diff options
Diffstat (limited to 'net/xfrm')
-rw-r--r-- | net/xfrm/xfrm_user.c | 73 |
1 files changed, 42 insertions, 31 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index e5372b11fc8f..82f36d396fca 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c | |||
@@ -434,18 +434,19 @@ error_no_put: | |||
434 | return NULL; | 434 | return NULL; |
435 | } | 435 | } |
436 | 436 | ||
437 | static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 437 | static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh, |
438 | struct rtattr **xfrma) | ||
438 | { | 439 | { |
439 | struct xfrm_usersa_info *p = NLMSG_DATA(nlh); | 440 | struct xfrm_usersa_info *p = NLMSG_DATA(nlh); |
440 | struct xfrm_state *x; | 441 | struct xfrm_state *x; |
441 | int err; | 442 | int err; |
442 | struct km_event c; | 443 | struct km_event c; |
443 | 444 | ||
444 | err = verify_newsa_info(p, (struct rtattr **)xfrma); | 445 | err = verify_newsa_info(p, xfrma); |
445 | if (err) | 446 | if (err) |
446 | return err; | 447 | return err; |
447 | 448 | ||
448 | x = xfrm_state_construct(p, (struct rtattr **)xfrma, &err); | 449 | x = xfrm_state_construct(p, xfrma, &err); |
449 | if (!x) | 450 | if (!x) |
450 | return err; | 451 | return err; |
451 | 452 | ||
@@ -507,14 +508,15 @@ static struct xfrm_state *xfrm_user_state_lookup(struct xfrm_usersa_id *p, | |||
507 | return x; | 508 | return x; |
508 | } | 509 | } |
509 | 510 | ||
510 | static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 511 | static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh, |
512 | struct rtattr **xfrma) | ||
511 | { | 513 | { |
512 | struct xfrm_state *x; | 514 | struct xfrm_state *x; |
513 | int err = -ESRCH; | 515 | int err = -ESRCH; |
514 | struct km_event c; | 516 | struct km_event c; |
515 | struct xfrm_usersa_id *p = NLMSG_DATA(nlh); | 517 | struct xfrm_usersa_id *p = NLMSG_DATA(nlh); |
516 | 518 | ||
517 | x = xfrm_user_state_lookup(p, (struct rtattr **)xfrma, &err); | 519 | x = xfrm_user_state_lookup(p, xfrma, &err); |
518 | if (x == NULL) | 520 | if (x == NULL) |
519 | return err; | 521 | return err; |
520 | 522 | ||
@@ -672,14 +674,15 @@ static struct sk_buff *xfrm_state_netlink(struct sk_buff *in_skb, | |||
672 | return skb; | 674 | return skb; |
673 | } | 675 | } |
674 | 676 | ||
675 | static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 677 | static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh, |
678 | struct rtattr **xfrma) | ||
676 | { | 679 | { |
677 | struct xfrm_usersa_id *p = NLMSG_DATA(nlh); | 680 | struct xfrm_usersa_id *p = NLMSG_DATA(nlh); |
678 | struct xfrm_state *x; | 681 | struct xfrm_state *x; |
679 | struct sk_buff *resp_skb; | 682 | struct sk_buff *resp_skb; |
680 | int err = -ESRCH; | 683 | int err = -ESRCH; |
681 | 684 | ||
682 | x = xfrm_user_state_lookup(p, (struct rtattr **)xfrma, &err); | 685 | x = xfrm_user_state_lookup(p, xfrma, &err); |
683 | if (x == NULL) | 686 | if (x == NULL) |
684 | goto out_noput; | 687 | goto out_noput; |
685 | 688 | ||
@@ -718,7 +721,8 @@ static int verify_userspi_info(struct xfrm_userspi_info *p) | |||
718 | return 0; | 721 | return 0; |
719 | } | 722 | } |
720 | 723 | ||
721 | static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 724 | static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, |
725 | struct rtattr **xfrma) | ||
722 | { | 726 | { |
723 | struct xfrm_state *x; | 727 | struct xfrm_state *x; |
724 | struct xfrm_userspi_info *p; | 728 | struct xfrm_userspi_info *p; |
@@ -1013,7 +1017,8 @@ static struct xfrm_policy *xfrm_policy_construct(struct xfrm_userpolicy_info *p, | |||
1013 | return NULL; | 1017 | return NULL; |
1014 | } | 1018 | } |
1015 | 1019 | ||
1016 | static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 1020 | static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh, |
1021 | struct rtattr **xfrma) | ||
1017 | { | 1022 | { |
1018 | struct xfrm_userpolicy_info *p = NLMSG_DATA(nlh); | 1023 | struct xfrm_userpolicy_info *p = NLMSG_DATA(nlh); |
1019 | struct xfrm_policy *xp; | 1024 | struct xfrm_policy *xp; |
@@ -1024,11 +1029,11 @@ static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfr | |||
1024 | err = verify_newpolicy_info(p); | 1029 | err = verify_newpolicy_info(p); |
1025 | if (err) | 1030 | if (err) |
1026 | return err; | 1031 | return err; |
1027 | err = verify_sec_ctx_len((struct rtattr **)xfrma); | 1032 | err = verify_sec_ctx_len(xfrma); |
1028 | if (err) | 1033 | if (err) |
1029 | return err; | 1034 | return err; |
1030 | 1035 | ||
1031 | xp = xfrm_policy_construct(p, (struct rtattr **)xfrma, &err); | 1036 | xp = xfrm_policy_construct(p, xfrma, &err); |
1032 | if (!xp) | 1037 | if (!xp) |
1033 | return err; | 1038 | return err; |
1034 | 1039 | ||
@@ -1227,7 +1232,8 @@ static struct sk_buff *xfrm_policy_netlink(struct sk_buff *in_skb, | |||
1227 | return skb; | 1232 | return skb; |
1228 | } | 1233 | } |
1229 | 1234 | ||
1230 | static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 1235 | static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, |
1236 | struct rtattr **xfrma) | ||
1231 | { | 1237 | { |
1232 | struct xfrm_policy *xp; | 1238 | struct xfrm_policy *xp; |
1233 | struct xfrm_userpolicy_id *p; | 1239 | struct xfrm_userpolicy_id *p; |
@@ -1239,7 +1245,7 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfr | |||
1239 | p = NLMSG_DATA(nlh); | 1245 | p = NLMSG_DATA(nlh); |
1240 | delete = nlh->nlmsg_type == XFRM_MSG_DELPOLICY; | 1246 | delete = nlh->nlmsg_type == XFRM_MSG_DELPOLICY; |
1241 | 1247 | ||
1242 | err = copy_from_user_policy_type(&type, (struct rtattr **)xfrma); | 1248 | err = copy_from_user_policy_type(&type, xfrma); |
1243 | if (err) | 1249 | if (err) |
1244 | return err; | 1250 | return err; |
1245 | 1251 | ||
@@ -1250,11 +1256,10 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfr | |||
1250 | if (p->index) | 1256 | if (p->index) |
1251 | xp = xfrm_policy_byid(type, p->dir, p->index, delete); | 1257 | xp = xfrm_policy_byid(type, p->dir, p->index, delete); |
1252 | else { | 1258 | else { |
1253 | struct rtattr **rtattrs = (struct rtattr **)xfrma; | 1259 | struct rtattr *rt = xfrma[XFRMA_SEC_CTX-1]; |
1254 | struct rtattr *rt = rtattrs[XFRMA_SEC_CTX-1]; | ||
1255 | struct xfrm_policy tmp; | 1260 | struct xfrm_policy tmp; |
1256 | 1261 | ||
1257 | err = verify_sec_ctx_len(rtattrs); | 1262 | err = verify_sec_ctx_len(xfrma); |
1258 | if (err) | 1263 | if (err) |
1259 | return err; | 1264 | return err; |
1260 | 1265 | ||
@@ -1302,7 +1307,8 @@ out: | |||
1302 | return err; | 1307 | return err; |
1303 | } | 1308 | } |
1304 | 1309 | ||
1305 | static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 1310 | static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh, |
1311 | struct rtattr **xfrma) | ||
1306 | { | 1312 | { |
1307 | struct km_event c; | 1313 | struct km_event c; |
1308 | struct xfrm_usersa_flush *p = NLMSG_DATA(nlh); | 1314 | struct xfrm_usersa_flush *p = NLMSG_DATA(nlh); |
@@ -1367,7 +1373,8 @@ nlmsg_failure: | |||
1367 | return -1; | 1373 | return -1; |
1368 | } | 1374 | } |
1369 | 1375 | ||
1370 | static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 1376 | static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh, |
1377 | struct rtattr **xfrma) | ||
1371 | { | 1378 | { |
1372 | struct xfrm_state *x; | 1379 | struct xfrm_state *x; |
1373 | struct sk_buff *r_skb; | 1380 | struct sk_buff *r_skb; |
@@ -1415,7 +1422,8 @@ static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | |||
1415 | return err; | 1422 | return err; |
1416 | } | 1423 | } |
1417 | 1424 | ||
1418 | static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 1425 | static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh, |
1426 | struct rtattr **xfrma) | ||
1419 | { | 1427 | { |
1420 | struct xfrm_state *x; | 1428 | struct xfrm_state *x; |
1421 | struct km_event c; | 1429 | struct km_event c; |
@@ -1439,7 +1447,7 @@ static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | |||
1439 | goto out; | 1447 | goto out; |
1440 | 1448 | ||
1441 | spin_lock_bh(&x->lock); | 1449 | spin_lock_bh(&x->lock); |
1442 | err = xfrm_update_ae_params(x,(struct rtattr **)xfrma); | 1450 | err = xfrm_update_ae_params(x, xfrma); |
1443 | spin_unlock_bh(&x->lock); | 1451 | spin_unlock_bh(&x->lock); |
1444 | if (err < 0) | 1452 | if (err < 0) |
1445 | goto out; | 1453 | goto out; |
@@ -1455,14 +1463,15 @@ out: | |||
1455 | return err; | 1463 | return err; |
1456 | } | 1464 | } |
1457 | 1465 | ||
1458 | static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 1466 | static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh, |
1467 | struct rtattr **xfrma) | ||
1459 | { | 1468 | { |
1460 | struct km_event c; | 1469 | struct km_event c; |
1461 | u8 type = XFRM_POLICY_TYPE_MAIN; | 1470 | u8 type = XFRM_POLICY_TYPE_MAIN; |
1462 | int err; | 1471 | int err; |
1463 | struct xfrm_audit audit_info; | 1472 | struct xfrm_audit audit_info; |
1464 | 1473 | ||
1465 | err = copy_from_user_policy_type(&type, (struct rtattr **)xfrma); | 1474 | err = copy_from_user_policy_type(&type, xfrma); |
1466 | if (err) | 1475 | if (err) |
1467 | return err; | 1476 | return err; |
1468 | 1477 | ||
@@ -1477,7 +1486,8 @@ static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **x | |||
1477 | return 0; | 1486 | return 0; |
1478 | } | 1487 | } |
1479 | 1488 | ||
1480 | static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 1489 | static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, |
1490 | struct rtattr **xfrma) | ||
1481 | { | 1491 | { |
1482 | struct xfrm_policy *xp; | 1492 | struct xfrm_policy *xp; |
1483 | struct xfrm_user_polexpire *up = NLMSG_DATA(nlh); | 1493 | struct xfrm_user_polexpire *up = NLMSG_DATA(nlh); |
@@ -1485,18 +1495,17 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, void * | |||
1485 | u8 type = XFRM_POLICY_TYPE_MAIN; | 1495 | u8 type = XFRM_POLICY_TYPE_MAIN; |
1486 | int err = -ENOENT; | 1496 | int err = -ENOENT; |
1487 | 1497 | ||
1488 | err = copy_from_user_policy_type(&type, (struct rtattr **)xfrma); | 1498 | err = copy_from_user_policy_type(&type, xfrma); |
1489 | if (err) | 1499 | if (err) |
1490 | return err; | 1500 | return err; |
1491 | 1501 | ||
1492 | if (p->index) | 1502 | if (p->index) |
1493 | xp = xfrm_policy_byid(type, p->dir, p->index, 0); | 1503 | xp = xfrm_policy_byid(type, p->dir, p->index, 0); |
1494 | else { | 1504 | else { |
1495 | struct rtattr **rtattrs = (struct rtattr **)xfrma; | 1505 | struct rtattr *rt = xfrma[XFRMA_SEC_CTX-1]; |
1496 | struct rtattr *rt = rtattrs[XFRMA_SEC_CTX-1]; | ||
1497 | struct xfrm_policy tmp; | 1506 | struct xfrm_policy tmp; |
1498 | 1507 | ||
1499 | err = verify_sec_ctx_len(rtattrs); | 1508 | err = verify_sec_ctx_len(xfrma); |
1500 | if (err) | 1509 | if (err) |
1501 | return err; | 1510 | return err; |
1502 | 1511 | ||
@@ -1537,7 +1546,8 @@ out: | |||
1537 | return err; | 1546 | return err; |
1538 | } | 1547 | } |
1539 | 1548 | ||
1540 | static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 1549 | static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh, |
1550 | struct rtattr **xfrma) | ||
1541 | { | 1551 | { |
1542 | struct xfrm_state *x; | 1552 | struct xfrm_state *x; |
1543 | int err; | 1553 | int err; |
@@ -1568,7 +1578,8 @@ out: | |||
1568 | return err; | 1578 | return err; |
1569 | } | 1579 | } |
1570 | 1580 | ||
1571 | static int xfrm_add_acquire(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) | 1581 | static int xfrm_add_acquire(struct sk_buff *skb, struct nlmsghdr *nlh, |
1582 | struct rtattr **xfrma) | ||
1572 | { | 1583 | { |
1573 | struct xfrm_policy *xp; | 1584 | struct xfrm_policy *xp; |
1574 | struct xfrm_user_tmpl *ut; | 1585 | struct xfrm_user_tmpl *ut; |
@@ -1647,7 +1658,7 @@ static const int xfrm_msg_min[XFRM_NR_MSGTYPES] = { | |||
1647 | #undef XMSGSIZE | 1658 | #undef XMSGSIZE |
1648 | 1659 | ||
1649 | static struct xfrm_link { | 1660 | static struct xfrm_link { |
1650 | int (*doit)(struct sk_buff *, struct nlmsghdr *, void **); | 1661 | int (*doit)(struct sk_buff *, struct nlmsghdr *, struct rtattr **); |
1651 | int (*dump)(struct sk_buff *, struct netlink_callback *); | 1662 | int (*dump)(struct sk_buff *, struct netlink_callback *); |
1652 | } xfrm_dispatch[XFRM_NR_MSGTYPES] = { | 1663 | } xfrm_dispatch[XFRM_NR_MSGTYPES] = { |
1653 | [XFRM_MSG_NEWSA - XFRM_MSG_BASE] = { .doit = xfrm_add_sa }, | 1664 | [XFRM_MSG_NEWSA - XFRM_MSG_BASE] = { .doit = xfrm_add_sa }, |
@@ -1735,7 +1746,7 @@ static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, int *err | |||
1735 | 1746 | ||
1736 | if (link->doit == NULL) | 1747 | if (link->doit == NULL) |
1737 | goto err_einval; | 1748 | goto err_einval; |
1738 | *errp = link->doit(skb, nlh, (void **) &xfrma); | 1749 | *errp = link->doit(skb, nlh, xfrma); |
1739 | 1750 | ||
1740 | return *errp; | 1751 | return *errp; |
1741 | 1752 | ||