1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * xfrm algorithm interface
4  *
5  * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
6  */
7 
8 #include <crypto/hash.h>
9 #include <crypto/skcipher.h>
10 #include <linux/module.h>
11 #include <linux/kernel.h>
12 #include <linux/pfkeyv2.h>
13 #include <linux/crypto.h>
14 #include <linux/scatterlist.h>
15 #include <net/xfrm.h>
16 #if IS_ENABLED(CONFIG_INET_ESP) || IS_ENABLED(CONFIG_INET6_ESP)
17 #include <net/esp.h>
18 #endif
19 
20 /*
21  * Algorithms supported by IPsec.  These entries contain properties which
22  * are used in key negotiation and xfrm processing, and are used to verify
23  * that instantiated crypto transforms have correct parameters for IPsec
24  * purposes.
25  */
26 static struct xfrm_algo_desc aead_list[] = {
27 {
28 	.name = "rfc4106(gcm(aes))",
29 
30 	.uinfo = {
31 		.aead = {
32 			.geniv = "seqiv",
33 			.icv_truncbits = 64,
34 		}
35 	},
36 
37 	.pfkey_supported = 1,
38 
39 	.desc = {
40 		.sadb_alg_id = SADB_X_EALG_AES_GCM_ICV8,
41 		.sadb_alg_ivlen = 8,
42 		.sadb_alg_minbits = 128,
43 		.sadb_alg_maxbits = 256
44 	}
45 },
46 {
47 	.name = "rfc4106(gcm(aes))",
48 
49 	.uinfo = {
50 		.aead = {
51 			.geniv = "seqiv",
52 			.icv_truncbits = 96,
53 		}
54 	},
55 
56 	.pfkey_supported = 1,
57 
58 	.desc = {
59 		.sadb_alg_id = SADB_X_EALG_AES_GCM_ICV12,
60 		.sadb_alg_ivlen = 8,
61 		.sadb_alg_minbits = 128,
62 		.sadb_alg_maxbits = 256
63 	}
64 },
65 {
66 	.name = "rfc4106(gcm(aes))",
67 
68 	.uinfo = {
69 		.aead = {
70 			.geniv = "seqiv",
71 			.icv_truncbits = 128,
72 		}
73 	},
74 
75 	.pfkey_supported = 1,
76 
77 	.desc = {
78 		.sadb_alg_id = SADB_X_EALG_AES_GCM_ICV16,
79 		.sadb_alg_ivlen = 8,
80 		.sadb_alg_minbits = 128,
81 		.sadb_alg_maxbits = 256
82 	}
83 },
84 {
85 	.name = "rfc4309(ccm(aes))",
86 
87 	.uinfo = {
88 		.aead = {
89 			.geniv = "seqiv",
90 			.icv_truncbits = 64,
91 		}
92 	},
93 
94 	.pfkey_supported = 1,
95 
96 	.desc = {
97 		.sadb_alg_id = SADB_X_EALG_AES_CCM_ICV8,
98 		.sadb_alg_ivlen = 8,
99 		.sadb_alg_minbits = 128,
100 		.sadb_alg_maxbits = 256
101 	}
102 },
103 {
104 	.name = "rfc4309(ccm(aes))",
105 
106 	.uinfo = {
107 		.aead = {
108 			.geniv = "seqiv",
109 			.icv_truncbits = 96,
110 		}
111 	},
112 
113 	.pfkey_supported = 1,
114 
115 	.desc = {
116 		.sadb_alg_id = SADB_X_EALG_AES_CCM_ICV12,
117 		.sadb_alg_ivlen = 8,
118 		.sadb_alg_minbits = 128,
119 		.sadb_alg_maxbits = 256
120 	}
121 },
122 {
123 	.name = "rfc4309(ccm(aes))",
124 
125 	.uinfo = {
126 		.aead = {
127 			.geniv = "seqiv",
128 			.icv_truncbits = 128,
129 		}
130 	},
131 
132 	.pfkey_supported = 1,
133 
134 	.desc = {
135 		.sadb_alg_id = SADB_X_EALG_AES_CCM_ICV16,
136 		.sadb_alg_ivlen = 8,
137 		.sadb_alg_minbits = 128,
138 		.sadb_alg_maxbits = 256
139 	}
140 },
141 {
142 	.name = "rfc4543(gcm(aes))",
143 
144 	.uinfo = {
145 		.aead = {
146 			.geniv = "seqiv",
147 			.icv_truncbits = 128,
148 		}
149 	},
150 
151 	.pfkey_supported = 1,
152 
153 	.desc = {
154 		.sadb_alg_id = SADB_X_EALG_NULL_AES_GMAC,
155 		.sadb_alg_ivlen = 8,
156 		.sadb_alg_minbits = 128,
157 		.sadb_alg_maxbits = 256
158 	}
159 },
160 {
161 	.name = "rfc7539esp(chacha20,poly1305)",
162 
163 	.uinfo = {
164 		.aead = {
165 			.geniv = "seqiv",
166 			.icv_truncbits = 128,
167 		}
168 	},
169 
170 	.pfkey_supported = 0,
171 },
172 };
173 
174 static struct xfrm_algo_desc aalg_list[] = {
175 {
176 	.name = "digest_null",
177 
178 	.uinfo = {
179 		.auth = {
180 			.icv_truncbits = 0,
181 			.icv_fullbits = 0,
182 		}
183 	},
184 
185 	.pfkey_supported = 1,
186 
187 	.desc = {
188 		.sadb_alg_id = SADB_X_AALG_NULL,
189 		.sadb_alg_ivlen = 0,
190 		.sadb_alg_minbits = 0,
191 		.sadb_alg_maxbits = 0
192 	}
193 },
194 {
195 	.name = "hmac(md5)",
196 	.compat = "md5",
197 
198 	.uinfo = {
199 		.auth = {
200 			.icv_truncbits = 96,
201 			.icv_fullbits = 128,
202 		}
203 	},
204 
205 	.pfkey_supported = 1,
206 
207 	.desc = {
208 		.sadb_alg_id = SADB_AALG_MD5HMAC,
209 		.sadb_alg_ivlen = 0,
210 		.sadb_alg_minbits = 128,
211 		.sadb_alg_maxbits = 128
212 	}
213 },
214 {
215 	.name = "hmac(sha1)",
216 	.compat = "sha1",
217 
218 	.uinfo = {
219 		.auth = {
220 			.icv_truncbits = 96,
221 			.icv_fullbits = 160,
222 		}
223 	},
224 
225 	.pfkey_supported = 1,
226 
227 	.desc = {
228 		.sadb_alg_id = SADB_AALG_SHA1HMAC,
229 		.sadb_alg_ivlen = 0,
230 		.sadb_alg_minbits = 160,
231 		.sadb_alg_maxbits = 160
232 	}
233 },
234 {
235 	.name = "hmac(sha256)",
236 	.compat = "sha256",
237 
238 	.uinfo = {
239 		.auth = {
240 			.icv_truncbits = 96,
241 			.icv_fullbits = 256,
242 		}
243 	},
244 
245 	.pfkey_supported = 1,
246 
247 	.desc = {
248 		.sadb_alg_id = SADB_X_AALG_SHA2_256HMAC,
249 		.sadb_alg_ivlen = 0,
250 		.sadb_alg_minbits = 256,
251 		.sadb_alg_maxbits = 256
252 	}
253 },
254 {
255 	.name = "hmac(sha384)",
256 
257 	.uinfo = {
258 		.auth = {
259 			.icv_truncbits = 192,
260 			.icv_fullbits = 384,
261 		}
262 	},
263 
264 	.pfkey_supported = 1,
265 
266 	.desc = {
267 		.sadb_alg_id = SADB_X_AALG_SHA2_384HMAC,
268 		.sadb_alg_ivlen = 0,
269 		.sadb_alg_minbits = 384,
270 		.sadb_alg_maxbits = 384
271 	}
272 },
273 {
274 	.name = "hmac(sha512)",
275 
276 	.uinfo = {
277 		.auth = {
278 			.icv_truncbits = 256,
279 			.icv_fullbits = 512,
280 		}
281 	},
282 
283 	.pfkey_supported = 1,
284 
285 	.desc = {
286 		.sadb_alg_id = SADB_X_AALG_SHA2_512HMAC,
287 		.sadb_alg_ivlen = 0,
288 		.sadb_alg_minbits = 512,
289 		.sadb_alg_maxbits = 512
290 	}
291 },
292 {
293 	.name = "hmac(rmd160)",
294 	.compat = "rmd160",
295 
296 	.uinfo = {
297 		.auth = {
298 			.icv_truncbits = 96,
299 			.icv_fullbits = 160,
300 		}
301 	},
302 
303 	.pfkey_supported = 1,
304 
305 	.desc = {
306 		.sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC,
307 		.sadb_alg_ivlen = 0,
308 		.sadb_alg_minbits = 160,
309 		.sadb_alg_maxbits = 160
310 	}
311 },
312 {
313 	.name = "xcbc(aes)",
314 
315 	.uinfo = {
316 		.auth = {
317 			.icv_truncbits = 96,
318 			.icv_fullbits = 128,
319 		}
320 	},
321 
322 	.pfkey_supported = 1,
323 
324 	.desc = {
325 		.sadb_alg_id = SADB_X_AALG_AES_XCBC_MAC,
326 		.sadb_alg_ivlen = 0,
327 		.sadb_alg_minbits = 128,
328 		.sadb_alg_maxbits = 128
329 	}
330 },
331 {
332 	/* rfc4494 */
333 	.name = "cmac(aes)",
334 
335 	.uinfo = {
336 		.auth = {
337 			.icv_truncbits = 96,
338 			.icv_fullbits = 128,
339 		}
340 	},
341 
342 	.pfkey_supported = 0,
343 },
344 {
345 	.name = "hmac(sm3)",
346 	.compat = "sm3",
347 
348 	.uinfo = {
349 		.auth = {
350 			.icv_truncbits = 256,
351 			.icv_fullbits = 256,
352 		}
353 	},
354 
355 	.pfkey_supported = 1,
356 
357 	.desc = {
358 		.sadb_alg_id = SADB_X_AALG_SM3_256HMAC,
359 		.sadb_alg_ivlen = 0,
360 		.sadb_alg_minbits = 256,
361 		.sadb_alg_maxbits = 256
362 	}
363 },
364 };
365 
366 static struct xfrm_algo_desc ealg_list[] = {
367 {
368 	.name = "ecb(cipher_null)",
369 	.compat = "cipher_null",
370 
371 	.uinfo = {
372 		.encr = {
373 			.blockbits = 8,
374 			.defkeybits = 0,
375 		}
376 	},
377 
378 	.pfkey_supported = 1,
379 
380 	.desc = {
381 		.sadb_alg_id =	SADB_EALG_NULL,
382 		.sadb_alg_ivlen = 0,
383 		.sadb_alg_minbits = 0,
384 		.sadb_alg_maxbits = 0
385 	}
386 },
387 {
388 	.name = "cbc(des)",
389 	.compat = "des",
390 
391 	.uinfo = {
392 		.encr = {
393 			.geniv = "echainiv",
394 			.blockbits = 64,
395 			.defkeybits = 64,
396 		}
397 	},
398 
399 	.pfkey_supported = 1,
400 
401 	.desc = {
402 		.sadb_alg_id = SADB_EALG_DESCBC,
403 		.sadb_alg_ivlen = 8,
404 		.sadb_alg_minbits = 64,
405 		.sadb_alg_maxbits = 64
406 	}
407 },
408 {
409 	.name = "cbc(des3_ede)",
410 	.compat = "des3_ede",
411 
412 	.uinfo = {
413 		.encr = {
414 			.geniv = "echainiv",
415 			.blockbits = 64,
416 			.defkeybits = 192,
417 		}
418 	},
419 
420 	.pfkey_supported = 1,
421 
422 	.desc = {
423 		.sadb_alg_id = SADB_EALG_3DESCBC,
424 		.sadb_alg_ivlen = 8,
425 		.sadb_alg_minbits = 192,
426 		.sadb_alg_maxbits = 192
427 	}
428 },
429 {
430 	.name = "cbc(cast5)",
431 	.compat = "cast5",
432 
433 	.uinfo = {
434 		.encr = {
435 			.geniv = "echainiv",
436 			.blockbits = 64,
437 			.defkeybits = 128,
438 		}
439 	},
440 
441 	.pfkey_supported = 1,
442 
443 	.desc = {
444 		.sadb_alg_id = SADB_X_EALG_CASTCBC,
445 		.sadb_alg_ivlen = 8,
446 		.sadb_alg_minbits = 40,
447 		.sadb_alg_maxbits = 128
448 	}
449 },
450 {
451 	.name = "cbc(blowfish)",
452 	.compat = "blowfish",
453 
454 	.uinfo = {
455 		.encr = {
456 			.geniv = "echainiv",
457 			.blockbits = 64,
458 			.defkeybits = 128,
459 		}
460 	},
461 
462 	.pfkey_supported = 1,
463 
464 	.desc = {
465 		.sadb_alg_id = SADB_X_EALG_BLOWFISHCBC,
466 		.sadb_alg_ivlen = 8,
467 		.sadb_alg_minbits = 40,
468 		.sadb_alg_maxbits = 448
469 	}
470 },
471 {
472 	.name = "cbc(aes)",
473 	.compat = "aes",
474 
475 	.uinfo = {
476 		.encr = {
477 			.geniv = "echainiv",
478 			.blockbits = 128,
479 			.defkeybits = 128,
480 		}
481 	},
482 
483 	.pfkey_supported = 1,
484 
485 	.desc = {
486 		.sadb_alg_id = SADB_X_EALG_AESCBC,
487 		.sadb_alg_ivlen = 8,
488 		.sadb_alg_minbits = 128,
489 		.sadb_alg_maxbits = 256
490 	}
491 },
492 {
493 	.name = "cbc(serpent)",
494 	.compat = "serpent",
495 
496 	.uinfo = {
497 		.encr = {
498 			.geniv = "echainiv",
499 			.blockbits = 128,
500 			.defkeybits = 128,
501 		}
502 	},
503 
504 	.pfkey_supported = 1,
505 
506 	.desc = {
507 		.sadb_alg_id = SADB_X_EALG_SERPENTCBC,
508 		.sadb_alg_ivlen = 8,
509 		.sadb_alg_minbits = 128,
510 		.sadb_alg_maxbits = 256,
511 	}
512 },
513 {
514 	.name = "cbc(camellia)",
515 	.compat = "camellia",
516 
517 	.uinfo = {
518 		.encr = {
519 			.geniv = "echainiv",
520 			.blockbits = 128,
521 			.defkeybits = 128,
522 		}
523 	},
524 
525 	.pfkey_supported = 1,
526 
527 	.desc = {
528 		.sadb_alg_id = SADB_X_EALG_CAMELLIACBC,
529 		.sadb_alg_ivlen = 8,
530 		.sadb_alg_minbits = 128,
531 		.sadb_alg_maxbits = 256
532 	}
533 },
534 {
535 	.name = "cbc(twofish)",
536 	.compat = "twofish",
537 
538 	.uinfo = {
539 		.encr = {
540 			.geniv = "echainiv",
541 			.blockbits = 128,
542 			.defkeybits = 128,
543 		}
544 	},
545 
546 	.pfkey_supported = 1,
547 
548 	.desc = {
549 		.sadb_alg_id = SADB_X_EALG_TWOFISHCBC,
550 		.sadb_alg_ivlen = 8,
551 		.sadb_alg_minbits = 128,
552 		.sadb_alg_maxbits = 256
553 	}
554 },
555 {
556 	.name = "rfc3686(ctr(aes))",
557 
558 	.uinfo = {
559 		.encr = {
560 			.geniv = "seqiv",
561 			.blockbits = 128,
562 			.defkeybits = 160, /* 128-bit key + 32-bit nonce */
563 		}
564 	},
565 
566 	.pfkey_supported = 1,
567 
568 	.desc = {
569 		.sadb_alg_id = SADB_X_EALG_AESCTR,
570 		.sadb_alg_ivlen	= 8,
571 		.sadb_alg_minbits = 160,
572 		.sadb_alg_maxbits = 288
573 	}
574 },
575 {
576 	.name = "cbc(sm4)",
577 	.compat = "sm4",
578 
579 	.uinfo = {
580 		.encr = {
581 			.geniv = "echainiv",
582 			.blockbits = 128,
583 			.defkeybits = 128,
584 		}
585 	},
586 
587 	.pfkey_supported = 1,
588 
589 	.desc = {
590 		.sadb_alg_id = SADB_X_EALG_SM4CBC,
591 		.sadb_alg_ivlen	= 16,
592 		.sadb_alg_minbits = 128,
593 		.sadb_alg_maxbits = 256
594 	}
595 },
596 };
597 
598 static struct xfrm_algo_desc calg_list[] = {
599 {
600 	.name = "deflate",
601 	.uinfo = {
602 		.comp = {
603 			.threshold = 90,
604 		}
605 	},
606 	.pfkey_supported = 1,
607 	.desc = { .sadb_alg_id = SADB_X_CALG_DEFLATE }
608 },
609 {
610 	.name = "lzs",
611 	.uinfo = {
612 		.comp = {
613 			.threshold = 90,
614 		}
615 	},
616 	.pfkey_supported = 1,
617 	.desc = { .sadb_alg_id = SADB_X_CALG_LZS }
618 },
619 {
620 	.name = "lzjh",
621 	.uinfo = {
622 		.comp = {
623 			.threshold = 50,
624 		}
625 	},
626 	.pfkey_supported = 1,
627 	.desc = { .sadb_alg_id = SADB_X_CALG_LZJH }
628 },
629 };
630 
aalg_entries(void)631 static inline int aalg_entries(void)
632 {
633 	return ARRAY_SIZE(aalg_list);
634 }
635 
ealg_entries(void)636 static inline int ealg_entries(void)
637 {
638 	return ARRAY_SIZE(ealg_list);
639 }
640 
calg_entries(void)641 static inline int calg_entries(void)
642 {
643 	return ARRAY_SIZE(calg_list);
644 }
645 
646 struct xfrm_algo_list {
647 	struct xfrm_algo_desc *algs;
648 	int entries;
649 	u32 type;
650 	u32 mask;
651 };
652 
653 static const struct xfrm_algo_list xfrm_aead_list = {
654 	.algs = aead_list,
655 	.entries = ARRAY_SIZE(aead_list),
656 	.type = CRYPTO_ALG_TYPE_AEAD,
657 	.mask = CRYPTO_ALG_TYPE_MASK,
658 };
659 
660 static const struct xfrm_algo_list xfrm_aalg_list = {
661 	.algs = aalg_list,
662 	.entries = ARRAY_SIZE(aalg_list),
663 	.type = CRYPTO_ALG_TYPE_HASH,
664 	.mask = CRYPTO_ALG_TYPE_HASH_MASK,
665 };
666 
667 static const struct xfrm_algo_list xfrm_ealg_list = {
668 	.algs = ealg_list,
669 	.entries = ARRAY_SIZE(ealg_list),
670 	.type = CRYPTO_ALG_TYPE_SKCIPHER,
671 	.mask = CRYPTO_ALG_TYPE_MASK,
672 };
673 
674 static const struct xfrm_algo_list xfrm_calg_list = {
675 	.algs = calg_list,
676 	.entries = ARRAY_SIZE(calg_list),
677 	.type = CRYPTO_ALG_TYPE_COMPRESS,
678 	.mask = CRYPTO_ALG_TYPE_MASK,
679 };
680 
xfrm_find_algo(const struct xfrm_algo_list * algo_list,int match (const struct xfrm_algo_desc * entry,const void * data),const void * data,int probe)681 static struct xfrm_algo_desc *xfrm_find_algo(
682 	const struct xfrm_algo_list *algo_list,
683 	int match(const struct xfrm_algo_desc *entry, const void *data),
684 	const void *data, int probe)
685 {
686 	struct xfrm_algo_desc *list = algo_list->algs;
687 	int i, status;
688 
689 	for (i = 0; i < algo_list->entries; i++) {
690 		if (!match(list + i, data))
691 			continue;
692 
693 		if (list[i].available)
694 			return &list[i];
695 
696 		if (!probe)
697 			break;
698 
699 		status = crypto_has_alg(list[i].name, algo_list->type,
700 					algo_list->mask);
701 		if (!status)
702 			break;
703 
704 		list[i].available = status;
705 		return &list[i];
706 	}
707 	return NULL;
708 }
709 
xfrm_alg_id_match(const struct xfrm_algo_desc * entry,const void * data)710 static int xfrm_alg_id_match(const struct xfrm_algo_desc *entry,
711 			     const void *data)
712 {
713 	return entry->desc.sadb_alg_id == (unsigned long)data;
714 }
715 
xfrm_aalg_get_byid(int alg_id)716 struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id)
717 {
718 	return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_id_match,
719 			      (void *)(unsigned long)alg_id, 1);
720 }
721 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byid);
722 
xfrm_ealg_get_byid(int alg_id)723 struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id)
724 {
725 	return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_id_match,
726 			      (void *)(unsigned long)alg_id, 1);
727 }
728 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byid);
729 
xfrm_calg_get_byid(int alg_id)730 struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id)
731 {
732 	return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_id_match,
733 			      (void *)(unsigned long)alg_id, 1);
734 }
735 EXPORT_SYMBOL_GPL(xfrm_calg_get_byid);
736 
xfrm_alg_name_match(const struct xfrm_algo_desc * entry,const void * data)737 static int xfrm_alg_name_match(const struct xfrm_algo_desc *entry,
738 			       const void *data)
739 {
740 	const char *name = data;
741 
742 	return name && (!strcmp(name, entry->name) ||
743 			(entry->compat && !strcmp(name, entry->compat)));
744 }
745 
xfrm_aalg_get_byname(const char * name,int probe)746 struct xfrm_algo_desc *xfrm_aalg_get_byname(const char *name, int probe)
747 {
748 	return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_name_match, name,
749 			      probe);
750 }
751 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byname);
752 
xfrm_ealg_get_byname(const char * name,int probe)753 struct xfrm_algo_desc *xfrm_ealg_get_byname(const char *name, int probe)
754 {
755 	return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_name_match, name,
756 			      probe);
757 }
758 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byname);
759 
xfrm_calg_get_byname(const char * name,int probe)760 struct xfrm_algo_desc *xfrm_calg_get_byname(const char *name, int probe)
761 {
762 	return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_name_match, name,
763 			      probe);
764 }
765 EXPORT_SYMBOL_GPL(xfrm_calg_get_byname);
766 
767 struct xfrm_aead_name {
768 	const char *name;
769 	int icvbits;
770 };
771 
xfrm_aead_name_match(const struct xfrm_algo_desc * entry,const void * data)772 static int xfrm_aead_name_match(const struct xfrm_algo_desc *entry,
773 				const void *data)
774 {
775 	const struct xfrm_aead_name *aead = data;
776 	const char *name = aead->name;
777 
778 	return aead->icvbits == entry->uinfo.aead.icv_truncbits && name &&
779 	       !strcmp(name, entry->name);
780 }
781 
xfrm_aead_get_byname(const char * name,int icv_len,int probe)782 struct xfrm_algo_desc *xfrm_aead_get_byname(const char *name, int icv_len, int probe)
783 {
784 	struct xfrm_aead_name data = {
785 		.name = name,
786 		.icvbits = icv_len,
787 	};
788 
789 	return xfrm_find_algo(&xfrm_aead_list, xfrm_aead_name_match, &data,
790 			      probe);
791 }
792 EXPORT_SYMBOL_GPL(xfrm_aead_get_byname);
793 
xfrm_aalg_get_byidx(unsigned int idx)794 struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx)
795 {
796 	if (idx >= aalg_entries())
797 		return NULL;
798 
799 	return &aalg_list[idx];
800 }
801 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byidx);
802 
xfrm_ealg_get_byidx(unsigned int idx)803 struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx)
804 {
805 	if (idx >= ealg_entries())
806 		return NULL;
807 
808 	return &ealg_list[idx];
809 }
810 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byidx);
811 
812 /*
813  * Probe for the availability of crypto algorithms, and set the available
814  * flag for any algorithms found on the system.  This is typically called by
815  * pfkey during userspace SA add, update or register.
816  */
xfrm_probe_algs(void)817 void xfrm_probe_algs(void)
818 {
819 	int i, status;
820 
821 	BUG_ON(in_softirq());
822 
823 	for (i = 0; i < aalg_entries(); i++) {
824 		status = crypto_has_ahash(aalg_list[i].name, 0, 0);
825 		if (aalg_list[i].available != status)
826 			aalg_list[i].available = status;
827 	}
828 
829 	for (i = 0; i < ealg_entries(); i++) {
830 		status = crypto_has_skcipher(ealg_list[i].name, 0, 0);
831 		if (ealg_list[i].available != status)
832 			ealg_list[i].available = status;
833 	}
834 
835 	for (i = 0; i < calg_entries(); i++) {
836 		status = crypto_has_comp(calg_list[i].name, 0,
837 					 CRYPTO_ALG_ASYNC);
838 		if (calg_list[i].available != status)
839 			calg_list[i].available = status;
840 	}
841 }
842 EXPORT_SYMBOL_GPL(xfrm_probe_algs);
843 
xfrm_count_pfkey_auth_supported(void)844 int xfrm_count_pfkey_auth_supported(void)
845 {
846 	int i, n;
847 
848 	for (i = 0, n = 0; i < aalg_entries(); i++)
849 		if (aalg_list[i].available && aalg_list[i].pfkey_supported)
850 			n++;
851 	return n;
852 }
853 EXPORT_SYMBOL_GPL(xfrm_count_pfkey_auth_supported);
854 
xfrm_count_pfkey_enc_supported(void)855 int xfrm_count_pfkey_enc_supported(void)
856 {
857 	int i, n;
858 
859 	for (i = 0, n = 0; i < ealg_entries(); i++)
860 		if (ealg_list[i].available && ealg_list[i].pfkey_supported)
861 			n++;
862 	return n;
863 }
864 EXPORT_SYMBOL_GPL(xfrm_count_pfkey_enc_supported);
865 
866 MODULE_LICENSE("GPL");
867