diff options
Diffstat (limited to 'net/xfrm/xfrm_input.c')
-rw-r--r-- | net/xfrm/xfrm_input.c | 89 |
1 files changed, 89 insertions, 0 deletions
diff --git a/net/xfrm/xfrm_input.c b/net/xfrm/xfrm_input.c new file mode 100644 index 000000000000..c58a6f05a0b6 --- /dev/null +++ b/net/xfrm/xfrm_input.c | |||
@@ -0,0 +1,89 @@ | |||
1 | /* | ||
2 | * xfrm_input.c | ||
3 | * | ||
4 | * Changes: | ||
5 | * YOSHIFUJI Hideaki @USAGI | ||
6 | * Split up af-specific portion | ||
7 | * | ||
8 | */ | ||
9 | |||
10 | #include <linux/slab.h> | ||
11 | #include <linux/module.h> | ||
12 | #include <net/ip.h> | ||
13 | #include <net/xfrm.h> | ||
14 | |||
15 | static kmem_cache_t *secpath_cachep; | ||
16 | |||
17 | void __secpath_destroy(struct sec_path *sp) | ||
18 | { | ||
19 | int i; | ||
20 | for (i = 0; i < sp->len; i++) | ||
21 | xfrm_state_put(sp->x[i].xvec); | ||
22 | kmem_cache_free(secpath_cachep, sp); | ||
23 | } | ||
24 | EXPORT_SYMBOL(__secpath_destroy); | ||
25 | |||
26 | struct sec_path *secpath_dup(struct sec_path *src) | ||
27 | { | ||
28 | struct sec_path *sp; | ||
29 | |||
30 | sp = kmem_cache_alloc(secpath_cachep, SLAB_ATOMIC); | ||
31 | if (!sp) | ||
32 | return NULL; | ||
33 | |||
34 | sp->len = 0; | ||
35 | if (src) { | ||
36 | int i; | ||
37 | |||
38 | memcpy(sp, src, sizeof(*sp)); | ||
39 | for (i = 0; i < sp->len; i++) | ||
40 | xfrm_state_hold(sp->x[i].xvec); | ||
41 | } | ||
42 | atomic_set(&sp->refcnt, 1); | ||
43 | return sp; | ||
44 | } | ||
45 | EXPORT_SYMBOL(secpath_dup); | ||
46 | |||
47 | /* Fetch spi and seq from ipsec header */ | ||
48 | |||
49 | int xfrm_parse_spi(struct sk_buff *skb, u8 nexthdr, u32 *spi, u32 *seq) | ||
50 | { | ||
51 | int offset, offset_seq; | ||
52 | |||
53 | switch (nexthdr) { | ||
54 | case IPPROTO_AH: | ||
55 | offset = offsetof(struct ip_auth_hdr, spi); | ||
56 | offset_seq = offsetof(struct ip_auth_hdr, seq_no); | ||
57 | break; | ||
58 | case IPPROTO_ESP: | ||
59 | offset = offsetof(struct ip_esp_hdr, spi); | ||
60 | offset_seq = offsetof(struct ip_esp_hdr, seq_no); | ||
61 | break; | ||
62 | case IPPROTO_COMP: | ||
63 | if (!pskb_may_pull(skb, sizeof(struct ip_comp_hdr))) | ||
64 | return -EINVAL; | ||
65 | *spi = ntohl(ntohs(*(u16*)(skb->h.raw + 2))); | ||
66 | *seq = 0; | ||
67 | return 0; | ||
68 | default: | ||
69 | return 1; | ||
70 | } | ||
71 | |||
72 | if (!pskb_may_pull(skb, 16)) | ||
73 | return -EINVAL; | ||
74 | |||
75 | *spi = *(u32*)(skb->h.raw + offset); | ||
76 | *seq = *(u32*)(skb->h.raw + offset_seq); | ||
77 | return 0; | ||
78 | } | ||
79 | EXPORT_SYMBOL(xfrm_parse_spi); | ||
80 | |||
81 | void __init xfrm_input_init(void) | ||
82 | { | ||
83 | secpath_cachep = kmem_cache_create("secpath_cache", | ||
84 | sizeof(struct sec_path), | ||
85 | 0, SLAB_HWCACHE_ALIGN, | ||
86 | NULL, NULL); | ||
87 | if (!secpath_cachep) | ||
88 | panic("XFRM: failed to allocate secpath_cache\n"); | ||
89 | } | ||