LXR linux/net/ipv6/ipcomp6.c

   1// SPDX-License-Identifier: GPL-2.0-or-later
   2/*
   3 * IP Payload Compression Protocol (IPComp) for IPv6 - RFC3173
   4 *
   5 * Copyright (C)2003 USAGI/WIDE Project
   6 *
   7 * Author       Mitsuru KANDA  <mk@linux-ipv6.org>
   8 */
   9/*
  10 * [Memo]
  11 *
  12 * Outbound:
  13 *  The compression of IP datagram MUST be done before AH/ESP processing,
  14 *  fragmentation, and the addition of Hop-by-Hop/Routing header.
  15 *
  16 * Inbound:
  17 *  The decompression of IP datagram MUST be done after the reassembly,
  18 *  AH/ESP processing.
  19 */
  20
  21#define pr_fmt(fmt) "IPv6: " fmt
  22
  23#include <linux/module.h>
  24#include <net/ip.h>
  25#include <net/xfrm.h>
  26#include <net/ipcomp.h>
  27#include <linux/crypto.h>
  28#include <linux/err.h>
  29#include <linux/pfkeyv2.h>
  30#include <linux/random.h>
  31#include <linux/percpu.h>
  32#include <linux/smp.h>
  33#include <linux/list.h>
  34#include <linux/vmalloc.h>
  35#include <linux/rtnetlink.h>
  36#include <net/ip6_route.h>
  37#include <net/icmp.h>
  38#include <net/ipv6.h>
  39#include <net/protocol.h>
  40#include <linux/ipv6.h>
  41#include <linux/icmpv6.h>
  42#include <linux/mutex.h>
  43
  44static int ipcomp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
  45                                u8 type, u8 code, int offset, __be32 info)
  46{
  47        struct net *net = dev_net(skb->dev);
  48        __be32 spi;
  49        const struct ipv6hdr *iph = (const struct ipv6hdr *)skb->data;
  50        struct ip_comp_hdr *ipcomph =
  51                (struct ip_comp_hdr *)(skb->data + offset);
  52        struct xfrm_state *x;
  53
  54        if (type != ICMPV6_PKT_TOOBIG &&
  55            type != NDISC_REDIRECT)
  56                return 0;
  57
  58        spi = htonl(ntohs(ipcomph->cpi));
  59        x = xfrm_state_lookup(net, skb->mark, (const xfrm_address_t *)&iph->daddr,
  60                              spi, IPPROTO_COMP, AF_INET6);
  61        if (!x)
  62                return 0;
  63
  64        if (type == NDISC_REDIRECT)
  65                ip6_redirect(skb, net, skb->dev->ifindex, 0,
  66                             sock_net_uid(net, NULL));
  67        else
  68                ip6_update_pmtu(skb, net, info, 0, 0, sock_net_uid(net, NULL));
  69        xfrm_state_put(x);
  70
  71        return 0;
  72}
  73
  74static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x)
  75{
  76        struct net *net = xs_net(x);
  77        struct xfrm_state *t = NULL;
  78
  79        t = xfrm_state_alloc(net);
  80        if (!t)
  81                goto out;
  82
  83        t->id.proto = IPPROTO_IPV6;
  84        t->id.spi = xfrm6_tunnel_alloc_spi(net, (xfrm_address_t *)&x->props.saddr);
  85        if (!t->id.spi)
  86                goto error;
  87
  88        memcpy(t->id.daddr.a6, x->id.daddr.a6, sizeof(struct in6_addr));
  89        memcpy(&t->sel, &x->sel, sizeof(t->sel));
  90        t->props.family = AF_INET6;
  91        t->props.mode = x->props.mode;
  92        memcpy(t->props.saddr.a6, x->props.saddr.a6, sizeof(struct in6_addr));
  93        memcpy(&t->mark, &x->mark, sizeof(t->mark));
  94
  95        if (xfrm_init_state(t))
  96                goto error;
  97
  98        atomic_set(&t->tunnel_users, 1);
  99
 100out:
 101        return t;
 102
 103error:
 104        t->km.state = XFRM_STATE_DEAD;
 105        xfrm_state_put(t);
 106        t = NULL;
 107        goto out;
 108}
 109
 110static int ipcomp6_tunnel_attach(struct xfrm_state *x)
 111{
 112        struct net *net = xs_net(x);
 113        int err = 0;
 114        struct xfrm_state *t = NULL;
 115        __be32 spi;
 116        u32 mark = x->mark.m & x->mark.v;
 117
 118        spi = xfrm6_tunnel_spi_lookup(net, (xfrm_address_t *)&x->props.saddr);
 119        if (spi)
 120                t = xfrm_state_lookup(net, mark, (xfrm_address_t *)&x->id.daddr,
 121                                              spi, IPPROTO_IPV6, AF_INET6);
 122        if (!t) {
 123                t = ipcomp6_tunnel_create(x);
 124                if (!t) {
 125                        err = -EINVAL;
 126                        goto out;
 127                }
 128                xfrm_state_insert(t);
 129                xfrm_state_hold(t);
 130        }
 131        x->tunnel = t;
 132        atomic_inc(&t->tunnel_users);
 133
 134out:
 135        return err;
 136}
 137
 138static int ipcomp6_init_state(struct xfrm_state *x)
 139{
 140        int err = -EINVAL;
 141
 142        x->props.header_len = 0;
 143        switch (x->props.mode) {
 144        case XFRM_MODE_TRANSPORT:
 145                break;
 146        case XFRM_MODE_TUNNEL:
 147                x->props.header_len += sizeof(struct ipv6hdr);
 148                break;
 149        default:
 150                goto out;
 151        }
 152
 153        err = ipcomp_init_state(x);
 154        if (err)
 155                goto out;
 156
 157        if (x->props.mode == XFRM_MODE_TUNNEL) {
 158                err = ipcomp6_tunnel_attach(x);
 159                if (err)
 160                        goto out;
 161        }
 162
 163        err = 0;
 164out:
 165        return err;
 166}
 167
 168static int ipcomp6_rcv_cb(struct sk_buff *skb, int err)
 169{
 170        return 0;
 171}
 172
 173static const struct xfrm_type ipcomp6_type = {
 174        .description    = "IPCOMP6",
 175        .owner          = THIS_MODULE,
 176        .proto          = IPPROTO_COMP,
 177        .init_state     = ipcomp6_init_state,
 178        .destructor     = ipcomp_destroy,
 179        .input          = ipcomp_input,
 180        .output         = ipcomp_output,
 181        .hdr_offset     = xfrm6_find_1stfragopt,
 182};
 183
 184static struct xfrm6_protocol ipcomp6_protocol = {
 185        .handler        = xfrm6_rcv,
 186        .cb_handler     = ipcomp6_rcv_cb,
 187        .err_handler    = ipcomp6_err,
 188        .priority       = 0,
 189};
 190
 191static int __init ipcomp6_init(void)
 192{
 193        if (xfrm_register_type(&ipcomp6_type, AF_INET6) < 0) {
 194                pr_info("%s: can't add xfrm type\n", __func__);
 195                return -EAGAIN;
 196        }
 197        if (xfrm6_protocol_register(&ipcomp6_protocol, IPPROTO_COMP) < 0) {
 198                pr_info("%s: can't add protocol\n", __func__);
 199                xfrm_unregister_type(&ipcomp6_type, AF_INET6);
 200                return -EAGAIN;
 201        }
 202        return 0;
 203}
 204
 205static void __exit ipcomp6_fini(void)
 206{
 207        if (xfrm6_protocol_deregister(&ipcomp6_protocol, IPPROTO_COMP) < 0)
 208                pr_info("%s: can't remove protocol\n", __func__);
 209        xfrm_unregister_type(&ipcomp6_type, AF_INET6);
 210}
 211
 212module_init(ipcomp6_init);
 213module_exit(ipcomp6_fini);
 214MODULE_LICENSE("GPL");
 215MODULE_DESCRIPTION("IP Payload Compression Protocol (IPComp) for IPv6 - RFC3173");
 216MODULE_AUTHOR("Mitsuru KANDA <mk@linux-ipv6.org>");
 217
 218MODULE_ALIAS_XFRM_TYPE(AF_INET6, XFRM_PROTO_COMP);
 219