Orange Pi5 kernel

^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) // SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /* xfrm4_tunnel.c: Generic IP tunnel transformer.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  * Copyright (C) 2003 David S. Miller (davem@redhat.com)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7) #define pr_fmt(fmt) "IPsec: " fmt
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9) #include <linux/skbuff.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) #include <linux/module.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) #include <linux/mutex.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) #include <net/xfrm.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) #include <net/ip.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) #include <net/protocol.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) static int ipip_output(struct xfrm_state *x, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) 	skb_push(skb, -skb_network_offset(skb));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) static int ipip_xfrm_rcv(struct xfrm_state *x, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) 	return ip_hdr(skb)->protocol;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) static int ipip_init_state(struct xfrm_state *x)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) 	if (x->props.mode != XFRM_MODE_TUNNEL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) 	if (x->encap)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) 	x->props.header_len = sizeof(struct iphdr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) static void ipip_destroy(struct xfrm_state *x)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) static const struct xfrm_type ipip_type = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) 	.description	= "IPIP",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) 	.owner		= THIS_MODULE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 	.proto	     	= IPPROTO_IPIP,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) 	.init_state	= ipip_init_state,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 	.destructor	= ipip_destroy,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) 	.input		= ipip_xfrm_rcv,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 	.output		= ipip_output
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) static int xfrm_tunnel_rcv(struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 	return xfrm4_rcv_spi(skb, IPPROTO_IPIP, ip_hdr(skb)->saddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) static int xfrm_tunnel_err(struct sk_buff *skb, u32 info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 	return -ENOENT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) static struct xfrm_tunnel xfrm_tunnel_handler __read_mostly = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 	.handler	=	xfrm_tunnel_rcv,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) 	.err_handler	=	xfrm_tunnel_err,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 	.priority	=	4,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) #if IS_ENABLED(CONFIG_IPV6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) static struct xfrm_tunnel xfrm64_tunnel_handler __read_mostly = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 	.handler	=	xfrm_tunnel_rcv,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 	.err_handler	=	xfrm_tunnel_err,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 	.priority	=	3,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) static int __init ipip_init(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) 	if (xfrm_register_type(&ipip_type, AF_INET) < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 		pr_info("%s: can't add xfrm type\n", __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) 		return -EAGAIN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 	if (xfrm4_tunnel_register(&xfrm_tunnel_handler, AF_INET)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 		pr_info("%s: can't add xfrm handler for AF_INET\n", __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) 		xfrm_unregister_type(&ipip_type, AF_INET);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 		return -EAGAIN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) #if IS_ENABLED(CONFIG_IPV6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 	if (xfrm4_tunnel_register(&xfrm64_tunnel_handler, AF_INET6)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) 		pr_info("%s: can't add xfrm handler for AF_INET6\n", __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 		xfrm4_tunnel_deregister(&xfrm_tunnel_handler, AF_INET);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 		xfrm_unregister_type(&ipip_type, AF_INET);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 		return -EAGAIN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) static void __exit ipip_fini(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) #if IS_ENABLED(CONFIG_IPV6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 	if (xfrm4_tunnel_deregister(&xfrm64_tunnel_handler, AF_INET6))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) 		pr_info("%s: can't remove xfrm handler for AF_INET6\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 			__func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 	if (xfrm4_tunnel_deregister(&xfrm_tunnel_handler, AF_INET))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) 		pr_info("%s: can't remove xfrm handler for AF_INET\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 			__func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) 	xfrm_unregister_type(&ipip_type, AF_INET);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) module_init(ipip_init);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) module_exit(ipip_fini);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) MODULE_LICENSE("GPL");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) MODULE_ALIAS_XFRM_TYPE(AF_INET, XFRM_PROTO_IPIP);