aboutsummaryrefslogtreecommitdiffstats
path: root/net/xfrm
Commit message (Collapse)AuthorAge
* [XFRM]: xfrm_state_clone() should be static, not exportedEric Dumazet2008-01-28
| | | | | | | | | | | | | xfrm_state_clone() is not used outside of net/xfrm/xfrm_state.c There is no need to export it. Spoted by sparse checker. CHECK net/xfrm/xfrm_state.c net/xfrm/xfrm_state.c:1103:19: warning: symbol 'xfrm_state_clone' was not declared. Should it be static? Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM] xfrm_policy_destroy: Rename and relative fixes.WANG Cong2008-01-28
| | | | | | | | | | | | | | | Since __xfrm_policy_destroy is used to destory the resources allocated by xfrm_policy_alloc. So using the name __xfrm_policy_destroy is not correspond with xfrm_policy_alloc. Rename it to xfrm_policy_destroy. And along with some instances that call xfrm_policy_alloc but not using xfrm_policy_destroy to destroy the resource, fix them. Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM] Statistics: Add outbound-dropping error.Masahide NAKAMURA2008-01-28
| | | | | | | | | | o Increment PolError counter when flow_cache_lookup() returns errored pointer. o Increment NoStates counter at larval-drop. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Kill some bloatIlpo Järvinen2008-01-28
| | | | | | | | | | | | | | | | | | | | | | | net/xfrm/xfrm_state.c: xfrm_audit_state_delete | -589 xfrm_replay_check | -542 xfrm_audit_state_icvfail | -520 xfrm_audit_state_add | -589 xfrm_audit_state_replay_overflow | -523 xfrm_audit_state_notfound_simple | -509 xfrm_audit_state_notfound | -521 7 functions changed, 3793 bytes removed, diff: -3793 net/xfrm/xfrm_state.c: xfrm_audit_helper_pktinfo | +522 xfrm_audit_helper_sainfo | +598 2 functions changed, 1120 bytes added, diff: +1120 net/xfrm/xfrm_state.o: 9 functions changed, 1120 bytes added, 3793 bytes removed, diff: -2673 Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Return EOVERFLOW when output sequence number overflowsHerbert Xu2008-01-28
| | | | | | | | | Previously we made it an error on the output path if the sequence number overflowed. However we did not set the err variable accordingly. This patch sets err to -EOVERFLOW in that case. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: Add some acquires/releases sparse annotations.Eric Dumazet2008-01-28
| | | | | | | | | | | | | | | Add __acquires() and __releases() annotations to suppress some sparse warnings. example of warnings : net/ipv4/udp.c:1555:14: warning: context imbalance in 'udp_seq_start' - wrong count at exit net/ipv4/udp.c:1571:13: warning: context imbalance in 'udp_seq_stop' - unexpected unlock Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Move all calls to xfrm_audit_state_icvfail to xfrm_inputHerbert Xu2008-01-28
| | | | | | | Let's nip the code duplication in the bud :) Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Fix double free on skb on async outputHerbert Xu2008-01-28
| | | | | | | | | When the output transform returns EINPROGRESS due to async operation we'll free the skb the straight away as if it were an error. This patch fixes that so that the skb is freed when the async operation completes. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Fix outbound statistics.Masahide NAKAMURA2008-01-28
| | | | | Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Drop packets when replay counter would overflowPaul Moore2008-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | According to RFC4303, section 3.3.3 we need to drop outgoing packets which cause the replay counter to overflow: 3.3.3. Sequence Number Generation The sender's counter is initialized to 0 when an SA is established. The sender increments the sequence number (or ESN) counter for this SA and inserts the low-order 32 bits of the value into the Sequence Number field. Thus, the first packet sent using a given SA will contain a sequence number of 1. If anti-replay is enabled (the default), the sender checks to ensure that the counter has not cycled before inserting the new value in the Sequence Number field. In other words, the sender MUST NOT send a packet on an SA if doing so would cause the sequence number to cycle. An attempt to transmit a packet that would result in sequence number overflow is an auditable event. The audit log entry for this event SHOULD include the SPI value, current date/time, Source Address, Destination Address, and (in IPv6) the cleartext Flow ID. Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: RFC4303 compliant auditingPaul Moore2008-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds a number of new IPsec audit events to meet the auditing requirements of RFC4303. This includes audit hooks for the following events: * Could not find a valid SA [sections 2.1, 3.4.2] . xfrm_audit_state_notfound() . xfrm_audit_state_notfound_simple() * Sequence number overflow [section 3.3.3] . xfrm_audit_state_replay_overflow() * Replayed packet [section 3.4.3] . xfrm_audit_state_replay() * Integrity check failure [sections 3.4.4.1, 3.4.4.2] . xfrm_audit_state_icvfail() While RFC4304 deals only with ESP most of the changes in this patch apply to IPsec in general, i.e. both AH and ESP. The one case, integrity check failure, where ESP specific code had to be modified the same was done to the AH code for the sake of consistency. Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Assorted IPsec fixupsPaul Moore2008-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch fixes a number of small but potentially troublesome things in the XFRM/IPsec code: * Use the 'audit_enabled' variable already in include/linux/audit.h Removed the need for extern declarations local to each XFRM audit fuction * Convert 'sid' to 'secid' everywhere we can The 'sid' name is specific to SELinux, 'secid' is the common naming convention used by the kernel when refering to tokenized LSM labels, unfortunately we have to leave 'ctx_sid' in 'struct xfrm_sec_ctx' otherwise we risk breaking userspace * Convert address display to use standard NIP* macros Similar to what was recently done with the SPD audit code, this also also includes the removal of some unnecessary memcpy() calls * Move common code to xfrm_audit_common_stateinfo() Code consolidation from the "less is more" book on software development * Proper spacing around commas in function arguments Minor style tweak since I was already touching the code Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Add packet processing statistics option.Masahide NAKAMURA2008-01-28
| | | | | Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Support to increment packet dropping statistics.Masahide NAKAMURA2008-01-28
| | | | | Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Define packet dropping statistics.Masahide NAKAMURA2008-01-28
| | | | | | | | | | | | This statistics is shown factor dropped by transformation at /proc/net/xfrm_stat for developer. It is a counter designed from current transformation source code and defined as linux private MIB. See Documentation/networking/xfrm_proc.txt for the detail. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM] IPv6: Fix dst/routing check at transformation.Masahide NAKAMURA2008-01-28
| | | | | | | | | | | | | | | IPv6 specific thing is wrongly removed from transformation at net-2.6.25. This patch recovers it with current design. o Update "path" of xfrm_dst since IPv6 transformation should care about routing changes. It is required by MIPv6 and off-link destined IPsec. o Rename nfheader_len which is for non-fragment transformation used by MIPv6 to rt6i_nfheader_len as IPv6 name space. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Do xfrm_state_check_space before encapsulationHerbert Xu2008-01-28
| | | | | | | | | | | | | | | | | | While merging the IPsec output path I moved the encapsulation output operation to the top of the loop so that it sits outside of the locked section. Unfortunately in doing so it now sits in front of the space check as well which could be a fatal error. This patch rearranges the calls so that the space check happens as the thing on the output path. This patch also fixes an incorrect goto should the encapsulation output fail. Thanks to Kazunori MIYAZAWA for finding this bug. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Fix potential race vs xfrm_state(only)_find and xfrm_hash_resize.Pavel Emelyanov2008-01-28
| | | | | | | | | | | | | | The _find calls calculate the hash value using the xfrm_state_hmask, without the xfrm_state_lock. But the value of this mask can change in the _resize call under the state_lock, so we risk to fail in finding the desired entry in hash. I think, that the hash value is better to calculate under the state lock. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Fix zero return value in xfrm_lookup on errorHerbert Xu2008-01-28
| | | | | | | | | | | | Further testing shows that my ICMP relookup patch can cause xfrm_lookup to return zero on error which isn't very nice since it leads to the caller dying on null pointer dereference. The bug is due to not setting err to ENOENT just before we leave xfrm_lookup in case of no policy. This patch moves the err setting to where it should be. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Add ICMP host relookup supportHerbert Xu2008-01-28
| | | | | | | | | | | | | | | RFC 4301 requires us to relookup ICMP traffic that does not match any policies using the reverse of its payload. This patch implements this for ICMP traffic that originates from or terminates on localhost. This is activated on outbound with the new policy flag XFRM_POLICY_ICMP, and on inbound by the new state flag XFRM_STATE_ICMP. On inbound the policy check is now performed by the ICMP protocol so that it can repeat the policy check where necessary. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Added xfrm_decode_session_reverse and xfrmX_policy_check_reverseHerbert Xu2008-01-28
| | | | | | | | | | RFC 4301 requires us to relookup ICMP traffic that does not match any policies using the reverse of its payload. This patch adds the functions xfrm_decode_session_reverse and xfrmX_policy_check_reverse so we can get the reverse flow to perform such a lookup. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Make xfrm_lookup flags argument a bit-fieldHerbert Xu2008-01-28
| | | | | | | | | | | | | This patch introduces an enum for bits in the flags argument of xfrm_lookup. This is so that we can cram more information into it later. Since all current users use just the values 0 and 1, XFRM_LOOKUP_WAIT has been added with the value 1 << 0 to represent the current meaning of flags. The test in __xfrm_lookup has been changed accordingly. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Add xfrm_input_state helperHerbert Xu2008-01-28
| | | | | | | | | | This patch adds the xfrm_input_state helper function which returns the current xfrm state being processed on the input path given an sk_buff. This is currently only used by xfrm_input but will be used by ESP upon asynchronous resumption. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM] net/xfrm/xfrm_state.c: use LIST_HEAD instead of LIST_HEAD_INITDenis Cheng2008-01-28
| | | | | | | | | single list_head variable initialized with LIST_HEAD_INIT could almost always can be replaced with LIST_HEAD declaration, this shrinks the code and looks better. Signed-off-by: Denis Cheng <crquan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: Multiple namespaces in the all dst_ifdown routines.Denis V. Lunev2008-01-28
| | | | | | | Move dst entries to a namespace loopback to catch refcounting leaks. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Use the correct family for input state lookupHerbert Xu2008-01-28
| | | | | | | | | | | | | When merging the input paths of IPsec I accidentally left a hard-coded AF_INET for the state lookup call. This broke IPv6 obviously. This patch fixes by getting the input callers to specify the family through skb->cb. Credit goes to Kazunori Miyazawa for diagnosing this and providing an initial patch. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: SPD auditing fix to include the netmask/prefix-lengthPaul Moore2008-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the netmask/prefix-length of an IPsec SPD entry is not included in any of the SPD related audit messages. This can cause a problem when the audit log is examined as the netmask/prefix-length is vital in determining what network traffic is affected by a particular SPD entry. This patch fixes this problem by adding two additional fields, "src_prefixlen" and "dst_prefixlen", to the SPD audit messages to indicate the source and destination netmasks. These new fields are only included in the audit message when the netmask/prefix-length is less than the address length, i.e. the SPD entry applies to a network address and not a host address. Example audit message: type=UNKNOWN[1415] msg=audit(1196105849.752:25): auid=0 \ subj=root:system_r:unconfined_t:s0-s0:c0.c1023 op=SPD-add res=1 \ src=192.168.0.0 src_prefixlen=24 dst=192.168.1.0 dst_prefixlen=24 In addition, this patch also fixes a few other things in the xfrm_audit_common_policyinfo() function. The IPv4 string formatting was converted to use the standard NIPQUAD_FMT constant, the memcpy() was removed from the IPv6 code path and replaced with a typecast (the memcpy() was acting as a slow, implicit typecast anyway), and two local variables were created to make referencing the XFRM security context and selector information cleaner. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: kmalloc + memset conversion to kzallocJoonwoo Park2008-01-28
| | | | | | | | | | | | | | 2007/11/26, Patrick McHardy <kaber@trash.net>: > How about also switching vmalloc/get_free_pages to GFP_ZERO > and getting rid of the memset entirely while you're at it? > xfrm_hash: kmalloc + memset conversion to kzalloc fix to avoid memset entirely. Signed-off-by: Joonwoo Park <joonwpark81@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Kill afinfo->nf_post_routingDavid S. Miller2008-01-28
| | | | | | | | | | After changeset: [NETFILTER]: Introduce NF_INET_ hook values It always evaluates to NF_INET_POST_ROUTING. Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Add async resume support on inputHerbert Xu2008-01-28
| | | | | | | | | This patch adds support for async resumptions on input. To do so, the transform would return -EINPROGRESS and subsequently invoke the function xfrm_input_resume to resume processing. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Remove nhoff from xfrm_inputHerbert Xu2008-01-28
| | | | | | | | | | | | | | | | | | The nhoff field isn't actually necessary in xfrm_input. For tunnel mode transforms we now throw away the output IP header so it makes no sense to fill in the nexthdr field. For transport mode we can now let the function transport_finish do the setting and it knows where the nexthdr field is. The only other thing that needs the nexthdr field to be set is the header extraction code. However, we can simply move the protocol extraction out of the generic header extraction. We want to minimise the amount of info we have to carry around between transforms as this simplifies the resumption process for async crypto. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Make x->lastused an unsigned longHerbert Xu2008-01-28
| | | | | | | | | | | | | | Currently x->lastused is u64 which means that it cannot be read/written atomically on all architectures. David Miller observed that the value stored in it is only an unsigned long which is always atomic. So based on his suggestion this patch changes the internal representation from u64 to unsigned long while the user-interface still refers to it as u64. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Move state lock into x->type->inputHerbert Xu2008-01-28
| | | | | | | | | | | | This patch releases the lock on the state before calling x->type->input. It also adds the lock to the spots where they're currently needed. Most of those places (all except mip6) are expected to disappear with async crypto. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Move integrity stat collection into xfrm_inputHerbert Xu2008-01-28
| | | | | | | | | | | | | | | | Similar to the moving out of the replay processing on the output, this patch moves the integrity stat collectin from x->type->input into xfrm_input. This would eventually allow transforms such as AH/ESP to be lockless. The error value EBADMSG (currently unused in the crypto layer) is used to indicate a failed integrity check. In future this error can be directly returned by the crypto layer once we switch to aead algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Store xfrm states in security path directlyHerbert Xu2008-01-28
| | | | | | | | | | | | | | As it is xfrm_input first collects a list of xfrm states on the stack before storing them in the packet's security path just before it returns. For async crypto, this construction presents an obstacle since we may need to leave the loop after each transform. In fact, it's much easier to just skip the stack completely and always store to the security path. This is proven by the fact that this patch actually shrinks the code. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Merge most of the input pathHerbert Xu2008-01-28
| | | | | | | | | | | | As part of the work on asynchronous cryptographic operations, we need to be able to resume from the spot where they occur. As such, it helps if we isolate them to one spot. This patch moves most of the remaining family-specific processing into the common input code. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Add async resume support on outputHerbert Xu2008-01-28
| | | | | | | | | This patch adds support for async resumptions on output. To do so, the transform would return -EINPROGRESS and subsequently invoke the function xfrm_output_resume to resume processing. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Merge most of the output pathHerbert Xu2008-01-28
| | | | | | | | | | | | As part of the work on asynchrnous cryptographic operations, we need to be able to resume from the spot where they occur. As such, it helps if we isolate them to one spot. This patch moves most of the remaining family-specific processing into the common output code. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Separate inner/outer mode processing on inputHerbert Xu2008-01-28
| | | | | | | | | | | | | | | | | | | With inter-family transforms the inner mode differs from the outer mode. Attempting to handle both sides from the same function means that it needs to handle both IPv4 and IPv6 which creates duplication and confusion. This patch separates the two parts on the input path so that each function deals with one family only. In particular, the functions xfrm4_extract_inut/xfrm6_extract_inut moves the pertinent fields from the IPv4/IPv6 IP headers into a neutral format stored in skb->cb. This is then used by the inner mode input functions to modify the inner IP header. In this way the input function no longer has to know about the outer address family. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Move x->outer_mode->output out of locked sectionHerbert Xu2008-01-28
| | | | | | | | | | | | | RO mode is the only one that requires a locked output function. So it's easier to move the lock into that function rather than requiring everyone else to run under the lock. In particular, this allows us to move the size check into the output function without causing a potential dead-lock should the ICMP error somehow hit the same SA on transmission. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Merge common code into xfrm_bundle_createHerbert Xu2008-01-28
| | | | | | | | | | | | | | | | Half of the code in xfrm4_bundle_create and xfrm6_bundle_create are common. This patch extracts that logic and puts it into xfrm_bundle_create. The rest of it are then accessed through afinfo. As a result this fixes the problem with inter-family transforms where we treat every xfrm dst in the bundle as if it belongs to the top family. This patch also fixes a long-standing error-path bug where we may free the xfrm states twice. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Move flow construction into xfrm_dst_lookupHerbert Xu2008-01-28
| | | | | | | | | | | | | | This patch moves the flow construction from the callers of xfrm_dst_lookup into that function. It also changes xfrm_dst_lookup so that it takes an xfrm state as its argument instead of explicit addresses. This removes any address-specific logic from the callers of xfrm_dst_lookup which is needed to correctly support inter-family transforms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Use dst->header_len when resizing on outputHerbert Xu2008-01-28
| | | | | | | | | Currently we use x->props.header_len when resizing on output. However, if we're resizing at all we might as well go the whole hog and do it for the whole dst. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: Convert init_timer into setup_timerPavel Emelyanov2008-01-28
| | | | | | | | | | | | | Many-many code in the kernel initialized the timer->function and timer->data together with calling init_timer(timer). There is already a helper for this. Use it for networking code. The patch is HUGE, but makes the code 130 lines shorter (98 insertions(+), 228 deletions(-)). Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: xfrm_algo_clone() allocates too much memoryEric Dumazet2008-01-09
| | | | | | | | | | | | | alg_key_len is the length in bits of the key, not in bytes. Best way to fix this is to move alg_len() function from net/xfrm/xfrm_user.c to include/net/xfrm.h, and to use it in xfrm_algo_clone() alg_len() is renamed to xfrm_alg_len() because of its global exposition. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Do not define km_migrate() if !CONFIG_XFRM_MIGRATEEric Dumazet2008-01-04
| | | | | | | | | | | | | | | | | | | | | | In include/net/xfrm.h we find : #ifdef CONFIG_XFRM_MIGRATE extern int km_migrate(struct xfrm_selector *sel, u8 dir, u8 type, struct xfrm_migrate *m, int num_bundles); ... #endif We can also guard the function body itself in net/xfrm/xfrm_state.c with same condition. (Problem spoted by sparse checker) make C=2 net/xfrm/xfrm_state.o ... net/xfrm/xfrm_state.c:1765:5: warning: symbol 'km_migrate' was not declared. Should it be static? ... Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Audit function arguments misorderedPaul Moore2007-12-20
| | | | | | | | | | In several places the arguments to the xfrm_audit_start() function are in the wrong order resulting in incorrect user information being reported. This patch corrects this by pacing the arguments in the correct order. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Display the audited SPI value in host byte order.Paul Moore2007-12-14
| | | | | | | | | | Currently the IPsec protocol SPI values are written to the audit log in network byte order which is different from almost all other values which are recorded in host byte order. This patch corrects this inconsistency by writing the SPI values to the audit record in host byte order. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Fix potential dst leak in xfrm_lookupHerbert Xu2007-12-11
| | | | | | | | | | | If we get an error during the actual policy lookup we don't free the original dst while the caller expects us to always free the original dst in case of error. This patch fixes that. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Fix uninitialised dst warning in __xfrm_lookupHerbert Xu2007-11-29
| | | | | | | | | | | | | | | | | | | Andrew Morton reported that __xfrm_lookup generates this warning: net/xfrm/xfrm_policy.c: In function '__xfrm_lookup': net/xfrm/xfrm_policy.c:1449: warning: 'dst' may be used uninitialized in this function This is because if policy->action is of an unexpected value then dst will not be initialised. Of course, in practice this should never happen since the input layer xfrm_user/af_key will filter out all illegal values. But the compiler doesn't know that of course. So this patch fixes this by taking the conservative approach and treat all unknown actions the same as a blocking action. Thanks to Andrew for finding this and providing an initial fix. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>