X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=net%2Fipv6%2Fxfrm6_tunnel.c;h=1df30ba70200ae4c15bad187dc38c9724b4129b2;hb=6a77f38946aaee1cd85eeec6cf4229b204c15071;hp=f5a06546d301e121bb10fb5c66b6f0e20cba77e1;hpb=5fc42a6ed0ec81088c37caadb45898ae6cd0ad2c;p=linux-2.6.git diff --git a/net/ipv6/xfrm6_tunnel.c b/net/ipv6/xfrm6_tunnel.c index f5a06546d..1df30ba70 100644 --- a/net/ipv6/xfrm6_tunnel.c +++ b/net/ipv6/xfrm6_tunnel.c @@ -27,8 +27,8 @@ #include #include #include -#include #include +#include #include #include @@ -72,7 +72,7 @@ struct xfrm6_tunnel_spi { # define XFRM6_TUNNEL_SPI_MAGIC 0xdeadbeef #endif -static rwlock_t xfrm6_tunnel_spi_lock = RW_LOCK_UNLOCKED; +static DEFINE_RWLOCK(xfrm6_tunnel_spi_lock); static u32 xfrm6_tunnel_spi; @@ -343,83 +343,18 @@ void xfrm6_tunnel_free_spi(xfrm_address_t *saddr) EXPORT_SYMBOL(xfrm6_tunnel_free_spi); -int xfrm6_tunnel_check_size(struct sk_buff *skb) +static int xfrm6_tunnel_output(struct sk_buff *skb) { - int mtu, ret = 0; - struct dst_entry *dst = skb->dst; + struct ipv6hdr *top_iph; - mtu = dst_pmtu(dst) - sizeof(struct ipv6hdr); - if (mtu < IPV6_MIN_MTU) - mtu = IPV6_MIN_MTU; - - if (skb->len > mtu) { - icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); - ret = -EMSGSIZE; - } - - return ret; -} - -EXPORT_SYMBOL(xfrm6_tunnel_check_size); - -static int xfrm6_tunnel_output(struct sk_buff **pskb) -{ - struct sk_buff *skb = *pskb; - struct dst_entry *dst = skb->dst; - struct xfrm_state *x = dst->xfrm; - struct ipv6hdr *iph, *top_iph; - int err; - - if ((err = xfrm6_tunnel_check_size(skb)) != 0) - goto error_nolock; - - iph = skb->nh.ipv6h; - - top_iph = (struct ipv6hdr *)skb_push(skb, x->props.header_len); - top_iph->version = 6; - top_iph->priority = iph->priority; - top_iph->flow_lbl[0] = iph->flow_lbl[0]; - top_iph->flow_lbl[1] = iph->flow_lbl[1]; - top_iph->flow_lbl[2] = iph->flow_lbl[2]; - top_iph->nexthdr = IPPROTO_IPV6; + top_iph = (struct ipv6hdr *)skb->data; top_iph->payload_len = htons(skb->len - sizeof(struct ipv6hdr)); - top_iph->hop_limit = iph->hop_limit; - memcpy(&top_iph->saddr, (struct in6_addr *)&x->props.saddr, sizeof(struct in6_addr)); - memcpy(&top_iph->daddr, (struct in6_addr *)&x->id.daddr, sizeof(struct in6_addr)); - skb->nh.raw = skb->data; - skb->h.raw = skb->nh.raw + sizeof(struct ipv6hdr); - x->curlft.bytes += skb->len; - x->curlft.packets++; - - spin_unlock_bh(&x->lock); - - if ((skb->dst = dst_pop(dst)) == NULL) { - kfree_skb(skb); - err = -EHOSTUNREACH; - goto error_nolock; - } - - return NET_XMIT_BYPASS; - -error_nolock: - kfree_skb(skb); - return err; + return 0; } static int xfrm6_tunnel_input(struct xfrm_state *x, struct xfrm_decap_state *decap, struct sk_buff *skb) { - if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) - return -EINVAL; - - skb->mac.raw = skb->nh.raw; - skb->nh.raw = skb->data; - dst_release(skb->dst); - skb->dst = NULL; - skb->protocol = htons(ETH_P_IPV6); - skb->pkt_type = PACKET_HOST; - netif_rx(skb); - return 0; } @@ -466,49 +401,15 @@ static int xfrm6_tunnel_rcv(struct sk_buff **pskb, unsigned int *nhoffp) { struct sk_buff *skb = *pskb; struct xfrm6_tunnel *handler = xfrm6_tunnel_handler; - struct xfrm_state *x = NULL; struct ipv6hdr *iph = skb->nh.ipv6h; - int err = 0; u32 spi; /* device-like_ip6ip6_handler() */ - if (handler) { - err = handler->handler(pskb, nhoffp); - if (!err) - goto out; - } + if (handler && handler->handler(pskb, nhoffp) == 0) + return 0; spi = xfrm6_tunnel_spi_lookup((xfrm_address_t *)&iph->saddr); - x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr, - spi, - IPPROTO_IPV6, AF_INET6); - - if (!x) - goto drop; - - spin_lock(&x->lock); - - if (unlikely(x->km.state != XFRM_STATE_VALID)) - goto drop_unlock; - - err = xfrm6_tunnel_input(x, NULL, skb); - if (err) - goto drop_unlock; - - x->curlft.bytes += skb->len; - x->curlft.packets++; - spin_unlock(&x->lock); - xfrm_state_put(x); - -out: - return 0; - -drop_unlock: - spin_unlock(&x->lock); - xfrm_state_put(x); -drop: - kfree_skb(skb); - return -1; + return xfrm6_rcv_spi(pskb, nhoffp, spi); } static void xfrm6_tunnel_err(struct sk_buff *skb, struct inet6_skb_parm *opt, @@ -570,6 +471,9 @@ static int xfrm6_tunnel_init_state(struct xfrm_state *x, void *args) if (!x->props.mode) return -EINVAL; + if (x->encap) + return -EINVAL; + x->props.header_len = sizeof(struct ipv6hdr); return 0; @@ -596,31 +500,32 @@ static struct inet6_protocol xfrm6_tunnel_protocol = { .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, }; -void __init xfrm6_tunnel_init(void) +static int __init xfrm6_tunnel_init(void) { X6TPRINTK3(KERN_DEBUG "%s()\n", __FUNCTION__); if (xfrm_register_type(&xfrm6_tunnel_type, AF_INET6) < 0) { X6TPRINTK1(KERN_ERR "xfrm6_tunnel init: can't add xfrm type\n"); - return; + return -EAGAIN; } if (inet6_add_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6) < 0) { X6TPRINTK1(KERN_ERR "xfrm6_tunnel init(): can't add protocol\n"); xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6); - return; + return -EAGAIN; } if (xfrm6_tunnel_spi_init() < 0) { X6TPRINTK1(KERN_ERR "xfrm6_tunnel init: failed to initialize spi\n"); inet6_del_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6); xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6); - return; + return -EAGAIN; } + return 0; } -void __exit xfrm6_tunnel_fini(void) +static void __exit xfrm6_tunnel_fini(void) { X6TPRINTK3(KERN_DEBUG "%s()\n", __FUNCTION__); @@ -632,3 +537,7 @@ void __exit xfrm6_tunnel_fini(void) X6TPRINTK1(KERN_ERR "xfrm6_tunnel close: can't remove xfrm type\n"); } + +module_init(xfrm6_tunnel_init); +module_exit(xfrm6_tunnel_fini); +MODULE_LICENSE("GPL");