Merge branch 'for-2.6.27' of git://git.marvell.com/mv643xx_eth into upstream-fixes

[pandora-kernel.git] / net / xfrm / xfrm_user.c

diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 019d21d..04c4150 100644 (file)
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -50,19 +50,8 @@ static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type)
 
        switch (type) {
        case XFRMA_ALG_AUTH:
-               if (!algp->alg_key_len &&
-                   strcmp(algp->alg_name, "digest_null") != 0)
-                       return -EINVAL;
-               break;
-
        case XFRMA_ALG_CRYPT:
-               if (!algp->alg_key_len &&
-                   strcmp(algp->alg_name, "cipher_null") != 0)
-                       return -EINVAL;
-               break;
-
        case XFRMA_ALG_COMP:
-               /* Zero length keys are legal.  */
                break;
 
        default:
@@ -288,9 +277,8 @@ static void copy_from_user_state(struct xfrm_state *x, struct xfrm_usersa_info *
        memcpy(&x->props.saddr, &p->saddr, sizeof(x->props.saddr));
        x->props.flags = p->flags;
 
-       if (!x->sel.family)
+       if (!x->sel.family && !(p->flags & XFRM_STATE_AF_UNSPEC))
                x->sel.family = p->family;
-
 }
 
 /*
@@ -407,6 +395,9 @@ static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
        struct xfrm_state *x;
        int err;
        struct km_event c;
+       uid_t loginuid = NETLINK_CB(skb).loginuid;
+       u32 sessionid = NETLINK_CB(skb).sessionid;
+       u32 sid = NETLINK_CB(skb).sid;
 
        err = verify_newsa_info(p, attrs);
        if (err)
@@ -422,8 +413,7 @@ static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
        else
                err = xfrm_state_update(x);
 
-       xfrm_audit_state_add(x, err ? 0 : 1, NETLINK_CB(skb).loginuid,
-                            NETLINK_CB(skb).sid);
+       xfrm_audit_state_add(x, err ? 0 : 1, loginuid, sessionid, sid);
 
        if (err < 0) {
                x->km.state = XFRM_STATE_DEAD;
@@ -478,6 +468,9 @@ static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
        int err = -ESRCH;
        struct km_event c;
        struct xfrm_usersa_id *p = nlmsg_data(nlh);
+       uid_t loginuid = NETLINK_CB(skb).loginuid;
+       u32 sessionid = NETLINK_CB(skb).sessionid;
+       u32 sid = NETLINK_CB(skb).sid;
 
        x = xfrm_user_state_lookup(p, attrs, &err);
        if (x == NULL)
@@ -502,8 +495,7 @@ static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
        km_state_notify(x, &c);
 
 out:
-       xfrm_audit_state_delete(x, err ? 0 : 1, NETLINK_CB(skb).loginuid,
-                               NETLINK_CB(skb).sid);
+       xfrm_audit_state_delete(x, err ? 0 : 1, loginuid, sessionid, sid);
        xfrm_state_put(x);
        return err;
 }
@@ -529,8 +521,6 @@ struct xfrm_dump_info {
        struct sk_buff *out_skb;
        u32 nlmsg_seq;
        u16 nlmsg_flags;
-       int start_idx;
-       int this_idx;
 };
 
 static int copy_sec_ctx(struct xfrm_sec_ctx *s, struct sk_buff *skb)
@@ -597,9 +587,6 @@ static int dump_one_state(struct xfrm_state *x, int count, void *ptr)
        struct nlmsghdr *nlh;
        int err;
 
-       if (sp->this_idx < sp->start_idx)
-               goto out;
-
        nlh = nlmsg_put(skb, NETLINK_CB(in_skb).pid, sp->nlmsg_seq,
                        XFRM_MSG_NEWSA, sizeof(*p), sp->nlmsg_flags);
        if (nlh == NULL)
@@ -612,8 +599,6 @@ static int dump_one_state(struct xfrm_state *x, int count, void *ptr)
                goto nla_put_failure;
 
        nlmsg_end(skb, nlh);
-out:
-       sp->this_idx++;
        return 0;
 
 nla_put_failure:
@@ -621,18 +606,32 @@ nla_put_failure:
        return err;
 }
 
+static int xfrm_dump_sa_done(struct netlink_callback *cb)
+{
+       struct xfrm_state_walk *walk = (struct xfrm_state_walk *) &cb->args[1];
+       xfrm_state_walk_done(walk);
+       return 0;
+}
+
 static int xfrm_dump_sa(struct sk_buff *skb, struct netlink_callback *cb)
 {
+       struct xfrm_state_walk *walk = (struct xfrm_state_walk *) &cb->args[1];
        struct xfrm_dump_info info;
 
+       BUILD_BUG_ON(sizeof(struct xfrm_state_walk) >
+                    sizeof(cb->args) - sizeof(cb->args[0]));
+
        info.in_skb = cb->skb;
        info.out_skb = skb;
        info.nlmsg_seq = cb->nlh->nlmsg_seq;
        info.nlmsg_flags = NLM_F_MULTI;
-       info.this_idx = 0;
-       info.start_idx = cb->args[0];
-       (void) xfrm_state_walk(0, dump_one_state, &info);
-       cb->args[0] = info.this_idx;
+
+       if (!cb->args[0]) {
+               cb->args[0] = 1;
+               xfrm_state_walk_init(walk, 0);
+       }
+
+       (void) xfrm_state_walk(walk, dump_one_state, &info);
 
        return skb->len;
 }
@@ -651,7 +650,6 @@ static struct sk_buff *xfrm_state_netlink(struct sk_buff *in_skb,
        info.out_skb = skb;
        info.nlmsg_seq = seq;
        info.nlmsg_flags = 0;
-       info.this_idx = info.start_idx = 0;
 
        if (dump_one_state(x, 0, &info)) {
                kfree_skb(skb);
@@ -953,7 +951,7 @@ static int copy_from_user_sec_ctx(struct xfrm_policy *pol, struct nlattr **attrs
                return 0;
 
        uctx = nla_data(rt);
-       return security_xfrm_policy_alloc(pol, uctx);
+       return security_xfrm_policy_alloc(&pol->security, uctx);
 }
 
 static void copy_templates(struct xfrm_policy *xp, struct xfrm_user_tmpl *ut,
@@ -975,6 +973,8 @@ static void copy_templates(struct xfrm_policy *xp, struct xfrm_user_tmpl *ut,
                t->aalgos = ut->aalgos;
                t->ealgos = ut->ealgos;
                t->calgos = ut->calgos;
+               /* If all masks are ~0, then we allow all algorithms. */
+               t->allalgs = !~(t->aalgos & t->ealgos & t->calgos);
                t->encap_family = ut->family;
        }
 }
@@ -1115,6 +1115,9 @@ static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
        struct km_event c;
        int err;
        int excl;
+       uid_t loginuid = NETLINK_CB(skb).loginuid;
+       u32 sessionid = NETLINK_CB(skb).sessionid;
+       u32 sid = NETLINK_CB(skb).sid;
 
        err = verify_newpolicy_info(p);
        if (err)
@@ -1133,11 +1136,10 @@ static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
         * a type XFRM_MSG_UPDPOLICY - JHS */
        excl = nlh->nlmsg_type == XFRM_MSG_NEWPOLICY;
        err = xfrm_policy_insert(p->dir, xp, excl);
-       xfrm_audit_policy_add(xp, err ? 0 : 1, NETLINK_CB(skb).loginuid,
-                             NETLINK_CB(skb).sid);
+       xfrm_audit_policy_add(xp, err ? 0 : 1, loginuid, sessionid, sid);
 
        if (err) {
-               security_xfrm_policy_free(xp);
+               security_xfrm_policy_free(xp->security);
                kfree(xp);
                return err;
        }
@@ -1229,9 +1231,6 @@ static int dump_one_policy(struct xfrm_policy *xp, int dir, int count, void *ptr
        struct sk_buff *skb = sp->out_skb;
        struct nlmsghdr *nlh;
 
-       if (sp->this_idx < sp->start_idx)
-               goto out;
-
        nlh = nlmsg_put(skb, NETLINK_CB(in_skb).pid, sp->nlmsg_seq,
                        XFRM_MSG_NEWPOLICY, sizeof(*p), sp->nlmsg_flags);
        if (nlh == NULL)
@@ -1247,8 +1246,6 @@ static int dump_one_policy(struct xfrm_policy *xp, int dir, int count, void *ptr
                goto nlmsg_failure;
 
        nlmsg_end(skb, nlh);
-out:
-       sp->this_idx++;
        return 0;
 
 nlmsg_failure:
@@ -1256,21 +1253,33 @@ nlmsg_failure:
        return -EMSGSIZE;
 }
 
+static int xfrm_dump_policy_done(struct netlink_callback *cb)
+{
+       struct xfrm_policy_walk *walk = (struct xfrm_policy_walk *) &cb->args[1];
+
+       xfrm_policy_walk_done(walk);
+       return 0;
+}
+
 static int xfrm_dump_policy(struct sk_buff *skb, struct netlink_callback *cb)
 {
+       struct xfrm_policy_walk *walk = (struct xfrm_policy_walk *) &cb->args[1];
        struct xfrm_dump_info info;
 
+       BUILD_BUG_ON(sizeof(struct xfrm_policy_walk) >
+                    sizeof(cb->args) - sizeof(cb->args[0]));
+
        info.in_skb = cb->skb;
        info.out_skb = skb;
        info.nlmsg_seq = cb->nlh->nlmsg_seq;
        info.nlmsg_flags = NLM_F_MULTI;
-       info.this_idx = 0;
-       info.start_idx = cb->args[0];
-       (void) xfrm_policy_walk(XFRM_POLICY_TYPE_MAIN, dump_one_policy, &info);
-#ifdef CONFIG_XFRM_SUB_POLICY
-       (void) xfrm_policy_walk(XFRM_POLICY_TYPE_SUB, dump_one_policy, &info);
-#endif
-       cb->args[0] = info.this_idx;
+
+       if (!cb->args[0]) {
+               cb->args[0] = 1;
+               xfrm_policy_walk_init(walk, XFRM_POLICY_TYPE_ANY);
+       }
+
+       (void) xfrm_policy_walk(walk, dump_one_policy, &info);
 
        return skb->len;
 }
@@ -1290,7 +1299,6 @@ static struct sk_buff *xfrm_policy_netlink(struct sk_buff *in_skb,
        info.out_skb = skb;
        info.nlmsg_seq = seq;
        info.nlmsg_flags = 0;
-       info.this_idx = info.start_idx = 0;
 
        if (dump_one_policy(xp, dir, 0, &info) < 0) {
                kfree_skb(skb);
@@ -1325,22 +1333,23 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
                xp = xfrm_policy_byid(type, p->dir, p->index, delete, &err);
        else {
                struct nlattr *rt = attrs[XFRMA_SEC_CTX];
-               struct xfrm_policy tmp;
+               struct xfrm_sec_ctx *ctx;
 
                err = verify_sec_ctx_len(attrs);
                if (err)
                        return err;
 
-               memset(&tmp, 0, sizeof(struct xfrm_policy));
+               ctx = NULL;
                if (rt) {
                        struct xfrm_user_sec_ctx *uctx = nla_data(rt);
 
-                       if ((err = security_xfrm_policy_alloc(&tmp, uctx)))
+                       err = security_xfrm_policy_alloc(&ctx, uctx);
+                       if (err)
                                return err;
                }
-               xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, tmp.security,
+               xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, ctx,
                                           delete, &err);
-               security_xfrm_policy_free(&tmp);
+               security_xfrm_policy_free(ctx);
        }
        if (xp == NULL)
                return -ENOENT;
@@ -1356,9 +1365,12 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
                                            NETLINK_CB(skb).pid);
                }
        } else {
-               xfrm_audit_policy_delete(xp, err ? 0 : 1,
-                                        NETLINK_CB(skb).loginuid,
-                                        NETLINK_CB(skb).sid);
+               uid_t loginuid = NETLINK_CB(skb).loginuid;
+               u32 sessionid = NETLINK_CB(skb).sessionid;
+               u32 sid = NETLINK_CB(skb).sid;
+
+               xfrm_audit_policy_delete(xp, err ? 0 : 1, loginuid, sessionid,
+                                        sid);
 
                if (err != 0)
                        goto out;
@@ -1384,6 +1396,7 @@ static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
        int err;
 
        audit_info.loginuid = NETLINK_CB(skb).loginuid;
+       audit_info.sessionid = NETLINK_CB(skb).sessionid;
        audit_info.secid = NETLINK_CB(skb).sid;
        err = xfrm_state_flush(p->proto, &audit_info);
        if (err)
@@ -1531,6 +1544,7 @@ static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
                return err;
 
        audit_info.loginuid = NETLINK_CB(skb).loginuid;
+       audit_info.sessionid = NETLINK_CB(skb).sessionid;
        audit_info.secid = NETLINK_CB(skb).sid;
        err = xfrm_policy_flush(type, &audit_info);
        if (err)
@@ -1560,26 +1574,26 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
                xp = xfrm_policy_byid(type, p->dir, p->index, 0, &err);
        else {
                struct nlattr *rt = attrs[XFRMA_SEC_CTX];
-               struct xfrm_policy tmp;
+               struct xfrm_sec_ctx *ctx;
 
                err = verify_sec_ctx_len(attrs);
                if (err)
                        return err;
 
-               memset(&tmp, 0, sizeof(struct xfrm_policy));
+               ctx = NULL;
                if (rt) {
                        struct xfrm_user_sec_ctx *uctx = nla_data(rt);
 
-                       if ((err = security_xfrm_policy_alloc(&tmp, uctx)))
+                       err = security_xfrm_policy_alloc(&ctx, uctx);
+                       if (err)
                                return err;
                }
-               xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, tmp.security,
-                                          0, &err);
-               security_xfrm_policy_free(&tmp);
+               xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, ctx, 0, &err);
+               security_xfrm_policy_free(ctx);
        }
-
        if (xp == NULL)
                return -ENOENT;
+
        read_lock(&xp->lock);
        if (xp->dead) {
                read_unlock(&xp->lock);
@@ -1589,9 +1603,11 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
        read_unlock(&xp->lock);
        err = 0;
        if (up->hard) {
+               uid_t loginuid = NETLINK_CB(skb).loginuid;
+               uid_t sessionid = NETLINK_CB(skb).sessionid;
+               u32 sid = NETLINK_CB(skb).sid;
                xfrm_policy_delete(xp, p->dir);
-               xfrm_audit_policy_delete(xp, 1, NETLINK_CB(skb).loginuid,
-                                        NETLINK_CB(skb).sid);
+               xfrm_audit_policy_delete(xp, 1, loginuid, sessionid, sid);
 
        } else {
                // reset the timers here?
@@ -1625,9 +1641,11 @@ static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
        km_state_expired(x, ue->hard, current->pid);
 
        if (ue->hard) {
+               uid_t loginuid = NETLINK_CB(skb).loginuid;
+               uid_t sessionid = NETLINK_CB(skb).sessionid;
+               u32 sid = NETLINK_CB(skb).sid;
                __xfrm_state_delete(x);
-               xfrm_audit_state_delete(x, 1, NETLINK_CB(skb).loginuid,
-                                       NETLINK_CB(skb).sid);
+               xfrm_audit_state_delete(x, 1, loginuid, sessionid, sid);
        }
        err = 0;
 out:
@@ -1888,15 +1906,18 @@ static const struct nla_policy xfrma_policy[XFRMA_MAX+1] = {
 static struct xfrm_link {
        int (*doit)(struct sk_buff *, struct nlmsghdr *, struct nlattr **);
        int (*dump)(struct sk_buff *, struct netlink_callback *);
+       int (*done)(struct netlink_callback *);
 } xfrm_dispatch[XFRM_NR_MSGTYPES] = {
        [XFRM_MSG_NEWSA       - XFRM_MSG_BASE] = { .doit = xfrm_add_sa        },
        [XFRM_MSG_DELSA       - XFRM_MSG_BASE] = { .doit = xfrm_del_sa        },
        [XFRM_MSG_GETSA       - XFRM_MSG_BASE] = { .doit = xfrm_get_sa,
-                                                  .dump = xfrm_dump_sa       },
+                                                  .dump = xfrm_dump_sa,
+                                                  .done = xfrm_dump_sa_done  },
        [XFRM_MSG_NEWPOLICY   - XFRM_MSG_BASE] = { .doit = xfrm_add_policy    },
        [XFRM_MSG_DELPOLICY   - XFRM_MSG_BASE] = { .doit = xfrm_get_policy    },
        [XFRM_MSG_GETPOLICY   - XFRM_MSG_BASE] = { .doit = xfrm_get_policy,
-                                                  .dump = xfrm_dump_policy   },
+                                                  .dump = xfrm_dump_policy,
+                                                  .done = xfrm_dump_policy_done },
        [XFRM_MSG_ALLOCSPI    - XFRM_MSG_BASE] = { .doit = xfrm_alloc_userspi },
        [XFRM_MSG_ACQUIRE     - XFRM_MSG_BASE] = { .doit = xfrm_add_acquire   },
        [XFRM_MSG_EXPIRE      - XFRM_MSG_BASE] = { .doit = xfrm_add_sa_expire },
@@ -1935,7 +1956,7 @@ static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
                if (link->dump == NULL)
                        return -EINVAL;
 
-               return netlink_dump_start(xfrm_nl, skb, nlh, link->dump, NULL);
+               return netlink_dump_start(xfrm_nl, skb, nlh, link->dump, link->done);
        }
 
        err = nlmsg_parse(nlh, xfrm_msg_min[type], attrs, XFRMA_MAX,