linux/net/ipv6/ipcomp6.c
<<
>>
Prefs
   1// SPDX-License-Identifier: GPL-2.0-or-later
   2/*
   3 * IP Payload Compression Protocol (IPComp) for IPv6 - RFC3173
   4 *
   5 * Copyright (C)2003 USAGI/WIDE Project
   6 *
   7 * Author       Mitsuru KANDA  <mk@linux-ipv6.org>
   8 */
   9/*
  10 * [Memo]
  11 *
  12 * Outbound:
  13 *  The compression of IP datagram MUST be done before AH/ESP processing,
  14 *  fragmentation, and the addition of Hop-by-Hop/Routing header.
  15 *
  16 * Inbound:
  17 *  The decompression of IP datagram MUST be done after the reassembly,
  18 *  AH/ESP processing.
  19 */
  20
  21#define pr_fmt(fmt) "IPv6: " fmt
  22
  23#include <linux/module.h>
  24#include <net/ip.h>
  25#include <net/xfrm.h>
  26#include <net/ipcomp.h>
  27#include <linux/crypto.h>
  28#include <linux/err.h>
  29#include <linux/pfkeyv2.h>
  30#include <linux/random.h>
  31#include <linux/percpu.h>
  32#include <linux/smp.h>
  33#include <linux/list.h>
  34#include <linux/vmalloc.h>
  35#include <linux/rtnetlink.h>
  36#include <net/ip6_route.h>
  37#include <net/icmp.h>
  38#include <net/ipv6.h>
  39#include <net/protocol.h>
  40#include <linux/ipv6.h>
  41#include <linux/icmpv6.h>
  42#include <linux/mutex.h>
  43
  44static int ipcomp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
  45                                u8 type, u8 code, int offset, __be32 info)
  46{
  47        struct net *net = dev_net(skb->dev);
  48        __be32 spi;
  49        const struct ipv6hdr *iph = (const struct ipv6hdr *)skb->data;
  50        struct ip_comp_hdr *ipcomph =
  51                (struct ip_comp_hdr *)(skb->data + offset);
  52        struct xfrm_state *x;
  53
  54        if (type != ICMPV6_PKT_TOOBIG &&
  55            type != NDISC_REDIRECT)
  56                return 0;
  57
  58        spi = htonl(ntohs(ipcomph->cpi));
  59        x = xfrm_state_lookup(net, skb->mark, (const xfrm_address_t *)&iph->daddr,
  60                              spi, IPPROTO_COMP, AF_INET6);
  61        if (!x)
  62                return 0;
  63
  64        if (type == NDISC_REDIRECT)
  65                ip6_redirect(skb, net, skb->dev->ifindex, 0,
  66                             sock_net_uid(net, NULL));
  67        else
  68                ip6_update_pmtu(skb, net, info, 0, 0, sock_net_uid(net, NULL));
  69        xfrm_state_put(x);
  70
  71        return 0;
  72}
  73
  74static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x)
  75{
  76        struct net *net = xs_net(x);
  77        struct xfrm_state *t = NULL;
  78
  79        t = xfrm_state_alloc(net);
  80        if (!t)
  81                goto out;
  82
  83        t->id.proto = IPPROTO_IPV6;
  84        t->id.spi = xfrm6_tunnel_alloc_spi(net, (xfrm_address_t *)&x->props.saddr);
  85        if (!t->id.spi)
  86                goto error;
  87
  88        memcpy(t->id.daddr.a6, x->id.daddr.a6, sizeof(struct in6_addr));
  89        memcpy(&t->sel, &x->sel, sizeof(t->sel));
  90        t->props.family = AF_INET6;
  91        t->props.mode = x->props.mode;
  92        memcpy(t->props.saddr.a6, x->props.saddr.a6, sizeof(struct in6_addr));
  93        memcpy(&t->mark, &x->mark, sizeof(t->mark));
  94        t->if_id = x->if_id;
  95
  96        if (xfrm_init_state(t))
  97                goto error;
  98
  99        atomic_set(&t->tunnel_users, 1);
 100
 101out:
 102        return t;
 103
 104error:
 105        t->km.state = XFRM_STATE_DEAD;
 106        xfrm_state_put(t);
 107        t = NULL;
 108        goto out;
 109}
 110
 111static int ipcomp6_tunnel_attach(struct xfrm_state *x)
 112{
 113        struct net *net = xs_net(x);
 114        int err = 0;
 115        struct xfrm_state *t = NULL;
 116        __be32 spi;
 117        u32 mark = x->mark.m & x->mark.v;
 118
 119        spi = xfrm6_tunnel_spi_lookup(net, (xfrm_address_t *)&x->props.saddr);
 120        if (spi)
 121                t = xfrm_state_lookup(net, mark, (xfrm_address_t *)&x->id.daddr,
 122                                              spi, IPPROTO_IPV6, AF_INET6);
 123        if (!t) {
 124                t = ipcomp6_tunnel_create(x);
 125                if (!t) {
 126                        err = -EINVAL;
 127                        goto out;
 128                }
 129                xfrm_state_insert(t);
 130                xfrm_state_hold(t);
 131        }
 132        x->tunnel = t;
 133        atomic_inc(&t->tunnel_users);
 134
 135out:
 136        return err;
 137}
 138
 139static int ipcomp6_init_state(struct xfrm_state *x)
 140{
 141        int err = -EINVAL;
 142
 143        x->props.header_len = 0;
 144        switch (x->props.mode) {
 145        case XFRM_MODE_TRANSPORT:
 146                break;
 147        case XFRM_MODE_TUNNEL:
 148                x->props.header_len += sizeof(struct ipv6hdr);
 149                break;
 150        default:
 151                goto out;
 152        }
 153
 154        err = ipcomp_init_state(x);
 155        if (err)
 156                goto out;
 157
 158        if (x->props.mode == XFRM_MODE_TUNNEL) {
 159                err = ipcomp6_tunnel_attach(x);
 160                if (err)
 161                        goto out;
 162        }
 163
 164        err = 0;
 165out:
 166        return err;
 167}
 168
 169static int ipcomp6_rcv_cb(struct sk_buff *skb, int err)
 170{
 171        return 0;
 172}
 173
 174static const struct xfrm_type ipcomp6_type = {
 175        .owner          = THIS_MODULE,
 176        .proto          = IPPROTO_COMP,
 177        .init_state     = ipcomp6_init_state,
 178        .destructor     = ipcomp_destroy,
 179        .input          = ipcomp_input,
 180        .output         = ipcomp_output,
 181};
 182
 183static struct xfrm6_protocol ipcomp6_protocol = {
 184        .handler        = xfrm6_rcv,
 185        .input_handler  = xfrm_input,
 186        .cb_handler     = ipcomp6_rcv_cb,
 187        .err_handler    = ipcomp6_err,
 188        .priority       = 0,
 189};
 190
 191static int __init ipcomp6_init(void)
 192{
 193        if (xfrm_register_type(&ipcomp6_type, AF_INET6) < 0) {
 194                pr_info("%s: can't add xfrm type\n", __func__);
 195                return -EAGAIN;
 196        }
 197        if (xfrm6_protocol_register(&ipcomp6_protocol, IPPROTO_COMP) < 0) {
 198                pr_info("%s: can't add protocol\n", __func__);
 199                xfrm_unregister_type(&ipcomp6_type, AF_INET6);
 200                return -EAGAIN;
 201        }
 202        return 0;
 203}
 204
 205static void __exit ipcomp6_fini(void)
 206{
 207        if (xfrm6_protocol_deregister(&ipcomp6_protocol, IPPROTO_COMP) < 0)
 208                pr_info("%s: can't remove protocol\n", __func__);
 209        xfrm_unregister_type(&ipcomp6_type, AF_INET6);
 210}
 211
 212module_init(ipcomp6_init);
 213module_exit(ipcomp6_fini);
 214MODULE_LICENSE("GPL");
 215MODULE_DESCRIPTION("IP Payload Compression Protocol (IPComp) for IPv6 - RFC3173");
 216MODULE_AUTHOR("Mitsuru KANDA <mk@linux-ipv6.org>");
 217
 218MODULE_ALIAS_XFRM_TYPE(AF_INET6, XFRM_PROTO_COMP);
 219