1/*	$FreeBSD$	*/
2/*	$KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $	*/
3
4/*-
5 * SPDX-License-Identifier: BSD-3-Clause
6 *
7 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
8 * All rights reserved.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 *    notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 *    notice, this list of conditions and the following disclaimer in the
17 *    documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the project nor the names of its contributors
19 *    may be used to endorse or promote products derived from this software
20 *    without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 */
34
35/*
36 * This code is referd to RFC 2367
37 */
38
39#include "opt_inet.h"
40#include "opt_inet6.h"
41#include "opt_ipsec.h"
42
43#include <sys/types.h>
44#include <sys/param.h>
45#include <sys/systm.h>
46#include <sys/kernel.h>
47#include <sys/fnv_hash.h>
48#include <sys/lock.h>
49#include <sys/mutex.h>
50#include <sys/mbuf.h>
51#include <sys/domain.h>
52#include <sys/protosw.h>
53#include <sys/malloc.h>
54#include <sys/rmlock.h>
55#include <sys/socket.h>
56#include <sys/socketvar.h>
57#include <sys/sysctl.h>
58#include <sys/errno.h>
59#include <sys/proc.h>
60#include <sys/queue.h>
61#include <sys/refcount.h>
62#include <sys/syslog.h>
63
64#include <vm/uma.h>
65
66#include <net/if.h>
67#include <net/if_var.h>
68#include <net/vnet.h>
69#include <net/raw_cb.h>
70
71#include <netinet/in.h>
72#include <netinet/in_systm.h>
73#include <netinet/ip.h>
74#include <netinet/in_var.h>
75#include <netinet/udp.h>
76
77#ifdef INET6
78#include <netinet/ip6.h>
79#include <netinet6/in6_var.h>
80#include <netinet6/ip6_var.h>
81#endif /* INET6 */
82
83#include <net/pfkeyv2.h>
84#include <netipsec/keydb.h>
85#include <netipsec/key.h>
86#include <netipsec/keysock.h>
87#include <netipsec/key_debug.h>
88
89#include <netipsec/ipsec.h>
90#ifdef INET6
91#include <netipsec/ipsec6.h>
92#endif
93
94#include <netipsec/xform.h>
95#include <machine/in_cksum.h>
96#include <machine/stdarg.h>
97
98/* randomness */
99#include <sys/random.h>
100
101#define FULLMASK	0xff
102#define	_BITS(bytes)	((bytes) << 3)
103
104/*
105 * Note on SA reference counting:
106 * - SAs that are not in DEAD state will have (total external reference + 1)
107 *   following value in reference count field.  they cannot be freed and are
108 *   referenced from SA header.
109 * - SAs that are in DEAD state will have (total external reference)
110 *   in reference count field.  they are ready to be freed.  reference from
111 *   SA header will be removed in key_delsav(), when the reference count
112 *   field hits 0 (= no external reference other than from SA header.
113 */
114
115VNET_DEFINE(u_int32_t, key_debug_level) = 0;
116VNET_DEFINE_STATIC(u_int, key_spi_trycnt) = 1000;
117VNET_DEFINE_STATIC(u_int32_t, key_spi_minval) = 0x100;
118VNET_DEFINE_STATIC(u_int32_t, key_spi_maxval) = 0x0fffffff;	/* XXX */
119VNET_DEFINE_STATIC(u_int32_t, policy_id) = 0;
120/*interval to initialize randseed,1(m)*/
121VNET_DEFINE_STATIC(u_int, key_int_random) = 60;
122/* interval to expire acquiring, 30(s)*/
123VNET_DEFINE_STATIC(u_int, key_larval_lifetime) = 30;
124/* counter for blocking SADB_ACQUIRE.*/
125VNET_DEFINE_STATIC(int, key_blockacq_count) = 10;
126/* lifetime for blocking SADB_ACQUIRE.*/
127VNET_DEFINE_STATIC(int, key_blockacq_lifetime) = 20;
128/* preferred old sa rather than new sa.*/
129VNET_DEFINE_STATIC(int, key_preferred_oldsa) = 1;
130#define	V_key_spi_trycnt	VNET(key_spi_trycnt)
131#define	V_key_spi_minval	VNET(key_spi_minval)
132#define	V_key_spi_maxval	VNET(key_spi_maxval)
133#define	V_policy_id		VNET(policy_id)
134#define	V_key_int_random	VNET(key_int_random)
135#define	V_key_larval_lifetime	VNET(key_larval_lifetime)
136#define	V_key_blockacq_count	VNET(key_blockacq_count)
137#define	V_key_blockacq_lifetime	VNET(key_blockacq_lifetime)
138#define	V_key_preferred_oldsa	VNET(key_preferred_oldsa)
139
140VNET_DEFINE_STATIC(u_int32_t, acq_seq) = 0;
141#define	V_acq_seq		VNET(acq_seq)
142
143VNET_DEFINE_STATIC(uint32_t, sp_genid) = 0;
144#define	V_sp_genid		VNET(sp_genid)
145
146/* SPD */
147TAILQ_HEAD(secpolicy_queue, secpolicy);
148LIST_HEAD(secpolicy_list, secpolicy);
149VNET_DEFINE_STATIC(struct secpolicy_queue, sptree[IPSEC_DIR_MAX]);
150VNET_DEFINE_STATIC(struct secpolicy_queue, sptree_ifnet[IPSEC_DIR_MAX]);
151static struct rmlock sptree_lock;
152#define	V_sptree		VNET(sptree)
153#define	V_sptree_ifnet		VNET(sptree_ifnet)
154#define	SPTREE_LOCK_INIT()      rm_init(&sptree_lock, "sptree")
155#define	SPTREE_LOCK_DESTROY()   rm_destroy(&sptree_lock)
156#define	SPTREE_RLOCK_TRACKER    struct rm_priotracker sptree_tracker
157#define	SPTREE_RLOCK()          rm_rlock(&sptree_lock, &sptree_tracker)
158#define	SPTREE_RUNLOCK()        rm_runlock(&sptree_lock, &sptree_tracker)
159#define	SPTREE_RLOCK_ASSERT()   rm_assert(&sptree_lock, RA_RLOCKED)
160#define	SPTREE_WLOCK()          rm_wlock(&sptree_lock)
161#define	SPTREE_WUNLOCK()        rm_wunlock(&sptree_lock)
162#define	SPTREE_WLOCK_ASSERT()   rm_assert(&sptree_lock, RA_WLOCKED)
163#define	SPTREE_UNLOCK_ASSERT()  rm_assert(&sptree_lock, RA_UNLOCKED)
164
165/* Hash table for lookup SP using unique id */
166VNET_DEFINE_STATIC(struct secpolicy_list *, sphashtbl);
167VNET_DEFINE_STATIC(u_long, sphash_mask);
168#define	V_sphashtbl		VNET(sphashtbl)
169#define	V_sphash_mask		VNET(sphash_mask)
170
171#define	SPHASH_NHASH_LOG2	7
172#define	SPHASH_NHASH		(1 << SPHASH_NHASH_LOG2)
173#define	SPHASH_HASHVAL(id)	(key_u32hash(id) & V_sphash_mask)
174#define	SPHASH_HASH(id)		&V_sphashtbl[SPHASH_HASHVAL(id)]
175
176/* SPD cache */
177struct spdcache_entry {
178   struct secpolicyindex spidx;	/* secpolicyindex */
179   struct secpolicy *sp;	/* cached policy to be used */
180
181   LIST_ENTRY(spdcache_entry) chain;
182};
183LIST_HEAD(spdcache_entry_list, spdcache_entry);
184
185#define	SPDCACHE_MAX_ENTRIES_PER_HASH	8
186
187VNET_DEFINE_STATIC(u_int, key_spdcache_maxentries) = 0;
188#define	V_key_spdcache_maxentries	VNET(key_spdcache_maxentries)
189VNET_DEFINE_STATIC(u_int, key_spdcache_threshold) = 32;
190#define	V_key_spdcache_threshold	VNET(key_spdcache_threshold)
191VNET_DEFINE_STATIC(unsigned long, spd_size) = 0;
192#define	V_spd_size		VNET(spd_size)
193
194#define SPDCACHE_ENABLED()	(V_key_spdcache_maxentries != 0)
195#define SPDCACHE_ACTIVE() \
196	(SPDCACHE_ENABLED() && V_spd_size >= V_key_spdcache_threshold)
197
198VNET_DEFINE_STATIC(struct spdcache_entry_list *, spdcachehashtbl);
199VNET_DEFINE_STATIC(u_long, spdcachehash_mask);
200#define	V_spdcachehashtbl	VNET(spdcachehashtbl)
201#define	V_spdcachehash_mask	VNET(spdcachehash_mask)
202
203#define	SPDCACHE_HASHVAL(idx) \
204	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->ul_proto) &  \
205	    V_spdcachehash_mask)
206
207/* Each cache line is protected by a mutex */
208VNET_DEFINE_STATIC(struct mtx *, spdcache_lock);
209#define	V_spdcache_lock		VNET(spdcache_lock)
210
211#define	SPDCACHE_LOCK_INIT(a) \
212	mtx_init(&V_spdcache_lock[a], "spdcache", \
213	    "fast ipsec SPD cache", MTX_DEF|MTX_DUPOK)
214#define	SPDCACHE_LOCK_DESTROY(a)	mtx_destroy(&V_spdcache_lock[a])
215#define	SPDCACHE_LOCK(a)		mtx_lock(&V_spdcache_lock[a]);
216#define	SPDCACHE_UNLOCK(a)		mtx_unlock(&V_spdcache_lock[a]);
217
218/* SAD */
219TAILQ_HEAD(secashead_queue, secashead);
220LIST_HEAD(secashead_list, secashead);
221VNET_DEFINE_STATIC(struct secashead_queue, sahtree);
222static struct rmlock sahtree_lock;
223#define	V_sahtree		VNET(sahtree)
224#define	SAHTREE_LOCK_INIT()	rm_init(&sahtree_lock, "sahtree")
225#define	SAHTREE_LOCK_DESTROY()	rm_destroy(&sahtree_lock)
226#define	SAHTREE_RLOCK_TRACKER	struct rm_priotracker sahtree_tracker
227#define	SAHTREE_RLOCK()		rm_rlock(&sahtree_lock, &sahtree_tracker)
228#define	SAHTREE_RUNLOCK()	rm_runlock(&sahtree_lock, &sahtree_tracker)
229#define	SAHTREE_RLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_RLOCKED)
230#define	SAHTREE_WLOCK()		rm_wlock(&sahtree_lock)
231#define	SAHTREE_WUNLOCK()	rm_wunlock(&sahtree_lock)
232#define	SAHTREE_WLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_WLOCKED)
233#define	SAHTREE_UNLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_UNLOCKED)
234
235/* Hash table for lookup in SAD using SA addresses */
236VNET_DEFINE_STATIC(struct secashead_list *, sahaddrhashtbl);
237VNET_DEFINE_STATIC(u_long, sahaddrhash_mask);
238#define	V_sahaddrhashtbl	VNET(sahaddrhashtbl)
239#define	V_sahaddrhash_mask	VNET(sahaddrhash_mask)
240
241#define	SAHHASH_NHASH_LOG2	7
242#define	SAHHASH_NHASH		(1 << SAHHASH_NHASH_LOG2)
243#define	SAHADDRHASH_HASHVAL(idx)	\
244	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->proto) & \
245	    V_sahaddrhash_mask)
246#define	SAHADDRHASH_HASH(saidx)		\
247    &V_sahaddrhashtbl[SAHADDRHASH_HASHVAL(saidx)]
248
249/* Hash table for lookup in SAD using SPI */
250LIST_HEAD(secasvar_list, secasvar);
251VNET_DEFINE_STATIC(struct secasvar_list *, savhashtbl);
252VNET_DEFINE_STATIC(u_long, savhash_mask);
253#define	V_savhashtbl		VNET(savhashtbl)
254#define	V_savhash_mask		VNET(savhash_mask)
255#define	SAVHASH_NHASH_LOG2	7
256#define	SAVHASH_NHASH		(1 << SAVHASH_NHASH_LOG2)
257#define	SAVHASH_HASHVAL(spi)	(key_u32hash(spi) & V_savhash_mask)
258#define	SAVHASH_HASH(spi)	&V_savhashtbl[SAVHASH_HASHVAL(spi)]
259
260static uint32_t
261key_addrprotohash(const union sockaddr_union *src,
262    const union sockaddr_union *dst, const uint8_t *proto)
263{
264	uint32_t hval;
265
266	hval = fnv_32_buf(proto, sizeof(*proto),
267	    FNV1_32_INIT);
268	switch (dst->sa.sa_family) {
269#ifdef INET
270	case AF_INET:
271		hval = fnv_32_buf(&src->sin.sin_addr,
272		    sizeof(in_addr_t), hval);
273		hval = fnv_32_buf(&dst->sin.sin_addr,
274		    sizeof(in_addr_t), hval);
275		break;
276#endif
277#ifdef INET6
278	case AF_INET6:
279		hval = fnv_32_buf(&src->sin6.sin6_addr,
280		    sizeof(struct in6_addr), hval);
281		hval = fnv_32_buf(&dst->sin6.sin6_addr,
282		    sizeof(struct in6_addr), hval);
283		break;
284#endif
285	default:
286		hval = 0;
287		ipseclog((LOG_DEBUG, "%s: unknown address family %d\n",
288		    __func__, dst->sa.sa_family));
289	}
290	return (hval);
291}
292
293static uint32_t
294key_u32hash(uint32_t val)
295{
296
297	return (fnv_32_buf(&val, sizeof(val), FNV1_32_INIT));
298}
299
300							/* registed list */
301VNET_DEFINE_STATIC(LIST_HEAD(_regtree, secreg), regtree[SADB_SATYPE_MAX + 1]);
302#define	V_regtree		VNET(regtree)
303static struct mtx regtree_lock;
304#define	REGTREE_LOCK_INIT() \
305	mtx_init(&regtree_lock, "regtree", "fast ipsec regtree", MTX_DEF)
306#define	REGTREE_LOCK_DESTROY()	mtx_destroy(&regtree_lock)
307#define	REGTREE_LOCK()		mtx_lock(&regtree_lock)
308#define	REGTREE_UNLOCK()	mtx_unlock(&regtree_lock)
309#define	REGTREE_LOCK_ASSERT()	mtx_assert(&regtree_lock, MA_OWNED)
310
311/* Acquiring list */
312LIST_HEAD(secacq_list, secacq);
313VNET_DEFINE_STATIC(struct secacq_list, acqtree);
314#define	V_acqtree		VNET(acqtree)
315static struct mtx acq_lock;
316#define	ACQ_LOCK_INIT() \
317    mtx_init(&acq_lock, "acqtree", "ipsec SA acquiring list", MTX_DEF)
318#define	ACQ_LOCK_DESTROY()	mtx_destroy(&acq_lock)
319#define	ACQ_LOCK()		mtx_lock(&acq_lock)
320#define	ACQ_UNLOCK()		mtx_unlock(&acq_lock)
321#define	ACQ_LOCK_ASSERT()	mtx_assert(&acq_lock, MA_OWNED)
322
323/* Hash table for lookup in ACQ list using SA addresses */
324VNET_DEFINE_STATIC(struct secacq_list *, acqaddrhashtbl);
325VNET_DEFINE_STATIC(u_long, acqaddrhash_mask);
326#define	V_acqaddrhashtbl	VNET(acqaddrhashtbl)
327#define	V_acqaddrhash_mask	VNET(acqaddrhash_mask)
328
329/* Hash table for lookup in ACQ list using SEQ number */
330VNET_DEFINE_STATIC(struct secacq_list *, acqseqhashtbl);
331VNET_DEFINE_STATIC(u_long, acqseqhash_mask);
332#define	V_acqseqhashtbl		VNET(acqseqhashtbl)
333#define	V_acqseqhash_mask	VNET(acqseqhash_mask)
334
335#define	ACQHASH_NHASH_LOG2	7
336#define	ACQHASH_NHASH		(1 << ACQHASH_NHASH_LOG2)
337#define	ACQADDRHASH_HASHVAL(idx)	\
338	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->proto) & \
339	    V_acqaddrhash_mask)
340#define	ACQSEQHASH_HASHVAL(seq)		\
341    (key_u32hash(seq) & V_acqseqhash_mask)
342#define	ACQADDRHASH_HASH(saidx)	\
343    &V_acqaddrhashtbl[ACQADDRHASH_HASHVAL(saidx)]
344#define	ACQSEQHASH_HASH(seq)	\
345    &V_acqseqhashtbl[ACQSEQHASH_HASHVAL(seq)]
346							/* SP acquiring list */
347VNET_DEFINE_STATIC(LIST_HEAD(_spacqtree, secspacq), spacqtree);
348#define	V_spacqtree		VNET(spacqtree)
349static struct mtx spacq_lock;
350#define	SPACQ_LOCK_INIT() \
351	mtx_init(&spacq_lock, "spacqtree", \
352		"fast ipsec security policy acquire list", MTX_DEF)
353#define	SPACQ_LOCK_DESTROY()	mtx_destroy(&spacq_lock)
354#define	SPACQ_LOCK()		mtx_lock(&spacq_lock)
355#define	SPACQ_UNLOCK()		mtx_unlock(&spacq_lock)
356#define	SPACQ_LOCK_ASSERT()	mtx_assert(&spacq_lock, MA_OWNED)
357
358static const int minsize[] = {
359	sizeof(struct sadb_msg),	/* SADB_EXT_RESERVED */
360	sizeof(struct sadb_sa),		/* SADB_EXT_SA */
361	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_CURRENT */
362	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_HARD */
363	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_SOFT */
364	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_SRC */
365	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_DST */
366	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_PROXY */
367	sizeof(struct sadb_key),	/* SADB_EXT_KEY_AUTH */
368	sizeof(struct sadb_key),	/* SADB_EXT_KEY_ENCRYPT */
369	sizeof(struct sadb_ident),	/* SADB_EXT_IDENTITY_SRC */
370	sizeof(struct sadb_ident),	/* SADB_EXT_IDENTITY_DST */
371	sizeof(struct sadb_sens),	/* SADB_EXT_SENSITIVITY */
372	sizeof(struct sadb_prop),	/* SADB_EXT_PROPOSAL */
373	sizeof(struct sadb_supported),	/* SADB_EXT_SUPPORTED_AUTH */
374	sizeof(struct sadb_supported),	/* SADB_EXT_SUPPORTED_ENCRYPT */
375	sizeof(struct sadb_spirange),	/* SADB_EXT_SPIRANGE */
376	0,				/* SADB_X_EXT_KMPRIVATE */
377	sizeof(struct sadb_x_policy),	/* SADB_X_EXT_POLICY */
378	sizeof(struct sadb_x_sa2),	/* SADB_X_SA2 */
379	sizeof(struct sadb_x_nat_t_type),/* SADB_X_EXT_NAT_T_TYPE */
380	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */
381	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */
382	sizeof(struct sadb_address),	/* SADB_X_EXT_NAT_T_OAI */
383	sizeof(struct sadb_address),	/* SADB_X_EXT_NAT_T_OAR */
384	sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
385	sizeof(struct sadb_x_sa_replay), /* SADB_X_EXT_SA_REPLAY */
386	sizeof(struct sadb_address),	/* SADB_X_EXT_NEW_ADDRESS_SRC */
387	sizeof(struct sadb_address),	/* SADB_X_EXT_NEW_ADDRESS_DST */
388};
389_Static_assert(sizeof(minsize)/sizeof(int) == SADB_EXT_MAX + 1, "minsize size mismatch");
390
391static const int maxsize[] = {
392	sizeof(struct sadb_msg),	/* SADB_EXT_RESERVED */
393	sizeof(struct sadb_sa),		/* SADB_EXT_SA */
394	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_CURRENT */
395	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_HARD */
396	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_SOFT */
397	0,				/* SADB_EXT_ADDRESS_SRC */
398	0,				/* SADB_EXT_ADDRESS_DST */
399	0,				/* SADB_EXT_ADDRESS_PROXY */
400	0,				/* SADB_EXT_KEY_AUTH */
401	0,				/* SADB_EXT_KEY_ENCRYPT */
402	0,				/* SADB_EXT_IDENTITY_SRC */
403	0,				/* SADB_EXT_IDENTITY_DST */
404	0,				/* SADB_EXT_SENSITIVITY */
405	0,				/* SADB_EXT_PROPOSAL */
406	0,				/* SADB_EXT_SUPPORTED_AUTH */
407	0,				/* SADB_EXT_SUPPORTED_ENCRYPT */
408	sizeof(struct sadb_spirange),	/* SADB_EXT_SPIRANGE */
409	0,				/* SADB_X_EXT_KMPRIVATE */
410	0,				/* SADB_X_EXT_POLICY */
411	sizeof(struct sadb_x_sa2),	/* SADB_X_SA2 */
412	sizeof(struct sadb_x_nat_t_type),/* SADB_X_EXT_NAT_T_TYPE */
413	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */
414	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */
415	0,				/* SADB_X_EXT_NAT_T_OAI */
416	0,				/* SADB_X_EXT_NAT_T_OAR */
417	sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
418	sizeof(struct sadb_x_sa_replay), /* SADB_X_EXT_SA_REPLAY */
419	0,				/* SADB_X_EXT_NEW_ADDRESS_SRC */
420	0,				/* SADB_X_EXT_NEW_ADDRESS_DST */
421};
422_Static_assert(sizeof(maxsize)/sizeof(int) == SADB_EXT_MAX + 1, "minsize size mismatch");
423
424/*
425 * Internal values for SA flags:
426 * SADB_X_EXT_F_CLONED means that SA was cloned by key_updateaddresses,
427 *	thus we will not free the most of SA content in key_delsav().
428 */
429#define	SADB_X_EXT_F_CLONED	0x80000000
430
431#define	SADB_CHECKLEN(_mhp, _ext)			\
432    ((_mhp)->extlen[(_ext)] < minsize[(_ext)] || (maxsize[(_ext)] != 0 && \
433	((_mhp)->extlen[(_ext)] > maxsize[(_ext)])))
434#define	SADB_CHECKHDR(_mhp, _ext)	((_mhp)->ext[(_ext)] == NULL)
435
436VNET_DEFINE_STATIC(int, ipsec_esp_keymin) = 256;
437VNET_DEFINE_STATIC(int, ipsec_esp_auth) = 0;
438VNET_DEFINE_STATIC(int, ipsec_ah_keymin) = 128;
439
440#define	V_ipsec_esp_keymin	VNET(ipsec_esp_keymin)
441#define	V_ipsec_esp_auth	VNET(ipsec_esp_auth)
442#define	V_ipsec_ah_keymin	VNET(ipsec_ah_keymin)
443
444#ifdef IPSEC_DEBUG
445VNET_DEFINE(int, ipsec_debug) = 1;
446#else
447VNET_DEFINE(int, ipsec_debug) = 0;
448#endif
449
450#ifdef INET
451SYSCTL_DECL(_net_inet_ipsec);
452SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEBUG, debug,
453    CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0,
454    "Enable IPsec debugging output when set.");
455#endif
456#ifdef INET6
457SYSCTL_DECL(_net_inet6_ipsec6);
458SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_DEBUG, debug,
459    CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0,
460    "Enable IPsec debugging output when set.");
461#endif
462
463SYSCTL_DECL(_net_key);
464SYSCTL_INT(_net_key, KEYCTL_DEBUG_LEVEL,	debug,
465	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_debug_level), 0, "");
466
467/* max count of trial for the decision of spi value */
468SYSCTL_INT(_net_key, KEYCTL_SPI_TRY, spi_trycnt,
469	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_trycnt), 0, "");
470
471/* minimum spi value to allocate automatically. */
472SYSCTL_INT(_net_key, KEYCTL_SPI_MIN_VALUE, spi_minval,
473	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_minval), 0, "");
474
475/* maximun spi value to allocate automatically. */
476SYSCTL_INT(_net_key, KEYCTL_SPI_MAX_VALUE, spi_maxval,
477	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_maxval), 0, "");
478
479/* interval to initialize randseed */
480SYSCTL_INT(_net_key, KEYCTL_RANDOM_INT, int_random,
481	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_int_random), 0, "");
482
483/* lifetime for larval SA */
484SYSCTL_INT(_net_key, KEYCTL_LARVAL_LIFETIME, larval_lifetime,
485	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_larval_lifetime), 0, "");
486
487/* counter for blocking to send SADB_ACQUIRE to IKEd */
488SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_COUNT, blockacq_count,
489	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_count), 0, "");
490
491/* lifetime for blocking to send SADB_ACQUIRE to IKEd */
492SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_LIFETIME, blockacq_lifetime,
493	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_lifetime), 0, "");
494
495/* ESP auth */
496SYSCTL_INT(_net_key, KEYCTL_ESP_AUTH, esp_auth,
497	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_auth), 0, "");
498
499/* minimum ESP key length */
500SYSCTL_INT(_net_key, KEYCTL_ESP_KEYMIN, esp_keymin,
501	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_keymin), 0, "");
502
503/* minimum AH key length */
504SYSCTL_INT(_net_key, KEYCTL_AH_KEYMIN, ah_keymin,
505	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_ah_keymin), 0, "");
506
507/* perfered old SA rather than new SA */
508SYSCTL_INT(_net_key, KEYCTL_PREFERED_OLDSA, preferred_oldsa,
509	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_preferred_oldsa), 0, "");
510
511static SYSCTL_NODE(_net_key, OID_AUTO, spdcache,
512    CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
513    "SPD cache");
514
515SYSCTL_UINT(_net_key_spdcache, OID_AUTO, maxentries,
516	CTLFLAG_VNET | CTLFLAG_RDTUN, &VNET_NAME(key_spdcache_maxentries), 0,
517	"Maximum number of entries in the SPD cache"
518	" (power of 2, 0 to disable)");
519
520SYSCTL_UINT(_net_key_spdcache, OID_AUTO, threshold,
521	CTLFLAG_VNET | CTLFLAG_RDTUN, &VNET_NAME(key_spdcache_threshold), 0,
522	"Number of SPs that make the SPD cache active");
523
524#define __LIST_CHAINED(elm) \
525	(!((elm)->chain.le_next == NULL && (elm)->chain.le_prev == NULL))
526
527MALLOC_DEFINE(M_IPSEC_SA, "secasvar", "ipsec security association");
528MALLOC_DEFINE(M_IPSEC_SAH, "sahead", "ipsec sa head");
529MALLOC_DEFINE(M_IPSEC_SP, "ipsecpolicy", "ipsec security policy");
530MALLOC_DEFINE(M_IPSEC_SR, "ipsecrequest", "ipsec security request");
531MALLOC_DEFINE(M_IPSEC_MISC, "ipsec-misc", "ipsec miscellaneous");
532MALLOC_DEFINE(M_IPSEC_SAQ, "ipsec-saq", "ipsec sa acquire");
533MALLOC_DEFINE(M_IPSEC_SAR, "ipsec-reg", "ipsec sa acquire");
534MALLOC_DEFINE(M_IPSEC_SPDCACHE, "ipsec-spdcache", "ipsec SPD cache");
535
536VNET_DEFINE_STATIC(uma_zone_t, key_lft_zone);
537#define	V_key_lft_zone		VNET(key_lft_zone)
538
539/*
540 * set parameters into secpolicyindex buffer.
541 * Must allocate secpolicyindex buffer passed to this function.
542 */
543#define KEY_SETSECSPIDX(_dir, s, d, ps, pd, ulp, idx) \
544do { \
545	bzero((idx), sizeof(struct secpolicyindex));                         \
546	(idx)->dir = (_dir);                                                 \
547	(idx)->prefs = (ps);                                                 \
548	(idx)->prefd = (pd);                                                 \
549	(idx)->ul_proto = (ulp);                                             \
550	bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len);     \
551	bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len);     \
552} while (0)
553
554/*
555 * set parameters into secasindex buffer.
556 * Must allocate secasindex buffer before calling this function.
557 */
558#define KEY_SETSECASIDX(p, m, r, s, d, idx) \
559do { \
560	bzero((idx), sizeof(struct secasindex));                             \
561	(idx)->proto = (p);                                                  \
562	(idx)->mode = (m);                                                   \
563	(idx)->reqid = (r);                                                  \
564	bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len);     \
565	bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len);     \
566	key_porttosaddr(&(idx)->src.sa, 0);				     \
567	key_porttosaddr(&(idx)->dst.sa, 0);				     \
568} while (0)
569
570/* key statistics */
571struct _keystat {
572	u_long getspi_count; /* the avarage of count to try to get new SPI */
573} keystat;
574
575struct sadb_msghdr {
576	struct sadb_msg *msg;
577	struct sadb_ext *ext[SADB_EXT_MAX + 1];
578	int extoff[SADB_EXT_MAX + 1];
579	int extlen[SADB_EXT_MAX + 1];
580};
581
582static struct supported_ealgs {
583	int sadb_alg;
584	const struct enc_xform *xform;
585} supported_ealgs[] = {
586	{ SADB_X_EALG_AES,		&enc_xform_rijndael128 },
587	{ SADB_EALG_NULL,		&enc_xform_null },
588	{ SADB_X_EALG_AESCTR,		&enc_xform_aes_icm },
589	{ SADB_X_EALG_AESGCM16,		&enc_xform_aes_nist_gcm },
590	{ SADB_X_EALG_AESGMAC,		&enc_xform_aes_nist_gmac },
591};
592
593static struct supported_aalgs {
594	int sadb_alg;
595	const struct auth_hash *xform;
596} supported_aalgs[] = {
597	{ SADB_X_AALG_NULL,		&auth_hash_null },
598	{ SADB_AALG_SHA1HMAC,		&auth_hash_hmac_sha1 },
599	{ SADB_X_AALG_SHA2_256,		&auth_hash_hmac_sha2_256 },
600	{ SADB_X_AALG_SHA2_384,		&auth_hash_hmac_sha2_384 },
601	{ SADB_X_AALG_SHA2_512,		&auth_hash_hmac_sha2_512 },
602	{ SADB_X_AALG_AES128GMAC,	&auth_hash_nist_gmac_aes_128 },
603	{ SADB_X_AALG_AES192GMAC,	&auth_hash_nist_gmac_aes_192 },
604	{ SADB_X_AALG_AES256GMAC,	&auth_hash_nist_gmac_aes_256 },
605};
606
607static struct supported_calgs {
608	int sadb_alg;
609	const struct comp_algo *xform;
610} supported_calgs[] = {
611	{ SADB_X_CALG_DEFLATE,		&comp_algo_deflate },
612};
613
614#ifndef IPSEC_DEBUG2
615static struct callout key_timer;
616#endif
617
618static void key_unlink(struct secpolicy *);
619static struct secpolicy *key_do_allocsp(struct secpolicyindex *spidx, u_int dir);
620static struct secpolicy *key_getsp(struct secpolicyindex *);
621static struct secpolicy *key_getspbyid(u_int32_t);
622static struct mbuf *key_gather_mbuf(struct mbuf *,
623	const struct sadb_msghdr *, int, int, ...);
624static int key_spdadd(struct socket *, struct mbuf *,
625	const struct sadb_msghdr *);
626static uint32_t key_getnewspid(void);
627static int key_spddelete(struct socket *, struct mbuf *,
628	const struct sadb_msghdr *);
629static int key_spddelete2(struct socket *, struct mbuf *,
630	const struct sadb_msghdr *);
631static int key_spdget(struct socket *, struct mbuf *,
632	const struct sadb_msghdr *);
633static int key_spdflush(struct socket *, struct mbuf *,
634	const struct sadb_msghdr *);
635static int key_spddump(struct socket *, struct mbuf *,
636	const struct sadb_msghdr *);
637static struct mbuf *key_setdumpsp(struct secpolicy *,
638	u_int8_t, u_int32_t, u_int32_t);
639static struct mbuf *key_sp2mbuf(struct secpolicy *);
640static size_t key_getspreqmsglen(struct secpolicy *);
641static int key_spdexpire(struct secpolicy *);
642static struct secashead *key_newsah(struct secasindex *);
643static void key_freesah(struct secashead **);
644static void key_delsah(struct secashead *);
645static struct secasvar *key_newsav(const struct sadb_msghdr *,
646    struct secasindex *, uint32_t, int *);
647static void key_delsav(struct secasvar *);
648static void key_unlinksav(struct secasvar *);
649static struct secashead *key_getsah(struct secasindex *);
650static int key_checkspidup(uint32_t);
651static struct secasvar *key_getsavbyspi(uint32_t);
652static int key_setnatt(struct secasvar *, const struct sadb_msghdr *);
653static int key_setsaval(struct secasvar *, const struct sadb_msghdr *);
654static int key_updatelifetimes(struct secasvar *, const struct sadb_msghdr *);
655static int key_updateaddresses(struct socket *, struct mbuf *,
656    const struct sadb_msghdr *, struct secasvar *, struct secasindex *);
657
658static struct mbuf *key_setdumpsa(struct secasvar *, u_int8_t,
659	u_int8_t, u_int32_t, u_int32_t);
660static struct mbuf *key_setsadbmsg(u_int8_t, u_int16_t, u_int8_t,
661	u_int32_t, pid_t, u_int16_t);
662static struct mbuf *key_setsadbsa(struct secasvar *);
663static struct mbuf *key_setsadbaddr(u_int16_t,
664	const struct sockaddr *, u_int8_t, u_int16_t);
665static struct mbuf *key_setsadbxport(u_int16_t, u_int16_t);
666static struct mbuf *key_setsadbxtype(u_int16_t);
667static struct mbuf *key_setsadbxsa2(u_int8_t, u_int32_t, u_int32_t);
668static struct mbuf *key_setsadbxsareplay(u_int32_t);
669static struct mbuf *key_setsadbxpolicy(u_int16_t, u_int8_t,
670	u_int32_t, u_int32_t);
671static struct seckey *key_dup_keymsg(const struct sadb_key *, size_t,
672    struct malloc_type *);
673static struct seclifetime *key_dup_lifemsg(const struct sadb_lifetime *src,
674    struct malloc_type *);
675
676/* flags for key_cmpsaidx() */
677#define CMP_HEAD	1	/* protocol, addresses. */
678#define CMP_MODE_REQID	2	/* additionally HEAD, reqid, mode. */
679#define CMP_REQID	3	/* additionally HEAD, reaid. */
680#define CMP_EXACTLY	4	/* all elements. */
681static int key_cmpsaidx(const struct secasindex *,
682    const struct secasindex *, int);
683static int key_cmpspidx_exactly(struct secpolicyindex *,
684    struct secpolicyindex *);
685static int key_cmpspidx_withmask(struct secpolicyindex *,
686    struct secpolicyindex *);
687static int key_bbcmp(const void *, const void *, u_int);
688static uint8_t key_satype2proto(uint8_t);
689static uint8_t key_proto2satype(uint8_t);
690
691static int key_getspi(struct socket *, struct mbuf *,
692	const struct sadb_msghdr *);
693static uint32_t key_do_getnewspi(struct sadb_spirange *, struct secasindex *);
694static int key_update(struct socket *, struct mbuf *,
695	const struct sadb_msghdr *);
696static int key_add(struct socket *, struct mbuf *,
697	const struct sadb_msghdr *);
698static int key_setident(struct secashead *, const struct sadb_msghdr *);
699static struct mbuf *key_getmsgbuf_x1(struct mbuf *,
700	const struct sadb_msghdr *);
701static int key_delete(struct socket *, struct mbuf *,
702	const struct sadb_msghdr *);
703static int key_delete_all(struct socket *, struct mbuf *,
704	const struct sadb_msghdr *, struct secasindex *);
705static int key_get(struct socket *, struct mbuf *,
706	const struct sadb_msghdr *);
707
708static void key_getcomb_setlifetime(struct sadb_comb *);
709static struct mbuf *key_getcomb_ealg(void);
710static struct mbuf *key_getcomb_ah(void);
711static struct mbuf *key_getcomb_ipcomp(void);
712static struct mbuf *key_getprop(const struct secasindex *);
713
714static int key_acquire(const struct secasindex *, struct secpolicy *);
715static uint32_t key_newacq(const struct secasindex *, int *);
716static uint32_t key_getacq(const struct secasindex *, int *);
717static int key_acqdone(const struct secasindex *, uint32_t);
718static int key_acqreset(uint32_t);
719static struct secspacq *key_newspacq(struct secpolicyindex *);
720static struct secspacq *key_getspacq(struct secpolicyindex *);
721static int key_acquire2(struct socket *, struct mbuf *,
722	const struct sadb_msghdr *);
723static int key_register(struct socket *, struct mbuf *,
724	const struct sadb_msghdr *);
725static int key_expire(struct secasvar *, int);
726static int key_flush(struct socket *, struct mbuf *,
727	const struct sadb_msghdr *);
728static int key_dump(struct socket *, struct mbuf *,
729	const struct sadb_msghdr *);
730static int key_promisc(struct socket *, struct mbuf *,
731	const struct sadb_msghdr *);
732static int key_senderror(struct socket *, struct mbuf *, int);
733static int key_validate_ext(const struct sadb_ext *, int);
734static int key_align(struct mbuf *, struct sadb_msghdr *);
735static struct mbuf *key_setlifetime(struct seclifetime *, uint16_t);
736static struct mbuf *key_setkey(struct seckey *, uint16_t);
737
738static void spdcache_init(void);
739static void spdcache_clear(void);
740static struct spdcache_entry *spdcache_entry_alloc(
741	const struct secpolicyindex *spidx,
742	struct secpolicy *policy);
743static void spdcache_entry_free(struct spdcache_entry *entry);
744#ifdef VIMAGE
745static void spdcache_destroy(void);
746#endif
747
748#define	DBG_IPSEC_INITREF(t, p)	do {				\
749	refcount_init(&(p)->refcnt, 1);				\
750	KEYDBG(KEY_STAMP,					\
751	    printf("%s: Initialize refcnt %s(%p) = %u\n",	\
752	    __func__, #t, (p), (p)->refcnt));			\
753} while (0)
754#define	DBG_IPSEC_ADDREF(t, p)	do {				\
755	refcount_acquire(&(p)->refcnt);				\
756	KEYDBG(KEY_STAMP,					\
757	    printf("%s: Acquire refcnt %s(%p) -> %u\n",		\
758	    __func__, #t, (p), (p)->refcnt));			\
759} while (0)
760#define	DBG_IPSEC_DELREF(t, p)	do {				\
761	KEYDBG(KEY_STAMP,					\
762	    printf("%s: Release refcnt %s(%p) -> %u\n",		\
763	    __func__, #t, (p), (p)->refcnt - 1));		\
764	refcount_release(&(p)->refcnt);				\
765} while (0)
766
767#define	IPSEC_INITREF(t, p)	refcount_init(&(p)->refcnt, 1)
768#define	IPSEC_ADDREF(t, p)	refcount_acquire(&(p)->refcnt)
769#define	IPSEC_DELREF(t, p)	refcount_release(&(p)->refcnt)
770
771#define	SP_INITREF(p)	IPSEC_INITREF(SP, p)
772#define	SP_ADDREF(p)	IPSEC_ADDREF(SP, p)
773#define	SP_DELREF(p)	IPSEC_DELREF(SP, p)
774
775#define	SAH_INITREF(p)	IPSEC_INITREF(SAH, p)
776#define	SAH_ADDREF(p)	IPSEC_ADDREF(SAH, p)
777#define	SAH_DELREF(p)	IPSEC_DELREF(SAH, p)
778
779#define	SAV_INITREF(p)	IPSEC_INITREF(SAV, p)
780#define	SAV_ADDREF(p)	IPSEC_ADDREF(SAV, p)
781#define	SAV_DELREF(p)	IPSEC_DELREF(SAV, p)
782
783/*
784 * Update the refcnt while holding the SPTREE lock.
785 */
786void
787key_addref(struct secpolicy *sp)
788{
789
790	SP_ADDREF(sp);
791}
792
793/*
794 * Return 0 when there are known to be no SP's for the specified
795 * direction.  Otherwise return 1.  This is used by IPsec code
796 * to optimize performance.
797 */
798int
799key_havesp(u_int dir)
800{
801
802	return (dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND ?
803		TAILQ_FIRST(&V_sptree[dir]) != NULL : 1);
804}
805
806/* %%% IPsec policy management */
807/*
808 * Return current SPDB generation.
809 */
810uint32_t
811key_getspgen(void)
812{
813
814	return (V_sp_genid);
815}
816
817void
818key_bumpspgen(void)
819{
820
821	V_sp_genid++;
822}
823
824static int
825key_checksockaddrs(struct sockaddr *src, struct sockaddr *dst)
826{
827
828	/* family match */
829	if (src->sa_family != dst->sa_family)
830		return (EINVAL);
831	/* sa_len match */
832	if (src->sa_len != dst->sa_len)
833		return (EINVAL);
834	switch (src->sa_family) {
835#ifdef INET
836	case AF_INET:
837		if (src->sa_len != sizeof(struct sockaddr_in))
838			return (EINVAL);
839		break;
840#endif
841#ifdef INET6
842	case AF_INET6:
843		if (src->sa_len != sizeof(struct sockaddr_in6))
844			return (EINVAL);
845		break;
846#endif
847	default:
848		return (EAFNOSUPPORT);
849	}
850	return (0);
851}
852
853struct secpolicy *
854key_do_allocsp(struct secpolicyindex *spidx, u_int dir)
855{
856	SPTREE_RLOCK_TRACKER;
857	struct secpolicy *sp;
858
859	IPSEC_ASSERT(spidx != NULL, ("null spidx"));
860	IPSEC_ASSERT(dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND,
861		("invalid direction %u", dir));
862
863	SPTREE_RLOCK();
864	TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
865		if (key_cmpspidx_withmask(&sp->spidx, spidx)) {
866			SP_ADDREF(sp);
867			break;
868		}
869	}
870	SPTREE_RUNLOCK();
871	return (sp);
872}
873
874
875/*
876 * allocating a SP for OUTBOUND or INBOUND packet.
877 * Must call key_freesp() later.
878 * OUT:	NULL:	not found
879 *	others:	found and return the pointer.
880 */
881struct secpolicy *
882key_allocsp(struct secpolicyindex *spidx, u_int dir)
883{
884	struct spdcache_entry *entry, *lastentry, *tmpentry;
885	struct secpolicy *sp;
886	uint32_t hashv;
887	int nb_entries;
888
889	if (!SPDCACHE_ACTIVE()) {
890		sp = key_do_allocsp(spidx, dir);
891		goto out;
892	}
893
894	hashv = SPDCACHE_HASHVAL(spidx);
895	SPDCACHE_LOCK(hashv);
896	nb_entries = 0;
897	LIST_FOREACH_SAFE(entry, &V_spdcachehashtbl[hashv], chain, tmpentry) {
898		/* Removed outdated entries */
899		if (entry->sp != NULL &&
900		    entry->sp->state == IPSEC_SPSTATE_DEAD) {
901			LIST_REMOVE(entry, chain);
902			spdcache_entry_free(entry);
903			continue;
904		}
905
906		nb_entries++;
907		if (!key_cmpspidx_exactly(&entry->spidx, spidx)) {
908			lastentry = entry;
909			continue;
910		}
911
912		sp = entry->sp;
913		if (entry->sp != NULL)
914			SP_ADDREF(sp);
915
916		/* IPSECSTAT_INC(ips_spdcache_hits); */
917
918		SPDCACHE_UNLOCK(hashv);
919		goto out;
920	}
921
922	/* IPSECSTAT_INC(ips_spdcache_misses); */
923
924	sp = key_do_allocsp(spidx, dir);
925	entry = spdcache_entry_alloc(spidx, sp);
926	if (entry != NULL) {
927		if (nb_entries >= SPDCACHE_MAX_ENTRIES_PER_HASH) {
928			LIST_REMOVE(lastentry, chain);
929			spdcache_entry_free(lastentry);
930		}
931
932		LIST_INSERT_HEAD(&V_spdcachehashtbl[hashv], entry, chain);
933	}
934
935	SPDCACHE_UNLOCK(hashv);
936
937out:
938	if (sp != NULL) {	/* found a SPD entry */
939		sp->lastused = time_second;
940		KEYDBG(IPSEC_STAMP,
941		    printf("%s: return SP(%p)\n", __func__, sp));
942		KEYDBG(IPSEC_DATA, kdebug_secpolicy(sp));
943	} else {
944		KEYDBG(IPSEC_DATA,
945		    printf("%s: lookup failed for ", __func__);
946		    kdebug_secpolicyindex(spidx, NULL));
947	}
948	return (sp);
949}
950
951/*
952 * Allocating an SA entry for an *INBOUND* or *OUTBOUND* TCP packet, signed
953 * or should be signed by MD5 signature.
954 * We don't use key_allocsa() for such lookups, because we don't know SPI.
955 * Unlike ESP and AH protocols, SPI isn't transmitted in the TCP header with
956 * signed packet. We use SADB only as storage for password.
957 * OUT:	positive:	corresponding SA for given saidx found.
958 *	NULL:		SA not found
959 */
960struct secasvar *
961key_allocsa_tcpmd5(struct secasindex *saidx)
962{
963	SAHTREE_RLOCK_TRACKER;
964	struct secashead *sah;
965	struct secasvar *sav;
966
967	IPSEC_ASSERT(saidx->proto == IPPROTO_TCP,
968	    ("unexpected security protocol %u", saidx->proto));
969	IPSEC_ASSERT(saidx->mode == IPSEC_MODE_TCPMD5,
970	    ("unexpected mode %u", saidx->mode));
971
972	SAHTREE_RLOCK();
973	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
974		KEYDBG(IPSEC_DUMP,
975		    printf("%s: checking SAH\n", __func__);
976		    kdebug_secash(sah, "  "));
977		if (sah->saidx.proto != IPPROTO_TCP)
978			continue;
979		if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
980		    !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
981			break;
982	}
983	if (sah != NULL) {
984		if (V_key_preferred_oldsa)
985			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
986		else
987			sav = TAILQ_FIRST(&sah->savtree_alive);
988		if (sav != NULL)
989			SAV_ADDREF(sav);
990	} else
991		sav = NULL;
992	SAHTREE_RUNLOCK();
993
994	if (sav != NULL) {
995		KEYDBG(IPSEC_STAMP,
996		    printf("%s: return SA(%p)\n", __func__, sav));
997		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
998	} else {
999		KEYDBG(IPSEC_STAMP,
1000		    printf("%s: SA not found\n", __func__));
1001		KEYDBG(IPSEC_DATA, kdebug_secasindex(saidx, NULL));
1002	}
1003	return (sav);
1004}
1005
1006/*
1007 * Allocating an SA entry for an *OUTBOUND* packet.
1008 * OUT:	positive:	corresponding SA for given saidx found.
1009 *	NULL:		SA not found, but will be acquired, check *error
1010 *			for acquiring status.
1011 */
1012struct secasvar *
1013key_allocsa_policy(struct secpolicy *sp, const struct secasindex *saidx,
1014    int *error)
1015{
1016	SAHTREE_RLOCK_TRACKER;
1017	struct secashead *sah;
1018	struct secasvar *sav;
1019
1020	IPSEC_ASSERT(saidx != NULL, ("null saidx"));
1021	IPSEC_ASSERT(saidx->mode == IPSEC_MODE_TRANSPORT ||
1022		saidx->mode == IPSEC_MODE_TUNNEL,
1023		("unexpected policy %u", saidx->mode));
1024
1025	/*
1026	 * We check new SA in the IPsec request because a different
1027	 * SA may be involved each time this request is checked, either
1028	 * because new SAs are being configured, or this request is
1029	 * associated with an unconnected datagram socket, or this request
1030	 * is associated with a system default policy.
1031	 */
1032	SAHTREE_RLOCK();
1033	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
1034		KEYDBG(IPSEC_DUMP,
1035		    printf("%s: checking SAH\n", __func__);
1036		    kdebug_secash(sah, "  "));
1037		if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID))
1038			break;
1039
1040	}
1041	if (sah != NULL) {
1042		/*
1043		 * Allocate the oldest SA available according to
1044		 * draft-jenkins-ipsec-rekeying-03.
1045		 */
1046		if (V_key_preferred_oldsa)
1047			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1048		else
1049			sav = TAILQ_FIRST(&sah->savtree_alive);
1050		if (sav != NULL)
1051			SAV_ADDREF(sav);
1052	} else
1053		sav = NULL;
1054	SAHTREE_RUNLOCK();
1055
1056	if (sav != NULL) {
1057		*error = 0;
1058		KEYDBG(IPSEC_STAMP,
1059		    printf("%s: chosen SA(%p) for SP(%p)\n", __func__,
1060			sav, sp));
1061		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1062		return (sav); /* return referenced SA */
1063	}
1064
1065	/* there is no SA */
1066	*error = key_acquire(saidx, sp);
1067	if ((*error) != 0)
1068		ipseclog((LOG_DEBUG,
1069		    "%s: error %d returned from key_acquire()\n",
1070			__func__, *error));
1071	KEYDBG(IPSEC_STAMP,
1072	    printf("%s: acquire SA for SP(%p), error %d\n",
1073		__func__, sp, *error));
1074	KEYDBG(IPSEC_DATA, kdebug_secasindex(saidx, NULL));
1075	return (NULL);
1076}
1077
1078/*
1079 * allocating a usable SA entry for a *INBOUND* packet.
1080 * Must call key_freesav() later.
1081 * OUT: positive:	pointer to a usable sav (i.e. MATURE or DYING state).
1082 *	NULL:		not found, or error occurred.
1083 *
1084 * According to RFC 2401 SA is uniquely identified by a triple SPI,
1085 * destination address, and security protocol. But according to RFC 4301,
1086 * SPI by itself suffices to specify an SA.
1087 *
1088 * Note that, however, we do need to keep source address in IPsec SA.
1089 * IKE specification and PF_KEY specification do assume that we
1090 * keep source address in IPsec SA.  We see a tricky situation here.
1091 */
1092struct secasvar *
1093key_allocsa(union sockaddr_union *dst, uint8_t proto, uint32_t spi)
1094{
1095	SAHTREE_RLOCK_TRACKER;
1096	struct secasvar *sav;
1097
1098	IPSEC_ASSERT(proto == IPPROTO_ESP || proto == IPPROTO_AH ||
1099	    proto == IPPROTO_IPCOMP, ("unexpected security protocol %u",
1100	    proto));
1101
1102	SAHTREE_RLOCK();
1103	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
1104		if (sav->spi == spi)
1105			break;
1106	}
1107	/*
1108	 * We use single SPI namespace for all protocols, so it is
1109	 * impossible to have SPI duplicates in the SAVHASH.
1110	 */
1111	if (sav != NULL) {
1112		if (sav->state != SADB_SASTATE_LARVAL &&
1113		    sav->sah->saidx.proto == proto &&
1114		    key_sockaddrcmp(&dst->sa,
1115			&sav->sah->saidx.dst.sa, 0) == 0)
1116			SAV_ADDREF(sav);
1117		else
1118			sav = NULL;
1119	}
1120	SAHTREE_RUNLOCK();
1121
1122	if (sav == NULL) {
1123		KEYDBG(IPSEC_STAMP,
1124		    char buf[IPSEC_ADDRSTRLEN];
1125		    printf("%s: SA not found for spi %u proto %u dst %s\n",
1126			__func__, ntohl(spi), proto, ipsec_address(dst, buf,
1127			sizeof(buf))));
1128	} else {
1129		KEYDBG(IPSEC_STAMP,
1130		    printf("%s: return SA(%p)\n", __func__, sav));
1131		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1132	}
1133	return (sav);
1134}
1135
1136struct secasvar *
1137key_allocsa_tunnel(union sockaddr_union *src, union sockaddr_union *dst,
1138    uint8_t proto)
1139{
1140	SAHTREE_RLOCK_TRACKER;
1141	struct secasindex saidx;
1142	struct secashead *sah;
1143	struct secasvar *sav;
1144
1145	IPSEC_ASSERT(src != NULL, ("null src address"));
1146	IPSEC_ASSERT(dst != NULL, ("null dst address"));
1147
1148	KEY_SETSECASIDX(proto, IPSEC_MODE_TUNNEL, 0, &src->sa,
1149	    &dst->sa, &saidx);
1150
1151	sav = NULL;
1152	SAHTREE_RLOCK();
1153	LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
1154		if (IPSEC_MODE_TUNNEL != sah->saidx.mode)
1155			continue;
1156		if (proto != sah->saidx.proto)
1157			continue;
1158		if (key_sockaddrcmp(&src->sa, &sah->saidx.src.sa, 0) != 0)
1159			continue;
1160		if (key_sockaddrcmp(&dst->sa, &sah->saidx.dst.sa, 0) != 0)
1161			continue;
1162		/* XXXAE: is key_preferred_oldsa reasonably?*/
1163		if (V_key_preferred_oldsa)
1164			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1165		else
1166			sav = TAILQ_FIRST(&sah->savtree_alive);
1167		if (sav != NULL) {
1168			SAV_ADDREF(sav);
1169			break;
1170		}
1171	}
1172	SAHTREE_RUNLOCK();
1173	KEYDBG(IPSEC_STAMP,
1174	    printf("%s: return SA(%p)\n", __func__, sav));
1175	if (sav != NULL)
1176		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1177	return (sav);
1178}
1179
1180/*
1181 * Must be called after calling key_allocsp().
1182 */
1183void
1184key_freesp(struct secpolicy **spp)
1185{
1186	struct secpolicy *sp = *spp;
1187
1188	IPSEC_ASSERT(sp != NULL, ("null sp"));
1189	if (SP_DELREF(sp) == 0)
1190		return;
1191
1192	KEYDBG(IPSEC_STAMP,
1193	    printf("%s: last reference to SP(%p)\n", __func__, sp));
1194	KEYDBG(IPSEC_DATA, kdebug_secpolicy(sp));
1195
1196	*spp = NULL;
1197	while (sp->tcount > 0)
1198		ipsec_delisr(sp->req[--sp->tcount]);
1199	free(sp, M_IPSEC_SP);
1200}
1201
1202static void
1203key_unlink(struct secpolicy *sp)
1204{
1205
1206	IPSEC_ASSERT(sp->spidx.dir == IPSEC_DIR_INBOUND ||
1207	    sp->spidx.dir == IPSEC_DIR_OUTBOUND,
1208	    ("invalid direction %u", sp->spidx.dir));
1209	SPTREE_UNLOCK_ASSERT();
1210
1211	KEYDBG(KEY_STAMP,
1212	    printf("%s: SP(%p)\n", __func__, sp));
1213	SPTREE_WLOCK();
1214	if (sp->state != IPSEC_SPSTATE_ALIVE) {
1215		/* SP is already unlinked */
1216		SPTREE_WUNLOCK();
1217		return;
1218	}
1219	sp->state = IPSEC_SPSTATE_DEAD;
1220	TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain);
1221	V_spd_size--;
1222	LIST_REMOVE(sp, idhash);
1223	V_sp_genid++;
1224	SPTREE_WUNLOCK();
1225	if (SPDCACHE_ENABLED())
1226		spdcache_clear();
1227	key_freesp(&sp);
1228}
1229
1230/*
1231 * insert a secpolicy into the SP database. Lower priorities first
1232 */
1233static void
1234key_insertsp(struct secpolicy *newsp)
1235{
1236	struct secpolicy *sp;
1237
1238	SPTREE_WLOCK_ASSERT();
1239	TAILQ_FOREACH(sp, &V_sptree[newsp->spidx.dir], chain) {
1240		if (newsp->priority < sp->priority) {
1241			TAILQ_INSERT_BEFORE(sp, newsp, chain);
1242			goto done;
1243		}
1244	}
1245	TAILQ_INSERT_TAIL(&V_sptree[newsp->spidx.dir], newsp, chain);
1246done:
1247	LIST_INSERT_HEAD(SPHASH_HASH(newsp->id), newsp, idhash);
1248	newsp->state = IPSEC_SPSTATE_ALIVE;
1249	V_spd_size++;
1250	V_sp_genid++;
1251}
1252
1253/*
1254 * Insert a bunch of VTI secpolicies into the SPDB.
1255 * We keep VTI policies in the separate list due to following reasons:
1256 * 1) they should be immutable to user's or some deamon's attempts to
1257 *    delete. The only way delete such policies - destroy or unconfigure
1258 *    corresponding virtual inteface.
1259 * 2) such policies have traffic selector that matches all traffic per
1260 *    address family.
1261 * Since all VTI policies have the same priority, we don't care about
1262 * policies order.
1263 */
1264int
1265key_register_ifnet(struct secpolicy **spp, u_int count)
1266{
1267	struct mbuf *m;
1268	u_int i;
1269
1270	SPTREE_WLOCK();
1271	/*
1272	 * First of try to acquire id for each SP.
1273	 */
1274	for (i = 0; i < count; i++) {
1275		IPSEC_ASSERT(spp[i]->spidx.dir == IPSEC_DIR_INBOUND ||
1276		    spp[i]->spidx.dir == IPSEC_DIR_OUTBOUND,
1277		    ("invalid direction %u", spp[i]->spidx.dir));
1278
1279		if ((spp[i]->id = key_getnewspid()) == 0) {
1280			SPTREE_WUNLOCK();
1281			return (EAGAIN);
1282		}
1283	}
1284	for (i = 0; i < count; i++) {
1285		TAILQ_INSERT_TAIL(&V_sptree_ifnet[spp[i]->spidx.dir],
1286		    spp[i], chain);
1287		/*
1288		 * NOTE: despite the fact that we keep VTI SP in the
1289		 * separate list, SPHASH contains policies from both
1290		 * sources. Thus SADB_X_SPDGET will correctly return
1291		 * SP by id, because it uses SPHASH for lookups.
1292		 */
1293		LIST_INSERT_HEAD(SPHASH_HASH(spp[i]->id), spp[i], idhash);
1294		spp[i]->state = IPSEC_SPSTATE_IFNET;
1295	}
1296	SPTREE_WUNLOCK();
1297	/*
1298	 * Notify user processes about new SP.
1299	 */
1300	for (i = 0; i < count; i++) {
1301		m = key_setdumpsp(spp[i], SADB_X_SPDADD, 0, 0);
1302		if (m != NULL)
1303			key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL);
1304	}
1305	return (0);
1306}
1307
1308void
1309key_unregister_ifnet(struct secpolicy **spp, u_int count)
1310{
1311	struct mbuf *m;
1312	u_int i;
1313
1314	SPTREE_WLOCK();
1315	for (i = 0; i < count; i++) {
1316		IPSEC_ASSERT(spp[i]->spidx.dir == IPSEC_DIR_INBOUND ||
1317		    spp[i]->spidx.dir == IPSEC_DIR_OUTBOUND,
1318		    ("invalid direction %u", spp[i]->spidx.dir));
1319
1320		if (spp[i]->state != IPSEC_SPSTATE_IFNET)
1321			continue;
1322		spp[i]->state = IPSEC_SPSTATE_DEAD;
1323		TAILQ_REMOVE(&V_sptree_ifnet[spp[i]->spidx.dir],
1324		    spp[i], chain);
1325		V_spd_size--;
1326		LIST_REMOVE(spp[i], idhash);
1327	}
1328	SPTREE_WUNLOCK();
1329	if (SPDCACHE_ENABLED())
1330		spdcache_clear();
1331
1332	for (i = 0; i < count; i++) {
1333		m = key_setdumpsp(spp[i], SADB_X_SPDDELETE, 0, 0);
1334		if (m != NULL)
1335			key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL);
1336	}
1337}
1338
1339/*
1340 * Must be called after calling key_allocsa().
1341 * This function is called by key_freesp() to free some SA allocated
1342 * for a policy.
1343 */
1344void
1345key_freesav(struct secasvar **psav)
1346{
1347	struct secasvar *sav = *psav;
1348
1349	IPSEC_ASSERT(sav != NULL, ("null sav"));
1350	if (SAV_DELREF(sav) == 0)
1351		return;
1352
1353	KEYDBG(IPSEC_STAMP,
1354	    printf("%s: last reference to SA(%p)\n", __func__, sav));
1355
1356	*psav = NULL;
1357	key_delsav(sav);
1358}
1359
1360/*
1361 * Unlink SA from SAH and SPI hash under SAHTREE_WLOCK.
1362 * Expect that SA has extra reference due to lookup.
1363 * Release this references, also release SAH reference after unlink.
1364 */
1365static void
1366key_unlinksav(struct secasvar *sav)
1367{
1368	struct secashead *sah;
1369
1370	KEYDBG(KEY_STAMP,
1371	    printf("%s: SA(%p)\n", __func__, sav));
1372
1373	SAHTREE_UNLOCK_ASSERT();
1374	SAHTREE_WLOCK();
1375	if (sav->state == SADB_SASTATE_DEAD) {
1376		/* SA is already unlinked */
1377		SAHTREE_WUNLOCK();
1378		return;
1379	}
1380	/* Unlink from SAH */
1381	if (sav->state == SADB_SASTATE_LARVAL)
1382		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
1383	else
1384		TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
1385	/* Unlink from SPI hash */
1386	LIST_REMOVE(sav, spihash);
1387	sav->state = SADB_SASTATE_DEAD;
1388	sah = sav->sah;
1389	SAHTREE_WUNLOCK();
1390	key_freesav(&sav);
1391	/* Since we are unlinked, release reference to SAH */
1392	key_freesah(&sah);
1393}
1394
1395/* %%% SPD management */
1396/*
1397 * search SPD
1398 * OUT:	NULL	: not found
1399 *	others	: found, pointer to a SP.
1400 */
1401static struct secpolicy *
1402key_getsp(struct secpolicyindex *spidx)
1403{
1404	SPTREE_RLOCK_TRACKER;
1405	struct secpolicy *sp;
1406
1407	IPSEC_ASSERT(spidx != NULL, ("null spidx"));
1408
1409	SPTREE_RLOCK();
1410	TAILQ_FOREACH(sp, &V_sptree[spidx->dir], chain) {
1411		if (key_cmpspidx_exactly(spidx, &sp->spidx)) {
1412			SP_ADDREF(sp);
1413			break;
1414		}
1415	}
1416	SPTREE_RUNLOCK();
1417
1418	return sp;
1419}
1420
1421/*
1422 * get SP by index.
1423 * OUT:	NULL	: not found
1424 *	others	: found, pointer to referenced SP.
1425 */
1426static struct secpolicy *
1427key_getspbyid(uint32_t id)
1428{
1429	SPTREE_RLOCK_TRACKER;
1430	struct secpolicy *sp;
1431
1432	SPTREE_RLOCK();
1433	LIST_FOREACH(sp, SPHASH_HASH(id), idhash) {
1434		if (sp->id == id) {
1435			SP_ADDREF(sp);
1436			break;
1437		}
1438	}
1439	SPTREE_RUNLOCK();
1440	return (sp);
1441}
1442
1443struct secpolicy *
1444key_newsp(void)
1445{
1446	struct secpolicy *sp;
1447
1448	sp = malloc(sizeof(*sp), M_IPSEC_SP, M_NOWAIT | M_ZERO);
1449	if (sp != NULL)
1450		SP_INITREF(sp);
1451	return (sp);
1452}
1453
1454struct ipsecrequest *
1455ipsec_newisr(void)
1456{
1457
1458	return (malloc(sizeof(struct ipsecrequest), M_IPSEC_SR,
1459	    M_NOWAIT | M_ZERO));
1460}
1461
1462void
1463ipsec_delisr(struct ipsecrequest *p)
1464{
1465
1466	free(p, M_IPSEC_SR);
1467}
1468
1469/*
1470 * create secpolicy structure from sadb_x_policy structure.
1471 * NOTE: `state', `secpolicyindex' and 'id' in secpolicy structure
1472 * are not set, so must be set properly later.
1473 */
1474struct secpolicy *
1475key_msg2sp(struct sadb_x_policy *xpl0, size_t len, int *error)
1476{
1477	struct secpolicy *newsp;
1478
1479	IPSEC_ASSERT(xpl0 != NULL, ("null xpl0"));
1480	IPSEC_ASSERT(len >= sizeof(*xpl0), ("policy too short: %zu", len));
1481
1482	if (len != PFKEY_EXTLEN(xpl0)) {
1483		ipseclog((LOG_DEBUG, "%s: Invalid msg length.\n", __func__));
1484		*error = EINVAL;
1485		return NULL;
1486	}
1487
1488	if ((newsp = key_newsp()) == NULL) {
1489		*error = ENOBUFS;
1490		return NULL;
1491	}
1492
1493	newsp->spidx.dir = xpl0->sadb_x_policy_dir;
1494	newsp->policy = xpl0->sadb_x_policy_type;
1495	newsp->priority = xpl0->sadb_x_policy_priority;
1496	newsp->tcount = 0;
1497
1498	/* check policy */
1499	switch (xpl0->sadb_x_policy_type) {
1500	case IPSEC_POLICY_DISCARD:
1501	case IPSEC_POLICY_NONE:
1502	case IPSEC_POLICY_ENTRUST:
1503	case IPSEC_POLICY_BYPASS:
1504		break;
1505
1506	case IPSEC_POLICY_IPSEC:
1507	    {
1508		struct sadb_x_ipsecrequest *xisr;
1509		struct ipsecrequest *isr;
1510		int tlen;
1511
1512		/* validity check */
1513		if (PFKEY_EXTLEN(xpl0) < sizeof(*xpl0)) {
1514			ipseclog((LOG_DEBUG, "%s: Invalid msg length.\n",
1515				__func__));
1516			key_freesp(&newsp);
1517			*error = EINVAL;
1518			return NULL;
1519		}
1520
1521		tlen = PFKEY_EXTLEN(xpl0) - sizeof(*xpl0);
1522		xisr = (struct sadb_x_ipsecrequest *)(xpl0 + 1);
1523
1524		while (tlen > 0) {
1525			/* length check */
1526			if (xisr->sadb_x_ipsecrequest_len < sizeof(*xisr) ||
1527			    xisr->sadb_x_ipsecrequest_len > tlen) {
1528				ipseclog((LOG_DEBUG, "%s: invalid ipsecrequest "
1529					"length.\n", __func__));
1530				key_freesp(&newsp);
1531				*error = EINVAL;
1532				return NULL;
1533			}
1534
1535			if (newsp->tcount >= IPSEC_MAXREQ) {
1536				ipseclog((LOG_DEBUG,
1537				    "%s: too many ipsecrequests.\n",
1538				    __func__));
1539				key_freesp(&newsp);
1540				*error = EINVAL;
1541				return (NULL);
1542			}
1543
1544			/* allocate request buffer */
1545			/* NB: data structure is zero'd */
1546			isr = ipsec_newisr();
1547			if (isr == NULL) {
1548				ipseclog((LOG_DEBUG,
1549				    "%s: No more memory.\n", __func__));
1550				key_freesp(&newsp);
1551				*error = ENOBUFS;
1552				return NULL;
1553			}
1554
1555			newsp->req[newsp->tcount++] = isr;
1556
1557			/* set values */
1558			switch (xisr->sadb_x_ipsecrequest_proto) {
1559			case IPPROTO_ESP:
1560			case IPPROTO_AH:
1561			case IPPROTO_IPCOMP:
1562				break;
1563			default:
1564				ipseclog((LOG_DEBUG,
1565				    "%s: invalid proto type=%u\n", __func__,
1566				    xisr->sadb_x_ipsecrequest_proto));
1567				key_freesp(&newsp);
1568				*error = EPROTONOSUPPORT;
1569				return NULL;
1570			}
1571			isr->saidx.proto =
1572			    (uint8_t)xisr->sadb_x_ipsecrequest_proto;
1573
1574			switch (xisr->sadb_x_ipsecrequest_mode) {
1575			case IPSEC_MODE_TRANSPORT:
1576			case IPSEC_MODE_TUNNEL:
1577				break;
1578			case IPSEC_MODE_ANY:
1579			default:
1580				ipseclog((LOG_DEBUG,
1581				    "%s: invalid mode=%u\n", __func__,
1582				    xisr->sadb_x_ipsecrequest_mode));
1583				key_freesp(&newsp);
1584				*error = EINVAL;
1585				return NULL;
1586			}
1587			isr->saidx.mode = xisr->sadb_x_ipsecrequest_mode;
1588
1589			switch (xisr->sadb_x_ipsecrequest_level) {
1590			case IPSEC_LEVEL_DEFAULT:
1591			case IPSEC_LEVEL_USE:
1592			case IPSEC_LEVEL_REQUIRE:
1593				break;
1594			case IPSEC_LEVEL_UNIQUE:
1595				/* validity check */
1596				/*
1597				 * If range violation of reqid, kernel will
1598				 * update it, don't refuse it.
1599				 */
1600				if (xisr->sadb_x_ipsecrequest_reqid
1601						> IPSEC_MANUAL_REQID_MAX) {
1602					ipseclog((LOG_DEBUG,
1603					    "%s: reqid=%d range "
1604					    "violation, updated by kernel.\n",
1605					    __func__,
1606					    xisr->sadb_x_ipsecrequest_reqid));
1607					xisr->sadb_x_ipsecrequest_reqid = 0;
1608				}
1609
1610				/* allocate new reqid id if reqid is zero. */
1611				if (xisr->sadb_x_ipsecrequest_reqid == 0) {
1612					u_int32_t reqid;
1613					if ((reqid = key_newreqid()) == 0) {
1614						key_freesp(&newsp);
1615						*error = ENOBUFS;
1616						return NULL;
1617					}
1618					isr->saidx.reqid = reqid;
1619					xisr->sadb_x_ipsecrequest_reqid = reqid;
1620				} else {
1621				/* set it for manual keying. */
1622					isr->saidx.reqid =
1623					    xisr->sadb_x_ipsecrequest_reqid;
1624				}
1625				break;
1626
1627			default:
1628				ipseclog((LOG_DEBUG, "%s: invalid level=%u\n",
1629					__func__,
1630					xisr->sadb_x_ipsecrequest_level));
1631				key_freesp(&newsp);
1632				*error = EINVAL;
1633				return NULL;
1634			}
1635			isr->level = xisr->sadb_x_ipsecrequest_level;
1636
1637			/* set IP addresses if there */
1638			if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
1639				struct sockaddr *paddr;
1640
1641				len = tlen - sizeof(*xisr);
1642				paddr = (struct sockaddr *)(xisr + 1);
1643				/* validity check */
1644				if (len < sizeof(struct sockaddr) ||
1645				    len < 2 * paddr->sa_len ||
1646				    paddr->sa_len > sizeof(isr->saidx.src)) {
1647					ipseclog((LOG_DEBUG, "%s: invalid "
1648						"request address length.\n",
1649						__func__));
1650					key_freesp(&newsp);
1651					*error = EINVAL;
1652					return NULL;
1653				}
1654				/*
1655				 * Request length should be enough to keep
1656				 * source and destination addresses.
1657				 */
1658				if (xisr->sadb_x_ipsecrequest_len <
1659				    sizeof(*xisr) + 2 * paddr->sa_len) {
1660					ipseclog((LOG_DEBUG, "%s: invalid "
1661					    "ipsecrequest length.\n",
1662					    __func__));
1663					key_freesp(&newsp);
1664					*error = EINVAL;
1665					return (NULL);
1666				}
1667				bcopy(paddr, &isr->saidx.src, paddr->sa_len);
1668				paddr = (struct sockaddr *)((caddr_t)paddr +
1669				    paddr->sa_len);
1670
1671				/* validity check */
1672				if (paddr->sa_len !=
1673				    isr->saidx.src.sa.sa_len) {
1674					ipseclog((LOG_DEBUG, "%s: invalid "
1675						"request address length.\n",
1676						__func__));
1677					key_freesp(&newsp);
1678					*error = EINVAL;
1679					return NULL;
1680				}
1681				/* AF family should match */
1682				if (paddr->sa_family !=
1683				    isr->saidx.src.sa.sa_family) {
1684					ipseclog((LOG_DEBUG, "%s: address "
1685					    "family doesn't match.\n",
1686						__func__));
1687					key_freesp(&newsp);
1688					*error = EINVAL;
1689					return (NULL);
1690				}
1691				bcopy(paddr, &isr->saidx.dst, paddr->sa_len);
1692			} else {
1693				/*
1694				 * Addresses for TUNNEL mode requests are
1695				 * mandatory.
1696				 */
1697				if (isr->saidx.mode == IPSEC_MODE_TUNNEL) {
1698					ipseclog((LOG_DEBUG, "%s: missing "
1699					    "request addresses.\n", __func__));
1700					key_freesp(&newsp);
1701					*error = EINVAL;
1702					return (NULL);
1703				}
1704			}
1705			tlen -= xisr->sadb_x_ipsecrequest_len;
1706
1707			/* validity check */
1708			if (tlen < 0) {
1709				ipseclog((LOG_DEBUG, "%s: becoming tlen < 0.\n",
1710					__func__));
1711				key_freesp(&newsp);
1712				*error = EINVAL;
1713				return NULL;
1714			}
1715
1716			xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr
1717			                 + xisr->sadb_x_ipsecrequest_len);
1718		}
1719		/* XXXAE: LARVAL SP */
1720		if (newsp->tcount < 1) {
1721			ipseclog((LOG_DEBUG, "%s: valid IPSEC transforms "
1722			    "not found.\n", __func__));
1723			key_freesp(&newsp);
1724			*error = EINVAL;
1725			return (NULL);
1726		}
1727	    }
1728		break;
1729	default:
1730		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
1731		key_freesp(&newsp);
1732		*error = EINVAL;
1733		return NULL;
1734	}
1735
1736	*error = 0;
1737	return (newsp);
1738}
1739
1740uint32_t
1741key_newreqid(void)
1742{
1743	static uint32_t auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1744
1745	if (auto_reqid == ~0)
1746		auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1747	else
1748		auto_reqid++;
1749
1750	/* XXX should be unique check */
1751	return (auto_reqid);
1752}
1753
1754/*
1755 * copy secpolicy struct to sadb_x_policy structure indicated.
1756 */
1757static struct mbuf *
1758key_sp2mbuf(struct secpolicy *sp)
1759{
1760	struct mbuf *m;
1761	size_t tlen;
1762
1763	tlen = key_getspreqmsglen(sp);
1764	m = m_get2(tlen, M_NOWAIT, MT_DATA, 0);
1765	if (m == NULL)
1766		return (NULL);
1767	m_align(m, tlen);
1768	m->m_len = tlen;
1769	if (key_sp2msg(sp, m->m_data, &tlen) != 0) {
1770		m_freem(m);
1771		return (NULL);
1772	}
1773	return (m);
1774}
1775
1776int
1777key_sp2msg(struct secpolicy *sp, void *request, size_t *len)
1778{
1779	struct sadb_x_ipsecrequest *xisr;
1780	struct sadb_x_policy *xpl;
1781	struct ipsecrequest *isr;
1782	size_t xlen, ilen;
1783	caddr_t p;
1784	int error, i;
1785
1786	IPSEC_ASSERT(sp != NULL, ("null policy"));
1787
1788	xlen = sizeof(*xpl);
1789	if (*len < xlen)
1790		return (EINVAL);
1791
1792	error = 0;
1793	bzero(request, *len);
1794	xpl = (struct sadb_x_policy *)request;
1795	xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
1796	xpl->sadb_x_policy_type = sp->policy;
1797	xpl->sadb_x_policy_dir = sp->spidx.dir;
1798	xpl->sadb_x_policy_id = sp->id;
1799	xpl->sadb_x_policy_priority = sp->priority;
1800	switch (sp->state) {
1801	case IPSEC_SPSTATE_IFNET:
1802		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_IFNET;
1803		break;
1804	case IPSEC_SPSTATE_PCB:
1805		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_PCB;
1806		break;
1807	default:
1808		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_GLOBAL;
1809	}
1810
1811	/* if is the policy for ipsec ? */
1812	if (sp->policy == IPSEC_POLICY_IPSEC) {
1813		p = (caddr_t)xpl + sizeof(*xpl);
1814		for (i = 0; i < sp->tcount; i++) {
1815			isr = sp->req[i];
1816			ilen = PFKEY_ALIGN8(sizeof(*xisr) +
1817			    isr->saidx.src.sa.sa_len +
1818			    isr->saidx.dst.sa.sa_len);
1819			xlen += ilen;
1820			if (xlen > *len) {
1821				error = ENOBUFS;
1822				/* Calculate needed size */
1823				continue;
1824			}
1825			xisr = (struct sadb_x_ipsecrequest *)p;
1826			xisr->sadb_x_ipsecrequest_len = ilen;
1827			xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto;
1828			xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode;
1829			xisr->sadb_x_ipsecrequest_level = isr->level;
1830			xisr->sadb_x_ipsecrequest_reqid = isr->saidx.reqid;
1831
1832			p += sizeof(*xisr);
1833			bcopy(&isr->saidx.src, p, isr->saidx.src.sa.sa_len);
1834			p += isr->saidx.src.sa.sa_len;
1835			bcopy(&isr->saidx.dst, p, isr->saidx.dst.sa.sa_len);
1836			p += isr->saidx.dst.sa.sa_len;
1837		}
1838	}
1839	xpl->sadb_x_policy_len = PFKEY_UNIT64(xlen);
1840	if (error == 0)
1841		*len = xlen;
1842	else
1843		*len = sizeof(*xpl);
1844	return (error);
1845}
1846
1847/* m will not be freed nor modified */
1848static struct mbuf *
1849key_gather_mbuf(struct mbuf *m, const struct sadb_msghdr *mhp,
1850    int ndeep, int nitem, ...)
1851{
1852	va_list ap;
1853	int idx;
1854	int i;
1855	struct mbuf *result = NULL, *n;
1856	int len;
1857
1858	IPSEC_ASSERT(m != NULL, ("null mbuf"));
1859	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
1860
1861	va_start(ap, nitem);
1862	for (i = 0; i < nitem; i++) {
1863		idx = va_arg(ap, int);
1864		if (idx < 0 || idx > SADB_EXT_MAX)
1865			goto fail;
1866		/* don't attempt to pull empty extension */
1867		if (idx == SADB_EXT_RESERVED && mhp->msg == NULL)
1868			continue;
1869		if (idx != SADB_EXT_RESERVED  &&
1870		    (mhp->ext[idx] == NULL || mhp->extlen[idx] == 0))
1871			continue;
1872
1873		if (idx == SADB_EXT_RESERVED) {
1874			len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
1875
1876			IPSEC_ASSERT(len <= MHLEN, ("header too big %u", len));
1877
1878			MGETHDR(n, M_NOWAIT, MT_DATA);
1879			if (!n)
1880				goto fail;
1881			n->m_len = len;
1882			n->m_next = NULL;
1883			m_copydata(m, 0, sizeof(struct sadb_msg),
1884			    mtod(n, caddr_t));
1885		} else if (i < ndeep) {
1886			len = mhp->extlen[idx];
1887			n = m_get2(len, M_NOWAIT, MT_DATA, 0);
1888			if (n == NULL)
1889				goto fail;
1890			m_align(n, len);
1891			n->m_len = len;
1892			m_copydata(m, mhp->extoff[idx], mhp->extlen[idx],
1893			    mtod(n, caddr_t));
1894		} else {
1895			n = m_copym(m, mhp->extoff[idx], mhp->extlen[idx],
1896			    M_NOWAIT);
1897		}
1898		if (n == NULL)
1899			goto fail;
1900
1901		if (result)
1902			m_cat(result, n);
1903		else
1904			result = n;
1905	}
1906	va_end(ap);
1907
1908	if ((result->m_flags & M_PKTHDR) != 0) {
1909		result->m_pkthdr.len = 0;
1910		for (n = result; n; n = n->m_next)
1911			result->m_pkthdr.len += n->m_len;
1912	}
1913
1914	return result;
1915
1916fail:
1917	m_freem(result);
1918	va_end(ap);
1919	return NULL;
1920}
1921
1922/*
1923 * SADB_X_SPDADD, SADB_X_SPDSETIDX or SADB_X_SPDUPDATE processing
1924 * add an entry to SP database, when received
1925 *   <base, address(SD), (lifetime(H),) policy>
1926 * from the user(?).
1927 * Adding to SP database,
1928 * and send
1929 *   <base, address(SD), (lifetime(H),) policy>
1930 * to the socket which was send.
1931 *
1932 * SPDADD set a unique policy entry.
1933 * SPDSETIDX like SPDADD without a part of policy requests.
1934 * SPDUPDATE replace a unique policy entry.
1935 *
1936 * XXXAE: serialize this in PF_KEY to avoid races.
1937 * m will always be freed.
1938 */
1939static int
1940key_spdadd(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
1941{
1942	struct secpolicyindex spidx;
1943	struct sadb_address *src0, *dst0;
1944	struct sadb_x_policy *xpl0, *xpl;
1945	struct sadb_lifetime *lft = NULL;
1946	struct secpolicy *newsp;
1947	int error;
1948
1949	IPSEC_ASSERT(so != NULL, ("null socket"));
1950	IPSEC_ASSERT(m != NULL, ("null mbuf"));
1951	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
1952	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
1953
1954	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
1955	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
1956	    SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY)) {
1957		ipseclog((LOG_DEBUG,
1958		    "%s: invalid message: missing required header.\n",
1959		    __func__));
1960		return key_senderror(so, m, EINVAL);
1961	}
1962	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
1963	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
1964	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
1965		ipseclog((LOG_DEBUG,
1966		    "%s: invalid message: wrong header size.\n", __func__));
1967		return key_senderror(so, m, EINVAL);
1968	}
1969	if (!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD)) {
1970		if (SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_HARD)) {
1971			ipseclog((LOG_DEBUG,
1972			    "%s: invalid message: wrong header size.\n",
1973			    __func__));
1974			return key_senderror(so, m, EINVAL);
1975		}
1976		lft = (struct sadb_lifetime *)mhp->ext[SADB_EXT_LIFETIME_HARD];
1977	}
1978
1979	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
1980	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
1981	xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
1982
1983	/* check the direciton */
1984	switch (xpl0->sadb_x_policy_dir) {
1985	case IPSEC_DIR_INBOUND:
1986	case IPSEC_DIR_OUTBOUND:
1987		break;
1988	default:
1989		ipseclog((LOG_DEBUG, "%s: invalid SP direction.\n", __func__));
1990		return key_senderror(so, m, EINVAL);
1991	}
1992	/* key_spdadd() accepts DISCARD, NONE and IPSEC. */
1993	if (xpl0->sadb_x_policy_type != IPSEC_POLICY_DISCARD &&
1994	    xpl0->sadb_x_policy_type != IPSEC_POLICY_NONE &&
1995	    xpl0->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
1996		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
1997		return key_senderror(so, m, EINVAL);
1998	}
1999
2000	/* policy requests are mandatory when action is ipsec. */
2001	if (xpl0->sadb_x_policy_type == IPSEC_POLICY_IPSEC &&
2002	    mhp->extlen[SADB_X_EXT_POLICY] <= sizeof(*xpl0)) {
2003		ipseclog((LOG_DEBUG,
2004		    "%s: policy requests required.\n", __func__));
2005		return key_senderror(so, m, EINVAL);
2006	}
2007
2008	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
2009	    (struct sockaddr *)(dst0 + 1));
2010	if (error != 0 ||
2011	    src0->sadb_address_proto != dst0->sadb_address_proto) {
2012		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
2013		return key_senderror(so, m, error);
2014	}
2015	/* make secindex */
2016	KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
2017	                src0 + 1,
2018	                dst0 + 1,
2019	                src0->sadb_address_prefixlen,
2020	                dst0->sadb_address_prefixlen,
2021	                src0->sadb_address_proto,
2022	                &spidx);
2023	/* Checking there is SP already or not. */
2024	newsp = key_getsp(&spidx);
2025	if (newsp != NULL) {
2026		if (mhp->msg->sadb_msg_type == SADB_X_SPDUPDATE) {
2027			KEYDBG(KEY_STAMP,
2028			    printf("%s: unlink SP(%p) for SPDUPDATE\n",
2029				__func__, newsp));
2030			KEYDBG(KEY_DATA, kdebug_secpolicy(newsp));
2031			key_unlink(newsp);
2032			key_freesp(&newsp);
2033		} else {
2034			key_freesp(&newsp);
2035			ipseclog((LOG_DEBUG,
2036			    "%s: a SP entry exists already.\n", __func__));
2037			return (key_senderror(so, m, EEXIST));
2038		}
2039	}
2040
2041	/* allocate new SP entry */
2042	if ((newsp = key_msg2sp(xpl0, PFKEY_EXTLEN(xpl0), &error)) == NULL) {
2043		return key_senderror(so, m, error);
2044	}
2045
2046	newsp->lastused = newsp->created = time_second;
2047	newsp->lifetime = lft ? lft->sadb_lifetime_addtime : 0;
2048	newsp->validtime = lft ? lft->sadb_lifetime_usetime : 0;
2049	bcopy(&spidx, &newsp->spidx, sizeof(spidx));
2050
2051	/* XXXAE: there is race between key_getsp() and key_insertsp() */
2052	SPTREE_WLOCK();
2053	if ((newsp->id = key_getnewspid()) == 0) {
2054		SPTREE_WUNLOCK();
2055		key_freesp(&newsp);
2056		return key_senderror(so, m, ENOBUFS);
2057	}
2058	key_insertsp(newsp);
2059	SPTREE_WUNLOCK();
2060	if (SPDCACHE_ENABLED())
2061		spdcache_clear();
2062
2063	KEYDBG(KEY_STAMP,
2064	    printf("%s: SP(%p)\n", __func__, newsp));
2065	KEYDBG(KEY_DATA, kdebug_secpolicy(newsp));
2066
2067    {
2068	struct mbuf *n, *mpolicy;
2069	struct sadb_msg *newmsg;
2070	int off;
2071
2072	/* create new sadb_msg to reply. */
2073	if (lft) {
2074		n = key_gather_mbuf(m, mhp, 2, 5, SADB_EXT_RESERVED,
2075		    SADB_X_EXT_POLICY, SADB_EXT_LIFETIME_HARD,
2076		    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2077	} else {
2078		n = key_gather_mbuf(m, mhp, 2, 4, SADB_EXT_RESERVED,
2079		    SADB_X_EXT_POLICY,
2080		    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2081	}
2082	if (!n)
2083		return key_senderror(so, m, ENOBUFS);
2084
2085	if (n->m_len < sizeof(*newmsg)) {
2086		n = m_pullup(n, sizeof(*newmsg));
2087		if (!n)
2088			return key_senderror(so, m, ENOBUFS);
2089	}
2090	newmsg = mtod(n, struct sadb_msg *);
2091	newmsg->sadb_msg_errno = 0;
2092	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2093
2094	off = 0;
2095	mpolicy = m_pulldown(n, PFKEY_ALIGN8(sizeof(struct sadb_msg)),
2096	    sizeof(*xpl), &off);
2097	if (mpolicy == NULL) {
2098		/* n is already freed */
2099		return key_senderror(so, m, ENOBUFS);
2100	}
2101	xpl = (struct sadb_x_policy *)(mtod(mpolicy, caddr_t) + off);
2102	if (xpl->sadb_x_policy_exttype != SADB_X_EXT_POLICY) {
2103		m_freem(n);
2104		return key_senderror(so, m, EINVAL);
2105	}
2106	xpl->sadb_x_policy_id = newsp->id;
2107
2108	m_freem(m);
2109	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2110    }
2111}
2112
2113/*
2114 * get new policy id.
2115 * OUT:
2116 *	0:	failure.
2117 *	others: success.
2118 */
2119static uint32_t
2120key_getnewspid(void)
2121{
2122	struct secpolicy *sp;
2123	uint32_t newid = 0;
2124	int count = V_key_spi_trycnt;	/* XXX */
2125
2126	SPTREE_WLOCK_ASSERT();
2127	while (count--) {
2128		if (V_policy_id == ~0) /* overflowed */
2129			newid = V_policy_id = 1;
2130		else
2131			newid = ++V_policy_id;
2132		LIST_FOREACH(sp, SPHASH_HASH(newid), idhash) {
2133			if (sp->id == newid)
2134				break;
2135		}
2136		if (sp == NULL)
2137			break;
2138	}
2139	if (count == 0 || newid == 0) {
2140		ipseclog((LOG_DEBUG, "%s: failed to allocate policy id.\n",
2141		    __func__));
2142		return (0);
2143	}
2144	return (newid);
2145}
2146
2147/*
2148 * SADB_SPDDELETE processing
2149 * receive
2150 *   <base, address(SD), policy(*)>
2151 * from the user(?), and set SADB_SASTATE_DEAD,
2152 * and send,
2153 *   <base, address(SD), policy(*)>
2154 * to the ikmpd.
2155 * policy(*) including direction of policy.
2156 *
2157 * m will always be freed.
2158 */
2159static int
2160key_spddelete(struct socket *so, struct mbuf *m,
2161    const struct sadb_msghdr *mhp)
2162{
2163	struct secpolicyindex spidx;
2164	struct sadb_address *src0, *dst0;
2165	struct sadb_x_policy *xpl0;
2166	struct secpolicy *sp;
2167
2168	IPSEC_ASSERT(so != NULL, ("null so"));
2169	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2170	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2171	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2172
2173	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
2174	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
2175	    SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY)) {
2176		ipseclog((LOG_DEBUG,
2177		    "%s: invalid message: missing required header.\n",
2178		    __func__));
2179		return key_senderror(so, m, EINVAL);
2180	}
2181	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
2182	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
2183	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2184		ipseclog((LOG_DEBUG,
2185		    "%s: invalid message: wrong header size.\n", __func__));
2186		return key_senderror(so, m, EINVAL);
2187	}
2188
2189	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
2190	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
2191	xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
2192
2193	/* check the direciton */
2194	switch (xpl0->sadb_x_policy_dir) {
2195	case IPSEC_DIR_INBOUND:
2196	case IPSEC_DIR_OUTBOUND:
2197		break;
2198	default:
2199		ipseclog((LOG_DEBUG, "%s: invalid SP direction.\n", __func__));
2200		return key_senderror(so, m, EINVAL);
2201	}
2202	/* Only DISCARD, NONE and IPSEC are allowed */
2203	if (xpl0->sadb_x_policy_type != IPSEC_POLICY_DISCARD &&
2204	    xpl0->sadb_x_policy_type != IPSEC_POLICY_NONE &&
2205	    xpl0->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
2206		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
2207		return key_senderror(so, m, EINVAL);
2208	}
2209	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
2210	    (struct sockaddr *)(dst0 + 1)) != 0 ||
2211	    src0->sadb_address_proto != dst0->sadb_address_proto) {
2212		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
2213		return key_senderror(so, m, EINVAL);
2214	}
2215	/* make secindex */
2216	KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
2217	                src0 + 1,
2218	                dst0 + 1,
2219	                src0->sadb_address_prefixlen,
2220	                dst0->sadb_address_prefixlen,
2221	                src0->sadb_address_proto,
2222	                &spidx);
2223
2224	/* Is there SP in SPD ? */
2225	if ((sp = key_getsp(&spidx)) == NULL) {
2226		ipseclog((LOG_DEBUG, "%s: no SP found.\n", __func__));
2227		return key_senderror(so, m, EINVAL);
2228	}
2229
2230	/* save policy id to buffer to be returned. */
2231	xpl0->sadb_x_policy_id = sp->id;
2232
2233	KEYDBG(KEY_STAMP,
2234	    printf("%s: SP(%p)\n", __func__, sp));
2235	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2236	key_unlink(sp);
2237	key_freesp(&sp);
2238
2239    {
2240	struct mbuf *n;
2241	struct sadb_msg *newmsg;
2242
2243	/* create new sadb_msg to reply. */
2244	n = key_gather_mbuf(m, mhp, 1, 4, SADB_EXT_RESERVED,
2245	    SADB_X_EXT_POLICY, SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2246	if (!n)
2247		return key_senderror(so, m, ENOBUFS);
2248
2249	newmsg = mtod(n, struct sadb_msg *);
2250	newmsg->sadb_msg_errno = 0;
2251	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2252
2253	m_freem(m);
2254	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2255    }
2256}
2257
2258/*
2259 * SADB_SPDDELETE2 processing
2260 * receive
2261 *   <base, policy(*)>
2262 * from the user(?), and set SADB_SASTATE_DEAD,
2263 * and send,
2264 *   <base, policy(*)>
2265 * to the ikmpd.
2266 * policy(*) including direction of policy.
2267 *
2268 * m will always be freed.
2269 */
2270static int
2271key_spddelete2(struct socket *so, struct mbuf *m,
2272    const struct sadb_msghdr *mhp)
2273{
2274	struct secpolicy *sp;
2275	uint32_t id;
2276
2277	IPSEC_ASSERT(so != NULL, ("null socket"));
2278	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2279	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2280	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2281
2282	if (SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY) ||
2283	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2284		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
2285		    __func__));
2286		return key_senderror(so, m, EINVAL);
2287	}
2288
2289	id = ((struct sadb_x_policy *)
2290	    mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
2291
2292	/* Is there SP in SPD ? */
2293	if ((sp = key_getspbyid(id)) == NULL) {
2294		ipseclog((LOG_DEBUG, "%s: no SP found for id %u.\n",
2295		    __func__, id));
2296		return key_senderror(so, m, EINVAL);
2297	}
2298
2299	KEYDBG(KEY_STAMP,
2300	    printf("%s: SP(%p)\n", __func__, sp));
2301	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2302	key_unlink(sp);
2303	if (sp->state != IPSEC_SPSTATE_DEAD) {
2304		ipseclog((LOG_DEBUG, "%s: failed to delete SP with id %u.\n",
2305		    __func__, id));
2306		key_freesp(&sp);
2307		return (key_senderror(so, m, EACCES));
2308	}
2309	key_freesp(&sp);
2310
2311    {
2312	struct mbuf *n, *nn;
2313	struct sadb_msg *newmsg;
2314	int off, len;
2315
2316	/* create new sadb_msg to reply. */
2317	len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
2318
2319	MGETHDR(n, M_NOWAIT, MT_DATA);
2320	if (n && len > MHLEN) {
2321		if (!(MCLGET(n, M_NOWAIT))) {
2322			m_freem(n);
2323			n = NULL;
2324		}
2325	}
2326	if (!n)
2327		return key_senderror(so, m, ENOBUFS);
2328
2329	n->m_len = len;
2330	n->m_next = NULL;
2331	off = 0;
2332
2333	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
2334	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
2335
2336	IPSEC_ASSERT(off == len, ("length inconsistency (off %u len %u)",
2337		off, len));
2338
2339	n->m_next = m_copym(m, mhp->extoff[SADB_X_EXT_POLICY],
2340	    mhp->extlen[SADB_X_EXT_POLICY], M_NOWAIT);
2341	if (!n->m_next) {
2342		m_freem(n);
2343		return key_senderror(so, m, ENOBUFS);
2344	}
2345
2346	n->m_pkthdr.len = 0;
2347	for (nn = n; nn; nn = nn->m_next)
2348		n->m_pkthdr.len += nn->m_len;
2349
2350	newmsg = mtod(n, struct sadb_msg *);
2351	newmsg->sadb_msg_errno = 0;
2352	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2353
2354	m_freem(m);
2355	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2356    }
2357}
2358
2359/*
2360 * SADB_X_SPDGET processing
2361 * receive
2362 *   <base, policy(*)>
2363 * from the user(?),
2364 * and send,
2365 *   <base, address(SD), policy>
2366 * to the ikmpd.
2367 * policy(*) including direction of policy.
2368 *
2369 * m will always be freed.
2370 */
2371static int
2372key_spdget(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2373{
2374	struct secpolicy *sp;
2375	struct mbuf *n;
2376	uint32_t id;
2377
2378	IPSEC_ASSERT(so != NULL, ("null socket"));
2379	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2380	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2381	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2382
2383	if (SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY) ||
2384	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2385		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
2386		    __func__));
2387		return key_senderror(so, m, EINVAL);
2388	}
2389
2390	id = ((struct sadb_x_policy *)
2391	    mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
2392
2393	/* Is there SP in SPD ? */
2394	if ((sp = key_getspbyid(id)) == NULL) {
2395		ipseclog((LOG_DEBUG, "%s: no SP found for id %u.\n",
2396		    __func__, id));
2397		return key_senderror(so, m, ENOENT);
2398	}
2399
2400	n = key_setdumpsp(sp, SADB_X_SPDGET, mhp->msg->sadb_msg_seq,
2401	    mhp->msg->sadb_msg_pid);
2402	key_freesp(&sp);
2403	if (n != NULL) {
2404		m_freem(m);
2405		return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2406	} else
2407		return key_senderror(so, m, ENOBUFS);
2408}
2409
2410/*
2411 * SADB_X_SPDACQUIRE processing.
2412 * Acquire policy and SA(s) for a *OUTBOUND* packet.
2413 * send
2414 *   <base, policy(*)>
2415 * to KMD, and expect to receive
2416 *   <base> with SADB_X_SPDACQUIRE if error occurred,
2417 * or
2418 *   <base, policy>
2419 * with SADB_X_SPDUPDATE from KMD by PF_KEY.
2420 * policy(*) is without policy requests.
2421 *
2422 *    0     : succeed
2423 *    others: error number
2424 */
2425int
2426key_spdacquire(struct secpolicy *sp)
2427{
2428	struct mbuf *result = NULL, *m;
2429	struct secspacq *newspacq;
2430
2431	IPSEC_ASSERT(sp != NULL, ("null secpolicy"));
2432	IPSEC_ASSERT(sp->req == NULL, ("policy exists"));
2433	IPSEC_ASSERT(sp->policy == IPSEC_POLICY_IPSEC,
2434		("policy not IPSEC %u", sp->policy));
2435
2436	/* Get an entry to check whether sent message or not. */
2437	newspacq = key_getspacq(&sp->spidx);
2438	if (newspacq != NULL) {
2439		if (V_key_blockacq_count < newspacq->count) {
2440			/* reset counter and do send message. */
2441			newspacq->count = 0;
2442		} else {
2443			/* increment counter and do nothing. */
2444			newspacq->count++;
2445			SPACQ_UNLOCK();
2446			return (0);
2447		}
2448		SPACQ_UNLOCK();
2449	} else {
2450		/* make new entry for blocking to send SADB_ACQUIRE. */
2451		newspacq = key_newspacq(&sp->spidx);
2452		if (newspacq == NULL)
2453			return ENOBUFS;
2454	}
2455
2456	/* create new sadb_msg to reply. */
2457	m = key_setsadbmsg(SADB_X_SPDACQUIRE, 0, 0, 0, 0, 0);
2458	if (!m)
2459		return ENOBUFS;
2460
2461	result = m;
2462
2463	result->m_pkthdr.len = 0;
2464	for (m = result; m; m = m->m_next)
2465		result->m_pkthdr.len += m->m_len;
2466
2467	mtod(result, struct sadb_msg *)->sadb_msg_len =
2468	    PFKEY_UNIT64(result->m_pkthdr.len);
2469
2470	return key_sendup_mbuf(NULL, m, KEY_SENDUP_REGISTERED);
2471}
2472
2473/*
2474 * SADB_SPDFLUSH processing
2475 * receive
2476 *   <base>
2477 * from the user, and free all entries in secpctree.
2478 * and send,
2479 *   <base>
2480 * to the user.
2481 * NOTE: what to do is only marking SADB_SASTATE_DEAD.
2482 *
2483 * m will always be freed.
2484 */
2485static int
2486key_spdflush(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2487{
2488	struct secpolicy_queue drainq;
2489	struct sadb_msg *newmsg;
2490	struct secpolicy *sp, *nextsp;
2491	u_int dir;
2492
2493	IPSEC_ASSERT(so != NULL, ("null socket"));
2494	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2495	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2496	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2497
2498	if (m->m_len != PFKEY_ALIGN8(sizeof(struct sadb_msg)))
2499		return key_senderror(so, m, EINVAL);
2500
2501	TAILQ_INIT(&drainq);
2502	SPTREE_WLOCK();
2503	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2504		TAILQ_CONCAT(&drainq, &V_sptree[dir], chain);
2505	}
2506	/*
2507	 * We need to set state to DEAD for each policy to be sure,
2508	 * that another thread won't try to unlink it.
2509	 * Also remove SP from sphash.
2510	 */
2511	TAILQ_FOREACH(sp, &drainq, chain) {
2512		sp->state = IPSEC_SPSTATE_DEAD;
2513		LIST_REMOVE(sp, idhash);
2514	}
2515	V_sp_genid++;
2516	V_spd_size = 0;
2517	SPTREE_WUNLOCK();
2518	if (SPDCACHE_ENABLED())
2519		spdcache_clear();
2520	sp = TAILQ_FIRST(&drainq);
2521	while (sp != NULL) {
2522		nextsp = TAILQ_NEXT(sp, chain);
2523		key_freesp(&sp);
2524		sp = nextsp;
2525	}
2526
2527	if (sizeof(struct sadb_msg) > m->m_len + M_TRAILINGSPACE(m)) {
2528		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
2529		return key_senderror(so, m, ENOBUFS);
2530	}
2531
2532	if (m->m_next)
2533		m_freem(m->m_next);
2534	m->m_next = NULL;
2535	m->m_pkthdr.len = m->m_len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
2536	newmsg = mtod(m, struct sadb_msg *);
2537	newmsg->sadb_msg_errno = 0;
2538	newmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
2539
2540	return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
2541}
2542
2543static uint8_t
2544key_satype2scopemask(uint8_t satype)
2545{
2546
2547	if (satype == IPSEC_POLICYSCOPE_ANY)
2548		return (0xff);
2549	return (satype);
2550}
2551/*
2552 * SADB_SPDDUMP processing
2553 * receive
2554 *   <base>
2555 * from the user, and dump all SP leaves and send,
2556 *   <base> .....
2557 * to the ikmpd.
2558 *
2559 * NOTE:
2560 *   sadb_msg_satype is considered as mask of policy scopes.
2561 *   m will always be freed.
2562 */
2563static int
2564key_spddump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2565{
2566	SPTREE_RLOCK_TRACKER;
2567	struct secpolicy *sp;
2568	struct mbuf *n;
2569	int cnt;
2570	u_int dir, scope;
2571
2572	IPSEC_ASSERT(so != NULL, ("null socket"));
2573	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2574	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2575	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2576
2577	/* search SPD entry and get buffer size. */
2578	cnt = 0;
2579	scope = key_satype2scopemask(mhp->msg->sadb_msg_satype);
2580	SPTREE_RLOCK();
2581	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2582		if (scope & IPSEC_POLICYSCOPE_GLOBAL) {
2583			TAILQ_FOREACH(sp, &V_sptree[dir], chain)
2584				cnt++;
2585		}
2586		if (scope & IPSEC_POLICYSCOPE_IFNET) {
2587			TAILQ_FOREACH(sp, &V_sptree_ifnet[dir], chain)
2588				cnt++;
2589		}
2590	}
2591
2592	if (cnt == 0) {
2593		SPTREE_RUNLOCK();
2594		return key_senderror(so, m, ENOENT);
2595	}
2596
2597	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2598		if (scope & IPSEC_POLICYSCOPE_GLOBAL) {
2599			TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
2600				--cnt;
2601				n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt,
2602				    mhp->msg->sadb_msg_pid);
2603
2604				if (n != NULL)
2605					key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2606			}
2607		}
2608		if (scope & IPSEC_POLICYSCOPE_IFNET) {
2609			TAILQ_FOREACH(sp, &V_sptree_ifnet[dir], chain) {
2610				--cnt;
2611				n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt,
2612				    mhp->msg->sadb_msg_pid);
2613
2614				if (n != NULL)
2615					key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2616			}
2617		}
2618	}
2619
2620	SPTREE_RUNLOCK();
2621	m_freem(m);
2622	return (0);
2623}
2624
2625static struct mbuf *
2626key_setdumpsp(struct secpolicy *sp, u_int8_t type, u_int32_t seq,
2627    u_int32_t pid)
2628{
2629	struct mbuf *result = NULL, *m;
2630	struct seclifetime lt;
2631
2632	m = key_setsadbmsg(type, 0, SADB_SATYPE_UNSPEC, seq, pid, sp->refcnt);
2633	if (!m)
2634		goto fail;
2635	result = m;
2636
2637	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
2638	    &sp->spidx.src.sa, sp->spidx.prefs,
2639	    sp->spidx.ul_proto);
2640	if (!m)
2641		goto fail;
2642	m_cat(result, m);
2643
2644	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
2645	    &sp->spidx.dst.sa, sp->spidx.prefd,
2646	    sp->spidx.ul_proto);
2647	if (!m)
2648		goto fail;
2649	m_cat(result, m);
2650
2651	m = key_sp2mbuf(sp);
2652	if (!m)
2653		goto fail;
2654	m_cat(result, m);
2655
2656	if(sp->lifetime){
2657		lt.addtime=sp->created;
2658		lt.usetime= sp->lastused;
2659		m = key_setlifetime(&lt, SADB_EXT_LIFETIME_CURRENT);
2660		if (!m)
2661			goto fail;
2662		m_cat(result, m);
2663
2664		lt.addtime=sp->lifetime;
2665		lt.usetime= sp->validtime;
2666		m = key_setlifetime(&lt, SADB_EXT_LIFETIME_HARD);
2667		if (!m)
2668			goto fail;
2669		m_cat(result, m);
2670	}
2671
2672	if ((result->m_flags & M_PKTHDR) == 0)
2673		goto fail;
2674
2675	if (result->m_len < sizeof(struct sadb_msg)) {
2676		result = m_pullup(result, sizeof(struct sadb_msg));
2677		if (result == NULL)
2678			goto fail;
2679	}
2680
2681	result->m_pkthdr.len = 0;
2682	for (m = result; m; m = m->m_next)
2683		result->m_pkthdr.len += m->m_len;
2684
2685	mtod(result, struct sadb_msg *)->sadb_msg_len =
2686	    PFKEY_UNIT64(result->m_pkthdr.len);
2687
2688	return result;
2689
2690fail:
2691	m_freem(result);
2692	return NULL;
2693}
2694/*
2695 * get PFKEY message length for security policy and request.
2696 */
2697static size_t
2698key_getspreqmsglen(struct secpolicy *sp)
2699{
2700	size_t tlen, len;
2701	int i;
2702
2703	tlen = sizeof(struct sadb_x_policy);
2704	/* if is the policy for ipsec ? */
2705	if (sp->policy != IPSEC_POLICY_IPSEC)
2706		return (tlen);
2707
2708	/* get length of ipsec requests */
2709	for (i = 0; i < sp->tcount; i++) {
2710		len = sizeof(struct sadb_x_ipsecrequest)
2711			+ sp->req[i]->saidx.src.sa.sa_len
2712			+ sp->req[i]->saidx.dst.sa.sa_len;
2713
2714		tlen += PFKEY_ALIGN8(len);
2715	}
2716	return (tlen);
2717}
2718
2719/*
2720 * SADB_SPDEXPIRE processing
2721 * send
2722 *   <base, address(SD), lifetime(CH), policy>
2723 * to KMD by PF_KEY.
2724 *
2725 * OUT:	0	: succeed
2726 *	others	: error number
2727 */
2728static int
2729key_spdexpire(struct secpolicy *sp)
2730{
2731	struct sadb_lifetime *lt;
2732	struct mbuf *result = NULL, *m;
2733	int len, error = -1;
2734
2735	IPSEC_ASSERT(sp != NULL, ("null secpolicy"));
2736
2737	KEYDBG(KEY_STAMP,
2738	    printf("%s: SP(%p)\n", __func__, sp));
2739	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2740
2741	/* set msg header */
2742	m = key_setsadbmsg(SADB_X_SPDEXPIRE, 0, 0, 0, 0, 0);
2743	if (!m) {
2744		error = ENOBUFS;
2745		goto fail;
2746	}
2747	result = m;
2748
2749	/* create lifetime extension (current and hard) */
2750	len = PFKEY_ALIGN8(sizeof(*lt)) * 2;
2751	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
2752	if (m == NULL) {
2753		error = ENOBUFS;
2754		goto fail;
2755	}
2756	m_align(m, len);
2757	m->m_len = len;
2758	bzero(mtod(m, caddr_t), len);
2759	lt = mtod(m, struct sadb_lifetime *);
2760	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2761	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
2762	lt->sadb_lifetime_allocations = 0;
2763	lt->sadb_lifetime_bytes = 0;
2764	lt->sadb_lifetime_addtime = sp->created;
2765	lt->sadb_lifetime_usetime = sp->lastused;
2766	lt = (struct sadb_lifetime *)(mtod(m, caddr_t) + len / 2);
2767	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2768	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
2769	lt->sadb_lifetime_allocations = 0;
2770	lt->sadb_lifetime_bytes = 0;
2771	lt->sadb_lifetime_addtime = sp->lifetime;
2772	lt->sadb_lifetime_usetime = sp->validtime;
2773	m_cat(result, m);
2774
2775	/* set sadb_address for source */
2776	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
2777	    &sp->spidx.src.sa,
2778	    sp->spidx.prefs, sp->spidx.ul_proto);
2779	if (!m) {
2780		error = ENOBUFS;
2781		goto fail;
2782	}
2783	m_cat(result, m);
2784
2785	/* set sadb_address for destination */
2786	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
2787	    &sp->spidx.dst.sa,
2788	    sp->spidx.prefd, sp->spidx.ul_proto);
2789	if (!m) {
2790		error = ENOBUFS;
2791		goto fail;
2792	}
2793	m_cat(result, m);
2794
2795	/* set secpolicy */
2796	m = key_sp2mbuf(sp);
2797	if (!m) {
2798		error = ENOBUFS;
2799		goto fail;
2800	}
2801	m_cat(result, m);
2802
2803	if ((result->m_flags & M_PKTHDR) == 0) {
2804		error = EINVAL;
2805		goto fail;
2806	}
2807
2808	if (result->m_len < sizeof(struct sadb_msg)) {
2809		result = m_pullup(result, sizeof(struct sadb_msg));
2810		if (result == NULL) {
2811			error = ENOBUFS;
2812			goto fail;
2813		}
2814	}
2815
2816	result->m_pkthdr.len = 0;
2817	for (m = result; m; m = m->m_next)
2818		result->m_pkthdr.len += m->m_len;
2819
2820	mtod(result, struct sadb_msg *)->sadb_msg_len =
2821	    PFKEY_UNIT64(result->m_pkthdr.len);
2822
2823	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
2824
2825 fail:
2826	if (result)
2827		m_freem(result);
2828	return error;
2829}
2830
2831/* %%% SAD management */
2832/*
2833 * allocating and initialize new SA head.
2834 * OUT:	NULL	: failure due to the lack of memory.
2835 *	others	: pointer to new SA head.
2836 */
2837static struct secashead *
2838key_newsah(struct secasindex *saidx)
2839{
2840	struct secashead *sah;
2841
2842	sah = malloc(sizeof(struct secashead), M_IPSEC_SAH,
2843	    M_NOWAIT | M_ZERO);
2844	if (sah == NULL) {
2845		PFKEYSTAT_INC(in_nomem);
2846		return (NULL);
2847	}
2848	TAILQ_INIT(&sah->savtree_larval);
2849	TAILQ_INIT(&sah->savtree_alive);
2850	sah->saidx = *saidx;
2851	sah->state = SADB_SASTATE_DEAD;
2852	SAH_INITREF(sah);
2853
2854	KEYDBG(KEY_STAMP,
2855	    printf("%s: SAH(%p)\n", __func__, sah));
2856	KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2857	return (sah);
2858}
2859
2860static void
2861key_freesah(struct secashead **psah)
2862{
2863	struct secashead *sah = *psah;
2864
2865	if (SAH_DELREF(sah) == 0)
2866		return;
2867
2868	KEYDBG(KEY_STAMP,
2869	    printf("%s: last reference to SAH(%p)\n", __func__, sah));
2870	KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2871
2872	*psah = NULL;
2873	key_delsah(sah);
2874}
2875
2876static void
2877key_delsah(struct secashead *sah)
2878{
2879	IPSEC_ASSERT(sah != NULL, ("NULL sah"));
2880	IPSEC_ASSERT(sah->state == SADB_SASTATE_DEAD,
2881	    ("Attempt to free non DEAD SAH %p", sah));
2882	IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_larval),
2883	    ("Attempt to free SAH %p with LARVAL SA", sah));
2884	IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_alive),
2885	    ("Attempt to free SAH %p with ALIVE SA", sah));
2886
2887	free(sah, M_IPSEC_SAH);
2888}
2889
2890/*
2891 * allocating a new SA for key_add() and key_getspi() call,
2892 * and copy the values of mhp into new buffer.
2893 * When SAD message type is SADB_GETSPI set SA state to LARVAL.
2894 * For SADB_ADD create and initialize SA with MATURE state.
2895 * OUT:	NULL	: fail
2896 *	others	: pointer to new secasvar.
2897 */
2898static struct secasvar *
2899key_newsav(const struct sadb_msghdr *mhp, struct secasindex *saidx,
2900    uint32_t spi, int *errp)
2901{
2902	struct secashead *sah;
2903	struct secasvar *sav;
2904	int isnew;
2905
2906	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2907	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2908	IPSEC_ASSERT(mhp->msg->sadb_msg_type == SADB_GETSPI ||
2909	    mhp->msg->sadb_msg_type == SADB_ADD, ("wrong message type"));
2910
2911	sav = NULL;
2912	sah = NULL;
2913	/* check SPI value */
2914	switch (saidx->proto) {
2915	case IPPROTO_ESP:
2916	case IPPROTO_AH:
2917		/*
2918		 * RFC 4302, 2.4. Security Parameters Index (SPI), SPI values
2919		 * 1-255 reserved by IANA for future use,
2920		 * 0 for implementation specific, local use.
2921		 */
2922		if (ntohl(spi) <= 255) {
2923			ipseclog((LOG_DEBUG, "%s: illegal range of SPI %u.\n",
2924			    __func__, ntohl(spi)));
2925			*errp = EINVAL;
2926			goto done;
2927		}
2928		break;
2929	}
2930
2931	sav = malloc(sizeof(struct secasvar), M_IPSEC_SA, M_NOWAIT | M_ZERO);
2932	if (sav == NULL) {
2933		*errp = ENOBUFS;
2934		goto done;
2935	}
2936	sav->lock = malloc(sizeof(struct mtx), M_IPSEC_MISC,
2937	    M_NOWAIT | M_ZERO);
2938	if (sav->lock == NULL) {
2939		*errp = ENOBUFS;
2940		goto done;
2941	}
2942	mtx_init(sav->lock, "ipsec association", NULL, MTX_DEF);
2943	sav->lft_c = uma_zalloc_pcpu(V_key_lft_zone, M_NOWAIT);
2944	if (sav->lft_c == NULL) {
2945		*errp = ENOBUFS;
2946		goto done;
2947	}
2948	counter_u64_zero(sav->lft_c_allocations);
2949	counter_u64_zero(sav->lft_c_bytes);
2950
2951	sav->spi = spi;
2952	sav->seq = mhp->msg->sadb_msg_seq;
2953	sav->state = SADB_SASTATE_LARVAL;
2954	sav->pid = (pid_t)mhp->msg->sadb_msg_pid;
2955	SAV_INITREF(sav);
2956again:
2957	sah = key_getsah(saidx);
2958	if (sah == NULL) {
2959		/* create a new SA index */
2960		sah = key_newsah(saidx);
2961		if (sah == NULL) {
2962			ipseclog((LOG_DEBUG,
2963			    "%s: No more memory.\n", __func__));
2964			*errp = ENOBUFS;
2965			goto done;
2966		}
2967		isnew = 1;
2968	} else
2969		isnew = 0;
2970
2971	sav->sah = sah;
2972	if (mhp->msg->sadb_msg_type == SADB_GETSPI) {
2973		sav->created = time_second;
2974	} else if (sav->state == SADB_SASTATE_LARVAL) {
2975		/*
2976		 * Do not call key_setsaval() second time in case
2977		 * of `goto again`. We will have MATURE state.
2978		 */
2979		*errp = key_setsaval(sav, mhp);
2980		if (*errp != 0)
2981			goto done;
2982		sav->state = SADB_SASTATE_MATURE;
2983	}
2984
2985	SAHTREE_WLOCK();
2986	/*
2987	 * Check that existing SAH wasn't unlinked.
2988	 * Since we didn't hold the SAHTREE lock, it is possible,
2989	 * that callout handler or key_flush() or key_delete() could
2990	 * unlink this SAH.
2991	 */
2992	if (isnew == 0 && sah->state == SADB_SASTATE_DEAD) {
2993		SAHTREE_WUNLOCK();
2994		key_freesah(&sah);	/* reference from key_getsah() */
2995		goto again;
2996	}
2997	if (isnew != 0) {
2998		/*
2999		 * Add new SAH into SADB.
3000		 *
3001		 * XXXAE: we can serialize key_add and key_getspi calls, so
3002		 * several threads will not fight in the race.
3003		 * Otherwise we should check under SAHTREE lock, that this
3004		 * SAH would not added twice.
3005		 */
3006		TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
3007		/* Add new SAH into hash by addresses */
3008		LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
3009		/* Now we are linked in the chain */
3010		sah->state = SADB_SASTATE_MATURE;
3011		/*
3012		 * SAV references this new SAH.
3013		 * In case of existing SAH we reuse reference
3014		 * from key_getsah().
3015		 */
3016		SAH_ADDREF(sah);
3017	}
3018	/* Link SAV with SAH */
3019	if (sav->state == SADB_SASTATE_MATURE)
3020		TAILQ_INSERT_HEAD(&sah->savtree_alive, sav, chain);
3021	else
3022		TAILQ_INSERT_HEAD(&sah->savtree_larval, sav, chain);
3023	/* Add SAV into SPI hash */
3024	LIST_INSERT_HEAD(SAVHASH_HASH(sav->spi), sav, spihash);
3025	SAHTREE_WUNLOCK();
3026	*errp = 0;	/* success */
3027done:
3028	if (*errp != 0) {
3029		if (sav != NULL) {
3030			if (sav->lock != NULL) {
3031				mtx_destroy(sav->lock);
3032				free(sav->lock, M_IPSEC_MISC);
3033			}
3034			if (sav->lft_c != NULL)
3035				uma_zfree_pcpu(V_key_lft_zone, sav->lft_c);
3036			free(sav, M_IPSEC_SA), sav = NULL;
3037		}
3038		if (sah != NULL)
3039			key_freesah(&sah);
3040		if (*errp == ENOBUFS) {
3041			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3042			    __func__));
3043			PFKEYSTAT_INC(in_nomem);
3044		}
3045	}
3046	return (sav);
3047}
3048
3049/*
3050 * free() SA variable entry.
3051 */
3052static void
3053key_cleansav(struct secasvar *sav)
3054{
3055
3056	if (sav->natt != NULL) {
3057		free(sav->natt, M_IPSEC_MISC);
3058		sav->natt = NULL;
3059	}
3060	if (sav->flags & SADB_X_EXT_F_CLONED)
3061		return;
3062	if (sav->tdb_xform != NULL) {
3063		sav->tdb_xform->xf_cleanup(sav);
3064		sav->tdb_xform = NULL;
3065	}
3066	if (sav->key_auth != NULL) {
3067		zfree(sav->key_auth->key_data, M_IPSEC_MISC);
3068		free(sav->key_auth, M_IPSEC_MISC);
3069		sav->key_auth = NULL;
3070	}
3071	if (sav->key_enc != NULL) {
3072		zfree(sav->key_enc->key_data, M_IPSEC_MISC);
3073		free(sav->key_enc, M_IPSEC_MISC);
3074		sav->key_enc = NULL;
3075	}
3076	if (sav->replay != NULL) {
3077		if (sav->replay->bitmap != NULL)
3078			free(sav->replay->bitmap, M_IPSEC_MISC);
3079		free(sav->replay, M_IPSEC_MISC);
3080		sav->replay = NULL;
3081	}
3082	if (sav->lft_h != NULL) {
3083		free(sav->lft_h, M_IPSEC_MISC);
3084		sav->lft_h = NULL;
3085	}
3086	if (sav->lft_s != NULL) {
3087		free(sav->lft_s, M_IPSEC_MISC);
3088		sav->lft_s = NULL;
3089	}
3090}
3091
3092/*
3093 * free() SA variable entry.
3094 */
3095static void
3096key_delsav(struct secasvar *sav)
3097{
3098	IPSEC_ASSERT(sav != NULL, ("null sav"));
3099	IPSEC_ASSERT(sav->state == SADB_SASTATE_DEAD,
3100	    ("attempt to free non DEAD SA %p", sav));
3101	IPSEC_ASSERT(sav->refcnt == 0, ("reference count %u > 0",
3102	    sav->refcnt));
3103
3104	/*
3105	 * SA must be unlinked from the chain and hashtbl.
3106	 * If SA was cloned, we leave all fields untouched,
3107	 * except NAT-T config.
3108	 */
3109	key_cleansav(sav);
3110	if ((sav->flags & SADB_X_EXT_F_CLONED) == 0) {
3111		mtx_destroy(sav->lock);
3112		free(sav->lock, M_IPSEC_MISC);
3113		uma_zfree_pcpu(V_key_lft_zone, sav->lft_c);
3114	}
3115	free(sav, M_IPSEC_SA);
3116}
3117
3118/*
3119 * search SAH.
3120 * OUT:
3121 *	NULL	: not found
3122 *	others	: found, referenced pointer to a SAH.
3123 */
3124static struct secashead *
3125key_getsah(struct secasindex *saidx)
3126{
3127	SAHTREE_RLOCK_TRACKER;
3128	struct secashead *sah;
3129
3130	SAHTREE_RLOCK();
3131	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
3132	    if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID) != 0) {
3133		    SAH_ADDREF(sah);
3134		    break;
3135	    }
3136	}
3137	SAHTREE_RUNLOCK();
3138	return (sah);
3139}
3140
3141/*
3142 * Check not to be duplicated SPI.
3143 * OUT:
3144 *	0	: not found
3145 *	1	: found SA with given SPI.
3146 */
3147static int
3148key_checkspidup(uint32_t spi)
3149{
3150	SAHTREE_RLOCK_TRACKER;
3151	struct secasvar *sav;
3152
3153	/* Assume SPI is in network byte order */
3154	SAHTREE_RLOCK();
3155	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
3156		if (sav->spi == spi)
3157			break;
3158	}
3159	SAHTREE_RUNLOCK();
3160	return (sav != NULL);
3161}
3162
3163/*
3164 * Search SA by SPI.
3165 * OUT:
3166 *	NULL	: not found
3167 *	others	: found, referenced pointer to a SA.
3168 */
3169static struct secasvar *
3170key_getsavbyspi(uint32_t spi)
3171{
3172	SAHTREE_RLOCK_TRACKER;
3173	struct secasvar *sav;
3174
3175	/* Assume SPI is in network byte order */
3176	SAHTREE_RLOCK();
3177	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
3178		if (sav->spi != spi)
3179			continue;
3180		SAV_ADDREF(sav);
3181		break;
3182	}
3183	SAHTREE_RUNLOCK();
3184	return (sav);
3185}
3186
3187static int
3188key_updatelifetimes(struct secasvar *sav, const struct sadb_msghdr *mhp)
3189{
3190	struct seclifetime *lft_h, *lft_s, *tmp;
3191
3192	/* Lifetime extension is optional, check that it is present. */
3193	if (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
3194	    SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) {
3195		/*
3196		 * In case of SADB_UPDATE we may need to change
3197		 * existing lifetimes.
3198		 */
3199		if (sav->state == SADB_SASTATE_MATURE) {
3200			lft_h = lft_s = NULL;
3201			goto reset;
3202		}
3203		return (0);
3204	}
3205	/* Both HARD and SOFT extensions must present */
3206	if ((SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
3207	    !SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
3208	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
3209	    !SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
3210		ipseclog((LOG_DEBUG,
3211		    "%s: invalid message: missing required header.\n",
3212		    __func__));
3213		return (EINVAL);
3214	}
3215	if (SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_HARD) ||
3216	    SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_SOFT)) {
3217		ipseclog((LOG_DEBUG,
3218		    "%s: invalid message: wrong header size.\n", __func__));
3219		return (EINVAL);
3220	}
3221	lft_h = key_dup_lifemsg((const struct sadb_lifetime *)
3222	    mhp->ext[SADB_EXT_LIFETIME_HARD], M_IPSEC_MISC);
3223	if (lft_h == NULL) {
3224		PFKEYSTAT_INC(in_nomem);
3225		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3226		return (ENOBUFS);
3227	}
3228	lft_s = key_dup_lifemsg((const struct sadb_lifetime *)
3229	    mhp->ext[SADB_EXT_LIFETIME_SOFT], M_IPSEC_MISC);
3230	if (lft_s == NULL) {
3231		PFKEYSTAT_INC(in_nomem);
3232		free(lft_h, M_IPSEC_MISC);
3233		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3234		return (ENOBUFS);
3235	}
3236reset:
3237	if (sav->state != SADB_SASTATE_LARVAL) {
3238		/*
3239		 * key_update() holds reference to this SA,
3240		 * so it won't be deleted in meanwhile.
3241		 */
3242		SECASVAR_LOCK(sav);
3243		tmp = sav->lft_h;
3244		sav->lft_h = lft_h;
3245		lft_h = tmp;
3246
3247		tmp = sav->lft_s;
3248		sav->lft_s = lft_s;
3249		lft_s = tmp;
3250		SECASVAR_UNLOCK(sav);
3251		if (lft_h != NULL)
3252			free(lft_h, M_IPSEC_MISC);
3253		if (lft_s != NULL)
3254			free(lft_s, M_IPSEC_MISC);
3255		return (0);
3256	}
3257	/* We can update lifetime without holding a lock */
3258	IPSEC_ASSERT(sav->lft_h == NULL, ("lft_h is already initialized\n"));
3259	IPSEC_ASSERT(sav->lft_s == NULL, ("lft_s is already initialized\n"));
3260	sav->lft_h = lft_h;
3261	sav->lft_s = lft_s;
3262	return (0);
3263}
3264
3265/*
3266 * copy SA values from PF_KEY message except *SPI, SEQ, PID and TYPE*.
3267 * You must update these if need. Expects only LARVAL SAs.
3268 * OUT:	0:	success.
3269 *	!0:	failure.
3270 */
3271static int
3272key_setsaval(struct secasvar *sav, const struct sadb_msghdr *mhp)
3273{
3274	const struct sadb_sa *sa0;
3275	const struct sadb_key *key0;
3276	uint32_t replay;
3277	size_t len;
3278	int error;
3279
3280	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
3281	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
3282	IPSEC_ASSERT(sav->state == SADB_SASTATE_LARVAL,
3283	    ("Attempt to update non LARVAL SA"));
3284
3285	/* XXX rewrite */
3286	error = key_setident(sav->sah, mhp);
3287	if (error != 0)
3288		goto fail;
3289
3290	/* SA */
3291	if (!SADB_CHECKHDR(mhp, SADB_EXT_SA)) {
3292		if (SADB_CHECKLEN(mhp, SADB_EXT_SA)) {
3293			error = EINVAL;
3294			goto fail;
3295		}
3296		sa0 = (const struct sadb_sa *)mhp->ext[SADB_EXT_SA];
3297		sav->alg_auth = sa0->sadb_sa_auth;
3298		sav->alg_enc = sa0->sadb_sa_encrypt;
3299		sav->flags = sa0->sadb_sa_flags;
3300		if ((sav->flags & SADB_KEY_FLAGS_MAX) != sav->flags) {
3301			ipseclog((LOG_DEBUG,
3302			    "%s: invalid sa_flags 0x%08x.\n", __func__,
3303			    sav->flags));
3304			error = EINVAL;
3305			goto fail;
3306		}
3307
3308		/* Optional replay window */
3309		replay = 0;
3310		if ((sa0->sadb_sa_flags & SADB_X_EXT_OLD) == 0)
3311			replay = sa0->sadb_sa_replay;
3312		if (!SADB_CHECKHDR(mhp, SADB_X_EXT_SA_REPLAY)) {
3313			if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA_REPLAY)) {
3314				error = EINVAL;
3315				goto fail;
3316			}
3317			replay = ((const struct sadb_x_sa_replay *)
3318			    mhp->ext[SADB_X_EXT_SA_REPLAY])->sadb_x_sa_replay_replay;
3319
3320			if (replay > UINT32_MAX - 32) {
3321				ipseclog((LOG_DEBUG,
3322				    "%s: replay window too big.\n", __func__));
3323				error = EINVAL;
3324				goto fail;
3325			}
3326
3327			replay = (replay + 7) >> 3;
3328		}
3329
3330		sav->replay = malloc(sizeof(struct secreplay), M_IPSEC_MISC,
3331		    M_NOWAIT | M_ZERO);
3332		if (sav->replay == NULL) {
3333			PFKEYSTAT_INC(in_nomem);
3334			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3335			    __func__));
3336			error = ENOBUFS;
3337			goto fail;
3338		}
3339
3340		if (replay != 0) {
3341			/* number of 32b blocks to be allocated */
3342			uint32_t bitmap_size;
3343
3344			/* RFC 6479:
3345			 * - the allocated replay window size must be
3346			 *   a power of two.
3347			 * - use an extra 32b block as a redundant window.
3348			 */
3349			bitmap_size = 1;
3350			while (replay + 4 > bitmap_size)
3351				bitmap_size <<= 1;
3352			bitmap_size = bitmap_size / 4;
3353
3354			sav->replay->bitmap = malloc(
3355			    bitmap_size * sizeof(uint32_t), M_IPSEC_MISC,
3356			    M_NOWAIT | M_ZERO);
3357			if (sav->replay->bitmap == NULL) {
3358				PFKEYSTAT_INC(in_nomem);
3359				ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3360					__func__));
3361				error = ENOBUFS;
3362				goto fail;
3363			}
3364			sav->replay->bitmap_size = bitmap_size;
3365			sav->replay->wsize = replay;
3366		}
3367	}
3368
3369	/* Authentication keys */
3370	if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH)) {
3371		if (SADB_CHECKLEN(mhp, SADB_EXT_KEY_AUTH)) {
3372			error = EINVAL;
3373			goto fail;
3374		}
3375		error = 0;
3376		key0 = (const struct sadb_key *)mhp->ext[SADB_EXT_KEY_AUTH];
3377		len = mhp->extlen[SADB_EXT_KEY_AUTH];
3378		switch (mhp->msg->sadb_msg_satype) {
3379		case SADB_SATYPE_AH:
3380		case SADB_SATYPE_ESP:
3381		case SADB_X_SATYPE_TCPSIGNATURE:
3382			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
3383			    sav->alg_auth != SADB_X_AALG_NULL)
3384				error = EINVAL;
3385			break;
3386		case SADB_X_SATYPE_IPCOMP:
3387		default:
3388			error = EINVAL;
3389			break;
3390		}
3391		if (error) {
3392			ipseclog((LOG_DEBUG, "%s: invalid key_auth values.\n",
3393				__func__));
3394			goto fail;
3395		}
3396
3397		sav->key_auth = key_dup_keymsg(key0, len, M_IPSEC_MISC);
3398		if (sav->key_auth == NULL ) {
3399			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3400				  __func__));
3401			PFKEYSTAT_INC(in_nomem);
3402			error = ENOBUFS;
3403			goto fail;
3404		}
3405	}
3406
3407	/* Encryption key */
3408	if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT)) {
3409		if (SADB_CHECKLEN(mhp, SADB_EXT_KEY_ENCRYPT)) {
3410			error = EINVAL;
3411			goto fail;
3412		}
3413		error = 0;
3414		key0 = (const struct sadb_key *)mhp->ext[SADB_EXT_KEY_ENCRYPT];
3415		len = mhp->extlen[SADB_EXT_KEY_ENCRYPT];
3416		switch (mhp->msg->sadb_msg_satype) {
3417		case SADB_SATYPE_ESP:
3418			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
3419			    sav->alg_enc != SADB_EALG_NULL) {
3420				error = EINVAL;
3421				break;
3422			}
3423			sav->key_enc = key_dup_keymsg(key0, len, M_IPSEC_MISC);
3424			if (sav->key_enc == NULL) {
3425				ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3426					__func__));
3427				PFKEYSTAT_INC(in_nomem);
3428				error = ENOBUFS;
3429				goto fail;
3430			}
3431			break;
3432		case SADB_X_SATYPE_IPCOMP:
3433			if (len != PFKEY_ALIGN8(sizeof(struct sadb_key)))
3434				error = EINVAL;
3435			sav->key_enc = NULL;	/*just in case*/
3436			break;
3437		case SADB_SATYPE_AH:
3438		case SADB_X_SATYPE_TCPSIGNATURE:
3439		default:
3440			error = EINVAL;
3441			break;
3442		}
3443		if (error) {
3444			ipseclog((LOG_DEBUG, "%s: invalid key_enc value.\n",
3445				__func__));
3446			goto fail;
3447		}
3448	}
3449
3450	/* set iv */
3451	sav->ivlen = 0;
3452	switch (mhp->msg->sadb_msg_satype) {
3453	case SADB_SATYPE_AH:
3454		if (sav->flags & SADB_X_EXT_DERIV) {
3455			ipseclog((LOG_DEBUG, "%s: invalid flag (derived) "
3456			    "given to AH SA.\n", __func__));
3457			error = EINVAL;
3458			goto fail;
3459		}
3460		if (sav->alg_enc != SADB_EALG_NONE) {
3461			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3462			    "mismated.\n", __func__));
3463			error = EINVAL;
3464			goto fail;
3465		}
3466		error = xform_init(sav, XF_AH);
3467		break;
3468	case SADB_SATYPE_ESP:
3469		if ((sav->flags & (SADB_X_EXT_OLD | SADB_X_EXT_DERIV)) ==
3470		    (SADB_X_EXT_OLD | SADB_X_EXT_DERIV)) {
3471			ipseclog((LOG_DEBUG, "%s: invalid flag (derived) "
3472			    "given to old-esp.\n", __func__));
3473			error = EINVAL;
3474			goto fail;
3475		}
3476		error = xform_init(sav, XF_ESP);
3477		break;
3478	case SADB_X_SATYPE_IPCOMP:
3479		if (sav->alg_auth != SADB_AALG_NONE) {
3480			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3481			    "mismated.\n", __func__));
3482			error = EINVAL;
3483			goto fail;
3484		}
3485		if ((sav->flags & SADB_X_EXT_RAWCPI) == 0 &&
3486		    ntohl(sav->spi) >= 0x10000) {
3487			ipseclog((LOG_DEBUG, "%s: invalid cpi for IPComp.\n",
3488			    __func__));
3489			error = EINVAL;
3490			goto fail;
3491		}
3492		error = xform_init(sav, XF_IPCOMP);
3493		break;
3494	case SADB_X_SATYPE_TCPSIGNATURE:
3495		if (sav->alg_enc != SADB_EALG_NONE) {
3496			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3497			    "mismated.\n", __func__));
3498			error = EINVAL;
3499			goto fail;
3500		}
3501		error = xform_init(sav, XF_TCPSIGNATURE);
3502		break;
3503	default:
3504		ipseclog((LOG_DEBUG, "%s: Invalid satype.\n", __func__));
3505		error = EPROTONOSUPPORT;
3506		goto fail;
3507	}
3508	if (error) {
3509		ipseclog((LOG_DEBUG, "%s: unable to initialize SA type %u.\n",
3510		    __func__, mhp->msg->sadb_msg_satype));
3511		goto fail;
3512	}
3513
3514	/* Handle NAT-T headers */
3515	error = key_setnatt(sav, mhp);
3516	if (error != 0)
3517		goto fail;
3518
3519	/* Initialize lifetime for CURRENT */
3520	sav->firstused = 0;
3521	sav->created = time_second;
3522
3523	/* lifetimes for HARD and SOFT */
3524	error = key_updatelifetimes(sav, mhp);
3525	if (error == 0)
3526		return (0);
3527fail:
3528	key_cleansav(sav);
3529	return (error);
3530}
3531
3532/*
3533 * subroutine for SADB_GET and SADB_DUMP.
3534 */
3535static struct mbuf *
3536key_setdumpsa(struct secasvar *sav, uint8_t type, uint8_t satype,
3537    uint32_t seq, uint32_t pid)
3538{
3539	struct seclifetime lft_c;
3540	struct mbuf *result = NULL, *tres = NULL, *m;
3541	int i, dumporder[] = {
3542		SADB_EXT_SA, SADB_X_EXT_SA2, SADB_X_EXT_SA_REPLAY,
3543		SADB_EXT_LIFETIME_HARD, SADB_EXT_LIFETIME_SOFT,
3544		SADB_EXT_LIFETIME_CURRENT, SADB_EXT_ADDRESS_SRC,
3545		SADB_EXT_ADDRESS_DST, SADB_EXT_ADDRESS_PROXY,
3546		SADB_EXT_KEY_AUTH, SADB_EXT_KEY_ENCRYPT,
3547		SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST,
3548		SADB_EXT_SENSITIVITY,
3549		SADB_X_EXT_NAT_T_TYPE,
3550		SADB_X_EXT_NAT_T_SPORT, SADB_X_EXT_NAT_T_DPORT,
3551		SADB_X_EXT_NAT_T_OAI, SADB_X_EXT_NAT_T_OAR,
3552		SADB_X_EXT_NAT_T_FRAG,
3553	};
3554	uint32_t replay_count;
3555
3556	m = key_setsadbmsg(type, 0, satype, seq, pid, sav->refcnt);
3557	if (m == NULL)
3558		goto fail;
3559	result = m;
3560
3561	for (i = nitems(dumporder) - 1; i >= 0; i--) {
3562		m = NULL;
3563		switch (dumporder[i]) {
3564		case SADB_EXT_SA:
3565			m = key_setsadbsa(sav);
3566			if (!m)
3567				goto fail;
3568			break;
3569
3570		case SADB_X_EXT_SA2:
3571			SECASVAR_LOCK(sav);
3572			replay_count = sav->replay ? sav->replay->count : 0;
3573			SECASVAR_UNLOCK(sav);
3574			m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
3575					sav->sah->saidx.reqid);
3576			if (!m)
3577				goto fail;
3578			break;
3579
3580		case SADB_X_EXT_SA_REPLAY:
3581			if (sav->replay == NULL ||
3582			    sav->replay->wsize <= UINT8_MAX)
3583				continue;
3584
3585			m = key_setsadbxsareplay(sav->replay->wsize);
3586			if (!m)
3587				goto fail;
3588			break;
3589
3590		case SADB_EXT_ADDRESS_SRC:
3591			m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
3592			    &sav->sah->saidx.src.sa,
3593			    FULLMASK, IPSEC_ULPROTO_ANY);
3594			if (!m)
3595				goto fail;
3596			break;
3597
3598		case SADB_EXT_ADDRESS_DST:
3599			m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
3600			    &sav->sah->saidx.dst.sa,
3601			    FULLMASK, IPSEC_ULPROTO_ANY);
3602			if (!m)
3603				goto fail;
3604			break;
3605
3606		case SADB_EXT_KEY_AUTH:
3607			if (!sav->key_auth)
3608				continue;
3609			m = key_setkey(sav->key_auth, SADB_EXT_KEY_AUTH);
3610			if (!m)
3611				goto fail;
3612			break;
3613
3614		case SADB_EXT_KEY_ENCRYPT:
3615			if (!sav->key_enc)
3616				continue;
3617			m = key_setkey(sav->key_enc, SADB_EXT_KEY_ENCRYPT);
3618			if (!m)
3619				goto fail;
3620			break;
3621
3622		case SADB_EXT_LIFETIME_CURRENT:
3623			lft_c.addtime = sav->created;
3624			lft_c.allocations = (uint32_t)counter_u64_fetch(
3625			    sav->lft_c_allocations);
3626			lft_c.bytes = counter_u64_fetch(sav->lft_c_bytes);
3627			lft_c.usetime = sav->firstused;
3628			m = key_setlifetime(&lft_c, SADB_EXT_LIFETIME_CURRENT);
3629			if (!m)
3630				goto fail;
3631			break;
3632
3633		case SADB_EXT_LIFETIME_HARD:
3634			if (!sav->lft_h)
3635				continue;
3636			m = key_setlifetime(sav->lft_h,
3637					    SADB_EXT_LIFETIME_HARD);
3638			if (!m)
3639				goto fail;
3640			break;
3641
3642		case SADB_EXT_LIFETIME_SOFT:
3643			if (!sav->lft_s)
3644				continue;
3645			m = key_setlifetime(sav->lft_s,
3646					    SADB_EXT_LIFETIME_SOFT);
3647
3648			if (!m)
3649				goto fail;
3650			break;
3651
3652		case SADB_X_EXT_NAT_T_TYPE:
3653			if (sav->natt == NULL)
3654				continue;
3655			m = key_setsadbxtype(UDP_ENCAP_ESPINUDP);
3656			if (!m)
3657				goto fail;
3658			break;
3659
3660		case SADB_X_EXT_NAT_T_DPORT:
3661			if (sav->natt == NULL)
3662				continue;
3663			m = key_setsadbxport(sav->natt->dport,
3664			    SADB_X_EXT_NAT_T_DPORT);
3665			if (!m)
3666				goto fail;
3667			break;
3668
3669		case SADB_X_EXT_NAT_T_SPORT:
3670			if (sav->natt == NULL)
3671				continue;
3672			m = key_setsadbxport(sav->natt->sport,
3673			    SADB_X_EXT_NAT_T_SPORT);
3674			if (!m)
3675				goto fail;
3676			break;
3677
3678		case SADB_X_EXT_NAT_T_OAI:
3679			if (sav->natt == NULL ||
3680			    (sav->natt->flags & IPSEC_NATT_F_OAI) == 0)
3681				continue;
3682			m = key_setsadbaddr(SADB_X_EXT_NAT_T_OAI,
3683			    &sav->natt->oai.sa, FULLMASK, IPSEC_ULPROTO_ANY);
3684			if (!m)
3685				goto fail;
3686			break;
3687		case SADB_X_EXT_NAT_T_OAR:
3688			if (sav->natt == NULL ||
3689			    (sav->natt->flags & IPSEC_NATT_F_OAR) == 0)
3690				continue;
3691			m = key_setsadbaddr(SADB_X_EXT_NAT_T_OAR,
3692			    &sav->natt->oar.sa, FULLMASK, IPSEC_ULPROTO_ANY);
3693			if (!m)
3694				goto fail;
3695			break;
3696		case SADB_X_EXT_NAT_T_FRAG:
3697			/* We do not (yet) support those. */
3698			continue;
3699
3700		case SADB_EXT_ADDRESS_PROXY:
3701		case SADB_EXT_IDENTITY_SRC:
3702		case SADB_EXT_IDENTITY_DST:
3703			/* XXX: should we brought from SPD ? */
3704		case SADB_EXT_SENSITIVITY:
3705		default:
3706			continue;
3707		}
3708
3709		if (!m)
3710			goto fail;
3711		if (tres)
3712			m_cat(m, tres);
3713		tres = m;
3714	}
3715
3716	m_cat(result, tres);
3717	tres = NULL;
3718	if (result->m_len < sizeof(struct sadb_msg)) {
3719		result = m_pullup(result, sizeof(struct sadb_msg));
3720		if (result == NULL)
3721			goto fail;
3722	}
3723
3724	result->m_pkthdr.len = 0;
3725	for (m = result; m; m = m->m_next)
3726		result->m_pkthdr.len += m->m_len;
3727
3728	mtod(result, struct sadb_msg *)->sadb_msg_len =
3729	    PFKEY_UNIT64(result->m_pkthdr.len);
3730
3731	return result;
3732
3733fail:
3734	m_freem(result);
3735	m_freem(tres);
3736	return NULL;
3737}
3738
3739/*
3740 * set data into sadb_msg.
3741 */
3742static struct mbuf *
3743key_setsadbmsg(u_int8_t type, u_int16_t tlen, u_int8_t satype, u_int32_t seq,
3744    pid_t pid, u_int16_t reserved)
3745{
3746	struct mbuf *m;
3747	struct sadb_msg *p;
3748	int len;
3749
3750	len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
3751	if (len > MCLBYTES)
3752		return NULL;
3753	MGETHDR(m, M_NOWAIT, MT_DATA);
3754	if (m && len > MHLEN) {
3755		if (!(MCLGET(m, M_NOWAIT))) {
3756			m_freem(m);
3757			m = NULL;
3758		}
3759	}
3760	if (!m)
3761		return NULL;
3762	m->m_pkthdr.len = m->m_len = len;
3763	m->m_next = NULL;
3764
3765	p = mtod(m, struct sadb_msg *);
3766
3767	bzero(p, len);
3768	p->sadb_msg_version = PF_KEY_V2;
3769	p->sadb_msg_type = type;
3770	p->sadb_msg_errno = 0;
3771	p->sadb_msg_satype = satype;
3772	p->sadb_msg_len = PFKEY_UNIT64(tlen);
3773	p->sadb_msg_reserved = reserved;
3774	p->sadb_msg_seq = seq;
3775	p->sadb_msg_pid = (u_int32_t)pid;
3776
3777	return m;
3778}
3779
3780/*
3781 * copy secasvar data into sadb_address.
3782 */
3783static struct mbuf *
3784key_setsadbsa(struct secasvar *sav)
3785{
3786	struct mbuf *m;
3787	struct sadb_sa *p;
3788	int len;
3789
3790	len = PFKEY_ALIGN8(sizeof(struct sadb_sa));
3791	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3792	if (m == NULL)
3793		return (NULL);
3794	m_align(m, len);
3795	m->m_len = len;
3796	p = mtod(m, struct sadb_sa *);
3797	bzero(p, len);
3798	p->sadb_sa_len = PFKEY_UNIT64(len);
3799	p->sadb_sa_exttype = SADB_EXT_SA;
3800	p->sadb_sa_spi = sav->spi;
3801	p->sadb_sa_replay = sav->replay ?
3802	    (sav->replay->wsize > UINT8_MAX ? UINT8_MAX :
3803		sav->replay->wsize): 0;
3804	p->sadb_sa_state = sav->state;
3805	p->sadb_sa_auth = sav->alg_auth;
3806	p->sadb_sa_encrypt = sav->alg_enc;
3807	p->sadb_sa_flags = sav->flags & SADB_KEY_FLAGS_MAX;
3808	return (m);
3809}
3810
3811/*
3812 * set data into sadb_address.
3813 */
3814static struct mbuf *
3815key_setsadbaddr(u_int16_t exttype, const struct sockaddr *saddr,
3816    u_int8_t prefixlen, u_int16_t ul_proto)
3817{
3818	struct mbuf *m;
3819	struct sadb_address *p;
3820	size_t len;
3821
3822	len = PFKEY_ALIGN8(sizeof(struct sadb_address)) +
3823	    PFKEY_ALIGN8(saddr->sa_len);
3824	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3825	if (m == NULL)
3826		return (NULL);
3827	m_align(m, len);
3828	m->m_len = len;
3829	p = mtod(m, struct sadb_address *);
3830
3831	bzero(p, len);
3832	p->sadb_address_len = PFKEY_UNIT64(len);
3833	p->sadb_address_exttype = exttype;
3834	p->sadb_address_proto = ul_proto;
3835	if (prefixlen == FULLMASK) {
3836		switch (saddr->sa_family) {
3837		case AF_INET:
3838			prefixlen = sizeof(struct in_addr) << 3;
3839			break;
3840		case AF_INET6:
3841			prefixlen = sizeof(struct in6_addr) << 3;
3842			break;
3843		default:
3844			; /*XXX*/
3845		}
3846	}
3847	p->sadb_address_prefixlen = prefixlen;
3848	p->sadb_address_reserved = 0;
3849
3850	bcopy(saddr,
3851	    mtod(m, caddr_t) + PFKEY_ALIGN8(sizeof(struct sadb_address)),
3852	    saddr->sa_len);
3853
3854	return m;
3855}
3856
3857/*
3858 * set data into sadb_x_sa2.
3859 */
3860static struct mbuf *
3861key_setsadbxsa2(u_int8_t mode, u_int32_t seq, u_int32_t reqid)
3862{
3863	struct mbuf *m;
3864	struct sadb_x_sa2 *p;
3865	size_t len;
3866
3867	len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa2));
3868	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3869	if (m == NULL)
3870		return (NULL);
3871	m_align(m, len);
3872	m->m_len = len;
3873	p = mtod(m, struct sadb_x_sa2 *);
3874
3875	bzero(p, len);
3876	p->sadb_x_sa2_len = PFKEY_UNIT64(len);
3877	p->sadb_x_sa2_exttype = SADB_X_EXT_SA2;
3878	p->sadb_x_sa2_mode = mode;
3879	p->sadb_x_sa2_reserved1 = 0;
3880	p->sadb_x_sa2_reserved2 = 0;
3881	p->sadb_x_sa2_sequence = seq;
3882	p->sadb_x_sa2_reqid = reqid;
3883
3884	return m;
3885}
3886
3887/*
3888 * Set data into sadb_x_sa_replay.
3889 */
3890static struct mbuf *
3891key_setsadbxsareplay(u_int32_t replay)
3892{
3893	struct mbuf *m;
3894	struct sadb_x_sa_replay *p;
3895	size_t len;
3896
3897	len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa_replay));
3898	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3899	if (m == NULL)
3900		return (NULL);
3901	m_align(m, len);
3902	m->m_len = len;
3903	p = mtod(m, struct sadb_x_sa_replay *);
3904
3905	bzero(p, len);
3906	p->sadb_x_sa_replay_len = PFKEY_UNIT64(len);
3907	p->sadb_x_sa_replay_exttype = SADB_X_EXT_SA_REPLAY;
3908	p->sadb_x_sa_replay_replay = (replay << 3);
3909
3910	return m;
3911}
3912
3913/*
3914 * Set a type in sadb_x_nat_t_type.
3915 */
3916static struct mbuf *
3917key_setsadbxtype(u_int16_t type)
3918{
3919	struct mbuf *m;
3920	size_t len;
3921	struct sadb_x_nat_t_type *p;
3922
3923	len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_type));
3924
3925	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3926	if (m == NULL)
3927		return (NULL);
3928	m_align(m, len);
3929	m->m_len = len;
3930	p = mtod(m, struct sadb_x_nat_t_type *);
3931
3932	bzero(p, len);
3933	p->sadb_x_nat_t_type_len = PFKEY_UNIT64(len);
3934	p->sadb_x_nat_t_type_exttype = SADB_X_EXT_NAT_T_TYPE;
3935	p->sadb_x_nat_t_type_type = type;
3936
3937	return (m);
3938}
3939/*
3940 * Set a port in sadb_x_nat_t_port.
3941 * In contrast to default RFC 2367 behaviour, port is in network byte order.
3942 */
3943static struct mbuf *
3944key_setsadbxport(u_int16_t port, u_int16_t type)
3945{
3946	struct mbuf *m;
3947	size_t len;
3948	struct sadb_x_nat_t_port *p;
3949
3950	len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_port));
3951
3952	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3953	if (m == NULL)
3954		return (NULL);
3955	m_align(m, len);
3956	m->m_len = len;
3957	p = mtod(m, struct sadb_x_nat_t_port *);
3958
3959	bzero(p, len);
3960	p->sadb_x_nat_t_port_len = PFKEY_UNIT64(len);
3961	p->sadb_x_nat_t_port_exttype = type;
3962	p->sadb_x_nat_t_port_port = port;
3963
3964	return (m);
3965}
3966
3967/*
3968 * Get port from sockaddr. Port is in network byte order.
3969 */
3970uint16_t
3971key_portfromsaddr(struct sockaddr *sa)
3972{
3973
3974	switch (sa->sa_family) {
3975#ifdef INET
3976	case AF_INET:
3977		return ((struct sockaddr_in *)sa)->sin_port;
3978#endif
3979#ifdef INET6
3980	case AF_INET6:
3981		return ((struct sockaddr_in6 *)sa)->sin6_port;
3982#endif
3983	}
3984	return (0);
3985}
3986
3987/*
3988 * Set port in struct sockaddr. Port is in network byte order.
3989 */
3990void
3991key_porttosaddr(struct sockaddr *sa, uint16_t port)
3992{
3993
3994	switch (sa->sa_family) {
3995#ifdef INET
3996	case AF_INET:
3997		((struct sockaddr_in *)sa)->sin_port = port;
3998		break;
3999#endif
4000#ifdef INET6
4001	case AF_INET6:
4002		((struct sockaddr_in6 *)sa)->sin6_port = port;
4003		break;
4004#endif
4005	default:
4006		ipseclog((LOG_DEBUG, "%s: unexpected address family %d.\n",
4007			__func__, sa->sa_family));
4008		break;
4009	}
4010}
4011
4012/*
4013 * set data into sadb_x_policy
4014 */
4015static struct mbuf *
4016key_setsadbxpolicy(u_int16_t type, u_int8_t dir, u_int32_t id, u_int32_t priority)
4017{
4018	struct mbuf *m;
4019	struct sadb_x_policy *p;
4020	size_t len;
4021
4022	len = PFKEY_ALIGN8(sizeof(struct sadb_x_policy));
4023	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
4024	if (m == NULL)
4025		return (NULL);
4026	m_align(m, len);
4027	m->m_len = len;
4028	p = mtod(m, struct sadb_x_policy *);
4029
4030	bzero(p, len);
4031	p->sadb_x_policy_len = PFKEY_UNIT64(len);
4032	p->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
4033	p->sadb_x_policy_type = type;
4034	p->sadb_x_policy_dir = dir;
4035	p->sadb_x_policy_id = id;
4036	p->sadb_x_policy_priority = priority;
4037
4038	return m;
4039}
4040
4041/* %%% utilities */
4042/* Take a key message (sadb_key) from the socket and turn it into one
4043 * of the kernel's key structures (seckey).
4044 *
4045 * IN: pointer to the src
4046 * OUT: NULL no more memory
4047 */
4048struct seckey *
4049key_dup_keymsg(const struct sadb_key *src, size_t len,
4050    struct malloc_type *type)
4051{
4052	struct seckey *dst;
4053
4054	dst = malloc(sizeof(*dst), type, M_NOWAIT);
4055	if (dst != NULL) {
4056		dst->bits = src->sadb_key_bits;
4057		dst->key_data = malloc(len, type, M_NOWAIT);
4058		if (dst->key_data != NULL) {
4059			bcopy((const char *)(src + 1), dst->key_data, len);
4060		} else {
4061			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
4062			    __func__));
4063			free(dst, type);
4064			dst = NULL;
4065		}
4066	} else {
4067		ipseclog((LOG_DEBUG, "%s: No more memory.\n",
4068		    __func__));
4069
4070	}
4071	return (dst);
4072}
4073
4074/* Take a lifetime message (sadb_lifetime) passed in on a socket and
4075 * turn it into one of the kernel's lifetime structures (seclifetime).
4076 *
4077 * IN: pointer to the destination, source and malloc type
4078 * OUT: NULL, no more memory
4079 */
4080
4081static struct seclifetime *
4082key_dup_lifemsg(const struct sadb_lifetime *src, struct malloc_type *type)
4083{
4084	struct seclifetime *dst;
4085
4086	dst = malloc(sizeof(*dst), type, M_NOWAIT);
4087	if (dst == NULL) {
4088		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
4089		return (NULL);
4090	}
4091	dst->allocations = src->sadb_lifetime_allocations;
4092	dst->bytes = src->sadb_lifetime_bytes;
4093	dst->addtime = src->sadb_lifetime_addtime;
4094	dst->usetime = src->sadb_lifetime_usetime;
4095	return (dst);
4096}
4097
4098/*
4099 * compare two secasindex structure.
4100 * flag can specify to compare 2 saidxes.
4101 * compare two secasindex structure without both mode and reqid.
4102 * don't compare port.
4103 * IN:
4104 *      saidx0: source, it can be in SAD.
4105 *      saidx1: object.
4106 * OUT:
4107 *      1 : equal
4108 *      0 : not equal
4109 */
4110static int
4111key_cmpsaidx(const struct secasindex *saidx0, const struct secasindex *saidx1,
4112    int flag)
4113{
4114
4115	/* sanity */
4116	if (saidx0 == NULL && saidx1 == NULL)
4117		return 1;
4118
4119	if (saidx0 == NULL || saidx1 == NULL)
4120		return 0;
4121
4122	if (saidx0->proto != saidx1->proto)
4123		return 0;
4124
4125	if (flag == CMP_EXACTLY) {
4126		if (saidx0->mode != saidx1->mode)
4127			return 0;
4128		if (saidx0->reqid != saidx1->reqid)
4129			return 0;
4130		if (bcmp(&saidx0->src, &saidx1->src,
4131		    saidx0->src.sa.sa_len) != 0 ||
4132		    bcmp(&saidx0->dst, &saidx1->dst,
4133		    saidx0->dst.sa.sa_len) != 0)
4134			return 0;
4135	} else {
4136
4137		/* CMP_MODE_REQID, CMP_REQID, CMP_HEAD */
4138		if (flag == CMP_MODE_REQID || flag == CMP_REQID) {
4139			/*
4140			 * If reqid of SPD is non-zero, unique SA is required.
4141			 * The result must be of same reqid in this case.
4142			 */
4143			if (saidx1->reqid != 0 &&
4144			    saidx0->reqid != saidx1->reqid)
4145				return 0;
4146		}
4147
4148		if (flag == CMP_MODE_REQID) {
4149			if (saidx0->mode != IPSEC_MODE_ANY
4150			 && saidx0->mode != saidx1->mode)
4151				return 0;
4152		}
4153
4154		if (key_sockaddrcmp(&saidx0->src.sa, &saidx1->src.sa, 0) != 0)
4155			return 0;
4156		if (key_sockaddrcmp(&saidx0->dst.sa, &saidx1->dst.sa, 0) != 0)
4157			return 0;
4158	}
4159
4160	return 1;
4161}
4162
4163/*
4164 * compare two secindex structure exactly.
4165 * IN:
4166 *	spidx0: source, it is often in SPD.
4167 *	spidx1: object, it is often from PFKEY message.
4168 * OUT:
4169 *	1 : equal
4170 *	0 : not equal
4171 */
4172static int
4173key_cmpspidx_exactly(struct secpolicyindex *spidx0,
4174    struct secpolicyindex *spidx1)
4175{
4176	/* sanity */
4177	if (spidx0 == NULL && spidx1 == NULL)
4178		return 1;
4179
4180	if (spidx0 == NULL || spidx1 == NULL)
4181		return 0;
4182
4183	if (spidx0->prefs != spidx1->prefs
4184	 || spidx0->prefd != spidx1->prefd
4185	 || spidx0->ul_proto != spidx1->ul_proto
4186	 || spidx0->dir != spidx1->dir)
4187		return 0;
4188
4189	return key_sockaddrcmp(&spidx0->src.sa, &spidx1->src.sa, 1) == 0 &&
4190	       key_sockaddrcmp(&spidx0->dst.sa, &spidx1->dst.sa, 1) == 0;
4191}
4192
4193/*
4194 * compare two secindex structure with mask.
4195 * IN:
4196 *	spidx0: source, it is often in SPD.
4197 *	spidx1: object, it is often from IP header.
4198 * OUT:
4199 *	1 : equal
4200 *	0 : not equal
4201 */
4202static int
4203key_cmpspidx_withmask(struct secpolicyindex *spidx0,
4204    struct secpolicyindex *spidx1)
4205{
4206	/* sanity */
4207	if (spidx0 == NULL && spidx1 == NULL)
4208		return 1;
4209
4210	if (spidx0 == NULL || spidx1 == NULL)
4211		return 0;
4212
4213	if (spidx0->src.sa.sa_family != spidx1->src.sa.sa_family ||
4214	    spidx0->dst.sa.sa_family != spidx1->dst.sa.sa_family ||
4215	    spidx0->src.sa.sa_len != spidx1->src.sa.sa_len ||
4216	    spidx0->dst.sa.sa_len != spidx1->dst.sa.sa_len)
4217		return 0;
4218
4219	/* if spidx.ul_proto == IPSEC_ULPROTO_ANY, ignore. */
4220	if (spidx0->ul_proto != (u_int16_t)IPSEC_ULPROTO_ANY
4221	 && spidx0->ul_proto != spidx1->ul_proto)
4222		return 0;
4223
4224	switch (spidx0->src.sa.sa_family) {
4225	case AF_INET:
4226		if (spidx0->src.sin.sin_port != IPSEC_PORT_ANY
4227		 && spidx0->src.sin.sin_port != spidx1->src.sin.sin_port)
4228			return 0;
4229		if (!key_bbcmp(&spidx0->src.sin.sin_addr,
4230		    &spidx1->src.sin.sin_addr, spidx0->prefs))
4231			return 0;
4232		break;
4233	case AF_INET6:
4234		if (spidx0->src.sin6.sin6_port != IPSEC_PORT_ANY
4235		 && spidx0->src.sin6.sin6_port != spidx1->src.sin6.sin6_port)
4236			return 0;
4237		/*
4238		 * scope_id check. if sin6_scope_id is 0, we regard it
4239		 * as a wildcard scope, which matches any scope zone ID.
4240		 */
4241		if (spidx0->src.sin6.sin6_scope_id &&
4242		    spidx1->src.sin6.sin6_scope_id &&
4243		    spidx0->src.sin6.sin6_scope_id != spidx1->src.sin6.sin6_scope_id)
4244			return 0;
4245		if (!key_bbcmp(&spidx0->src.sin6.sin6_addr,
4246		    &spidx1->src.sin6.sin6_addr, spidx0->prefs))
4247			return 0;
4248		break;
4249	default:
4250		/* XXX */
4251		if (bcmp(&spidx0->src, &spidx1->src, spidx0->src.sa.sa_len) != 0)
4252			return 0;
4253		break;
4254	}
4255
4256	switch (spidx0->dst.sa.sa_family) {
4257	case AF_INET:
4258		if (spidx0->dst.sin.sin_port != IPSEC_PORT_ANY
4259		 && spidx0->dst.sin.sin_port != spidx1->dst.sin.sin_port)
4260			return 0;
4261		if (!key_bbcmp(&spidx0->dst.sin.sin_addr,
4262		    &spidx1->dst.sin.sin_addr, spidx0->prefd))
4263			return 0;
4264		break;
4265	case AF_INET6:
4266		if (spidx0->dst.sin6.sin6_port != IPSEC_PORT_ANY
4267		 && spidx0->dst.sin6.sin6_port != spidx1->dst.sin6.sin6_port)
4268			return 0;
4269		/*
4270		 * scope_id check. if sin6_scope_id is 0, we regard it
4271		 * as a wildcard scope, which matches any scope zone ID.
4272		 */
4273		if (spidx0->dst.sin6.sin6_scope_id &&
4274		    spidx1->dst.sin6.sin6_scope_id &&
4275		    spidx0->dst.sin6.sin6_scope_id != spidx1->dst.sin6.sin6_scope_id)
4276			return 0;
4277		if (!key_bbcmp(&spidx0->dst.sin6.sin6_addr,
4278		    &spidx1->dst.sin6.sin6_addr, spidx0->prefd))
4279			return 0;
4280		break;
4281	default:
4282		/* XXX */
4283		if (bcmp(&spidx0->dst, &spidx1->dst, spidx0->dst.sa.sa_len) != 0)
4284			return 0;
4285		break;
4286	}
4287
4288	/* XXX Do we check other field ?  e.g. flowinfo */
4289
4290	return 1;
4291}
4292
4293#ifdef satosin
4294#undef satosin
4295#endif
4296#define satosin(s) ((const struct sockaddr_in *)s)
4297#ifdef satosin6
4298#undef satosin6
4299#endif
4300#define satosin6(s) ((const struct sockaddr_in6 *)s)
4301/* returns 0 on match */
4302int
4303key_sockaddrcmp(const struct sockaddr *sa1, const struct sockaddr *sa2,
4304    int port)
4305{
4306	if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
4307		return 1;
4308
4309	switch (sa1->sa_family) {
4310#ifdef INET
4311	case AF_INET:
4312		if (sa1->sa_len != sizeof(struct sockaddr_in))
4313			return 1;
4314		if (satosin(sa1)->sin_addr.s_addr !=
4315		    satosin(sa2)->sin_addr.s_addr) {
4316			return 1;
4317		}
4318		if (port && satosin(sa1)->sin_port != satosin(sa2)->sin_port)
4319			return 1;
4320		break;
4321#endif
4322#ifdef INET6
4323	case AF_INET6:
4324		if (sa1->sa_len != sizeof(struct sockaddr_in6))
4325			return 1;	/*EINVAL*/
4326		if (satosin6(sa1)->sin6_scope_id !=
4327		    satosin6(sa2)->sin6_scope_id) {
4328			return 1;
4329		}
4330		if (!IN6_ARE_ADDR_EQUAL(&satosin6(sa1)->sin6_addr,
4331		    &satosin6(sa2)->sin6_addr)) {
4332			return 1;
4333		}
4334		if (port &&
4335		    satosin6(sa1)->sin6_port != satosin6(sa2)->sin6_port) {
4336			return 1;
4337		}
4338		break;
4339#endif
4340	default:
4341		if (bcmp(sa1, sa2, sa1->sa_len) != 0)
4342			return 1;
4343		break;
4344	}
4345
4346	return 0;
4347}
4348
4349/* returns 0 on match */
4350int
4351key_sockaddrcmp_withmask(const struct sockaddr *sa1,
4352    const struct sockaddr *sa2, size_t mask)
4353{
4354	if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
4355		return (1);
4356
4357	switch (sa1->sa_family) {
4358#ifdef INET
4359	case AF_INET:
4360		return (!key_bbcmp(&satosin(sa1)->sin_addr,
4361		    &satosin(sa2)->sin_addr, mask));
4362#endif
4363#ifdef INET6
4364	case AF_INET6:
4365		if (satosin6(sa1)->sin6_scope_id !=
4366		    satosin6(sa2)->sin6_scope_id)
4367			return (1);
4368		return (!key_bbcmp(&satosin6(sa1)->sin6_addr,
4369		    &satosin6(sa2)->sin6_addr, mask));
4370#endif
4371	}
4372	return (1);
4373}
4374#undef satosin
4375#undef satosin6
4376
4377/*
4378 * compare two buffers with mask.
4379 * IN:
4380 *	addr1: source
4381 *	addr2: object
4382 *	bits:  Number of bits to compare
4383 * OUT:
4384 *	1 : equal
4385 *	0 : not equal
4386 */
4387static int
4388key_bbcmp(const void *a1, const void *a2, u_int bits)
4389{
4390	const unsigned char *p1 = a1;
4391	const unsigned char *p2 = a2;
4392
4393	/* XXX: This could be considerably faster if we compare a word
4394	 * at a time, but it is complicated on LSB Endian machines */
4395
4396	/* Handle null pointers */
4397	if (p1 == NULL || p2 == NULL)
4398		return (p1 == p2);
4399
4400	while (bits >= 8) {
4401		if (*p1++ != *p2++)
4402			return 0;
4403		bits -= 8;
4404	}
4405
4406	if (bits > 0) {
4407		u_int8_t mask = ~((1<<(8-bits))-1);
4408		if ((*p1 & mask) != (*p2 & mask))
4409			return 0;
4410	}
4411	return 1;	/* Match! */
4412}
4413
4414static void
4415key_flush_spd(time_t now)
4416{
4417	SPTREE_RLOCK_TRACKER;
4418	struct secpolicy_list drainq;
4419	struct secpolicy *sp, *nextsp;
4420	u_int dir;
4421
4422	LIST_INIT(&drainq);
4423	SPTREE_RLOCK();
4424	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
4425		TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
4426			if (sp->lifetime == 0 && sp->validtime == 0)
4427				continue;
4428			if ((sp->lifetime &&
4429			    now - sp->created > sp->lifetime) ||
4430			    (sp->validtime &&
4431			    now - sp->lastused > sp->validtime)) {
4432				/* Hold extra reference to send SPDEXPIRE */
4433				SP_ADDREF(sp);
4434				LIST_INSERT_HEAD(&drainq, sp, drainq);
4435			}
4436		}
4437	}
4438	SPTREE_RUNLOCK();
4439	if (LIST_EMPTY(&drainq))
4440		return;
4441
4442	SPTREE_WLOCK();
4443	sp = LIST_FIRST(&drainq);
4444	while (sp != NULL) {
4445		nextsp = LIST_NEXT(sp, drainq);
4446		/* Check that SP is still linked */
4447		if (sp->state != IPSEC_SPSTATE_ALIVE) {
4448			LIST_REMOVE(sp, drainq);
4449			key_freesp(&sp); /* release extra reference */
4450			sp = nextsp;
4451			continue;
4452		}
4453		TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain);
4454		V_spd_size--;
4455		LIST_REMOVE(sp, idhash);
4456		sp->state = IPSEC_SPSTATE_DEAD;
4457		sp = nextsp;
4458	}
4459	V_sp_genid++;
4460	SPTREE_WUNLOCK();
4461	if (SPDCACHE_ENABLED())
4462		spdcache_clear();
4463
4464	sp = LIST_FIRST(&drainq);
4465	while (sp != NULL) {
4466		nextsp = LIST_NEXT(sp, drainq);
4467		key_spdexpire(sp);
4468		key_freesp(&sp); /* release extra reference */
4469		key_freesp(&sp); /* release last reference */
4470		sp = nextsp;
4471	}
4472}
4473
4474static void
4475key_flush_sad(time_t now)
4476{
4477	SAHTREE_RLOCK_TRACKER;
4478	struct secashead_list emptyq;
4479	struct secasvar_list drainq, hexpireq, sexpireq, freeq;
4480	struct secashead *sah, *nextsah;
4481	struct secasvar *sav, *nextsav;
4482
4483	LIST_INIT(&drainq);
4484	LIST_INIT(&hexpireq);
4485	LIST_INIT(&sexpireq);
4486	LIST_INIT(&emptyq);
4487
4488	SAHTREE_RLOCK();
4489	TAILQ_FOREACH(sah, &V_sahtree, chain) {
4490		/* Check for empty SAH */
4491		if (TAILQ_EMPTY(&sah->savtree_larval) &&
4492		    TAILQ_EMPTY(&sah->savtree_alive)) {
4493			SAH_ADDREF(sah);
4494			LIST_INSERT_HEAD(&emptyq, sah, drainq);
4495			continue;
4496		}
4497		/* Add all stale LARVAL SAs into drainq */
4498		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
4499			if (now - sav->created < V_key_larval_lifetime)
4500				continue;
4501			SAV_ADDREF(sav);
4502			LIST_INSERT_HEAD(&drainq, sav, drainq);
4503		}
4504		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
4505			/* lifetimes aren't specified */
4506			if (sav->lft_h == NULL)
4507				continue;
4508			SECASVAR_LOCK(sav);
4509			/*
4510			 * Check again with lock held, because it may
4511			 * be updated by SADB_UPDATE.
4512			 */
4513			if (sav->lft_h == NULL) {
4514				SECASVAR_UNLOCK(sav);
4515				continue;
4516			}
4517			/*
4518			 * RFC 2367:
4519			 * HARD lifetimes MUST take precedence over SOFT
4520			 * lifetimes, meaning if the HARD and SOFT lifetimes
4521			 * are the same, the HARD lifetime will appear on the
4522			 * EXPIRE message.
4523			 */
4524			/* check HARD lifetime */
4525			if ((sav->lft_h->addtime != 0 &&
4526			    now - sav->created > sav->lft_h->addtime) ||
4527			    (sav->lft_h->usetime != 0 && sav->firstused &&
4528			    now - sav->firstused > sav->lft_h->usetime) ||
4529			    (sav->lft_h->bytes != 0 && counter_u64_fetch(
4530			        sav->lft_c_bytes) > sav->lft_h->bytes)) {
4531				SECASVAR_UNLOCK(sav);
4532				SAV_ADDREF(sav);
4533				LIST_INSERT_HEAD(&hexpireq, sav, drainq);
4534				continue;
4535			}
4536			/* check SOFT lifetime (only for MATURE SAs) */
4537			if (sav->state == SADB_SASTATE_MATURE && (
4538			    (sav->lft_s->addtime != 0 &&
4539			    now - sav->created > sav->lft_s->addtime) ||
4540			    (sav->lft_s->usetime != 0 && sav->firstused &&
4541			    now - sav->firstused > sav->lft_s->usetime) ||
4542			    (sav->lft_s->bytes != 0 && counter_u64_fetch(
4543				sav->lft_c_bytes) > sav->lft_s->bytes))) {
4544				SECASVAR_UNLOCK(sav);
4545				SAV_ADDREF(sav);
4546				LIST_INSERT_HEAD(&sexpireq, sav, drainq);
4547				continue;
4548			}
4549			SECASVAR_UNLOCK(sav);
4550		}
4551	}
4552	SAHTREE_RUNLOCK();
4553
4554	if (LIST_EMPTY(&emptyq) && LIST_EMPTY(&drainq) &&
4555	    LIST_EMPTY(&hexpireq) && LIST_EMPTY(&sexpireq))
4556		return;
4557
4558	LIST_INIT(&freeq);
4559	SAHTREE_WLOCK();
4560	/* Unlink stale LARVAL SAs */
4561	sav = LIST_FIRST(&drainq);
4562	while (sav != NULL) {
4563		nextsav = LIST_NEXT(sav, drainq);
4564		/* Check that SA is still LARVAL */
4565		if (sav->state != SADB_SASTATE_LARVAL) {
4566			LIST_REMOVE(sav, drainq);
4567			LIST_INSERT_HEAD(&freeq, sav, drainq);
4568			sav = nextsav;
4569			continue;
4570		}
4571		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
4572		LIST_REMOVE(sav, spihash);
4573		sav->state = SADB_SASTATE_DEAD;
4574		sav = nextsav;
4575	}
4576	/* Unlink all SAs with expired HARD lifetime */
4577	sav = LIST_FIRST(&hexpireq);
4578	while (sav != NULL) {
4579		nextsav = LIST_NEXT(sav, drainq);
4580		/* Check that SA is not unlinked */
4581		if (sav->state == SADB_SASTATE_DEAD) {
4582			LIST_REMOVE(sav, drainq);
4583			LIST_INSERT_HEAD(&freeq, sav, drainq);
4584			sav = nextsav;
4585			continue;
4586		}
4587		TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
4588		LIST_REMOVE(sav, spihash);
4589		sav->state = SADB_SASTATE_DEAD;
4590		sav = nextsav;
4591	}
4592	/* Mark all SAs with expired SOFT lifetime as DYING */
4593	sav = LIST_FIRST(&sexpireq);
4594	while (sav != NULL) {
4595		nextsav = LIST_NEXT(sav, drainq);
4596		/* Check that SA is not unlinked */
4597		if (sav->state == SADB_SASTATE_DEAD) {
4598			LIST_REMOVE(sav, drainq);
4599			LIST_INSERT_HEAD(&freeq, sav, drainq);
4600			sav = nextsav;
4601			continue;
4602		}
4603		/*
4604		 * NOTE: this doesn't change SA order in the chain.
4605		 */
4606		sav->state = SADB_SASTATE_DYING;
4607		sav = nextsav;
4608	}
4609	/* Unlink empty SAHs */
4610	sah = LIST_FIRST(&emptyq);
4611	while (sah != NULL) {
4612		nextsah = LIST_NEXT(sah, drainq);
4613		/* Check that SAH is still empty and not unlinked */
4614		if (sah->state == SADB_SASTATE_DEAD ||
4615		    !TAILQ_EMPTY(&sah->savtree_larval) ||
4616		    !TAILQ_EMPTY(&sah->savtree_alive)) {
4617			LIST_REMOVE(sah, drainq);
4618			key_freesah(&sah); /* release extra reference */
4619			sah = nextsah;
4620			continue;
4621		}
4622		TAILQ_REMOVE(&V_sahtree, sah, chain);
4623		LIST_REMOVE(sah, addrhash);
4624		sah->state = SADB_SASTATE_DEAD;
4625		sah = nextsah;
4626	}
4627	SAHTREE_WUNLOCK();
4628
4629	/* Send SPDEXPIRE messages */
4630	sav = LIST_FIRST(&hexpireq);
4631	while (sav != NULL) {
4632		nextsav = LIST_NEXT(sav, drainq);
4633		key_expire(sav, 1);
4634		key_freesah(&sav->sah); /* release reference from SAV */
4635		key_freesav(&sav); /* release extra reference */
4636		key_freesav(&sav); /* release last reference */
4637		sav = nextsav;
4638	}
4639	sav = LIST_FIRST(&sexpireq);
4640	while (sav != NULL) {
4641		nextsav = LIST_NEXT(sav, drainq);
4642		key_expire(sav, 0);
4643		key_freesav(&sav); /* release extra reference */
4644		sav = nextsav;
4645	}
4646	/* Free stale LARVAL SAs */
4647	sav = LIST_FIRST(&drainq);
4648	while (sav != NULL) {
4649		nextsav = LIST_NEXT(sav, drainq);
4650		key_freesah(&sav->sah); /* release reference from SAV */
4651		key_freesav(&sav); /* release extra reference */
4652		key_freesav(&sav); /* release last reference */
4653		sav = nextsav;
4654	}
4655	/* Free SAs that were unlinked/changed by someone else */
4656	sav = LIST_FIRST(&freeq);
4657	while (sav != NULL) {
4658		nextsav = LIST_NEXT(sav, drainq);
4659		key_freesav(&sav); /* release extra reference */
4660		sav = nextsav;
4661	}
4662	/* Free empty SAH */
4663	sah = LIST_FIRST(&emptyq);
4664	while (sah != NULL) {
4665		nextsah = LIST_NEXT(sah, drainq);
4666		key_freesah(&sah); /* release extra reference */
4667		key_freesah(&sah); /* release last reference */
4668		sah = nextsah;
4669	}
4670}
4671
4672static void
4673key_flush_acq(time_t now)
4674{
4675	struct secacq *acq, *nextacq;
4676
4677	/* ACQ tree */
4678	ACQ_LOCK();
4679	acq = LIST_FIRST(&V_acqtree);
4680	while (acq != NULL) {
4681		nextacq = LIST_NEXT(acq, chain);
4682		if (now - acq->created > V_key_blockacq_lifetime) {
4683			LIST_REMOVE(acq, chain);
4684			LIST_REMOVE(acq, addrhash);
4685			LIST_REMOVE(acq, seqhash);
4686			free(acq, M_IPSEC_SAQ);
4687		}
4688		acq = nextacq;
4689	}
4690	ACQ_UNLOCK();
4691}
4692
4693static void
4694key_flush_spacq(time_t now)
4695{
4696	struct secspacq *acq, *nextacq;
4697
4698	/* SP ACQ tree */
4699	SPACQ_LOCK();
4700	for (acq = LIST_FIRST(&V_spacqtree); acq != NULL; acq = nextacq) {
4701		nextacq = LIST_NEXT(acq, chain);
4702		if (now - acq->created > V_key_blockacq_lifetime
4703		 && __LIST_CHAINED(acq)) {
4704			LIST_REMOVE(acq, chain);
4705			free(acq, M_IPSEC_SAQ);
4706		}
4707	}
4708	SPACQ_UNLOCK();
4709}
4710
4711/*
4712 * time handler.
4713 * scanning SPD and SAD to check status for each entries,
4714 * and do to remove or to expire.
4715 * XXX: year 2038 problem may remain.
4716 */
4717static void
4718key_timehandler(void *arg)
4719{
4720	VNET_ITERATOR_DECL(vnet_iter);
4721	time_t now = time_second;
4722
4723	VNET_LIST_RLOCK_NOSLEEP();
4724	VNET_FOREACH(vnet_iter) {
4725		CURVNET_SET(vnet_iter);
4726		key_flush_spd(now);
4727		key_flush_sad(now);
4728		key_flush_acq(now);
4729		key_flush_spacq(now);
4730		CURVNET_RESTORE();
4731	}
4732	VNET_LIST_RUNLOCK_NOSLEEP();
4733
4734#ifndef IPSEC_DEBUG2
4735	/* do exchange to tick time !! */
4736	callout_schedule(&key_timer, hz);
4737#endif /* IPSEC_DEBUG2 */
4738}
4739
4740u_long
4741key_random()
4742{
4743	u_long value;
4744
4745	arc4random_buf(&value, sizeof(value));
4746	return value;
4747}
4748
4749/*
4750 * map SADB_SATYPE_* to IPPROTO_*.
4751 * if satype == SADB_SATYPE then satype is mapped to ~0.
4752 * OUT:
4753 *	0: invalid satype.
4754 */
4755static uint8_t
4756key_satype2proto(uint8_t satype)
4757{
4758	switch (satype) {
4759	case SADB_SATYPE_UNSPEC:
4760		return IPSEC_PROTO_ANY;
4761	case SADB_SATYPE_AH:
4762		return IPPROTO_AH;
4763	case SADB_SATYPE_ESP:
4764		return IPPROTO_ESP;
4765	case SADB_X_SATYPE_IPCOMP:
4766		return IPPROTO_IPCOMP;
4767	case SADB_X_SATYPE_TCPSIGNATURE:
4768		return IPPROTO_TCP;
4769	default:
4770		return 0;
4771	}
4772	/* NOTREACHED */
4773}
4774
4775/*
4776 * map IPPROTO_* to SADB_SATYPE_*
4777 * OUT:
4778 *	0: invalid protocol type.
4779 */
4780static uint8_t
4781key_proto2satype(uint8_t proto)
4782{
4783	switch (proto) {
4784	case IPPROTO_AH:
4785		return SADB_SATYPE_AH;
4786	case IPPROTO_ESP:
4787		return SADB_SATYPE_ESP;
4788	case IPPROTO_IPCOMP:
4789		return SADB_X_SATYPE_IPCOMP;
4790	case IPPROTO_TCP:
4791		return SADB_X_SATYPE_TCPSIGNATURE;
4792	default:
4793		return 0;
4794	}
4795	/* NOTREACHED */
4796}
4797
4798/* %%% PF_KEY */
4799/*
4800 * SADB_GETSPI processing is to receive
4801 *	<base, (SA2), src address, dst address, (SPI range)>
4802 * from the IKMPd, to assign a unique spi value, to hang on the INBOUND
4803 * tree with the status of LARVAL, and send
4804 *	<base, SA(*), address(SD)>
4805 * to the IKMPd.
4806 *
4807 * IN:	mhp: pointer to the pointer to each header.
4808 * OUT:	NULL if fail.
4809 *	other if success, return pointer to the message to send.
4810 */
4811static int
4812key_getspi(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
4813{
4814	struct secasindex saidx;
4815	struct sadb_address *src0, *dst0;
4816	struct secasvar *sav;
4817	uint32_t reqid, spi;
4818	int error;
4819	uint8_t mode, proto;
4820
4821	IPSEC_ASSERT(so != NULL, ("null socket"));
4822	IPSEC_ASSERT(m != NULL, ("null mbuf"));
4823	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
4824	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
4825
4826	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
4827	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST)
4828#ifdef PFKEY_STRICT_CHECKS
4829	    || SADB_CHECKHDR(mhp, SADB_EXT_SPIRANGE)
4830#endif
4831	    ) {
4832		ipseclog((LOG_DEBUG,
4833		    "%s: invalid message: missing required header.\n",
4834		    __func__));
4835		error = EINVAL;
4836		goto fail;
4837	}
4838	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
4839	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)
4840#ifdef PFKEY_STRICT_CHECKS
4841	    || SADB_CHECKLEN(mhp, SADB_EXT_SPIRANGE)
4842#endif
4843	    ) {
4844		ipseclog((LOG_DEBUG,
4845		    "%s: invalid message: wrong header size.\n", __func__));
4846		error = EINVAL;
4847		goto fail;
4848	}
4849	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
4850		mode = IPSEC_MODE_ANY;
4851		reqid = 0;
4852	} else {
4853		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
4854			ipseclog((LOG_DEBUG,
4855			    "%s: invalid message: wrong header size.\n",
4856			    __func__));
4857			error = EINVAL;
4858			goto fail;
4859		}
4860		mode = ((struct sadb_x_sa2 *)
4861		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
4862		reqid = ((struct sadb_x_sa2 *)
4863		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
4864	}
4865
4866	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
4867	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
4868
4869	/* map satype to proto */
4870	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
4871		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
4872			__func__));
4873		error = EINVAL;
4874		goto fail;
4875	}
4876	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
4877	    (struct sockaddr *)(dst0 + 1));
4878	if (error != 0) {
4879		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
4880		error = EINVAL;
4881		goto fail;
4882	}
4883	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
4884
4885	/* SPI allocation */
4886	spi = key_do_getnewspi(
4887	    (struct sadb_spirange *)mhp->ext[SADB_EXT_SPIRANGE], &saidx);
4888	if (spi == 0) {
4889		/*
4890		 * Requested SPI or SPI range is not available or
4891		 * already used.
4892		 */
4893		error = EEXIST;
4894		goto fail;
4895	}
4896	sav = key_newsav(mhp, &saidx, spi, &error);
4897	if (sav == NULL)
4898		goto fail;
4899
4900	if (sav->seq != 0) {
4901		/*
4902		 * RFC2367:
4903		 * If the SADB_GETSPI message is in response to a
4904		 * kernel-generated SADB_ACQUIRE, the sadb_msg_seq
4905		 * MUST be the same as the SADB_ACQUIRE message.
4906		 *
4907		 * XXXAE: However it doesn't definethe behaviour how to
4908		 * check this and what to do if it doesn't match.
4909		 * Also what we should do if it matches?
4910		 *
4911		 * We can compare saidx used in SADB_ACQUIRE with saidx
4912		 * used in SADB_GETSPI, but this probably can break
4913		 * existing software. For now just warn if it doesn't match.
4914		 *
4915		 * XXXAE: anyway it looks useless.
4916		 */
4917		key_acqdone(&saidx, sav->seq);
4918	}
4919	KEYDBG(KEY_STAMP,
4920	    printf("%s: SA(%p)\n", __func__, sav));
4921	KEYDBG(KEY_DATA, kdebug_secasv(sav));
4922
4923    {
4924	struct mbuf *n, *nn;
4925	struct sadb_sa *m_sa;
4926	struct sadb_msg *newmsg;
4927	int off, len;
4928
4929	/* create new sadb_msg to reply. */
4930	len = PFKEY_ALIGN8(sizeof(struct sadb_msg)) +
4931	    PFKEY_ALIGN8(sizeof(struct sadb_sa));
4932
4933	MGETHDR(n, M_NOWAIT, MT_DATA);
4934	if (len > MHLEN) {
4935		if (!(MCLGET(n, M_NOWAIT))) {
4936			m_freem(n);
4937			n = NULL;
4938		}
4939	}
4940	if (!n) {
4941		error = ENOBUFS;
4942		goto fail;
4943	}
4944
4945	n->m_len = len;
4946	n->m_next = NULL;
4947	off = 0;
4948
4949	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
4950	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
4951
4952	m_sa = (struct sadb_sa *)(mtod(n, caddr_t) + off);
4953	m_sa->sadb_sa_len = PFKEY_UNIT64(sizeof(struct sadb_sa));
4954	m_sa->sadb_sa_exttype = SADB_EXT_SA;
4955	m_sa->sadb_sa_spi = spi; /* SPI is already in network byte order */
4956	off += PFKEY_ALIGN8(sizeof(struct sadb_sa));
4957
4958	IPSEC_ASSERT(off == len,
4959		("length inconsistency (off %u len %u)", off, len));
4960
4961	n->m_next = key_gather_mbuf(m, mhp, 0, 2, SADB_EXT_ADDRESS_SRC,
4962	    SADB_EXT_ADDRESS_DST);
4963	if (!n->m_next) {
4964		m_freem(n);
4965		error = ENOBUFS;
4966		goto fail;
4967	}
4968
4969	if (n->m_len < sizeof(struct sadb_msg)) {
4970		n = m_pullup(n, sizeof(struct sadb_msg));
4971		if (n == NULL)
4972			return key_sendup_mbuf(so, m, KEY_SENDUP_ONE);
4973	}
4974
4975	n->m_pkthdr.len = 0;
4976	for (nn = n; nn; nn = nn->m_next)
4977		n->m_pkthdr.len += nn->m_len;
4978
4979	newmsg = mtod(n, struct sadb_msg *);
4980	newmsg->sadb_msg_seq = sav->seq;
4981	newmsg->sadb_msg_errno = 0;
4982	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
4983
4984	m_freem(m);
4985	return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
4986    }
4987
4988fail:
4989	return (key_senderror(so, m, error));
4990}
4991
4992/*
4993 * allocating new SPI
4994 * called by key_getspi().
4995 * OUT:
4996 *	0:	failure.
4997 *	others: success, SPI in network byte order.
4998 */
4999static uint32_t
5000key_do_getnewspi(struct sadb_spirange *spirange, struct secasindex *saidx)
5001{
5002	uint32_t min, max, newspi, t;
5003	int count = V_key_spi_trycnt;
5004
5005	/* set spi range to allocate */
5006	if (spirange != NULL) {
5007		min = spirange->sadb_spirange_min;
5008		max = spirange->sadb_spirange_max;
5009	} else {
5010		min = V_key_spi_minval;
5011		max = V_key_spi_maxval;
5012	}
5013	/* IPCOMP needs 2-byte SPI */
5014	if (saidx->proto == IPPROTO_IPCOMP) {
5015		if (min >= 0x10000)
5016			min = 0xffff;
5017		if (max >= 0x10000)
5018			max = 0xffff;
5019		if (min > max) {
5020			t = min; min = max; max = t;
5021		}
5022	}
5023
5024	if (min == max) {
5025		if (!key_checkspidup(htonl(min))) {
5026			ipseclog((LOG_DEBUG, "%s: SPI %u exists already.\n",
5027			    __func__, min));
5028			return 0;
5029		}
5030
5031		count--; /* taking one cost. */
5032		newspi = min;
5033	} else {
5034
5035		/* init SPI */
5036		newspi = 0;
5037
5038		/* when requesting to allocate spi ranged */
5039		while (count--) {
5040			/* generate pseudo-random SPI value ranged. */
5041			newspi = min + (key_random() % (max - min + 1));
5042			if (!key_checkspidup(htonl(newspi)))
5043				break;
5044		}
5045
5046		if (count == 0 || newspi == 0) {
5047			ipseclog((LOG_DEBUG,
5048			    "%s: failed to allocate SPI.\n", __func__));
5049			return 0;
5050		}
5051	}
5052
5053	/* statistics */
5054	keystat.getspi_count =
5055	    (keystat.getspi_count + V_key_spi_trycnt - count) / 2;
5056
5057	return (htonl(newspi));
5058}
5059
5060/*
5061 * Find TCP-MD5 SA with corresponding secasindex.
5062 * If not found, return NULL and fill SPI with usable value if needed.
5063 */
5064static struct secasvar *
5065key_getsav_tcpmd5(struct secasindex *saidx, uint32_t *spi)
5066{
5067	SAHTREE_RLOCK_TRACKER;
5068	struct secashead *sah;
5069	struct secasvar *sav;
5070
5071	IPSEC_ASSERT(saidx->proto == IPPROTO_TCP, ("wrong proto"));
5072	SAHTREE_RLOCK();
5073	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
5074		if (sah->saidx.proto != IPPROTO_TCP)
5075			continue;
5076		if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
5077		    !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
5078			break;
5079	}
5080	if (sah != NULL) {
5081		if (V_key_preferred_oldsa)
5082			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
5083		else
5084			sav = TAILQ_FIRST(&sah->savtree_alive);
5085		if (sav != NULL) {
5086			SAV_ADDREF(sav);
5087			SAHTREE_RUNLOCK();
5088			return (sav);
5089		}
5090	}
5091	if (spi == NULL) {
5092		/* No SPI required */
5093		SAHTREE_RUNLOCK();
5094		return (NULL);
5095	}
5096	/* Check that SPI is unique */
5097	LIST_FOREACH(sav, SAVHASH_HASH(*spi), spihash) {
5098		if (sav->spi == *spi)
5099			break;
5100	}
5101	if (sav == NULL) {
5102		SAHTREE_RUNLOCK();
5103		/* SPI is already unique */
5104		return (NULL);
5105	}
5106	SAHTREE_RUNLOCK();
5107	/* XXX: not optimal */
5108	*spi = key_do_getnewspi(NULL, saidx);
5109	return (NULL);
5110}
5111
5112static int
5113key_updateaddresses(struct socket *so, struct mbuf *m,
5114    const struct sadb_msghdr *mhp, struct secasvar *sav,
5115    struct secasindex *saidx)
5116{
5117	struct sockaddr *newaddr;
5118	struct secashead *sah;
5119	struct secasvar *newsav, *tmp;
5120	struct mbuf *n;
5121	int error, isnew;
5122
5123	/* Check that we need to change SAH */
5124	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC)) {
5125		newaddr = (struct sockaddr *)(
5126		    ((struct sadb_address *)
5127		    mhp->ext[SADB_X_EXT_NEW_ADDRESS_SRC]) + 1);
5128		bcopy(newaddr, &saidx->src, newaddr->sa_len);
5129		key_porttosaddr(&saidx->src.sa, 0);
5130	}
5131	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST)) {
5132		newaddr = (struct sockaddr *)(
5133		    ((struct sadb_address *)
5134		    mhp->ext[SADB_X_EXT_NEW_ADDRESS_DST]) + 1);
5135		bcopy(newaddr, &saidx->dst, newaddr->sa_len);
5136		key_porttosaddr(&saidx->dst.sa, 0);
5137	}
5138	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC) ||
5139	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST)) {
5140		error = key_checksockaddrs(&saidx->src.sa, &saidx->dst.sa);
5141		if (error != 0) {
5142			ipseclog((LOG_DEBUG, "%s: invalid new sockaddr.\n",
5143			    __func__));
5144			return (error);
5145		}
5146
5147		sah = key_getsah(saidx);
5148		if (sah == NULL) {
5149			/* create a new SA index */
5150			sah = key_newsah(saidx);
5151			if (sah == NULL) {
5152				ipseclog((LOG_DEBUG,
5153				    "%s: No more memory.\n", __func__));
5154				return (ENOBUFS);
5155			}
5156			isnew = 2; /* SAH is new */
5157		} else
5158			isnew = 1; /* existing SAH is referenced */
5159	} else {
5160		/*
5161		 * src and dst addresses are still the same.
5162		 * Do we want to change NAT-T config?
5163		 */
5164		if (sav->sah->saidx.proto != IPPROTO_ESP ||
5165		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5166		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_SPORT) ||
5167		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5168			ipseclog((LOG_DEBUG,
5169			    "%s: invalid message: missing required header.\n",
5170			    __func__));
5171			return (EINVAL);
5172		}
5173		/* We hold reference to SA, thus SAH will be referenced too. */
5174		sah = sav->sah;
5175		isnew = 0;
5176	}
5177
5178	newsav = malloc(sizeof(struct secasvar), M_IPSEC_SA,
5179	    M_NOWAIT | M_ZERO);
5180	if (newsav == NULL) {
5181		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5182		error = ENOBUFS;
5183		goto fail;
5184	}
5185
5186	/* Clone SA's content into newsav */
5187	SAV_INITREF(newsav);
5188	bcopy(sav, newsav, offsetof(struct secasvar, chain));
5189	/*
5190	 * We create new NAT-T config if it is needed.
5191	 * Old NAT-T config will be freed by key_cleansav() when
5192	 * last reference to SA will be released.
5193	 */
5194	newsav->natt = NULL;
5195	newsav->sah = sah;
5196	newsav->state = SADB_SASTATE_MATURE;
5197	error = key_setnatt(newsav, mhp);
5198	if (error != 0)
5199		goto fail;
5200
5201	SAHTREE_WLOCK();
5202	/* Check that SA is still alive */
5203	if (sav->state == SADB_SASTATE_DEAD) {
5204		/* SA was unlinked */
5205		SAHTREE_WUNLOCK();
5206		error = ESRCH;
5207		goto fail;
5208	}
5209
5210	/* Unlink SA from SAH and SPI hash */
5211	IPSEC_ASSERT((sav->flags & SADB_X_EXT_F_CLONED) == 0,
5212	    ("SA is already cloned"));
5213	IPSEC_ASSERT(sav->state == SADB_SASTATE_MATURE ||
5214	    sav->state == SADB_SASTATE_DYING,
5215	    ("Wrong SA state %u\n", sav->state));
5216	TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
5217	LIST_REMOVE(sav, spihash);
5218	sav->state = SADB_SASTATE_DEAD;
5219
5220	/*
5221	 * Link new SA with SAH. Keep SAs ordered by
5222	 * create time (newer are first).
5223	 */
5224	TAILQ_FOREACH(tmp, &sah->savtree_alive, chain) {
5225		if (newsav->created > tmp->created) {
5226			TAILQ_INSERT_BEFORE(tmp, newsav, chain);
5227			break;
5228		}
5229	}
5230	if (tmp == NULL)
5231		TAILQ_INSERT_TAIL(&sah->savtree_alive, newsav, chain);
5232
5233	/* Add new SA into SPI hash. */
5234	LIST_INSERT_HEAD(SAVHASH_HASH(newsav->spi), newsav, spihash);
5235
5236	/* Add new SAH into SADB. */
5237	if (isnew == 2) {
5238		TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
5239		LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
5240		sah->state = SADB_SASTATE_MATURE;
5241		SAH_ADDREF(sah); /* newsav references new SAH */
5242	}
5243	/*
5244	 * isnew == 1 -> @sah was referenced by key_getsah().
5245	 * isnew == 0 -> we use the same @sah, that was used by @sav,
5246	 *	and we use its reference for @newsav.
5247	 */
5248	SECASVAR_LOCK(sav);
5249	/* XXX: replace cntr with pointer? */
5250	newsav->cntr = sav->cntr;
5251	sav->flags |= SADB_X_EXT_F_CLONED;
5252	SECASVAR_UNLOCK(sav);
5253
5254	SAHTREE_WUNLOCK();
5255
5256	KEYDBG(KEY_STAMP,
5257	    printf("%s: SA(%p) cloned into SA(%p)\n",
5258	    __func__, sav, newsav));
5259	KEYDBG(KEY_DATA, kdebug_secasv(newsav));
5260
5261	key_freesav(&sav); /* release last reference */
5262
5263	/* set msg buf from mhp */
5264	n = key_getmsgbuf_x1(m, mhp);
5265	if (n == NULL) {
5266		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5267		return (ENOBUFS);
5268	}
5269	m_freem(m);
5270	key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5271	return (0);
5272fail:
5273	if (isnew != 0)
5274		key_freesah(&sah);
5275	if (newsav != NULL) {
5276		if (newsav->natt != NULL)
5277			free(newsav->natt, M_IPSEC_MISC);
5278		free(newsav, M_IPSEC_SA);
5279	}
5280	return (error);
5281}
5282
5283/*
5284 * SADB_UPDATE processing
5285 * receive
5286 *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5287 *       key(AE), (identity(SD),) (sensitivity)>
5288 * from the ikmpd, and update a secasvar entry whose status is SADB_SASTATE_LARVAL.
5289 * and send
5290 *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5291 *       (identity(SD),) (sensitivity)>
5292 * to the ikmpd.
5293 *
5294 * m will always be freed.
5295 */
5296static int
5297key_update(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5298{
5299	struct secasindex saidx;
5300	struct sadb_address *src0, *dst0;
5301	struct sadb_sa *sa0;
5302	struct secasvar *sav;
5303	uint32_t reqid;
5304	int error;
5305	uint8_t mode, proto;
5306
5307	IPSEC_ASSERT(so != NULL, ("null socket"));
5308	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5309	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5310	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5311
5312	/* map satype to proto */
5313	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5314		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5315		    __func__));
5316		return key_senderror(so, m, EINVAL);
5317	}
5318
5319	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
5320	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5321	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5322	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
5323		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
5324	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
5325		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
5326		ipseclog((LOG_DEBUG,
5327		    "%s: invalid message: missing required header.\n",
5328		    __func__));
5329		return key_senderror(so, m, EINVAL);
5330	}
5331	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
5332	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5333	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5334		ipseclog((LOG_DEBUG,
5335		    "%s: invalid message: wrong header size.\n", __func__));
5336		return key_senderror(so, m, EINVAL);
5337	}
5338	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
5339		mode = IPSEC_MODE_ANY;
5340		reqid = 0;
5341	} else {
5342		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
5343			ipseclog((LOG_DEBUG,
5344			    "%s: invalid message: wrong header size.\n",
5345			    __func__));
5346			return key_senderror(so, m, EINVAL);
5347		}
5348		mode = ((struct sadb_x_sa2 *)
5349		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
5350		reqid = ((struct sadb_x_sa2 *)
5351		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
5352	}
5353
5354	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5355	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
5356	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
5357
5358	/*
5359	 * Only SADB_SASTATE_MATURE SAs may be submitted in an
5360	 * SADB_UPDATE message.
5361	 */
5362	if (sa0->sadb_sa_state != SADB_SASTATE_MATURE) {
5363		ipseclog((LOG_DEBUG, "%s: invalid state.\n", __func__));
5364#ifdef PFKEY_STRICT_CHECKS
5365		return key_senderror(so, m, EINVAL);
5366#endif
5367	}
5368	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
5369	    (struct sockaddr *)(dst0 + 1));
5370	if (error != 0) {
5371		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5372		return key_senderror(so, m, error);
5373	}
5374	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
5375	sav = key_getsavbyspi(sa0->sadb_sa_spi);
5376	if (sav == NULL) {
5377		ipseclog((LOG_DEBUG, "%s: no SA found for SPI %u\n",
5378		    __func__, ntohl(sa0->sadb_sa_spi)));
5379		return key_senderror(so, m, EINVAL);
5380	}
5381	/*
5382	 * Check that SADB_UPDATE issued by the same process that did
5383	 * SADB_GETSPI or SADB_ADD.
5384	 */
5385	if (sav->pid != mhp->msg->sadb_msg_pid) {
5386		ipseclog((LOG_DEBUG,
5387		    "%s: pid mismatched (SPI %u, pid %u vs. %u)\n", __func__,
5388		    ntohl(sav->spi), sav->pid, mhp->msg->sadb_msg_pid));
5389		key_freesav(&sav);
5390		return key_senderror(so, m, EINVAL);
5391	}
5392	/* saidx should match with SA. */
5393	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_MODE_REQID) == 0) {
5394		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u\n",
5395		    __func__, ntohl(sav->spi)));
5396		key_freesav(&sav);
5397		return key_senderror(so, m, ESRCH);
5398	}
5399
5400	if (sav->state == SADB_SASTATE_LARVAL) {
5401		if ((mhp->msg->sadb_msg_satype == SADB_SATYPE_ESP &&
5402		    SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT)) ||
5403		    (mhp->msg->sadb_msg_satype == SADB_SATYPE_AH &&
5404		    SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH))) {
5405			ipseclog((LOG_DEBUG,
5406			    "%s: invalid message: missing required header.\n",
5407			    __func__));
5408			key_freesav(&sav);
5409			return key_senderror(so, m, EINVAL);
5410		}
5411		/*
5412		 * We can set any values except src, dst and SPI.
5413		 */
5414		error = key_setsaval(sav, mhp);
5415		if (error != 0) {
5416			key_freesav(&sav);
5417			return (key_senderror(so, m, error));
5418		}
5419		/* Change SA state to MATURE */
5420		SAHTREE_WLOCK();
5421		if (sav->state != SADB_SASTATE_LARVAL) {
5422			/* SA was deleted or another thread made it MATURE. */
5423			SAHTREE_WUNLOCK();
5424			key_freesav(&sav);
5425			return (key_senderror(so, m, ESRCH));
5426		}
5427		/*
5428		 * NOTE: we keep SAs in savtree_alive ordered by created
5429		 * time. When SA's state changed from LARVAL to MATURE,
5430		 * we update its created time in key_setsaval() and move
5431		 * it into head of savtree_alive.
5432		 */
5433		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
5434		TAILQ_INSERT_HEAD(&sav->sah->savtree_alive, sav, chain);
5435		sav->state = SADB_SASTATE_MATURE;
5436		SAHTREE_WUNLOCK();
5437	} else {
5438		/*
5439		 * For DYING and MATURE SA we can change only state
5440		 * and lifetimes. Report EINVAL if something else attempted
5441		 * to change.
5442		 */
5443		if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT) ||
5444		    !SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH)) {
5445			key_freesav(&sav);
5446			return (key_senderror(so, m, EINVAL));
5447		}
5448		error = key_updatelifetimes(sav, mhp);
5449		if (error != 0) {
5450			key_freesav(&sav);
5451			return (key_senderror(so, m, error));
5452		}
5453		/*
5454		 * This is FreeBSD extension to RFC2367.
5455		 * IKEd can specify SADB_X_EXT_NEW_ADDRESS_SRC and/or
5456		 * SADB_X_EXT_NEW_ADDRESS_DST when it wants to change
5457		 * SA addresses (for example to implement MOBIKE protocol
5458		 * as described in RFC4555). Also we allow to change
5459		 * NAT-T config.
5460		 */
5461		if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC) ||
5462		    !SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST) ||
5463		    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5464		    sav->natt != NULL) {
5465			error = key_updateaddresses(so, m, mhp, sav, &saidx);
5466			key_freesav(&sav);
5467			if (error != 0)
5468				return (key_senderror(so, m, error));
5469			return (0);
5470		}
5471		/* Check that SA is still alive */
5472		SAHTREE_WLOCK();
5473		if (sav->state == SADB_SASTATE_DEAD) {
5474			/* SA was unlinked */
5475			SAHTREE_WUNLOCK();
5476			key_freesav(&sav);
5477			return (key_senderror(so, m, ESRCH));
5478		}
5479		/*
5480		 * NOTE: there is possible state moving from DYING to MATURE,
5481		 * but this doesn't change created time, so we won't reorder
5482		 * this SA.
5483		 */
5484		sav->state = SADB_SASTATE_MATURE;
5485		SAHTREE_WUNLOCK();
5486	}
5487	KEYDBG(KEY_STAMP,
5488	    printf("%s: SA(%p)\n", __func__, sav));
5489	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5490	key_freesav(&sav);
5491
5492    {
5493	struct mbuf *n;
5494
5495	/* set msg buf from mhp */
5496	n = key_getmsgbuf_x1(m, mhp);
5497	if (n == NULL) {
5498		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5499		return key_senderror(so, m, ENOBUFS);
5500	}
5501
5502	m_freem(m);
5503	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5504    }
5505}
5506
5507/*
5508 * SADB_ADD processing
5509 * add an entry to SA database, when received
5510 *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5511 *       key(AE), (identity(SD),) (sensitivity)>
5512 * from the ikmpd,
5513 * and send
5514 *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5515 *       (identity(SD),) (sensitivity)>
5516 * to the ikmpd.
5517 *
5518 * IGNORE identity and sensitivity messages.
5519 *
5520 * m will always be freed.
5521 */
5522static int
5523key_add(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5524{
5525	struct secasindex saidx;
5526	struct sadb_address *src0, *dst0;
5527	struct sadb_sa *sa0;
5528	struct secasvar *sav;
5529	uint32_t reqid, spi;
5530	uint8_t mode, proto;
5531	int error;
5532
5533	IPSEC_ASSERT(so != NULL, ("null socket"));
5534	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5535	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5536	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5537
5538	/* map satype to proto */
5539	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5540		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5541		    __func__));
5542		return key_senderror(so, m, EINVAL);
5543	}
5544
5545	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
5546	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5547	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5548	    (mhp->msg->sadb_msg_satype == SADB_SATYPE_ESP && (
5549		SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT) ||
5550		SADB_CHECKLEN(mhp, SADB_EXT_KEY_ENCRYPT))) ||
5551	    (mhp->msg->sadb_msg_satype == SADB_SATYPE_AH && (
5552		SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH) ||
5553		SADB_CHECKLEN(mhp, SADB_EXT_KEY_AUTH))) ||
5554	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
5555		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
5556	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
5557		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
5558		ipseclog((LOG_DEBUG,
5559		    "%s: invalid message: missing required header.\n",
5560		    __func__));
5561		return key_senderror(so, m, EINVAL);
5562	}
5563	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
5564	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5565	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5566		ipseclog((LOG_DEBUG,
5567		    "%s: invalid message: wrong header size.\n", __func__));
5568		return key_senderror(so, m, EINVAL);
5569	}
5570	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
5571		mode = IPSEC_MODE_ANY;
5572		reqid = 0;
5573	} else {
5574		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
5575			ipseclog((LOG_DEBUG,
5576			    "%s: invalid message: wrong header size.\n",
5577			    __func__));
5578			return key_senderror(so, m, EINVAL);
5579		}
5580		mode = ((struct sadb_x_sa2 *)
5581		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
5582		reqid = ((struct sadb_x_sa2 *)
5583		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
5584	}
5585
5586	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5587	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
5588	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
5589
5590	/*
5591	 * Only SADB_SASTATE_MATURE SAs may be submitted in an
5592	 * SADB_ADD message.
5593	 */
5594	if (sa0->sadb_sa_state != SADB_SASTATE_MATURE) {
5595		ipseclog((LOG_DEBUG, "%s: invalid state.\n", __func__));
5596#ifdef PFKEY_STRICT_CHECKS
5597		return key_senderror(so, m, EINVAL);
5598#endif
5599	}
5600	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
5601	    (struct sockaddr *)(dst0 + 1));
5602	if (error != 0) {
5603		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5604		return key_senderror(so, m, error);
5605	}
5606	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
5607	spi = sa0->sadb_sa_spi;
5608	/*
5609	 * For TCP-MD5 SAs we don't use SPI. Check the uniqueness using
5610	 * secasindex.
5611	 * XXXAE: IPComp seems also doesn't use SPI.
5612	 */
5613	if (proto == IPPROTO_TCP) {
5614		sav = key_getsav_tcpmd5(&saidx, &spi);
5615		if (sav == NULL && spi == 0) {
5616			/* Failed to allocate SPI */
5617			ipseclog((LOG_DEBUG, "%s: SA already exists.\n",
5618			    __func__));
5619			return key_senderror(so, m, EEXIST);
5620		}
5621		/* XXX: SPI that we report back can have another value */
5622	} else {
5623		/* We can create new SA only if SPI is different. */
5624		sav = key_getsavbyspi(spi);
5625	}
5626	if (sav != NULL) {
5627		key_freesav(&sav);
5628		ipseclog((LOG_DEBUG, "%s: SA already exists.\n", __func__));
5629		return key_senderror(so, m, EEXIST);
5630	}
5631
5632	sav = key_newsav(mhp, &saidx, spi, &error);
5633	if (sav == NULL)
5634		return key_senderror(so, m, error);
5635	KEYDBG(KEY_STAMP,
5636	    printf("%s: return SA(%p)\n", __func__, sav));
5637	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5638	/*
5639	 * If SADB_ADD was in response to SADB_ACQUIRE, we need to schedule
5640	 * ACQ for deletion.
5641	 */
5642	if (sav->seq != 0)
5643		key_acqdone(&saidx, sav->seq);
5644
5645    {
5646	/*
5647	 * Don't call key_freesav() on error here, as we would like to
5648	 * keep the SA in the database.
5649	 */
5650	struct mbuf *n;
5651
5652	/* set msg buf from mhp */
5653	n = key_getmsgbuf_x1(m, mhp);
5654	if (n == NULL) {
5655		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5656		return key_senderror(so, m, ENOBUFS);
5657	}
5658
5659	m_freem(m);
5660	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5661    }
5662}
5663
5664/*
5665 * NAT-T support.
5666 * IKEd may request the use ESP in UDP encapsulation when it detects the
5667 * presence of NAT. It uses NAT-T extension headers for such SAs to specify
5668 * parameters needed for encapsulation and decapsulation. These PF_KEY
5669 * extension headers are not standardized, so this comment addresses our
5670 * implementation.
5671 * SADB_X_EXT_NAT_T_TYPE specifies type of encapsulation, we support only
5672 * UDP_ENCAP_ESPINUDP as described in RFC3948.
5673 * SADB_X_EXT_NAT_T_SPORT/DPORT specifies source and destination ports for
5674 * UDP header. We use these ports in UDP encapsulation procedure, also we
5675 * can check them in UDP decapsulation procedure.
5676 * SADB_X_EXT_NAT_T_OA[IR] specifies original address of initiator or
5677 * responder. These addresses can be used for transport mode to adjust
5678 * checksum after decapsulation and decryption. Since original IP addresses
5679 * used by peer usually different (we detected presence of NAT), TCP/UDP
5680 * pseudo header checksum and IP header checksum was calculated using original
5681 * addresses. After decapsulation and decryption we need to adjust checksum
5682 * to have correct datagram.
5683 *
5684 * We expect presence of NAT-T extension headers only in SADB_ADD and
5685 * SADB_UPDATE messages. We report NAT-T extension headers in replies
5686 * to SADB_ADD, SADB_UPDATE, SADB_GET, and SADB_DUMP messages.
5687 */
5688static int
5689key_setnatt(struct secasvar *sav, const struct sadb_msghdr *mhp)
5690{
5691	struct sadb_x_nat_t_port *port;
5692	struct sadb_x_nat_t_type *type;
5693	struct sadb_address *oai, *oar;
5694	struct sockaddr *sa;
5695	uint32_t addr;
5696	uint16_t cksum;
5697
5698	IPSEC_ASSERT(sav->natt == NULL, ("natt is already initialized"));
5699	/*
5700	 * Ignore NAT-T headers if sproto isn't ESP.
5701	 */
5702	if (sav->sah->saidx.proto != IPPROTO_ESP)
5703		return (0);
5704
5705	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) &&
5706	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_SPORT) &&
5707	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5708		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5709		    SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_SPORT) ||
5710		    SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5711			ipseclog((LOG_DEBUG,
5712			    "%s: invalid message: wrong header size.\n",
5713			    __func__));
5714			return (EINVAL);
5715		}
5716	} else
5717		return (0);
5718
5719	type = (struct sadb_x_nat_t_type *)mhp->ext[SADB_X_EXT_NAT_T_TYPE];
5720	if (type->sadb_x_nat_t_type_type != UDP_ENCAP_ESPINUDP) {
5721		ipseclog((LOG_DEBUG, "%s: unsupported NAT-T type %u.\n",
5722		    __func__, type->sadb_x_nat_t_type_type));
5723		return (EINVAL);
5724	}
5725	/*
5726	 * Allocate storage for NAT-T config.
5727	 * On error it will be released by key_cleansav().
5728	 */
5729	sav->natt = malloc(sizeof(struct secnatt), M_IPSEC_MISC,
5730	    M_NOWAIT | M_ZERO);
5731	if (sav->natt == NULL) {
5732		PFKEYSTAT_INC(in_nomem);
5733		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5734		return (ENOBUFS);
5735	}
5736	port = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_SPORT];
5737	if (port->sadb_x_nat_t_port_port == 0) {
5738		ipseclog((LOG_DEBUG, "%s: invalid NAT-T sport specified.\n",
5739		    __func__));
5740		return (EINVAL);
5741	}
5742	sav->natt->sport = port->sadb_x_nat_t_port_port;
5743	port = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_DPORT];
5744	if (port->sadb_x_nat_t_port_port == 0) {
5745		ipseclog((LOG_DEBUG, "%s: invalid NAT-T dport specified.\n",
5746		    __func__));
5747		return (EINVAL);
5748	}
5749	sav->natt->dport = port->sadb_x_nat_t_port_port;
5750
5751	/*
5752	 * SADB_X_EXT_NAT_T_OAI and SADB_X_EXT_NAT_T_OAR are optional
5753	 * and needed only for transport mode IPsec.
5754	 * Usually NAT translates only one address, but it is possible,
5755	 * that both addresses could be translated.
5756	 * NOTE: Value of SADB_X_EXT_NAT_T_OAI is equal to SADB_X_EXT_NAT_T_OA.
5757	 */
5758	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_OAI)) {
5759		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_OAI)) {
5760			ipseclog((LOG_DEBUG,
5761			    "%s: invalid message: wrong header size.\n",
5762			    __func__));
5763			return (EINVAL);
5764		}
5765		oai = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAI];
5766	} else
5767		oai = NULL;
5768	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_OAR)) {
5769		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_OAR)) {
5770			ipseclog((LOG_DEBUG,
5771			    "%s: invalid message: wrong header size.\n",
5772			    __func__));
5773			return (EINVAL);
5774		}
5775		oar = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAR];
5776	} else
5777		oar = NULL;
5778
5779	/* Initialize addresses only for transport mode */
5780	if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL) {
5781		cksum = 0;
5782		if (oai != NULL) {
5783			/* Currently we support only AF_INET */
5784			sa = (struct sockaddr *)(oai + 1);
5785			if (sa->sa_family != AF_INET ||
5786			    sa->sa_len != sizeof(struct sockaddr_in)) {
5787				ipseclog((LOG_DEBUG,
5788				    "%s: wrong NAT-OAi header.\n",
5789				    __func__));
5790				return (EINVAL);
5791			}
5792			/* Ignore address if it the same */
5793			if (((struct sockaddr_in *)sa)->sin_addr.s_addr !=
5794			    sav->sah->saidx.src.sin.sin_addr.s_addr) {
5795				bcopy(sa, &sav->natt->oai.sa, sa->sa_len);
5796				sav->natt->flags |= IPSEC_NATT_F_OAI;
5797				/* Calculate checksum delta */
5798				addr = sav->sah->saidx.src.sin.sin_addr.s_addr;
5799				cksum = in_addword(cksum, ~addr >> 16);
5800				cksum = in_addword(cksum, ~addr & 0xffff);
5801				addr = sav->natt->oai.sin.sin_addr.s_addr;
5802				cksum = in_addword(cksum, addr >> 16);
5803				cksum = in_addword(cksum, addr & 0xffff);
5804			}
5805		}
5806		if (oar != NULL) {
5807			/* Currently we support only AF_INET */
5808			sa = (struct sockaddr *)(oar + 1);
5809			if (sa->sa_family != AF_INET ||
5810			    sa->sa_len != sizeof(struct sockaddr_in)) {
5811				ipseclog((LOG_DEBUG,
5812				    "%s: wrong NAT-OAr header.\n",
5813				    __func__));
5814				return (EINVAL);
5815			}
5816			/* Ignore address if it the same */
5817			if (((struct sockaddr_in *)sa)->sin_addr.s_addr !=
5818			    sav->sah->saidx.dst.sin.sin_addr.s_addr) {
5819				bcopy(sa, &sav->natt->oar.sa, sa->sa_len);
5820				sav->natt->flags |= IPSEC_NATT_F_OAR;
5821				/* Calculate checksum delta */
5822				addr = sav->sah->saidx.dst.sin.sin_addr.s_addr;
5823				cksum = in_addword(cksum, ~addr >> 16);
5824				cksum = in_addword(cksum, ~addr & 0xffff);
5825				addr = sav->natt->oar.sin.sin_addr.s_addr;
5826				cksum = in_addword(cksum, addr >> 16);
5827				cksum = in_addword(cksum, addr & 0xffff);
5828			}
5829		}
5830		sav->natt->cksum = cksum;
5831	}
5832	return (0);
5833}
5834
5835static int
5836key_setident(struct secashead *sah, const struct sadb_msghdr *mhp)
5837{
5838	const struct sadb_ident *idsrc, *iddst;
5839
5840	IPSEC_ASSERT(sah != NULL, ("null secashead"));
5841	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5842	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5843
5844	/* don't make buffer if not there */
5845	if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) &&
5846	    SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) {
5847		sah->idents = NULL;
5848		sah->identd = NULL;
5849		return (0);
5850	}
5851
5852	if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) ||
5853	    SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) {
5854		ipseclog((LOG_DEBUG, "%s: invalid identity.\n", __func__));
5855		return (EINVAL);
5856	}
5857
5858	idsrc = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_SRC];
5859	iddst = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_DST];
5860
5861	/* validity check */
5862	if (idsrc->sadb_ident_type != iddst->sadb_ident_type) {
5863		ipseclog((LOG_DEBUG, "%s: ident type mismatch.\n", __func__));
5864		return EINVAL;
5865	}
5866
5867	switch (idsrc->sadb_ident_type) {
5868	case SADB_IDENTTYPE_PREFIX:
5869	case SADB_IDENTTYPE_FQDN:
5870	case SADB_IDENTTYPE_USERFQDN:
5871	default:
5872		/* XXX do nothing */
5873		sah->idents = NULL;
5874		sah->identd = NULL;
5875	 	return 0;
5876	}
5877
5878	/* make structure */
5879	sah->idents = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5880	if (sah->idents == NULL) {
5881		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5882		return ENOBUFS;
5883	}
5884	sah->identd = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5885	if (sah->identd == NULL) {
5886		free(sah->idents, M_IPSEC_MISC);
5887		sah->idents = NULL;
5888		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5889		return ENOBUFS;
5890	}
5891	sah->idents->type = idsrc->sadb_ident_type;
5892	sah->idents->id = idsrc->sadb_ident_id;
5893
5894	sah->identd->type = iddst->sadb_ident_type;
5895	sah->identd->id = iddst->sadb_ident_id;
5896
5897	return 0;
5898}
5899
5900/*
5901 * m will not be freed on return.
5902 * it is caller's responsibility to free the result.
5903 *
5904 * Called from SADB_ADD and SADB_UPDATE. Reply will contain headers
5905 * from the request in defined order.
5906 */
5907static struct mbuf *
5908key_getmsgbuf_x1(struct mbuf *m, const struct sadb_msghdr *mhp)
5909{
5910	struct mbuf *n;
5911
5912	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5913	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5914	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5915
5916	/* create new sadb_msg to reply. */
5917	n = key_gather_mbuf(m, mhp, 1, 16, SADB_EXT_RESERVED,
5918	    SADB_EXT_SA, SADB_X_EXT_SA2,
5919	    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST,
5920	    SADB_EXT_LIFETIME_HARD, SADB_EXT_LIFETIME_SOFT,
5921	    SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST,
5922	    SADB_X_EXT_NAT_T_TYPE, SADB_X_EXT_NAT_T_SPORT,
5923	    SADB_X_EXT_NAT_T_DPORT, SADB_X_EXT_NAT_T_OAI,
5924	    SADB_X_EXT_NAT_T_OAR, SADB_X_EXT_NEW_ADDRESS_SRC,
5925	    SADB_X_EXT_NEW_ADDRESS_DST);
5926	if (!n)
5927		return NULL;
5928
5929	if (n->m_len < sizeof(struct sadb_msg)) {
5930		n = m_pullup(n, sizeof(struct sadb_msg));
5931		if (n == NULL)
5932			return NULL;
5933	}
5934	mtod(n, struct sadb_msg *)->sadb_msg_errno = 0;
5935	mtod(n, struct sadb_msg *)->sadb_msg_len =
5936	    PFKEY_UNIT64(n->m_pkthdr.len);
5937
5938	return n;
5939}
5940
5941/*
5942 * SADB_DELETE processing
5943 * receive
5944 *   <base, SA(*), address(SD)>
5945 * from the ikmpd, and set SADB_SASTATE_DEAD,
5946 * and send,
5947 *   <base, SA(*), address(SD)>
5948 * to the ikmpd.
5949 *
5950 * m will always be freed.
5951 */
5952static int
5953key_delete(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5954{
5955	struct secasindex saidx;
5956	struct sadb_address *src0, *dst0;
5957	struct secasvar *sav;
5958	struct sadb_sa *sa0;
5959	uint8_t proto;
5960
5961	IPSEC_ASSERT(so != NULL, ("null socket"));
5962	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5963	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5964	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5965
5966	/* map satype to proto */
5967	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5968		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5969		    __func__));
5970		return key_senderror(so, m, EINVAL);
5971	}
5972
5973	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5974	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5975	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5976	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5977		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
5978		    __func__));
5979		return key_senderror(so, m, EINVAL);
5980	}
5981
5982	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
5983	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
5984
5985	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
5986	    (struct sockaddr *)(dst0 + 1)) != 0) {
5987		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n",