#include <net/ip.h>
#include <net/xfrm.h>
#include <net/ipcomp.h>
-#include <asm/scatterlist.h>
#include <asm/semaphore.h>
#include <linux/crypto.h>
+#include <linux/err.h>
#include <linux/pfkeyv2.h>
#include <linux/random.h>
#include <linux/percpu.h>
static int ipcomp6_input(struct xfrm_state *x, struct sk_buff *skb)
{
int err = -ENOMEM;
- struct ipv6hdr *iph;
- struct ipv6_comp_hdr *ipch;
+ struct ip_comp_hdr *ipch;
int plen, dlen;
struct ipcomp_data *ipcd = x->data;
u8 *start, *scratch;
skb->ip_summed = CHECKSUM_NONE;
/* Remove ipcomp header and decompress original payload */
- iph = ipv6_hdr(skb);
ipch = (void *)skb->data;
skb->transport_header = skb->network_header + sizeof(*ipch);
__skb_pull(skb, sizeof(*ipch));
tfm = *per_cpu_ptr(ipcd->tfms, cpu);
err = crypto_comp_decompress(tfm, start, plen, scratch, &dlen);
- if (err) {
- err = -EINVAL;
+ if (err)
goto out_put_cpu;
- }
- if (dlen < (plen + sizeof(struct ipv6_comp_hdr))) {
+ if (dlen < (plen + sizeof(*ipch))) {
err = -EINVAL;
goto out_put_cpu;
}
static int ipcomp6_output(struct xfrm_state *x, struct sk_buff *skb)
{
int err;
- struct ipv6hdr *top_iph;
- struct ipv6_comp_hdr *ipch;
+ struct ip_comp_hdr *ipch;
struct ipcomp_data *ipcd = x->data;
int plen, dlen;
u8 *start, *scratch;
struct crypto_comp *tfm;
int cpu;
- int hdr_len = skb_transport_offset(skb);
/* check whether datagram len is larger than threshold */
- if ((skb->len - hdr_len) < ipcd->threshold) {
+ if (skb->len < ipcd->threshold) {
goto out_ok;
}
goto out_ok;
/* compression */
- plen = skb->len - hdr_len;
+ plen = skb->len;
dlen = IPCOMP_SCRATCH_SIZE;
- start = skb_transport_header(skb);
+ start = skb->data;
cpu = get_cpu();
scratch = *per_cpu_ptr(ipcomp6_scratches, cpu);
tfm = *per_cpu_ptr(ipcd->tfms, cpu);
err = crypto_comp_compress(tfm, start, plen, scratch, &dlen);
- if (err || (dlen + sizeof(struct ipv6_comp_hdr)) >= plen) {
+ if (err || (dlen + sizeof(*ipch)) >= plen) {
put_cpu();
goto out_ok;
}
memcpy(start + sizeof(struct ip_comp_hdr), scratch, dlen);
put_cpu();
- pskb_trim(skb, hdr_len + dlen + sizeof(struct ip_comp_hdr));
+ pskb_trim(skb, dlen + sizeof(struct ip_comp_hdr));
/* insert ipcomp header and replace datagram */
- top_iph = (struct ipv6hdr *)skb->data;
-
- top_iph->payload_len = htons(skb->len - sizeof(struct ipv6hdr));
-
- ipch = (struct ipv6_comp_hdr *)start;
- ipch->nexthdr = *skb_network_header(skb);
+ ipch = ip_comp_hdr(skb);
+ ipch->nexthdr = *skb_mac_header(skb);
ipch->flags = 0;
ipch->cpi = htons((u16 )ntohl(x->id.spi));
- *skb_network_header(skb) = IPPROTO_COMP;
+ *skb_mac_header(skb) = IPPROTO_COMP;
out_ok:
+ skb_push(skb, -skb_network_offset(skb));
+
return 0;
}
{
__be32 spi;
struct ipv6hdr *iph = (struct ipv6hdr*)skb->data;
- struct ipv6_comp_hdr *ipcomph = (struct ipv6_comp_hdr*)(skb->data+offset);
+ struct ip_comp_hdr *ipcomph =
+ (struct ip_comp_hdr *)(skb->data + offset);
struct xfrm_state *x;
if (type != ICMPV6_DEST_UNREACH && type != ICMPV6_PKT_TOOBIG)
static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x)
{
struct xfrm_state *t = NULL;
- u8 mode = XFRM_MODE_TUNNEL;
t = xfrm_state_alloc();
if (!t)
memcpy(t->id.daddr.a6, x->id.daddr.a6, sizeof(struct in6_addr));
memcpy(&t->sel, &x->sel, sizeof(t->sel));
t->props.family = AF_INET6;
- if (x->props.mode == XFRM_MODE_BEET)
- mode = x->props.mode;
- t->props.mode = mode;
+ t->props.mode = x->props.mode;
memcpy(t->props.saddr.a6, x->props.saddr.a6, sizeof(struct in6_addr));
if (xfrm_init_state(t))
for_each_possible_cpu(cpu) {
struct crypto_comp *tfm = crypto_alloc_comp(alg_name, 0,
CRYPTO_ALG_ASYNC);
- if (!tfm)
+ if (IS_ERR(tfm))
goto error;
*per_cpu_ptr(tfms, cpu) = tfm;
}
if (x->encap)
goto out;
+ x->props.header_len = 0;
+ switch (x->props.mode) {
+ case XFRM_MODE_TRANSPORT:
+ break;
+ case XFRM_MODE_TUNNEL:
+ x->props.header_len += sizeof(struct ipv6hdr);
+ break;
+ default:
+ goto out;
+ }
+
err = -ENOMEM;
ipcd = kzalloc(sizeof(*ipcd), GFP_KERNEL);
if (!ipcd)
goto out;
- x->props.header_len = 0;
- if (x->props.mode == XFRM_MODE_TUNNEL)
- x->props.header_len += sizeof(struct ipv6hdr);
-
mutex_lock(&ipcomp6_resource_mutex);
if (!ipcomp6_alloc_scratches())
goto error;