On Mon, Oct 28, 2024 at 07:25:13 +0100, Greg Kroah-Hartman wrote: > 6.6-stable review patch. If anyone has any objections, please let me know. Hi Greg, This patch is a part of a new feature SA direction and it appears the auto patch selector picked one patch out of patch set? I think this patch alone should not be applied to older stable kernel. -antony > > ------------------ > > From: Antony Antony <antony.antony@xxxxxxxxxxx> > > [ Upstream commit a4a87fa4e96c7746e009de06a567688fd9af6013 ] > > This patch introduces the 'dir' attribute, 'in' or 'out', to the > xfrm_state, SA, enhancing usability by delineating the scope of values > based on direction. An input SA will restrict values pertinent to input, > effectively segregating them from output-related values. > And an output SA will restrict attributes for output. This change aims > to streamline the configuration process and improve the overall > consistency of SA attributes during configuration. > > This feature sets the groundwork for future patches, including > the upcoming IP-TFS patch. > > Signed-off-by: Antony Antony <antony.antony@xxxxxxxxxxx> > Reviewed-by: Sabrina Dubroca <sd@xxxxxxxxxxxxxxx> > Signed-off-by: Steffen Klassert <steffen.klassert@xxxxxxxxxxx> > Stable-dep-of: 3f0ab59e6537 ("xfrm: validate new SA's prefixlen using SA family when sel.family is unset") > Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> > --- > include/net/xfrm.h | 1 + > include/uapi/linux/xfrm.h | 6 ++ > net/xfrm/xfrm_compat.c | 7 +- > net/xfrm/xfrm_device.c | 6 ++ > net/xfrm/xfrm_replay.c | 3 +- > net/xfrm/xfrm_state.c | 8 +++ > net/xfrm/xfrm_user.c | 138 ++++++++++++++++++++++++++++++++++++-- > 7 files changed, 160 insertions(+), 9 deletions(-) > > diff --git a/include/net/xfrm.h b/include/net/xfrm.h > index 93a9866ee481f..c5cf062afd4a2 100644 > --- a/include/net/xfrm.h > +++ b/include/net/xfrm.h > @@ -292,6 +292,7 @@ struct xfrm_state { > /* Private data of this transformer, format is opaque, > * interpreted by xfrm_type methods. */ > void *data; > + u8 dir; > }; > > static inline struct net *xs_net(struct xfrm_state *x) > diff --git a/include/uapi/linux/xfrm.h b/include/uapi/linux/xfrm.h > index 23543c33fee82..7cd491caef354 100644 > --- a/include/uapi/linux/xfrm.h > +++ b/include/uapi/linux/xfrm.h > @@ -140,6 +140,11 @@ enum { > XFRM_POLICY_MAX = 3 > }; > > +enum xfrm_sa_dir { > + XFRM_SA_DIR_IN = 1, > + XFRM_SA_DIR_OUT = 2 > +}; > + > enum { > XFRM_SHARE_ANY, /* No limitations */ > XFRM_SHARE_SESSION, /* For this session only */ > @@ -314,6 +319,7 @@ enum xfrm_attr_type_t { > XFRMA_SET_MARK_MASK, /* __u32 */ > XFRMA_IF_ID, /* __u32 */ > XFRMA_MTIMER_THRESH, /* __u32 in seconds for input SA */ > + XFRMA_SA_DIR, /* __u8 */ > __XFRMA_MAX > > #define XFRMA_OUTPUT_MARK XFRMA_SET_MARK /* Compatibility */ > diff --git a/net/xfrm/xfrm_compat.c b/net/xfrm/xfrm_compat.c > index 655fe4ff86212..703d4172c7d73 100644 > --- a/net/xfrm/xfrm_compat.c > +++ b/net/xfrm/xfrm_compat.c > @@ -98,6 +98,7 @@ static const int compat_msg_min[XFRM_NR_MSGTYPES] = { > }; > > static const struct nla_policy compat_policy[XFRMA_MAX+1] = { > + [XFRMA_UNSPEC] = { .strict_start_type = XFRMA_SA_DIR }, > [XFRMA_SA] = { .len = XMSGSIZE(compat_xfrm_usersa_info)}, > [XFRMA_POLICY] = { .len = XMSGSIZE(compat_xfrm_userpolicy_info)}, > [XFRMA_LASTUSED] = { .type = NLA_U64}, > @@ -129,6 +130,7 @@ static const struct nla_policy compat_policy[XFRMA_MAX+1] = { > [XFRMA_SET_MARK_MASK] = { .type = NLA_U32 }, > [XFRMA_IF_ID] = { .type = NLA_U32 }, > [XFRMA_MTIMER_THRESH] = { .type = NLA_U32 }, > + [XFRMA_SA_DIR] = NLA_POLICY_RANGE(NLA_U8, XFRM_SA_DIR_IN, XFRM_SA_DIR_OUT), > }; > > static struct nlmsghdr *xfrm_nlmsg_put_compat(struct sk_buff *skb, > @@ -277,9 +279,10 @@ static int xfrm_xlate64_attr(struct sk_buff *dst, const struct nlattr *src) > case XFRMA_SET_MARK_MASK: > case XFRMA_IF_ID: > case XFRMA_MTIMER_THRESH: > + case XFRMA_SA_DIR: > return xfrm_nla_cpy(dst, src, nla_len(src)); > default: > - BUILD_BUG_ON(XFRMA_MAX != XFRMA_MTIMER_THRESH); > + BUILD_BUG_ON(XFRMA_MAX != XFRMA_SA_DIR); > pr_warn_once("unsupported nla_type %d\n", src->nla_type); > return -EOPNOTSUPP; > } > @@ -434,7 +437,7 @@ static int xfrm_xlate32_attr(void *dst, const struct nlattr *nla, > int err; > > if (type > XFRMA_MAX) { > - BUILD_BUG_ON(XFRMA_MAX != XFRMA_MTIMER_THRESH); > + BUILD_BUG_ON(XFRMA_MAX != XFRMA_SA_DIR); > NL_SET_ERR_MSG(extack, "Bad attribute"); > return -EOPNOTSUPP; > } > diff --git a/net/xfrm/xfrm_device.c b/net/xfrm/xfrm_device.c > index 04dc0c8a83707..fc18b9b4f22f3 100644 > --- a/net/xfrm/xfrm_device.c > +++ b/net/xfrm/xfrm_device.c > @@ -253,6 +253,12 @@ int xfrm_dev_state_add(struct net *net, struct xfrm_state *x, > return -EINVAL; > } > > + if ((xuo->flags & XFRM_OFFLOAD_INBOUND && x->dir == XFRM_SA_DIR_OUT) || > + (!(xuo->flags & XFRM_OFFLOAD_INBOUND) && x->dir == XFRM_SA_DIR_IN)) { > + NL_SET_ERR_MSG(extack, "Mismatched SA and offload direction"); > + return -EINVAL; > + } > + > is_packet_offload = xuo->flags & XFRM_OFFLOAD_PACKET; > > /* We don't yet support UDP encapsulation and TFC padding. */ > diff --git a/net/xfrm/xfrm_replay.c b/net/xfrm/xfrm_replay.c > index ce56d659c55a6..bc56c63057252 100644 > --- a/net/xfrm/xfrm_replay.c > +++ b/net/xfrm/xfrm_replay.c > @@ -778,7 +778,8 @@ int xfrm_init_replay(struct xfrm_state *x, struct netlink_ext_ack *extack) > } > > if (x->props.flags & XFRM_STATE_ESN) { > - if (replay_esn->replay_window == 0) { > + if (replay_esn->replay_window == 0 && > + (!x->dir || x->dir == XFRM_SA_DIR_IN)) { > NL_SET_ERR_MSG(extack, "ESN replay window must be > 0"); > return -EINVAL; > } > diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c > index 8a6e8656d014f..93c19f64746fa 100644 > --- a/net/xfrm/xfrm_state.c > +++ b/net/xfrm/xfrm_state.c > @@ -1349,6 +1349,7 @@ xfrm_state_find(const xfrm_address_t *daddr, const xfrm_address_t *saddr, > if (km_query(x, tmpl, pol) == 0) { > spin_lock_bh(&net->xfrm.xfrm_state_lock); > x->km.state = XFRM_STATE_ACQ; > + x->dir = XFRM_SA_DIR_OUT; > list_add(&x->km.all, &net->xfrm.state_all); > XFRM_STATE_INSERT(bydst, &x->bydst, > net->xfrm.state_bydst + h, > @@ -1801,6 +1802,7 @@ static struct xfrm_state *xfrm_state_clone(struct xfrm_state *orig, > x->lastused = orig->lastused; > x->new_mapping = 0; > x->new_mapping_sport = 0; > + x->dir = orig->dir; > > return x; > > @@ -1921,8 +1923,14 @@ int xfrm_state_update(struct xfrm_state *x) > } > > if (x1->km.state == XFRM_STATE_ACQ) { > + if (x->dir && x1->dir != x->dir) > + goto out; > + > __xfrm_state_insert(x); > x = NULL; > + } else { > + if (x1->dir != x->dir) > + goto out; > } > err = 0; > > diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c > index 979f23cded401..4328e81ea6a31 100644 > --- a/net/xfrm/xfrm_user.c > +++ b/net/xfrm/xfrm_user.c > @@ -130,7 +130,7 @@ static inline int verify_sec_ctx_len(struct nlattr **attrs, struct netlink_ext_a > } > > static inline int verify_replay(struct xfrm_usersa_info *p, > - struct nlattr **attrs, > + struct nlattr **attrs, u8 sa_dir, > struct netlink_ext_ack *extack) > { > struct nlattr *rt = attrs[XFRMA_REPLAY_ESN_VAL]; > @@ -168,6 +168,30 @@ static inline int verify_replay(struct xfrm_usersa_info *p, > return -EINVAL; > } > > + if (sa_dir == XFRM_SA_DIR_OUT) { > + if (rs->replay_window) { > + NL_SET_ERR_MSG(extack, "Replay window should be 0 for output SA"); > + return -EINVAL; > + } > + if (rs->seq || rs->seq_hi) { > + NL_SET_ERR_MSG(extack, > + "Replay seq and seq_hi should be 0 for output SA"); > + return -EINVAL; > + } > + if (rs->bmp_len) { > + NL_SET_ERR_MSG(extack, "Replay bmp_len should 0 for output SA"); > + return -EINVAL; > + } > + } > + > + if (sa_dir == XFRM_SA_DIR_IN) { > + if (rs->oseq || rs->oseq_hi) { > + NL_SET_ERR_MSG(extack, > + "Replay oseq and oseq_hi should be 0 for input SA"); > + return -EINVAL; > + } > + } > + > return 0; > } > > @@ -176,6 +200,7 @@ static int verify_newsa_info(struct xfrm_usersa_info *p, > struct netlink_ext_ack *extack) > { > int err; > + u8 sa_dir = attrs[XFRMA_SA_DIR] ? nla_get_u8(attrs[XFRMA_SA_DIR]) : 0; > > err = -EINVAL; > switch (p->family) { > @@ -334,7 +359,7 @@ static int verify_newsa_info(struct xfrm_usersa_info *p, > goto out; > if ((err = verify_sec_ctx_len(attrs, extack))) > goto out; > - if ((err = verify_replay(p, attrs, extack))) > + if ((err = verify_replay(p, attrs, sa_dir, extack))) > goto out; > > err = -EINVAL; > @@ -358,6 +383,77 @@ static int verify_newsa_info(struct xfrm_usersa_info *p, > err = -EINVAL; > goto out; > } > + > + if (sa_dir == XFRM_SA_DIR_OUT) { > + NL_SET_ERR_MSG(extack, > + "MTIMER_THRESH attribute should not be set on output SA"); > + err = -EINVAL; > + goto out; > + } > + } > + > + if (sa_dir == XFRM_SA_DIR_OUT) { > + if (p->flags & XFRM_STATE_DECAP_DSCP) { > + NL_SET_ERR_MSG(extack, "Flag DECAP_DSCP should not be set for output SA"); > + err = -EINVAL; > + goto out; > + } > + > + if (p->flags & XFRM_STATE_ICMP) { > + NL_SET_ERR_MSG(extack, "Flag ICMP should not be set for output SA"); > + err = -EINVAL; > + goto out; > + } > + > + if (p->flags & XFRM_STATE_WILDRECV) { > + NL_SET_ERR_MSG(extack, "Flag WILDRECV should not be set for output SA"); > + err = -EINVAL; > + goto out; > + } > + > + if (p->replay_window) { > + NL_SET_ERR_MSG(extack, "Replay window should be 0 for output SA"); > + err = -EINVAL; > + goto out; > + } > + > + if (attrs[XFRMA_REPLAY_VAL]) { > + struct xfrm_replay_state *replay; > + > + replay = nla_data(attrs[XFRMA_REPLAY_VAL]); > + > + if (replay->seq || replay->bitmap) { > + NL_SET_ERR_MSG(extack, > + "Replay seq and bitmap should be 0 for output SA"); > + err = -EINVAL; > + goto out; > + } > + } > + } > + > + if (sa_dir == XFRM_SA_DIR_IN) { > + if (p->flags & XFRM_STATE_NOPMTUDISC) { > + NL_SET_ERR_MSG(extack, "Flag NOPMTUDISC should not be set for input SA"); > + err = -EINVAL; > + goto out; > + } > + > + if (attrs[XFRMA_SA_EXTRA_FLAGS]) { > + u32 xflags = nla_get_u32(attrs[XFRMA_SA_EXTRA_FLAGS]); > + > + if (xflags & XFRM_SA_XFLAG_DONT_ENCAP_DSCP) { > + NL_SET_ERR_MSG(extack, "Flag DONT_ENCAP_DSCP should not be set for input SA"); > + err = -EINVAL; > + goto out; > + } > + > + if (xflags & XFRM_SA_XFLAG_OSEQ_MAY_WRAP) { > + NL_SET_ERR_MSG(extack, "Flag OSEQ_MAY_WRAP should not be set for input SA"); > + err = -EINVAL; > + goto out; > + } > + > + } > } > > out: > @@ -734,6 +830,9 @@ static struct xfrm_state *xfrm_state_construct(struct net *net, > if (attrs[XFRMA_IF_ID]) > x->if_id = nla_get_u32(attrs[XFRMA_IF_ID]); > > + if (attrs[XFRMA_SA_DIR]) > + x->dir = nla_get_u8(attrs[XFRMA_SA_DIR]); > + > err = __xfrm_init_state(x, false, attrs[XFRMA_OFFLOAD_DEV], extack); > if (err) > goto error; > @@ -1182,8 +1281,13 @@ static int copy_to_user_state_extra(struct xfrm_state *x, > if (ret) > goto out; > } > - if (x->mapping_maxage) > + if (x->mapping_maxage) { > ret = nla_put_u32(skb, XFRMA_MTIMER_THRESH, x->mapping_maxage); > + if (ret) > + goto out; > + } > + if (x->dir) > + ret = nla_put_u8(skb, XFRMA_SA_DIR, x->dir); > out: > return ret; > } > @@ -1618,6 +1722,9 @@ static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, > if (err) > goto out; > > + if (attrs[XFRMA_SA_DIR]) > + x->dir = nla_get_u8(attrs[XFRMA_SA_DIR]); > + > resp_skb = xfrm_state_netlink(skb, x, nlh->nlmsg_seq); > if (IS_ERR(resp_skb)) { > err = PTR_ERR(resp_skb); > @@ -2401,7 +2508,8 @@ static inline unsigned int xfrm_aevent_msgsize(struct xfrm_state *x) > + nla_total_size_64bit(sizeof(struct xfrm_lifetime_cur)) > + nla_total_size(sizeof(struct xfrm_mark)) > + nla_total_size(4) /* XFRM_AE_RTHR */ > - + nla_total_size(4); /* XFRM_AE_ETHR */ > + + nla_total_size(4) /* XFRM_AE_ETHR */ > + + nla_total_size(sizeof(x->dir)); /* XFRMA_SA_DIR */ > } > > static int build_aevent(struct sk_buff *skb, struct xfrm_state *x, const struct km_event *c) > @@ -2458,6 +2566,12 @@ static int build_aevent(struct sk_buff *skb, struct xfrm_state *x, const struct > if (err) > goto out_cancel; > > + if (x->dir) { > + err = nla_put_u8(skb, XFRMA_SA_DIR, x->dir); > + if (err) > + goto out_cancel; > + } > + > nlmsg_end(skb, nlh); > return 0; > > @@ -3017,6 +3131,7 @@ EXPORT_SYMBOL_GPL(xfrm_msg_min); > #undef XMSGSIZE > > const struct nla_policy xfrma_policy[XFRMA_MAX+1] = { > + [XFRMA_UNSPEC] = { .strict_start_type = XFRMA_SA_DIR }, > [XFRMA_SA] = { .len = sizeof(struct xfrm_usersa_info)}, > [XFRMA_POLICY] = { .len = sizeof(struct xfrm_userpolicy_info)}, > [XFRMA_LASTUSED] = { .type = NLA_U64}, > @@ -3048,6 +3163,7 @@ const struct nla_policy xfrma_policy[XFRMA_MAX+1] = { > [XFRMA_SET_MARK_MASK] = { .type = NLA_U32 }, > [XFRMA_IF_ID] = { .type = NLA_U32 }, > [XFRMA_MTIMER_THRESH] = { .type = NLA_U32 }, > + [XFRMA_SA_DIR] = NLA_POLICY_RANGE(NLA_U8, XFRM_SA_DIR_IN, XFRM_SA_DIR_OUT), > }; > EXPORT_SYMBOL_GPL(xfrma_policy); > > @@ -3188,8 +3304,9 @@ static void xfrm_netlink_rcv(struct sk_buff *skb) > > static inline unsigned int xfrm_expire_msgsize(void) > { > - return NLMSG_ALIGN(sizeof(struct xfrm_user_expire)) > - + nla_total_size(sizeof(struct xfrm_mark)); > + return NLMSG_ALIGN(sizeof(struct xfrm_user_expire)) + > + nla_total_size(sizeof(struct xfrm_mark)) + > + nla_total_size(sizeof_field(struct xfrm_state, dir)); > } > > static int build_expire(struct sk_buff *skb, struct xfrm_state *x, const struct km_event *c) > @@ -3216,6 +3333,12 @@ static int build_expire(struct sk_buff *skb, struct xfrm_state *x, const struct > if (err) > return err; > > + if (x->dir) { > + err = nla_put_u8(skb, XFRMA_SA_DIR, x->dir); > + if (err) > + return err; > + } > + > nlmsg_end(skb, nlh); > return 0; > } > @@ -3323,6 +3446,9 @@ static inline unsigned int xfrm_sa_len(struct xfrm_state *x) > if (x->mapping_maxage) > l += nla_total_size(sizeof(x->mapping_maxage)); > > + if (x->dir) > + l += nla_total_size(sizeof(x->dir)); > + > return l; > } > > -- > 2.43.0 > > >