2019-05-27 08:55:01 +02:00
// SPDX-License-Identifier: GPL-2.0-or-later
2005-04-16 15:20:36 -07:00
/*
* xfrm6_output . c - Common IPsec encapsulation code for IPv6 .
* Copyright ( C ) 2002 USAGI / WIDE Project
* Copyright ( c ) 2004 Herbert Xu < herbert @ gondor . apana . org . au >
*/
2007-10-08 17:16:30 -07:00
# include <linux/if_ether.h>
2007-11-13 21:40:52 -08:00
# include <linux/kernel.h>
# include <linux/module.h>
2005-04-16 15:20:36 -07:00
# include <linux/skbuff.h>
# include <linux/icmpv6.h>
2006-01-06 23:01:48 -08:00
# include <linux/netfilter_ipv6.h>
2007-11-13 21:40:52 -08:00
# include <net/dst.h>
2005-04-16 15:20:36 -07:00
# include <net/ipv6.h>
2010-12-17 11:42:42 +00:00
# include <net/ip6_route.h>
2005-04-16 15:20:36 -07:00
# include <net/xfrm.h>
2006-08-23 17:57:28 -07:00
int xfrm6_find_1stfragopt ( struct xfrm_state * x , struct sk_buff * skb ,
u8 * * prevhdr )
{
return ip6_find_1stfragopt ( skb , prevhdr ) ;
}
2007-02-22 22:05:40 +09:00
EXPORT_SYMBOL ( xfrm6_find_1stfragopt ) ;
2020-05-04 10:06:06 +02:00
void xfrm6_local_rxpmtu ( struct sk_buff * skb , u32 mtu )
2011-10-11 01:44:30 +00:00
{
struct flowi6 fl6 ;
struct sock * sk = skb - > sk ;
fl6 . flowi6_oif = sk - > sk_bound_dev_if ;
2011-11-21 03:39:03 +00:00
fl6 . daddr = ipv6_hdr ( skb ) - > daddr ;
2011-10-11 01:44:30 +00:00
ipv6_local_rxpmtu ( sk , & fl6 , mtu ) ;
}
2013-08-14 13:05:23 +02:00
void xfrm6_local_error ( struct sk_buff * skb , u32 mtu )
2011-10-11 01:44:30 +00:00
{
struct flowi6 fl6 ;
2013-08-18 13:46:57 +02:00
const struct ipv6hdr * hdr ;
2011-10-11 01:44:30 +00:00
struct sock * sk = skb - > sk ;
2013-08-18 13:46:57 +02:00
hdr = skb - > encapsulation ? inner_ipv6_hdr ( skb ) : ipv6_hdr ( skb ) ;
2011-10-11 01:44:30 +00:00
fl6 . fl6_dport = inet_sk ( sk ) - > inet_dport ;
2013-08-18 13:46:57 +02:00
fl6 . daddr = hdr - > daddr ;
2011-10-11 01:44:30 +00:00
ipv6_local_error ( sk , EMSGSIZE , & fl6 , mtu ) ;
}
2015-06-12 22:12:04 -05:00
static int __xfrm6_output_finish ( struct net * net , struct sock * sk , struct sk_buff * skb )
{
2020-05-04 10:06:09 +02:00
return xfrm_output ( sk , skb ) ;
2015-06-12 22:12:04 -05:00
}
2015-09-15 20:04:18 -05:00
static int __xfrm6_output ( struct net * net , struct sock * sk , struct sk_buff * skb )
2010-12-17 11:42:42 +00:00
{
struct dst_entry * dst = skb_dst ( skb ) ;
struct xfrm_state * x = dst - > xfrm ;
2013-08-26 12:31:19 +02:00
int mtu ;
2015-09-04 13:21:06 +08:00
bool toobig ;
2013-08-13 04:35:58 +02:00
2014-04-07 08:08:52 +02:00
# ifdef CONFIG_NETFILTER
if ( ! x ) {
IP6CB ( skb ) - > flags | = IP6SKB_REROUTED ;
2015-10-07 16:48:35 -05:00
return dst_output ( net , sk , skb ) ;
2014-04-07 08:08:52 +02:00
}
# endif
2015-09-04 13:21:06 +08:00
if ( x - > props . mode ! = XFRM_MODE_TUNNEL )
goto skip_frag ;
2013-08-26 12:31:19 +02:00
if ( skb - > protocol = = htons ( ETH_P_IPV6 ) )
mtu = ip6_skb_dst_mtu ( skb ) ;
else
mtu = dst_mtu ( skb_dst ( skb ) ) ;
2011-10-11 01:44:30 +00:00
2015-09-04 13:21:06 +08:00
toobig = skb - > len > mtu & & ! skb_is_gso ( skb ) ;
2020-05-04 10:06:07 +02:00
if ( toobig & & xfrm6_local_dontfrag ( skb - > sk ) ) {
2011-10-11 01:44:30 +00:00
xfrm6_local_rxpmtu ( skb , mtu ) ;
2018-08-31 08:38:49 -03:00
kfree_skb ( skb ) ;
2011-10-11 01:44:30 +00:00
return - EMSGSIZE ;
2015-09-04 13:21:06 +08:00
} else if ( ! skb - > ignore_df & & toobig & & skb - > sk ) {
2013-08-14 13:05:23 +02:00
xfrm_local_error ( skb , mtu ) ;
2018-08-31 08:38:49 -03:00
kfree_skb ( skb ) ;
2011-10-11 01:44:30 +00:00
return - EMSGSIZE ;
}
2010-12-17 11:42:42 +00:00
2015-09-04 13:21:06 +08:00
if ( toobig | | dst_allfrag ( skb_dst ( skb ) ) )
2015-06-12 22:12:04 -05:00
return ip6_fragment ( net , sk , skb ,
__xfrm6_output_finish ) ;
2015-09-04 13:21:06 +08:00
skip_frag :
2020-05-04 10:06:09 +02:00
return xfrm_output ( sk , skb ) ;
2010-12-17 11:42:42 +00:00
}
2015-10-07 16:48:47 -05:00
int xfrm6_output ( struct net * net , struct sock * sk , struct sk_buff * skb )
2006-01-06 23:01:48 -08:00
{
2015-09-15 20:04:16 -05:00
return NF_HOOK_COND ( NFPROTO_IPV6 , NF_INET_POST_ROUTING ,
2019-11-12 17:14:37 +01:00
net , sk , skb , skb - > dev , skb_dst ( skb ) - > dev ,
2015-09-15 20:04:16 -05:00
__xfrm6_output ,
2014-04-07 08:08:52 +02:00
! ( IP6CB ( skb ) - > flags & IP6SKB_REROUTED ) ) ;
2006-01-06 23:01:48 -08:00
}