nagai/kernel
3
0
Fork 0
forked from mirrors/linux
Code Pull requests Activity

xfrm: Introduce xfrm_input_afinfo to access the the callbacks properly

Browse source 
IPv6 can be build as a module, so we need mechanism to access
the address family dependent callback functions properly.
Therefore we introduce xfrm_input_afinfo, similar to that
what we have for the address family dependent part of
policies and states.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
This commit is contained in:
Steffen Klassert 2014-03-14 07:28:07 +01:00
parent 870a2df4ca
commit 2f32b51b60
4 changed files with 99 additions and 13 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

23
include/net/xfrm.h
View file

@ -349,6 +349,16 @@ int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo);
struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned int family); struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned int family);
void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo); void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo);
struct xfrm_input_afinfo {
unsigned int family;
struct module *owner;
int (*callback)(struct sk_buff *skb, u8 protocol,
int err);
};
int xfrm_input_register_afinfo(struct xfrm_input_afinfo *afinfo);
int xfrm_input_unregister_afinfo(struct xfrm_input_afinfo *afinfo);
void xfrm_state_delete_tunnel(struct xfrm_state *x); void xfrm_state_delete_tunnel(struct xfrm_state *x);
struct xfrm_type { struct xfrm_type {
@ -1392,6 +1402,7 @@ void xfrm4_init(void);
int xfrm_state_init(struct net *net); int xfrm_state_init(struct net *net);
void xfrm_state_fini(struct net *net); void xfrm_state_fini(struct net *net);
void xfrm4_state_init(void); void xfrm4_state_init(void);
void xfrm4_protocol_init(void);
#ifdef CONFIG_XFRM #ifdef CONFIG_XFRM
int xfrm6_init(void); int xfrm6_init(void);
void xfrm6_fini(void); void xfrm6_fini(void);
@ -1773,18 +1784,6 @@ static inline int xfrm_mark_put(struct sk_buff *skb, const struct xfrm_mark *m)
return ret; return ret;
} }
static inline int xfrm_rcv_cb(struct sk_buff *skb, unsigned int family,
u8 protocol, int err)
{
switch(family) {
#ifdef CONFIG_INET
case AF_INET:
return xfrm4_rcv_cb(skb, protocol, err);
#endif
}
return 0;
}
static inline int xfrm_tunnel_check(struct sk_buff *skb, struct xfrm_state *x, static inline int xfrm_tunnel_check(struct sk_buff *skb, struct xfrm_state *x,
unsigned int family) unsigned int family)
{ {

1
net/ipv4/xfrm4_policy.c
View file

@ -325,6 +325,7 @@ void __init xfrm4_init(void)
xfrm4_state_init(); xfrm4_state_init();
xfrm4_policy_init(); xfrm4_policy_init();
xfrm4_protocol_init();
#ifdef CONFIG_SYSCTL #ifdef CONFIG_SYSCTL
register_pernet_subsys(&xfrm4_net_ops); register_pernet_subsys(&xfrm4_net_ops);
#endif #endif

13
net/ipv4/xfrm4_protocol.c
View file

@ -179,6 +179,12 @@ static const struct net_protocol ipcomp4_protocol = {
.netns_ok = 1, .netns_ok = 1,
}; };
static struct xfrm_input_afinfo xfrm4_input_afinfo = {
.family = AF_INET,
.owner = THIS_MODULE,
.callback = xfrm4_rcv_cb,
};
static inline const struct net_protocol *netproto(unsigned char protocol) static inline const struct net_protocol *netproto(unsigned char protocol)
{ {
switch (protocol) { switch (protocol) {
@ -199,7 +205,6 @@ int xfrm4_protocol_register(struct xfrm4_protocol *handler,
struct xfrm4_protocol __rcu **pprev; struct xfrm4_protocol __rcu **pprev;
struct xfrm4_protocol *t; struct xfrm4_protocol *t;
bool add_netproto = false; bool add_netproto = false;
int ret = -EEXIST; int ret = -EEXIST;
int priority = handler->priority; int priority = handler->priority;
@ -273,3 +278,9 @@ int xfrm4_protocol_deregister(struct xfrm4_protocol *handler,
return ret; return ret;
} }
EXPORT_SYMBOL(xfrm4_protocol_deregister); EXPORT_SYMBOL(xfrm4_protocol_deregister);
void __init xfrm4_protocol_init(void)
{
xfrm_input_register_afinfo(&xfrm4_input_afinfo);
}
EXPORT_SYMBOL(xfrm4_protocol_init);

75
net/xfrm/xfrm_input.c
View file

@ -16,6 +16,81 @@
static struct kmem_cache *secpath_cachep __read_mostly; static struct kmem_cache *secpath_cachep __read_mostly;
static DEFINE_SPINLOCK(xfrm_input_afinfo_lock);
static struct xfrm_input_afinfo __rcu *xfrm_input_afinfo[NPROTO];
int xfrm_input_register_afinfo(struct xfrm_input_afinfo *afinfo)
{
int err = 0;
if (unlikely(afinfo == NULL))
return -EINVAL;
if (unlikely(afinfo->family >= NPROTO))
return -EAFNOSUPPORT;
spin_lock_bh(&xfrm_input_afinfo_lock);
if (unlikely(xfrm_input_afinfo[afinfo->family] != NULL))
err = -ENOBUFS;
else
rcu_assign_pointer(xfrm_input_afinfo[afinfo->family], afinfo);
spin_unlock_bh(&xfrm_input_afinfo_lock);
return err;
}
EXPORT_SYMBOL(xfrm_input_register_afinfo);
int xfrm_input_unregister_afinfo(struct xfrm_input_afinfo *afinfo)
{
int err = 0;
if (unlikely(afinfo == NULL))
return -EINVAL;
if (unlikely(afinfo->family >= NPROTO))
return -EAFNOSUPPORT;
spin_lock_bh(&xfrm_input_afinfo_lock);
if (likely(xfrm_input_afinfo[afinfo->family] != NULL)) {
if (unlikely(xfrm_input_afinfo[afinfo->family] != afinfo))
err = -EINVAL;
else
RCU_INIT_POINTER(xfrm_input_afinfo[afinfo->family], NULL);
}
spin_unlock_bh(&xfrm_input_afinfo_lock);
synchronize_rcu();
return err;
}
EXPORT_SYMBOL(xfrm_input_unregister_afinfo);
static struct xfrm_input_afinfo *xfrm_input_get_afinfo(unsigned int family)
{
struct xfrm_input_afinfo *afinfo;
if (unlikely(family >= NPROTO))
return NULL;
rcu_read_lock();
afinfo = rcu_dereference(xfrm_input_afinfo[family]);
if (unlikely(!afinfo))
rcu_read_unlock();
return afinfo;
}
static void xfrm_input_put_afinfo(struct xfrm_input_afinfo *afinfo)
{
rcu_read_unlock();
}
static int xfrm_rcv_cb(struct sk_buff *skb, unsigned int family, u8 protocol,
int err)
{
int ret;
struct xfrm_input_afinfo *afinfo = xfrm_input_get_afinfo(family);
if (!afinfo)
return -EAFNOSUPPORT;
ret = afinfo->callback(skb, protocol, err);
xfrm_input_put_afinfo(afinfo);
return ret;
}
void __secpath_destroy(struct sec_path *sp) void __secpath_destroy(struct sec_path *sp)
{ {
int i; int i;