Lines Matching refs:xfrm
500 return __idx_hash(index, net->xfrm.policy_idx_hmask); in idx_hash()
510 *dbits = net->xfrm.policy_bydst[dir].dbits4; in __get_hash_thresh()
511 *sbits = net->xfrm.policy_bydst[dir].sbits4; in __get_hash_thresh()
515 *dbits = net->xfrm.policy_bydst[dir].dbits6; in __get_hash_thresh()
516 *sbits = net->xfrm.policy_bydst[dir].sbits6; in __get_hash_thresh()
529 unsigned int hmask = net->xfrm.policy_bydst[dir].hmask; in policy_hash_bysel()
540 return rcu_dereference_check(net->xfrm.policy_bydst[dir].table, in policy_hash_bysel()
541 lockdep_is_held(&net->xfrm.xfrm_policy_lock)) + hash; in policy_hash_bysel()
549 unsigned int hmask = net->xfrm.policy_bydst[dir].hmask; in policy_hash_direct()
557 return rcu_dereference_check(net->xfrm.policy_bydst[dir].table, in policy_hash_direct()
558 lockdep_is_held(&net->xfrm.xfrm_policy_lock)) + hash; in policy_hash_direct()
620 unsigned int hmask = net->xfrm.policy_bydst[dir].hmask; in xfrm_bydst_resize()
630 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_bydst_resize()
631 write_seqcount_begin(&net->xfrm.xfrm_policy_hash_generation); in xfrm_bydst_resize()
633 odst = rcu_dereference_protected(net->xfrm.policy_bydst[dir].table, in xfrm_bydst_resize()
634 lockdep_is_held(&net->xfrm.xfrm_policy_lock)); in xfrm_bydst_resize()
639 rcu_assign_pointer(net->xfrm.policy_bydst[dir].table, ndst); in xfrm_bydst_resize()
640 net->xfrm.policy_bydst[dir].hmask = nhashmask; in xfrm_bydst_resize()
642 write_seqcount_end(&net->xfrm.xfrm_policy_hash_generation); in xfrm_bydst_resize()
643 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_bydst_resize()
652 unsigned int hmask = net->xfrm.policy_idx_hmask; in xfrm_byidx_resize()
655 struct hlist_head *oidx = net->xfrm.policy_byidx; in xfrm_byidx_resize()
662 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_byidx_resize()
667 net->xfrm.policy_byidx = nidx; in xfrm_byidx_resize()
668 net->xfrm.policy_idx_hmask = nhashmask; in xfrm_byidx_resize()
670 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_byidx_resize()
677 unsigned int cnt = net->xfrm.policy_count[dir]; in xfrm_bydst_should_resize()
678 unsigned int hmask = net->xfrm.policy_bydst[dir].hmask; in xfrm_bydst_should_resize()
692 unsigned int hmask = net->xfrm.policy_idx_hmask; in xfrm_byidx_should_resize()
703 si->incnt = net->xfrm.policy_count[XFRM_POLICY_IN]; in xfrm_spd_getinfo()
704 si->outcnt = net->xfrm.policy_count[XFRM_POLICY_OUT]; in xfrm_spd_getinfo()
705 si->fwdcnt = net->xfrm.policy_count[XFRM_POLICY_FWD]; in xfrm_spd_getinfo()
706 si->inscnt = net->xfrm.policy_count[XFRM_POLICY_IN+XFRM_POLICY_MAX]; in xfrm_spd_getinfo()
707 si->outscnt = net->xfrm.policy_count[XFRM_POLICY_OUT+XFRM_POLICY_MAX]; in xfrm_spd_getinfo()
708 si->fwdscnt = net->xfrm.policy_count[XFRM_POLICY_FWD+XFRM_POLICY_MAX]; in xfrm_spd_getinfo()
709 si->spdhcnt = net->xfrm.policy_idx_hmask; in xfrm_spd_getinfo()
717 struct net *net = container_of(work, struct net, xfrm.policy_hash_work); in xfrm_hash_resize()
749 lockdep_assert_held(&net->xfrm.xfrm_policy_lock); in xfrm_policy_inexact_alloc_bin()
765 seqcount_spinlock_init(&bin->count, &net->xfrm.xfrm_policy_lock); in xfrm_policy_inexact_alloc_bin()
771 list_add(&bin->inexact_bins, &net->xfrm.inexact_bins); in xfrm_policy_inexact_alloc_bin()
891 list_for_each_entry_reverse(policy, &net->xfrm.policy_all, walk.all) { in xfrm_policy_inexact_list_reinsert()
1152 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_inexact_prune_bin()
1154 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_inexact_prune_bin()
1161 lockdep_assert_held(&net->xfrm.xfrm_policy_lock); in __xfrm_policy_inexact_flush()
1163 list_for_each_entry_safe(bin, t, &net->xfrm.inexact_bins, inexact_bins) in __xfrm_policy_inexact_flush()
1175 lockdep_assert_held(&net->xfrm.xfrm_policy_lock); in xfrm_policy_inexact_alloc_chain()
1240 lockdep_assert_held(&net->xfrm.xfrm_policy_lock); in xfrm_policy_inexact_insert()
1274 xfrm.policy_hthresh.work); in xfrm_hash_rebuild()
1287 seq = read_seqbegin(&net->xfrm.policy_hthresh.lock); in xfrm_hash_rebuild()
1289 lbits4 = net->xfrm.policy_hthresh.lbits4; in xfrm_hash_rebuild()
1290 rbits4 = net->xfrm.policy_hthresh.rbits4; in xfrm_hash_rebuild()
1291 lbits6 = net->xfrm.policy_hthresh.lbits6; in xfrm_hash_rebuild()
1292 rbits6 = net->xfrm.policy_hthresh.rbits6; in xfrm_hash_rebuild()
1293 } while (read_seqretry(&net->xfrm.policy_hthresh.lock, seq)); in xfrm_hash_rebuild()
1295 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_hash_rebuild()
1296 write_seqcount_begin(&net->xfrm.xfrm_policy_hash_generation); in xfrm_hash_rebuild()
1301 list_for_each_entry(policy, &net->xfrm.policy_all, walk.all) { in xfrm_hash_rebuild()
1342 net->xfrm.policy_bydst[dir].dbits4 = rbits4; in xfrm_hash_rebuild()
1343 net->xfrm.policy_bydst[dir].sbits4 = lbits4; in xfrm_hash_rebuild()
1344 net->xfrm.policy_bydst[dir].dbits6 = rbits6; in xfrm_hash_rebuild()
1345 net->xfrm.policy_bydst[dir].sbits6 = lbits6; in xfrm_hash_rebuild()
1348 net->xfrm.policy_bydst[dir].dbits4 = lbits4; in xfrm_hash_rebuild()
1349 net->xfrm.policy_bydst[dir].sbits4 = rbits4; in xfrm_hash_rebuild()
1350 net->xfrm.policy_bydst[dir].dbits6 = lbits6; in xfrm_hash_rebuild()
1351 net->xfrm.policy_bydst[dir].sbits6 = rbits6; in xfrm_hash_rebuild()
1356 list_for_each_entry_reverse(policy, &net->xfrm.policy_all, walk.all) { in xfrm_hash_rebuild()
1388 write_seqcount_end(&net->xfrm.xfrm_policy_hash_generation); in xfrm_hash_rebuild()
1389 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_hash_rebuild()
1396 schedule_work(&net->xfrm.policy_hthresh.work); in xfrm_policy_hash_rebuild()
1411 idx = (net->xfrm.idx_generator | dir); in xfrm_gen_index()
1412 net->xfrm.idx_generator += 8; in xfrm_gen_index()
1420 list = net->xfrm.policy_byidx + idx_hash(net, idx); in xfrm_gen_index()
1573 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_insert()
1581 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_insert()
1598 hlist_add_head(&policy->byidx, net->xfrm.policy_byidx+idx_hash(net, policy->index)); in xfrm_policy_insert()
1603 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_insert()
1608 schedule_work(&net->xfrm.policy_hash_work); in xfrm_policy_insert()
1646 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_bysel_ctx()
1655 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_bysel_ctx()
1662 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_bysel_ctx()
1689 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_bysel_ctx()
1696 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_bysel_ctx()
1718 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_byid()
1719 chain = net->xfrm.policy_byidx + idx_hash(net, id); in xfrm_policy_byid()
1729 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_byid()
1738 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_byid()
1753 list_for_each_entry(pol, &net->xfrm.policy_all, walk.all) { in xfrm_policy_flush_secctx_check()
1775 list_for_each_entry(pol, &net->xfrm.policy_all, walk.all) { in xfrm_dev_policy_flush_secctx_check()
1809 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_flush()
1816 list_for_each_entry(pol, &net->xfrm.policy_all, walk.all) { in xfrm_policy_flush()
1826 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_flush()
1830 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_flush()
1838 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_flush()
1849 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_dev_policy_flush()
1856 list_for_each_entry(pol, &net->xfrm.policy_all, walk.all) { in xfrm_dev_policy_flush()
1866 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_dev_policy_flush()
1870 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_dev_policy_flush()
1878 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_dev_policy_flush()
1898 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_walk()
1900 x = list_first_entry(&net->xfrm.policy_all, struct xfrm_policy_walk_entry, all); in xfrm_policy_walk()
1905 list_for_each_entry_from(x, &net->xfrm.policy_all, all) { in xfrm_policy_walk()
1926 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_walk()
1945 spin_lock_bh(&net->xfrm.xfrm_policy_lock); /*FIXME where is net? */ in xfrm_policy_walk_done()
1947 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_walk_done()
2070 lockdep_assert_held(&net->xfrm.xfrm_policy_lock); in xfrm_policy_inexact_lookup()
2163 sequence = read_seqcount_begin(&net->xfrm.xfrm_policy_hash_generation); in xfrm_policy_lookup_bytype()
2165 } while (read_seqcount_retry(&net->xfrm.xfrm_policy_hash_generation, sequence)); in xfrm_policy_lookup_bytype()
2199 if (read_seqcount_retry(&net->xfrm.xfrm_policy_hash_generation, sequence)) in xfrm_policy_lookup_bytype()
2275 list_for_each_entry_reverse(policy, &net->xfrm.policy_all, walk.all) { in xfrm_gen_pos_slow()
2289 list_for_each_entry(policy, &net->xfrm.policy_all, walk.all) { in xfrm_gen_pos()
2315 list_add(&pol->walk.all, &net->xfrm.policy_all); in __xfrm_policy_link()
2316 net->xfrm.policy_count[dir]++; in __xfrm_policy_link()
2335 net->xfrm.policy_count[dir]--; in __xfrm_policy_unlink()
2354 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_delete()
2356 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_delete()
2375 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_sk_policy_insert()
2377 lockdep_is_held(&net->xfrm.xfrm_policy_lock)); in xfrm_sk_policy_insert()
2393 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_sk_policy_insert()
2425 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in clone_policy()
2427 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in clone_policy()
2473 struct xfrm_state **xfrm, unsigned short family) in xfrm_tmpl_resolve_one() argument
2517 xfrm[nx++] = x; in xfrm_tmpl_resolve_one()
2537 xfrm_state_put(xfrm[nx]); in xfrm_tmpl_resolve_one()
2543 struct xfrm_state **xfrm, unsigned short family) in xfrm_tmpl_resolve() argument
2546 struct xfrm_state **tpp = (npols > 1) ? tp : xfrm; in xfrm_tmpl_resolve()
2568 xfrm_state_sort(xfrm, tpp, cnx, family); in xfrm_tmpl_resolve()
2598 dst_ops = &net->xfrm.xfrm4_dst_ops; in xfrm_alloc_dst()
2602 dst_ops = &net->xfrm.xfrm6_dst_ops; in xfrm_alloc_dst()
2652 struct xfrm_state **xfrm, in xfrm_bundle_create() argument
2699 if (xfrm[i]->sel.family == AF_UNSPEC) { in xfrm_bundle_create()
2700 inner_mode = xfrm_ip2inner_mode(xfrm[i], in xfrm_bundle_create()
2708 inner_mode = &xfrm[i]->inner_mode; in xfrm_bundle_create()
2713 if (xfrm[i]->props.mode != XFRM_MODE_TRANSPORT) { in xfrm_bundle_create()
2717 if (xfrm[i]->props.smark.v || xfrm[i]->props.smark.m) in xfrm_bundle_create()
2718 mark = xfrm_smark_get(fl->flowi_mark, xfrm[i]); in xfrm_bundle_create()
2720 if (xfrm[i]->xso.type != XFRM_DEV_OFFLOAD_PACKET) in xfrm_bundle_create()
2721 family = xfrm[i]->props.family; in xfrm_bundle_create()
2724 dst = xfrm_dst_lookup(xfrm[i], tos, oif, in xfrm_bundle_create()
2732 dst1->xfrm = xfrm[i]; in xfrm_bundle_create()
2733 xdst->xfrm_genid = xfrm[i]->genid; in xfrm_bundle_create()
2750 header_len += xfrm[i]->props.header_len; in xfrm_bundle_create()
2751 if (xfrm[i]->type->flags & XFRM_TYPE_NON_FRAGMENT) in xfrm_bundle_create()
2752 nfheader_len += xfrm[i]->props.header_len; in xfrm_bundle_create()
2753 trailer_len += xfrm[i]->props.trailer_len; in xfrm_bundle_create()
2775 header_len -= xdst_prev->u.dst.xfrm->props.header_len; in xfrm_bundle_create()
2776 trailer_len -= xdst_prev->u.dst.xfrm->props.trailer_len; in xfrm_bundle_create()
2783 xfrm_state_put(xfrm[i]); in xfrm_bundle_create()
2845 struct xfrm_state *xfrm[XFRM_MAX_DEPTH]; in xfrm_resolve_and_create_bundle() local
2852 err = xfrm_tmpl_resolve(pols, num_pols, fl, xfrm, family); in xfrm_resolve_and_create_bundle()
2862 dst = xfrm_bundle_create(pols[0], xfrm, bundle, err, fl, dst_orig); in xfrm_resolve_and_create_bundle()
3023 net->xfrm.sysctl_larval_drop || in xfrm_create_dummy_bundle()
3215 !net->xfrm.policy_count[XFRM_POLICY_OUT])) in xfrm_lookup_with_ifid()
3240 if (net->xfrm.sysctl_larval_drop) { in xfrm_lookup_with_ifid()
3280 if (dst && dst->xfrm && in xfrm_lookup_with_ifid()
3281 dst->xfrm->props.mode == XFRM_MODE_TUNNEL) in xfrm_lookup_with_ifid()
3287 net->xfrm.policy_default[dir] == XFRM_USERPOLICY_BLOCK) { in xfrm_lookup_with_ifid()
3644 if (dst2->xfrm) { in xfrm_out_fwd_icmp()
3741 if (net->xfrm.policy_default[dir] == XFRM_USERPOLICY_BLOCK) { in __xfrm_policy_check()
3874 if (dst && !dst->xfrm) in __xfrm_route_forward()
3920 while ((dst = xfrm_dst_child(dst)) && dst->xfrm && dst->dev == dev) { in xfrm_dst_ifdown()
3950 pmtu = xfrm_state_mtu(dst->xfrm, pmtu); in xfrm_init_pmtu()
3985 if (dst->xfrm->km.state != XFRM_STATE_VALID) in xfrm_bundle_ok()
3987 if (xdst->xfrm_genid != dst->xfrm->genid) in xfrm_bundle_ok()
4010 } while (dst->xfrm); in xfrm_bundle_ok()
4020 mtu = xfrm_state_mtu(dst->xfrm, mtu); in xfrm_bundle_ok()
4049 while (dst->xfrm) { in xfrm_get_dst_nexthop()
4050 const struct xfrm_state *xfrm = dst->xfrm; in xfrm_get_dst_nexthop() local
4054 if (xfrm->props.mode == XFRM_MODE_TRANSPORT) in xfrm_get_dst_nexthop()
4056 if (xfrm->type->flags & XFRM_TYPE_REMOTE_COADDR) in xfrm_get_dst_nexthop()
4057 daddr = xfrm->coaddr; in xfrm_get_dst_nexthop()
4058 else if (!(xfrm->type->flags & XFRM_TYPE_LOCAL_COADDR)) in xfrm_get_dst_nexthop()
4059 daddr = &xfrm->id.daddr; in xfrm_get_dst_nexthop()
4199 net->xfrm.policy_byidx = xfrm_hash_alloc(sz); in xfrm_policy_init()
4200 if (!net->xfrm.policy_byidx) in xfrm_policy_init()
4202 net->xfrm.policy_idx_hmask = hmask; in xfrm_policy_init()
4207 net->xfrm.policy_count[dir] = 0; in xfrm_policy_init()
4208 net->xfrm.policy_count[XFRM_POLICY_MAX + dir] = 0; in xfrm_policy_init()
4210 htab = &net->xfrm.policy_bydst[dir]; in xfrm_policy_init()
4220 net->xfrm.policy_hthresh.lbits4 = 32; in xfrm_policy_init()
4221 net->xfrm.policy_hthresh.rbits4 = 32; in xfrm_policy_init()
4222 net->xfrm.policy_hthresh.lbits6 = 128; in xfrm_policy_init()
4223 net->xfrm.policy_hthresh.rbits6 = 128; in xfrm_policy_init()
4225 seqlock_init(&net->xfrm.policy_hthresh.lock); in xfrm_policy_init()
4227 INIT_LIST_HEAD(&net->xfrm.policy_all); in xfrm_policy_init()
4228 INIT_LIST_HEAD(&net->xfrm.inexact_bins); in xfrm_policy_init()
4229 INIT_WORK(&net->xfrm.policy_hash_work, xfrm_hash_resize); in xfrm_policy_init()
4230 INIT_WORK(&net->xfrm.policy_hthresh.work, xfrm_hash_rebuild); in xfrm_policy_init()
4237 htab = &net->xfrm.policy_bydst[dir]; in xfrm_policy_init()
4240 xfrm_hash_free(net->xfrm.policy_byidx, sz); in xfrm_policy_init()
4251 flush_work(&net->xfrm.policy_hash_work); in xfrm_policy_fini()
4257 WARN_ON(!list_empty(&net->xfrm.policy_all)); in xfrm_policy_fini()
4262 htab = &net->xfrm.policy_bydst[dir]; in xfrm_policy_fini()
4268 sz = (net->xfrm.policy_idx_hmask + 1) * sizeof(struct hlist_head); in xfrm_policy_fini()
4269 WARN_ON(!hlist_empty(net->xfrm.policy_byidx)); in xfrm_policy_fini()
4270 xfrm_hash_free(net->xfrm.policy_byidx, sz); in xfrm_policy_fini()
4272 spin_lock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_fini()
4273 list_for_each_entry_safe(b, t, &net->xfrm.inexact_bins, inexact_bins) in xfrm_policy_fini()
4275 spin_unlock_bh(&net->xfrm.xfrm_policy_lock); in xfrm_policy_fini()
4283 spin_lock_init(&net->xfrm.xfrm_state_lock); in xfrm_net_init()
4284 spin_lock_init(&net->xfrm.xfrm_policy_lock); in xfrm_net_init()
4285 seqcount_spinlock_init(&net->xfrm.xfrm_policy_hash_generation, &net->xfrm.xfrm_policy_lock); in xfrm_net_init()
4286 mutex_init(&net->xfrm.xfrm_cfg_mutex); in xfrm_net_init()
4287 net->xfrm.policy_default[XFRM_POLICY_IN] = XFRM_USERPOLICY_ACCEPT; in xfrm_net_init()
4288 net->xfrm.policy_default[XFRM_POLICY_FWD] = XFRM_USERPOLICY_ACCEPT; in xfrm_net_init()
4289 net->xfrm.policy_default[XFRM_POLICY_OUT] = XFRM_USERPOLICY_ACCEPT; in xfrm_net_init()