cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

xfrm4_tunnel.c (2676B)

      1// SPDX-License-Identifier: GPL-2.0-only
      2/* xfrm4_tunnel.c: Generic IP tunnel transformer.
      3 *
      4 * Copyright (C) 2003 David S. Miller (davem@redhat.com)
      5 */
      6
      7#define pr_fmt(fmt) "IPsec: " fmt
      8
      9#include <linux/skbuff.h>
     10#include <linux/module.h>
     11#include <net/xfrm.h>
     12#include <net/protocol.h>
     13
     14static int ipip_output(struct xfrm_state *x, struct sk_buff *skb)
     15{
     16	skb_push(skb, -skb_network_offset(skb));
     17	return 0;
     18}
     19
     20static int ipip_xfrm_rcv(struct xfrm_state *x, struct sk_buff *skb)
     21{
     22	return ip_hdr(skb)->protocol;
     23}
     24
     25static int ipip_init_state(struct xfrm_state *x)
     26{
     27	if (x->props.mode != XFRM_MODE_TUNNEL)
     28		return -EINVAL;
     29
     30	if (x->encap)
     31		return -EINVAL;
     32
     33	x->props.header_len = sizeof(struct iphdr);
     34
     35	return 0;
     36}
     37
     38static void ipip_destroy(struct xfrm_state *x)
     39{
     40}
     41
     42static const struct xfrm_type ipip_type = {
     43	.owner		= THIS_MODULE,
     44	.proto	     	= IPPROTO_IPIP,
     45	.init_state	= ipip_init_state,
     46	.destructor	= ipip_destroy,
     47	.input		= ipip_xfrm_rcv,
     48	.output		= ipip_output
     49};
     50
     51static int xfrm_tunnel_rcv(struct sk_buff *skb)
     52{
     53	return xfrm4_rcv_spi(skb, IPPROTO_IPIP, ip_hdr(skb)->saddr);
     54}
     55
     56static int xfrm_tunnel_err(struct sk_buff *skb, u32 info)
     57{
     58	return -ENOENT;
     59}
     60
     61static struct xfrm_tunnel xfrm_tunnel_handler __read_mostly = {
     62	.handler	=	xfrm_tunnel_rcv,
     63	.err_handler	=	xfrm_tunnel_err,
     64	.priority	=	4,
     65};
     66
     67#if IS_ENABLED(CONFIG_IPV6)
     68static struct xfrm_tunnel xfrm64_tunnel_handler __read_mostly = {
     69	.handler	=	xfrm_tunnel_rcv,
     70	.err_handler	=	xfrm_tunnel_err,
     71	.priority	=	3,
     72};
     73#endif
     74
     75static int __init ipip_init(void)
     76{
     77	if (xfrm_register_type(&ipip_type, AF_INET) < 0) {
     78		pr_info("%s: can't add xfrm type\n", __func__);
     79		return -EAGAIN;
     80	}
     81
     82	if (xfrm4_tunnel_register(&xfrm_tunnel_handler, AF_INET)) {
     83		pr_info("%s: can't add xfrm handler for AF_INET\n", __func__);
     84		xfrm_unregister_type(&ipip_type, AF_INET);
     85		return -EAGAIN;
     86	}
     87#if IS_ENABLED(CONFIG_IPV6)
     88	if (xfrm4_tunnel_register(&xfrm64_tunnel_handler, AF_INET6)) {
     89		pr_info("%s: can't add xfrm handler for AF_INET6\n", __func__);
     90		xfrm4_tunnel_deregister(&xfrm_tunnel_handler, AF_INET);
     91		xfrm_unregister_type(&ipip_type, AF_INET);
     92		return -EAGAIN;
     93	}
     94#endif
     95	return 0;
     96}
     97
     98static void __exit ipip_fini(void)
     99{
    100#if IS_ENABLED(CONFIG_IPV6)
    101	if (xfrm4_tunnel_deregister(&xfrm64_tunnel_handler, AF_INET6))
    102		pr_info("%s: can't remove xfrm handler for AF_INET6\n",
    103			__func__);
    104#endif
    105	if (xfrm4_tunnel_deregister(&xfrm_tunnel_handler, AF_INET))
    106		pr_info("%s: can't remove xfrm handler for AF_INET\n",
    107			__func__);
    108	xfrm_unregister_type(&ipip_type, AF_INET);
    109}
    110
    111module_init(ipip_init);
    112module_exit(ipip_fini);
    113MODULE_LICENSE("GPL");
    114MODULE_ALIAS_XFRM_TYPE(AF_INET, XFRM_PROTO_IPIP);