 return 0;
1098}
1099
1100static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, 1082static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh,
1101 struct nlattr **attrs) 1083 struct nlattr **attrs)
1102{ 1084{
@@ -1111,7 +1093,7 @@ static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh,
1111 struct xfrm_mark m; 1093 struct xfrm_mark m;
1112 1094
1113 p = nlmsg_data(nlh); 1095 p = nlmsg_data(nlh);
1114 err = verify_userspi_info(p); 1096 err = verify_spi_info(p->info.id.proto, p->min, p->max);
1115 if (err) 1097 if (err)
1116 goto out_noput; 1098 goto out_noput;
1117 1099
@@ -1189,6 +1171,8 @@ static int verify_policy_type(u8 type)
1189 1171
1190static int verify_newpolicy_info(struct xfrm_userpolicy_info *p) 1172static int verify_newpolicy_info(struct xfrm_userpolicy_info *p)
1191{ 1173{
1174 int ret;
1175
1192 switch (p->share) { 1176 switch (p->share) {
1193 case XFRM_SHARE_ANY: 1177 case XFRM_SHARE_ANY:
1194 case XFRM_SHARE_SESSION: 1178 case XFRM_SHARE_SESSION:
@@ -1224,7 +1208,13 @@ static int verify_newpolicy_info(struct xfrm_userpolicy_info *p)
1224 return -EINVAL; 1208 return -EINVAL;
1225 } 1209 }
1226 1210
1227 return verify_policy_dir(p->dir); 1211 ret = verify_policy_dir(p->dir);
1212 if (ret)
1213 return ret;
1214 if (p->index && ((p->index & XFRM_POLICY_MAX) != p->dir))
1215 return -EINVAL;
1216
1217 return 0;
1228} 1218}
1229 1219
1230static int copy_from_user_sec_ctx(struct xfrm_policy *pol, struct nlattr **attrs) 1220static int copy_from_user_sec_ctx(struct xfrm_policy *pol, struct nlattr **attrs)
@@ -1547,8 +1537,9 @@ static int dump_one_policy(struct xfrm_policy *xp, int dir, int count, void *ptr
1547static int xfrm_dump_policy_done(struct netlink_callback *cb) 1537static int xfrm_dump_policy_done(struct netlink_callback *cb)
1548{ 1538{
1549 struct xfrm_policy_walk *walk = (struct xfrm_policy_walk *) &cb->args[1]; 1539 struct xfrm_policy_walk *walk = (struct xfrm_policy_walk *) &cb->args[1];
1540 struct net *net = sock_net(cb->skb->sk);
1550 1541
1551 xfrm_policy_walk_done(walk); 1542 xfrm_policy_walk_done(walk, net);
1552 return 0; 1543 return 0;
1553} 1544}
1554 1545
@@ -1740,11 +1731,11 @@ static int build_aevent(struct sk_buff *skb, struct xfrm_state *x, const struct
1740 return -EMSGSIZE; 1731 return -EMSGSIZE;
1741 1732
1742 id = nlmsg_data(nlh); 1733 id = nlmsg_data(nlh);
1743 memcpy(&id->sa_id.daddr, &x->id.daddr,sizeof(x->id.daddr)); 1734 memcpy(&id->sa_id.daddr, &x->id.daddr, sizeof(x->id.daddr));
1744 id->sa_id.spi = x->id.spi; 1735 id->sa_id.spi = x->id.spi;
1745 id->sa_id.family = x->props.family; 1736 id->sa_id.family = x->props.family;
1746 id->sa_id.proto = x->id.proto; 1737 id->sa_id.proto = x->id.proto;
1747 memcpy(&id->saddr, &x->props.saddr,sizeof(x->props.saddr)); 1738 memcpy(&id->saddr, &x->props.saddr, sizeof(x->props.saddr));
1748 id->reqid = x->props.reqid; 1739 id->reqid = x->props.reqid;
1749 id->flags = c->data.aevent; 1740 id->flags = c->data.aevent;
1750 1741
@@ -1833,7 +1824,7 @@ static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh,
1833 struct net *net = sock_net(skb->sk); 1824 struct net *net = sock_net(skb->sk);
1834 struct xfrm_state *x; 1825 struct xfrm_state *x;
1835 struct km_event c; 1826 struct km_event c;
1836 int err = - EINVAL; 1827 int err = -EINVAL;
1837 u32 mark = 0; 1828 u32 mark = 0;
1838 struct xfrm_mark m; 1829 struct xfrm_mark m;
1839 struct xfrm_aevent_id *p = nlmsg_data(nlh); 1830 struct xfrm_aevent_id *p = nlmsg_data(nlh);
@@ -2129,6 +2120,7 @@ static int xfrm_do_migrate(struct sk_buff *skb, struct nlmsghdr *nlh,
2129 u8 type; 2120 u8 type;
2130 int err; 2121 int err;
2131 int n = 0; 2122 int n = 0;
2123 struct net *net = sock_net(skb->sk);
2132 2124
2133 if (attrs[XFRMA_MIGRATE] == NULL) 2125 if (attrs[XFRMA_MIGRATE] == NULL)
2134 return -EINVAL; 2126 return -EINVAL;
@@ -2146,7 +2138,7 @@ static int xfrm_do_migrate(struct sk_buff *skb, struct nlmsghdr *nlh,
2146 if (!n) 2138 if (!n)
2147 return 0; 2139 return 0;
2148 2140
2149 xfrm_migrate(&pi->sel, pi->dir, type, m, n, kmp); 2141 xfrm_migrate(&pi->sel, pi->dir, type, m, n, kmp, net);
2150 2142
2151 return 0; 2143 return 0;
2152} 2144}
@@ -2394,9 +2386,11 @@ static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
2394 2386
2395static void xfrm_netlink_rcv(struct sk_buff *skb) 2387static void xfrm_netlink_rcv(struct sk_buff *skb)
2396{ 2388{
2397 mutex_lock(&xfrm_cfg_mutex); 2389 struct net *net = sock_net(skb->sk);
2390
2391 mutex_lock(&net->xfrm.xfrm_cfg_mutex);
2398 netlink_rcv_skb(skb, &xfrm_user_rcv_msg); 2392 netlink_rcv_skb(skb, &xfrm_user_rcv_msg);
2399 mutex_unlock(&xfrm_cfg_mutex); 2393 mutex_unlock(&net->xfrm.xfrm_cfg_mutex);
2400} 2394}
2401 2395
2402static inline size_t xfrm_expire_msgsize(void) 2396static inline size_t xfrm_expire_msgsize(void)
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-24 22:36:30 -0500