aboutsummaryrefslogtreecommitdiffstats
path: root/net/xfrm
diff options
context:
space:
mode:
Diffstat (limited to 'net/xfrm')
-rw-r--r--net/xfrm/xfrm_algo.c94
-rw-r--r--net/xfrm/xfrm_input.c2
-rw-r--r--net/xfrm/xfrm_policy.c40
-rw-r--r--net/xfrm/xfrm_state.c18
-rw-r--r--net/xfrm/xfrm_user.c6
5 files changed, 80 insertions, 80 deletions
diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c
index 248f94814dfb..f373a8a7d9c8 100644
--- a/net/xfrm/xfrm_algo.c
+++ b/net/xfrm/xfrm_algo.c
@@ -1,11 +1,11 @@
1/* 1/*
2 * xfrm algorithm interface 2 * xfrm algorithm interface
3 * 3 *
4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> 4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
5 * 5 *
6 * This program is free software; you can redistribute it and/or modify it 6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free 7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; either version 2 of the License, or (at your option) 8 * Software Foundation; either version 2 of the License, or (at your option)
9 * any later version. 9 * any later version.
10 */ 10 */
11 11
@@ -32,14 +32,14 @@ static struct xfrm_algo_desc aalg_list[] = {
32{ 32{
33 .name = "hmac(digest_null)", 33 .name = "hmac(digest_null)",
34 .compat = "digest_null", 34 .compat = "digest_null",
35 35
36 .uinfo = { 36 .uinfo = {
37 .auth = { 37 .auth = {
38 .icv_truncbits = 0, 38 .icv_truncbits = 0,
39 .icv_fullbits = 0, 39 .icv_fullbits = 0,
40 } 40 }
41 }, 41 },
42 42
43 .desc = { 43 .desc = {
44 .sadb_alg_id = SADB_X_AALG_NULL, 44 .sadb_alg_id = SADB_X_AALG_NULL,
45 .sadb_alg_ivlen = 0, 45 .sadb_alg_ivlen = 0,
@@ -57,7 +57,7 @@ static struct xfrm_algo_desc aalg_list[] = {
57 .icv_fullbits = 128, 57 .icv_fullbits = 128,
58 } 58 }
59 }, 59 },
60 60
61 .desc = { 61 .desc = {
62 .sadb_alg_id = SADB_AALG_MD5HMAC, 62 .sadb_alg_id = SADB_AALG_MD5HMAC,
63 .sadb_alg_ivlen = 0, 63 .sadb_alg_ivlen = 0,
@@ -142,14 +142,14 @@ static struct xfrm_algo_desc ealg_list[] = {
142{ 142{
143 .name = "ecb(cipher_null)", 143 .name = "ecb(cipher_null)",
144 .compat = "cipher_null", 144 .compat = "cipher_null",
145 145
146 .uinfo = { 146 .uinfo = {
147 .encr = { 147 .encr = {
148 .blockbits = 8, 148 .blockbits = 8,
149 .defkeybits = 0, 149 .defkeybits = 0,
150 } 150 }
151 }, 151 },
152 152
153 .desc = { 153 .desc = {
154 .sadb_alg_id = SADB_EALG_NULL, 154 .sadb_alg_id = SADB_EALG_NULL,
155 .sadb_alg_ivlen = 0, 155 .sadb_alg_ivlen = 0,
@@ -248,22 +248,22 @@ static struct xfrm_algo_desc ealg_list[] = {
248 } 248 }
249}, 249},
250{ 250{
251 .name = "cbc(serpent)", 251 .name = "cbc(serpent)",
252 .compat = "serpent", 252 .compat = "serpent",
253 253
254 .uinfo = { 254 .uinfo = {
255 .encr = { 255 .encr = {
256 .blockbits = 128, 256 .blockbits = 128,
257 .defkeybits = 128, 257 .defkeybits = 128,
258 } 258 }
259 }, 259 },
260 260
261 .desc = { 261 .desc = {
262 .sadb_alg_id = SADB_X_EALG_SERPENTCBC, 262 .sadb_alg_id = SADB_X_EALG_SERPENTCBC,
263 .sadb_alg_ivlen = 8, 263 .sadb_alg_ivlen = 8,
264 .sadb_alg_minbits = 128, 264 .sadb_alg_minbits = 128,
265 .sadb_alg_maxbits = 256, 265 .sadb_alg_maxbits = 256,
266 } 266 }
267}, 267},
268{ 268{
269 .name = "cbc(camellia)", 269 .name = "cbc(camellia)",
@@ -283,22 +283,22 @@ static struct xfrm_algo_desc ealg_list[] = {
283 } 283 }
284}, 284},
285{ 285{
286 .name = "cbc(twofish)", 286 .name = "cbc(twofish)",
287 .compat = "twofish", 287 .compat = "twofish",
288 288
289 .uinfo = { 289 .uinfo = {
290 .encr = { 290 .encr = {
291 .blockbits = 128, 291 .blockbits = 128,
292 .defkeybits = 128, 292 .defkeybits = 128,
293 } 293 }
294 }, 294 },
295 295
296 .desc = { 296 .desc = {
297 .sadb_alg_id = SADB_X_EALG_TWOFISHCBC, 297 .sadb_alg_id = SADB_X_EALG_TWOFISHCBC,
298 .sadb_alg_ivlen = 8, 298 .sadb_alg_ivlen = 8,
299 .sadb_alg_minbits = 128, 299 .sadb_alg_minbits = 128,
300 .sadb_alg_maxbits = 256 300 .sadb_alg_maxbits = 256
301 } 301 }
302}, 302},
303}; 303};
304 304
@@ -478,7 +478,7 @@ void xfrm_probe_algs(void)
478{ 478{
479#ifdef CONFIG_CRYPTO 479#ifdef CONFIG_CRYPTO
480 int i, status; 480 int i, status;
481 481
482 BUG_ON(in_softirq()); 482 BUG_ON(in_softirq());
483 483
484 for (i = 0; i < aalg_entries(); i++) { 484 for (i = 0; i < aalg_entries(); i++) {
@@ -487,14 +487,14 @@ void xfrm_probe_algs(void)
487 if (aalg_list[i].available != status) 487 if (aalg_list[i].available != status)
488 aalg_list[i].available = status; 488 aalg_list[i].available = status;
489 } 489 }
490 490
491 for (i = 0; i < ealg_entries(); i++) { 491 for (i = 0; i < ealg_entries(); i++) {
492 status = crypto_has_blkcipher(ealg_list[i].name, 0, 492 status = crypto_has_blkcipher(ealg_list[i].name, 0,
493 CRYPTO_ALG_ASYNC); 493 CRYPTO_ALG_ASYNC);
494 if (ealg_list[i].available != status) 494 if (ealg_list[i].available != status)
495 ealg_list[i].available = status; 495 ealg_list[i].available = status;
496 } 496 }
497 497
498 for (i = 0; i < calg_entries(); i++) { 498 for (i = 0; i < calg_entries(); i++) {
499 status = crypto_has_comp(calg_list[i].name, 0, 499 status = crypto_has_comp(calg_list[i].name, 0,
500 CRYPTO_ALG_ASYNC); 500 CRYPTO_ALG_ASYNC);
@@ -541,15 +541,15 @@ int skb_icv_walk(const struct sk_buff *skb, struct hash_desc *desc,
541 if (copy > 0) { 541 if (copy > 0) {
542 if (copy > len) 542 if (copy > len)
543 copy = len; 543 copy = len;
544 544
545 sg.page = virt_to_page(skb->data + offset); 545 sg.page = virt_to_page(skb->data + offset);
546 sg.offset = (unsigned long)(skb->data + offset) % PAGE_SIZE; 546 sg.offset = (unsigned long)(skb->data + offset) % PAGE_SIZE;
547 sg.length = copy; 547 sg.length = copy;
548 548
549 err = icv_update(desc, &sg, copy); 549 err = icv_update(desc, &sg, copy);
550 if (unlikely(err)) 550 if (unlikely(err))
551 return err; 551 return err;
552 552
553 if ((len -= copy) == 0) 553 if ((len -= copy) == 0)
554 return 0; 554 return 0;
555 offset += copy; 555 offset += copy;
@@ -566,11 +566,11 @@ int skb_icv_walk(const struct sk_buff *skb, struct hash_desc *desc,
566 566
567 if (copy > len) 567 if (copy > len)
568 copy = len; 568 copy = len;
569 569
570 sg.page = frag->page; 570 sg.page = frag->page;
571 sg.offset = frag->page_offset + offset-start; 571 sg.offset = frag->page_offset + offset-start;
572 sg.length = copy; 572 sg.length = copy;
573 573
574 err = icv_update(desc, &sg, copy); 574 err = icv_update(desc, &sg, copy);
575 if (unlikely(err)) 575 if (unlikely(err))
576 return err; 576 return err;
diff --git a/net/xfrm/xfrm_input.c b/net/xfrm/xfrm_input.c
index 414f89070380..ee15bdae1419 100644
--- a/net/xfrm/xfrm_input.c
+++ b/net/xfrm/xfrm_input.c
@@ -4,7 +4,7 @@
4 * Changes: 4 * Changes:
5 * YOSHIFUJI Hideaki @USAGI 5 * YOSHIFUJI Hideaki @USAGI
6 * Split up af-specific portion 6 * Split up af-specific portion
7 * 7 *
8 */ 8 */
9 9
10#include <linux/slab.h> 10#include <linux/slab.h>
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index fa7ce060b454..a24f38510719 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -1,4 +1,4 @@
1/* 1/*
2 * xfrm_policy.c 2 * xfrm_policy.c
3 * 3 *
4 * Changes: 4 * Changes:
@@ -151,7 +151,7 @@ retry:
151 return type; 151 return type;
152} 152}
153 153
154int xfrm_dst_lookup(struct xfrm_dst **dst, struct flowi *fl, 154int xfrm_dst_lookup(struct xfrm_dst **dst, struct flowi *fl,
155 unsigned short family) 155 unsigned short family)
156{ 156{
157 struct xfrm_policy_afinfo *afinfo = xfrm_policy_get_afinfo(family); 157 struct xfrm_policy_afinfo *afinfo = xfrm_policy_get_afinfo(family);
@@ -262,7 +262,7 @@ static inline unsigned long make_jiffies(long secs)
262 if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ) 262 if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ)
263 return MAX_SCHEDULE_TIMEOUT-1; 263 return MAX_SCHEDULE_TIMEOUT-1;
264 else 264 else
265 return secs*HZ; 265 return secs*HZ;
266} 266}
267 267
268static void xfrm_policy_timer(unsigned long data) 268static void xfrm_policy_timer(unsigned long data)
@@ -1024,17 +1024,17 @@ end:
1024static inline int policy_to_flow_dir(int dir) 1024static inline int policy_to_flow_dir(int dir)
1025{ 1025{
1026 if (XFRM_POLICY_IN == FLOW_DIR_IN && 1026 if (XFRM_POLICY_IN == FLOW_DIR_IN &&
1027 XFRM_POLICY_OUT == FLOW_DIR_OUT && 1027 XFRM_POLICY_OUT == FLOW_DIR_OUT &&
1028 XFRM_POLICY_FWD == FLOW_DIR_FWD) 1028 XFRM_POLICY_FWD == FLOW_DIR_FWD)
1029 return dir; 1029 return dir;
1030 switch (dir) { 1030 switch (dir) {
1031 default: 1031 default:
1032 case XFRM_POLICY_IN: 1032 case XFRM_POLICY_IN:
1033 return FLOW_DIR_IN; 1033 return FLOW_DIR_IN;
1034 case XFRM_POLICY_OUT: 1034 case XFRM_POLICY_OUT:
1035 return FLOW_DIR_OUT; 1035 return FLOW_DIR_OUT;
1036 case XFRM_POLICY_FWD: 1036 case XFRM_POLICY_FWD:
1037 return FLOW_DIR_FWD; 1037 return FLOW_DIR_FWD;
1038 }; 1038 };
1039} 1039}
1040 1040
@@ -1044,9 +1044,9 @@ static struct xfrm_policy *xfrm_sk_policy_lookup(struct sock *sk, int dir, struc
1044 1044
1045 read_lock_bh(&xfrm_policy_lock); 1045 read_lock_bh(&xfrm_policy_lock);
1046 if ((pol = sk->sk_policy[dir]) != NULL) { 1046 if ((pol = sk->sk_policy[dir]) != NULL) {
1047 int match = xfrm_selector_match(&pol->selector, fl, 1047 int match = xfrm_selector_match(&pol->selector, fl,
1048 sk->sk_family); 1048 sk->sk_family);
1049 int err = 0; 1049 int err = 0;
1050 1050
1051 if (match) { 1051 if (match) {
1052 err = security_xfrm_policy_lookup(pol, fl->secid, 1052 err = security_xfrm_policy_lookup(pol, fl->secid,
@@ -1511,7 +1511,7 @@ restart:
1511 } 1511 }
1512 *dst_p = dst; 1512 *dst_p = dst;
1513 dst_release(dst_orig); 1513 dst_release(dst_orig);
1514 xfrm_pols_put(pols, npols); 1514 xfrm_pols_put(pols, npols);
1515 return 0; 1515 return 0;
1516 1516
1517error: 1517error:
@@ -1546,7 +1546,7 @@ xfrm_secpath_reject(int idx, struct sk_buff *skb, struct flowi *fl)
1546 */ 1546 */
1547 1547
1548static inline int 1548static inline int
1549xfrm_state_ok(struct xfrm_tmpl *tmpl, struct xfrm_state *x, 1549xfrm_state_ok(struct xfrm_tmpl *tmpl, struct xfrm_state *x,
1550 unsigned short family) 1550 unsigned short family)
1551{ 1551{
1552 if (xfrm_state_kern(x)) 1552 if (xfrm_state_kern(x))
@@ -1619,7 +1619,7 @@ static inline int secpath_has_nontransport(struct sec_path *sp, int k, int *idxp
1619 return 0; 1619 return 0;
1620} 1620}
1621 1621
1622int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, 1622int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
1623 unsigned short family) 1623 unsigned short family)
1624{ 1624{
1625 struct xfrm_policy *pol; 1625 struct xfrm_policy *pol;
@@ -2243,7 +2243,7 @@ static int xfrm_migrate_selector_match(struct xfrm_selector *sel_cmp,
2243 if (sel_cmp->proto == IPSEC_ULPROTO_ANY) { 2243 if (sel_cmp->proto == IPSEC_ULPROTO_ANY) {
2244 if (sel_tgt->family == sel_cmp->family && 2244 if (sel_tgt->family == sel_cmp->family &&
2245 xfrm_addr_cmp(&sel_tgt->daddr, &sel_cmp->daddr, 2245 xfrm_addr_cmp(&sel_tgt->daddr, &sel_cmp->daddr,
2246 sel_cmp->family) == 0 && 2246 sel_cmp->family) == 0 &&
2247 xfrm_addr_cmp(&sel_tgt->saddr, &sel_cmp->saddr, 2247 xfrm_addr_cmp(&sel_tgt->saddr, &sel_cmp->saddr,
2248 sel_cmp->family) == 0 && 2248 sel_cmp->family) == 0 &&
2249 sel_tgt->prefixlen_d == sel_cmp->prefixlen_d && 2249 sel_tgt->prefixlen_d == sel_cmp->prefixlen_d &&
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 91b02687db52..a35f9e4ede26 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -227,7 +227,7 @@ static inline unsigned long make_jiffies(long secs)
227 if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ) 227 if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ)
228 return MAX_SCHEDULE_TIMEOUT-1; 228 return MAX_SCHEDULE_TIMEOUT-1;
229 else 229 else
230 return secs*HZ; 230 return secs*HZ;
231} 231}
232 232
233static void xfrm_timer_handler(unsigned long data) 233static void xfrm_timer_handler(unsigned long data)
@@ -523,7 +523,7 @@ static void xfrm_hash_grow_check(int have_hash_collision)
523} 523}
524 524
525struct xfrm_state * 525struct xfrm_state *
526xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, 526xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
527 struct flowi *fl, struct xfrm_tmpl *tmpl, 527 struct flowi *fl, struct xfrm_tmpl *tmpl,
528 struct xfrm_policy *pol, int *err, 528 struct xfrm_policy *pol, int *err,
529 unsigned short family) 529 unsigned short family)
@@ -534,7 +534,7 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
534 int acquire_in_progress = 0; 534 int acquire_in_progress = 0;
535 int error = 0; 535 int error = 0;
536 struct xfrm_state *best = NULL; 536 struct xfrm_state *best = NULL;
537 537
538 spin_lock_bh(&xfrm_state_lock); 538 spin_lock_bh(&xfrm_state_lock);
539 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) { 539 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
540 if (x->props.family == family && 540 if (x->props.family == family &&
@@ -570,7 +570,7 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
570 acquire_in_progress = 1; 570 acquire_in_progress = 1;
571 } else if (x->km.state == XFRM_STATE_ERROR || 571 } else if (x->km.state == XFRM_STATE_ERROR ||
572 x->km.state == XFRM_STATE_EXPIRED) { 572 x->km.state == XFRM_STATE_EXPIRED) {
573 if (xfrm_selector_match(&x->sel, fl, family) && 573 if (xfrm_selector_match(&x->sel, fl, family) &&
574 security_xfrm_state_pol_flow_match(x, pol, fl)) 574 security_xfrm_state_pol_flow_match(x, pol, fl))
575 error = -ESRCH; 575 error = -ESRCH;
576 } 576 }
@@ -866,7 +866,7 @@ struct xfrm_state *xfrm_state_clone(struct xfrm_state *orig, int *errp)
866 } 866 }
867 x->props.calgo = orig->props.calgo; 867 x->props.calgo = orig->props.calgo;
868 868
869 if (orig->encap) { 869 if (orig->encap) {
870 x->encap = kmemdup(orig->encap, sizeof(*x->encap), GFP_KERNEL); 870 x->encap = kmemdup(orig->encap, sizeof(*x->encap), GFP_KERNEL);
871 if (!x->encap) 871 if (!x->encap)
872 goto error; 872 goto error;
@@ -947,7 +947,7 @@ struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m)
947 } 947 }
948 } 948 }
949 949
950 return NULL; 950 return NULL;
951} 951}
952EXPORT_SYMBOL(xfrm_migrate_state_find); 952EXPORT_SYMBOL(xfrm_migrate_state_find);
953 953
@@ -1121,8 +1121,8 @@ xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr,
1121EXPORT_SYMBOL(xfrm_state_lookup_byaddr); 1121EXPORT_SYMBOL(xfrm_state_lookup_byaddr);
1122 1122
1123struct xfrm_state * 1123struct xfrm_state *
1124xfrm_find_acq(u8 mode, u32 reqid, u8 proto, 1124xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
1125 xfrm_address_t *daddr, xfrm_address_t *saddr, 1125 xfrm_address_t *daddr, xfrm_address_t *saddr,
1126 int create, unsigned short family) 1126 int create, unsigned short family)
1127{ 1127{
1128 struct xfrm_state *x; 1128 struct xfrm_state *x;
@@ -1738,7 +1738,7 @@ error:
1738} 1738}
1739 1739
1740EXPORT_SYMBOL(xfrm_init_state); 1740EXPORT_SYMBOL(xfrm_init_state);
1741 1741
1742void __init xfrm_state_init(void) 1742void __init xfrm_state_init(void)
1743{ 1743{
1744 unsigned int sz; 1744 unsigned int sz;
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 079a5d315759..d55436d00e86 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -48,7 +48,7 @@ static int verify_one_alg(struct rtattr **xfrma, enum xfrm_attr_type_t type)
48 48
49 algp = RTA_DATA(rt); 49 algp = RTA_DATA(rt);
50 50
51 len -= (algp->alg_key_len + 7U) / 8; 51 len -= (algp->alg_key_len + 7U) / 8;
52 if (len < 0) 52 if (len < 0)
53 return -EINVAL; 53 return -EINVAL;
54 54
@@ -1107,7 +1107,7 @@ static int copy_sec_ctx(struct xfrm_sec_ctx *s, struct sk_buff *skb)
1107 uctx->ctx_alg = s->ctx_alg; 1107 uctx->ctx_alg = s->ctx_alg;
1108 uctx->ctx_len = s->ctx_len; 1108 uctx->ctx_len = s->ctx_len;
1109 memcpy(uctx + 1, s->ctx_str, s->ctx_len); 1109 memcpy(uctx + 1, s->ctx_str, s->ctx_len);
1110 return 0; 1110 return 0;
1111 1111
1112 rtattr_failure: 1112 rtattr_failure:
1113 return -1; 1113 return -1;
@@ -2467,7 +2467,7 @@ static int __init xfrm_user_init(void)
2467 printk(KERN_INFO "Initializing XFRM netlink socket\n"); 2467 printk(KERN_INFO "Initializing XFRM netlink socket\n");
2468 2468
2469 nlsk = netlink_kernel_create(NETLINK_XFRM, XFRMNLGRP_MAX, 2469 nlsk = netlink_kernel_create(NETLINK_XFRM, XFRMNLGRP_MAX,
2470 xfrm_netlink_rcv, THIS_MODULE); 2470 xfrm_netlink_rcv, THIS_MODULE);
2471 if (nlsk == NULL) 2471 if (nlsk == NULL)
2472 return -ENOMEM; 2472 return -ENOMEM;
2473 rcu_assign_pointer(xfrm_nl, nlsk); 2473 rcu_assign_pointer(xfrm_nl, nlsk);