1 /* xfrm6_protocol.c - Generic xfrm protocol multiplexer for ipv6.
3 * Copyright (C) 2013 secunet Security Networks AG
6 * Steffen Klassert <steffen.klassert@secunet.com>
9 * net/ipv4/xfrm4_protocol.c
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version
14 * 2 of the License, or (at your option) any later version.
17 #include <linux/init.h>
18 #include <linux/mutex.h>
19 #include <linux/skbuff.h>
20 #include <linux/icmpv6.h>
22 #include <net/protocol.h>
25 static struct xfrm6_protocol __rcu *esp6_handlers __read_mostly;
26 static struct xfrm6_protocol __rcu *ah6_handlers __read_mostly;
27 static struct xfrm6_protocol __rcu *ipcomp6_handlers __read_mostly;
28 static DEFINE_MUTEX(xfrm6_protocol_mutex);
30 static inline struct xfrm6_protocol __rcu **proto_handlers(u8 protocol)
34 return &esp6_handlers;
38 return &ipcomp6_handlers;
44 #define for_each_protocol_rcu(head, handler) \
45 for (handler = rcu_dereference(head); \
47 handler = rcu_dereference(handler->next)) \
49 static int xfrm6_rcv_cb(struct sk_buff *skb, u8 protocol, int err)
52 struct xfrm6_protocol *handler;
53 struct xfrm6_protocol __rcu **head = proto_handlers(protocol);
58 for_each_protocol_rcu(*proto_handlers(protocol), handler)
59 if ((ret = handler->cb_handler(skb, err)) <= 0)
65 static int xfrm6_esp_rcv(struct sk_buff *skb)
68 struct xfrm6_protocol *handler;
70 XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip6 = NULL;
72 for_each_protocol_rcu(esp6_handlers, handler)
73 if ((ret = handler->handler(skb)) != -EINVAL)
76 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0);
82 static int xfrm6_esp_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
83 u8 type, u8 code, int offset, __be32 info)
85 struct xfrm6_protocol *handler;
87 for_each_protocol_rcu(esp6_handlers, handler)
88 if (!handler->err_handler(skb, opt, type, code, offset, info))
94 static int xfrm6_ah_rcv(struct sk_buff *skb)
97 struct xfrm6_protocol *handler;
99 XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip6 = NULL;
101 for_each_protocol_rcu(ah6_handlers, handler)
102 if ((ret = handler->handler(skb)) != -EINVAL)
105 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0);
111 static int xfrm6_ah_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
112 u8 type, u8 code, int offset, __be32 info)
114 struct xfrm6_protocol *handler;
116 for_each_protocol_rcu(ah6_handlers, handler)
117 if (!handler->err_handler(skb, opt, type, code, offset, info))
123 static int xfrm6_ipcomp_rcv(struct sk_buff *skb)
126 struct xfrm6_protocol *handler;
128 XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip6 = NULL;
130 for_each_protocol_rcu(ipcomp6_handlers, handler)
131 if ((ret = handler->handler(skb)) != -EINVAL)
134 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0);
140 static int xfrm6_ipcomp_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
141 u8 type, u8 code, int offset, __be32 info)
143 struct xfrm6_protocol *handler;
145 for_each_protocol_rcu(ipcomp6_handlers, handler)
146 if (!handler->err_handler(skb, opt, type, code, offset, info))
152 static const struct inet6_protocol esp6_protocol = {
153 .handler = xfrm6_esp_rcv,
154 .err_handler = xfrm6_esp_err,
155 .flags = INET6_PROTO_NOPOLICY,
158 static const struct inet6_protocol ah6_protocol = {
159 .handler = xfrm6_ah_rcv,
160 .err_handler = xfrm6_ah_err,
161 .flags = INET6_PROTO_NOPOLICY,
164 static const struct inet6_protocol ipcomp6_protocol = {
165 .handler = xfrm6_ipcomp_rcv,
166 .err_handler = xfrm6_ipcomp_err,
167 .flags = INET6_PROTO_NOPOLICY,
170 static const struct xfrm_input_afinfo xfrm6_input_afinfo = {
172 .callback = xfrm6_rcv_cb,
175 static inline const struct inet6_protocol *netproto(unsigned char protocol)
179 return &esp6_protocol;
181 return &ah6_protocol;
183 return &ipcomp6_protocol;
189 int xfrm6_protocol_register(struct xfrm6_protocol *handler,
190 unsigned char protocol)
192 struct xfrm6_protocol __rcu **pprev;
193 struct xfrm6_protocol *t;
194 bool add_netproto = false;
196 int priority = handler->priority;
198 if (!proto_handlers(protocol) || !netproto(protocol))
201 mutex_lock(&xfrm6_protocol_mutex);
203 if (!rcu_dereference_protected(*proto_handlers(protocol),
204 lockdep_is_held(&xfrm6_protocol_mutex)))
207 for (pprev = proto_handlers(protocol);
208 (t = rcu_dereference_protected(*pprev,
209 lockdep_is_held(&xfrm6_protocol_mutex))) != NULL;
211 if (t->priority < priority)
213 if (t->priority == priority)
217 handler->next = *pprev;
218 rcu_assign_pointer(*pprev, handler);
223 mutex_unlock(&xfrm6_protocol_mutex);
226 if (inet6_add_protocol(netproto(protocol), protocol)) {
227 pr_err("%s: can't add protocol\n", __func__);
234 EXPORT_SYMBOL(xfrm6_protocol_register);
236 int xfrm6_protocol_deregister(struct xfrm6_protocol *handler,
237 unsigned char protocol)
239 struct xfrm6_protocol __rcu **pprev;
240 struct xfrm6_protocol *t;
243 if (!proto_handlers(protocol) || !netproto(protocol))
246 mutex_lock(&xfrm6_protocol_mutex);
248 for (pprev = proto_handlers(protocol);
249 (t = rcu_dereference_protected(*pprev,
250 lockdep_is_held(&xfrm6_protocol_mutex))) != NULL;
253 *pprev = handler->next;
259 if (!rcu_dereference_protected(*proto_handlers(protocol),
260 lockdep_is_held(&xfrm6_protocol_mutex))) {
261 if (inet6_del_protocol(netproto(protocol), protocol) < 0) {
262 pr_err("%s: can't remove protocol\n", __func__);
267 mutex_unlock(&xfrm6_protocol_mutex);
273 EXPORT_SYMBOL(xfrm6_protocol_deregister);
275 int __init xfrm6_protocol_init(void)
277 return xfrm_input_register_afinfo(&xfrm6_input_afinfo);
280 void xfrm6_protocol_fini(void)
282 xfrm_input_unregister_afinfo(&xfrm6_input_afinfo);