1/*	$FreeBSD$	*/
2/*	$KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $	*/
3
4/*-
5 * SPDX-License-Identifier: BSD-3-Clause
6 *
7 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
8 * All rights reserved.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 *    notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 *    notice, this list of conditions and the following disclaimer in the
17 *    documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the project nor the names of its contributors
19 *    may be used to endorse or promote products derived from this software
20 *    without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 */
34
35/*
36 * This code is referd to RFC 2367
37 */
38
39#include "opt_inet.h"
40#include "opt_inet6.h"
41#include "opt_ipsec.h"
42
43#include <sys/types.h>
44#include <sys/param.h>
45#include <sys/systm.h>
46#include <sys/kernel.h>
47#include <sys/fnv_hash.h>
48#include <sys/lock.h>
49#include <sys/mutex.h>
50#include <sys/mbuf.h>
51#include <sys/domain.h>
52#include <sys/protosw.h>
53#include <sys/malloc.h>
54#include <sys/rmlock.h>
55#include <sys/socket.h>
56#include <sys/socketvar.h>
57#include <sys/sysctl.h>
58#include <sys/errno.h>
59#include <sys/proc.h>
60#include <sys/queue.h>
61#include <sys/refcount.h>
62#include <sys/syslog.h>
63
64#include <vm/uma.h>
65
66#include <net/if.h>
67#include <net/if_var.h>
68#include <net/vnet.h>
69#include <net/raw_cb.h>
70
71#include <netinet/in.h>
72#include <netinet/in_systm.h>
73#include <netinet/ip.h>
74#include <netinet/in_var.h>
75#include <netinet/udp.h>
76
77#ifdef INET6
78#include <netinet/ip6.h>
79#include <netinet6/in6_var.h>
80#include <netinet6/ip6_var.h>
81#endif /* INET6 */
82
83#include <net/pfkeyv2.h>
84#include <netipsec/keydb.h>
85#include <netipsec/key.h>
86#include <netipsec/keysock.h>
87#include <netipsec/key_debug.h>
88
89#include <netipsec/ipsec.h>
90#ifdef INET6
91#include <netipsec/ipsec6.h>
92#endif
93
94#include <netipsec/xform.h>
95#include <machine/in_cksum.h>
96#include <machine/stdarg.h>
97
98/* randomness */
99#include <sys/random.h>
100
101#define FULLMASK	0xff
102#define	_BITS(bytes)	((bytes) << 3)
103
104/*
105 * Note on SA reference counting:
106 * - SAs that are not in DEAD state will have (total external reference + 1)
107 *   following value in reference count field.  they cannot be freed and are
108 *   referenced from SA header.
109 * - SAs that are in DEAD state will have (total external reference)
110 *   in reference count field.  they are ready to be freed.  reference from
111 *   SA header will be removed in key_delsav(), when the reference count
112 *   field hits 0 (= no external reference other than from SA header.
113 */
114
115VNET_DEFINE(u_int32_t, key_debug_level) = 0;
116VNET_DEFINE_STATIC(u_int, key_spi_trycnt) = 1000;
117VNET_DEFINE_STATIC(u_int32_t, key_spi_minval) = 0x100;
118VNET_DEFINE_STATIC(u_int32_t, key_spi_maxval) = 0x0fffffff;	/* XXX */
119VNET_DEFINE_STATIC(u_int32_t, policy_id) = 0;
120/*interval to initialize randseed,1(m)*/
121VNET_DEFINE_STATIC(u_int, key_int_random) = 60;
122/* interval to expire acquiring, 30(s)*/
123VNET_DEFINE_STATIC(u_int, key_larval_lifetime) = 30;
124/* counter for blocking SADB_ACQUIRE.*/
125VNET_DEFINE_STATIC(int, key_blockacq_count) = 10;
126/* lifetime for blocking SADB_ACQUIRE.*/
127VNET_DEFINE_STATIC(int, key_blockacq_lifetime) = 20;
128/* preferred old sa rather than new sa.*/
129VNET_DEFINE_STATIC(int, key_preferred_oldsa) = 1;
130#define	V_key_spi_trycnt	VNET(key_spi_trycnt)
131#define	V_key_spi_minval	VNET(key_spi_minval)
132#define	V_key_spi_maxval	VNET(key_spi_maxval)
133#define	V_policy_id		VNET(policy_id)
134#define	V_key_int_random	VNET(key_int_random)
135#define	V_key_larval_lifetime	VNET(key_larval_lifetime)
136#define	V_key_blockacq_count	VNET(key_blockacq_count)
137#define	V_key_blockacq_lifetime	VNET(key_blockacq_lifetime)
138#define	V_key_preferred_oldsa	VNET(key_preferred_oldsa)
139
140VNET_DEFINE_STATIC(u_int32_t, acq_seq) = 0;
141#define	V_acq_seq		VNET(acq_seq)
142
143VNET_DEFINE_STATIC(uint32_t, sp_genid) = 0;
144#define	V_sp_genid		VNET(sp_genid)
145
146/* SPD */
147TAILQ_HEAD(secpolicy_queue, secpolicy);
148LIST_HEAD(secpolicy_list, secpolicy);
149VNET_DEFINE_STATIC(struct secpolicy_queue, sptree[IPSEC_DIR_MAX]);
150VNET_DEFINE_STATIC(struct secpolicy_queue, sptree_ifnet[IPSEC_DIR_MAX]);
151static struct rmlock sptree_lock;
152#define	V_sptree		VNET(sptree)
153#define	V_sptree_ifnet		VNET(sptree_ifnet)
154#define	SPTREE_LOCK_INIT()      rm_init(&sptree_lock, "sptree")
155#define	SPTREE_LOCK_DESTROY()   rm_destroy(&sptree_lock)
156#define	SPTREE_RLOCK_TRACKER    struct rm_priotracker sptree_tracker
157#define	SPTREE_RLOCK()          rm_rlock(&sptree_lock, &sptree_tracker)
158#define	SPTREE_RUNLOCK()        rm_runlock(&sptree_lock, &sptree_tracker)
159#define	SPTREE_RLOCK_ASSERT()   rm_assert(&sptree_lock, RA_RLOCKED)
160#define	SPTREE_WLOCK()          rm_wlock(&sptree_lock)
161#define	SPTREE_WUNLOCK()        rm_wunlock(&sptree_lock)
162#define	SPTREE_WLOCK_ASSERT()   rm_assert(&sptree_lock, RA_WLOCKED)
163#define	SPTREE_UNLOCK_ASSERT()  rm_assert(&sptree_lock, RA_UNLOCKED)
164
165/* Hash table for lookup SP using unique id */
166VNET_DEFINE_STATIC(struct secpolicy_list *, sphashtbl);
167VNET_DEFINE_STATIC(u_long, sphash_mask);
168#define	V_sphashtbl		VNET(sphashtbl)
169#define	V_sphash_mask		VNET(sphash_mask)
170
171#define	SPHASH_NHASH_LOG2	7
172#define	SPHASH_NHASH		(1 << SPHASH_NHASH_LOG2)
173#define	SPHASH_HASHVAL(id)	(key_u32hash(id) & V_sphash_mask)
174#define	SPHASH_HASH(id)		&V_sphashtbl[SPHASH_HASHVAL(id)]
175
176/* SPD cache */
177struct spdcache_entry {
178   struct secpolicyindex spidx;	/* secpolicyindex */
179   struct secpolicy *sp;	/* cached policy to be used */
180
181   LIST_ENTRY(spdcache_entry) chain;
182};
183LIST_HEAD(spdcache_entry_list, spdcache_entry);
184
185#define	SPDCACHE_MAX_ENTRIES_PER_HASH	8
186
187VNET_DEFINE_STATIC(u_int, key_spdcache_maxentries) = 0;
188#define	V_key_spdcache_maxentries	VNET(key_spdcache_maxentries)
189VNET_DEFINE_STATIC(u_int, key_spdcache_threshold) = 32;
190#define	V_key_spdcache_threshold	VNET(key_spdcache_threshold)
191VNET_DEFINE_STATIC(unsigned long, spd_size) = 0;
192#define	V_spd_size		VNET(spd_size)
193
194#define SPDCACHE_ENABLED()	(V_key_spdcache_maxentries != 0)
195#define SPDCACHE_ACTIVE() \
196	(SPDCACHE_ENABLED() && V_spd_size >= V_key_spdcache_threshold)
197
198VNET_DEFINE_STATIC(struct spdcache_entry_list *, spdcachehashtbl);
199VNET_DEFINE_STATIC(u_long, spdcachehash_mask);
200#define	V_spdcachehashtbl	VNET(spdcachehashtbl)
201#define	V_spdcachehash_mask	VNET(spdcachehash_mask)
202
203#define	SPDCACHE_HASHVAL(idx) \
204	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->ul_proto) &  \
205	    V_spdcachehash_mask)
206
207/* Each cache line is protected by a mutex */
208VNET_DEFINE_STATIC(struct mtx *, spdcache_lock);
209#define	V_spdcache_lock		VNET(spdcache_lock)
210
211#define	SPDCACHE_LOCK_INIT(a) \
212	mtx_init(&V_spdcache_lock[a], "spdcache", \
213	    "fast ipsec SPD cache", MTX_DEF|MTX_DUPOK)
214#define	SPDCACHE_LOCK_DESTROY(a)	mtx_destroy(&V_spdcache_lock[a])
215#define	SPDCACHE_LOCK(a)		mtx_lock(&V_spdcache_lock[a]);
216#define	SPDCACHE_UNLOCK(a)		mtx_unlock(&V_spdcache_lock[a]);
217
218/* SAD */
219TAILQ_HEAD(secashead_queue, secashead);
220LIST_HEAD(secashead_list, secashead);
221VNET_DEFINE_STATIC(struct secashead_queue, sahtree);
222static struct rmlock sahtree_lock;
223#define	V_sahtree		VNET(sahtree)
224#define	SAHTREE_LOCK_INIT()	rm_init(&sahtree_lock, "sahtree")
225#define	SAHTREE_LOCK_DESTROY()	rm_destroy(&sahtree_lock)
226#define	SAHTREE_RLOCK_TRACKER	struct rm_priotracker sahtree_tracker
227#define	SAHTREE_RLOCK()		rm_rlock(&sahtree_lock, &sahtree_tracker)
228#define	SAHTREE_RUNLOCK()	rm_runlock(&sahtree_lock, &sahtree_tracker)
229#define	SAHTREE_RLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_RLOCKED)
230#define	SAHTREE_WLOCK()		rm_wlock(&sahtree_lock)
231#define	SAHTREE_WUNLOCK()	rm_wunlock(&sahtree_lock)
232#define	SAHTREE_WLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_WLOCKED)
233#define	SAHTREE_UNLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_UNLOCKED)
234
235/* Hash table for lookup in SAD using SA addresses */
236VNET_DEFINE_STATIC(struct secashead_list *, sahaddrhashtbl);
237VNET_DEFINE_STATIC(u_long, sahaddrhash_mask);
238#define	V_sahaddrhashtbl	VNET(sahaddrhashtbl)
239#define	V_sahaddrhash_mask	VNET(sahaddrhash_mask)
240
241#define	SAHHASH_NHASH_LOG2	7
242#define	SAHHASH_NHASH		(1 << SAHHASH_NHASH_LOG2)
243#define	SAHADDRHASH_HASHVAL(idx)	\
244	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->proto) & \
245	    V_sahaddrhash_mask)
246#define	SAHADDRHASH_HASH(saidx)		\
247    &V_sahaddrhashtbl[SAHADDRHASH_HASHVAL(saidx)]
248
249/* Hash table for lookup in SAD using SPI */
250LIST_HEAD(secasvar_list, secasvar);
251VNET_DEFINE_STATIC(struct secasvar_list *, savhashtbl);
252VNET_DEFINE_STATIC(u_long, savhash_mask);
253#define	V_savhashtbl		VNET(savhashtbl)
254#define	V_savhash_mask		VNET(savhash_mask)
255#define	SAVHASH_NHASH_LOG2	7
256#define	SAVHASH_NHASH		(1 << SAVHASH_NHASH_LOG2)
257#define	SAVHASH_HASHVAL(spi)	(key_u32hash(spi) & V_savhash_mask)
258#define	SAVHASH_HASH(spi)	&V_savhashtbl[SAVHASH_HASHVAL(spi)]
259
260static uint32_t
261key_addrprotohash(const union sockaddr_union *src,
262    const union sockaddr_union *dst, const uint8_t *proto)
263{
264	uint32_t hval;
265
266	hval = fnv_32_buf(proto, sizeof(*proto),
267	    FNV1_32_INIT);
268	switch (dst->sa.sa_family) {
269#ifdef INET
270	case AF_INET:
271		hval = fnv_32_buf(&src->sin.sin_addr,
272		    sizeof(in_addr_t), hval);
273		hval = fnv_32_buf(&dst->sin.sin_addr,
274		    sizeof(in_addr_t), hval);
275		break;
276#endif
277#ifdef INET6
278	case AF_INET6:
279		hval = fnv_32_buf(&src->sin6.sin6_addr,
280		    sizeof(struct in6_addr), hval);
281		hval = fnv_32_buf(&dst->sin6.sin6_addr,
282		    sizeof(struct in6_addr), hval);
283		break;
284#endif
285	default:
286		hval = 0;
287		ipseclog((LOG_DEBUG, "%s: unknown address family %d\n",
288		    __func__, dst->sa.sa_family));
289	}
290	return (hval);
291}
292
293static uint32_t
294key_u32hash(uint32_t val)
295{
296
297	return (fnv_32_buf(&val, sizeof(val), FNV1_32_INIT));
298}
299
300							/* registed list */
301VNET_DEFINE_STATIC(LIST_HEAD(_regtree, secreg), regtree[SADB_SATYPE_MAX + 1]);
302#define	V_regtree		VNET(regtree)
303static struct mtx regtree_lock;
304#define	REGTREE_LOCK_INIT() \
305	mtx_init(&regtree_lock, "regtree", "fast ipsec regtree", MTX_DEF)
306#define	REGTREE_LOCK_DESTROY()	mtx_destroy(&regtree_lock)
307#define	REGTREE_LOCK()		mtx_lock(&regtree_lock)
308#define	REGTREE_UNLOCK()	mtx_unlock(&regtree_lock)
309#define	REGTREE_LOCK_ASSERT()	mtx_assert(&regtree_lock, MA_OWNED)
310
311/* Acquiring list */
312LIST_HEAD(secacq_list, secacq);
313VNET_DEFINE_STATIC(struct secacq_list, acqtree);
314#define	V_acqtree		VNET(acqtree)
315static struct mtx acq_lock;
316#define	ACQ_LOCK_INIT() \
317    mtx_init(&acq_lock, "acqtree", "ipsec SA acquiring list", MTX_DEF)
318#define	ACQ_LOCK_DESTROY()	mtx_destroy(&acq_lock)
319#define	ACQ_LOCK()		mtx_lock(&acq_lock)
320#define	ACQ_UNLOCK()		mtx_unlock(&acq_lock)
321#define	ACQ_LOCK_ASSERT()	mtx_assert(&acq_lock, MA_OWNED)
322
323/* Hash table for lookup in ACQ list using SA addresses */
324VNET_DEFINE_STATIC(struct secacq_list *, acqaddrhashtbl);
325VNET_DEFINE_STATIC(u_long, acqaddrhash_mask);
326#define	V_acqaddrhashtbl	VNET(acqaddrhashtbl)
327#define	V_acqaddrhash_mask	VNET(acqaddrhash_mask)
328
329/* Hash table for lookup in ACQ list using SEQ number */
330VNET_DEFINE_STATIC(struct secacq_list *, acqseqhashtbl);
331VNET_DEFINE_STATIC(u_long, acqseqhash_mask);
332#define	V_acqseqhashtbl		VNET(acqseqhashtbl)
333#define	V_acqseqhash_mask	VNET(acqseqhash_mask)
334
335#define	ACQHASH_NHASH_LOG2	7
336#define	ACQHASH_NHASH		(1 << ACQHASH_NHASH_LOG2)
337#define	ACQADDRHASH_HASHVAL(idx)	\
338	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->proto) & \
339	    V_acqaddrhash_mask)
340#define	ACQSEQHASH_HASHVAL(seq)		\
341    (key_u32hash(seq) & V_acqseqhash_mask)
342#define	ACQADDRHASH_HASH(saidx)	\
343    &V_acqaddrhashtbl[ACQADDRHASH_HASHVAL(saidx)]
344#define	ACQSEQHASH_HASH(seq)	\
345    &V_acqseqhashtbl[ACQSEQHASH_HASHVAL(seq)]
346							/* SP acquiring list */
347VNET_DEFINE_STATIC(LIST_HEAD(_spacqtree, secspacq), spacqtree);
348#define	V_spacqtree		VNET(spacqtree)
349static struct mtx spacq_lock;
350#define	SPACQ_LOCK_INIT() \
351	mtx_init(&spacq_lock, "spacqtree", \
352		"fast ipsec security policy acquire list", MTX_DEF)
353#define	SPACQ_LOCK_DESTROY()	mtx_destroy(&spacq_lock)
354#define	SPACQ_LOCK()		mtx_lock(&spacq_lock)
355#define	SPACQ_UNLOCK()		mtx_unlock(&spacq_lock)
356#define	SPACQ_LOCK_ASSERT()	mtx_assert(&spacq_lock, MA_OWNED)
357
358static const int minsize[] = {
359	sizeof(struct sadb_msg),	/* SADB_EXT_RESERVED */
360	sizeof(struct sadb_sa),		/* SADB_EXT_SA */
361	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_CURRENT */
362	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_HARD */
363	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_SOFT */
364	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_SRC */
365	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_DST */
366	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_PROXY */
367	sizeof(struct sadb_key),	/* SADB_EXT_KEY_AUTH */
368	sizeof(struct sadb_key),	/* SADB_EXT_KEY_ENCRYPT */
369	sizeof(struct sadb_ident),	/* SADB_EXT_IDENTITY_SRC */
370	sizeof(struct sadb_ident),	/* SADB_EXT_IDENTITY_DST */
371	sizeof(struct sadb_sens),	/* SADB_EXT_SENSITIVITY */
372	sizeof(struct sadb_prop),	/* SADB_EXT_PROPOSAL */
373	sizeof(struct sadb_supported),	/* SADB_EXT_SUPPORTED_AUTH */
374	sizeof(struct sadb_supported),	/* SADB_EXT_SUPPORTED_ENCRYPT */
375	sizeof(struct sadb_spirange),	/* SADB_EXT_SPIRANGE */
376	0,				/* SADB_X_EXT_KMPRIVATE */
377	sizeof(struct sadb_x_policy),	/* SADB_X_EXT_POLICY */
378	sizeof(struct sadb_x_sa2),	/* SADB_X_SA2 */
379	sizeof(struct sadb_x_nat_t_type),/* SADB_X_EXT_NAT_T_TYPE */
380	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */
381	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */
382	sizeof(struct sadb_address),	/* SADB_X_EXT_NAT_T_OAI */
383	sizeof(struct sadb_address),	/* SADB_X_EXT_NAT_T_OAR */
384	sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
385	sizeof(struct sadb_x_sa_replay), /* SADB_X_EXT_SA_REPLAY */
386	sizeof(struct sadb_address),	/* SADB_X_EXT_NEW_ADDRESS_SRC */
387	sizeof(struct sadb_address),	/* SADB_X_EXT_NEW_ADDRESS_DST */
388};
389_Static_assert(sizeof(minsize)/sizeof(int) == SADB_EXT_MAX + 1, "minsize size mismatch");
390
391static const int maxsize[] = {
392	sizeof(struct sadb_msg),	/* SADB_EXT_RESERVED */
393	sizeof(struct sadb_sa),		/* SADB_EXT_SA */
394	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_CURRENT */
395	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_HARD */
396	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_SOFT */
397	0,				/* SADB_EXT_ADDRESS_SRC */
398	0,				/* SADB_EXT_ADDRESS_DST */
399	0,				/* SADB_EXT_ADDRESS_PROXY */
400	0,				/* SADB_EXT_KEY_AUTH */
401	0,				/* SADB_EXT_KEY_ENCRYPT */
402	0,				/* SADB_EXT_IDENTITY_SRC */
403	0,				/* SADB_EXT_IDENTITY_DST */
404	0,				/* SADB_EXT_SENSITIVITY */
405	0,				/* SADB_EXT_PROPOSAL */
406	0,				/* SADB_EXT_SUPPORTED_AUTH */
407	0,				/* SADB_EXT_SUPPORTED_ENCRYPT */
408	sizeof(struct sadb_spirange),	/* SADB_EXT_SPIRANGE */
409	0,				/* SADB_X_EXT_KMPRIVATE */
410	0,				/* SADB_X_EXT_POLICY */
411	sizeof(struct sadb_x_sa2),	/* SADB_X_SA2 */
412	sizeof(struct sadb_x_nat_t_type),/* SADB_X_EXT_NAT_T_TYPE */
413	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */
414	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */
415	0,				/* SADB_X_EXT_NAT_T_OAI */
416	0,				/* SADB_X_EXT_NAT_T_OAR */
417	sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
418	sizeof(struct sadb_x_sa_replay), /* SADB_X_EXT_SA_REPLAY */
419	0,				/* SADB_X_EXT_NEW_ADDRESS_SRC */
420	0,				/* SADB_X_EXT_NEW_ADDRESS_DST */
421};
422_Static_assert(sizeof(maxsize)/sizeof(int) == SADB_EXT_MAX + 1, "minsize size mismatch");
423
424/*
425 * Internal values for SA flags:
426 * SADB_X_EXT_F_CLONED means that SA was cloned by key_updateaddresses,
427 *	thus we will not free the most of SA content in key_delsav().
428 */
429#define	SADB_X_EXT_F_CLONED	0x80000000
430
431#define	SADB_CHECKLEN(_mhp, _ext)			\
432    ((_mhp)->extlen[(_ext)] < minsize[(_ext)] || (maxsize[(_ext)] != 0 && \
433	((_mhp)->extlen[(_ext)] > maxsize[(_ext)])))
434#define	SADB_CHECKHDR(_mhp, _ext)	((_mhp)->ext[(_ext)] == NULL)
435
436VNET_DEFINE_STATIC(int, ipsec_esp_keymin) = 256;
437VNET_DEFINE_STATIC(int, ipsec_esp_auth) = 0;
438VNET_DEFINE_STATIC(int, ipsec_ah_keymin) = 128;
439
440#define	V_ipsec_esp_keymin	VNET(ipsec_esp_keymin)
441#define	V_ipsec_esp_auth	VNET(ipsec_esp_auth)
442#define	V_ipsec_ah_keymin	VNET(ipsec_ah_keymin)
443
444#ifdef IPSEC_DEBUG
445VNET_DEFINE(int, ipsec_debug) = 1;
446#else
447VNET_DEFINE(int, ipsec_debug) = 0;
448#endif
449
450#ifdef INET
451SYSCTL_DECL(_net_inet_ipsec);
452SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEBUG, debug,
453    CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0,
454    "Enable IPsec debugging output when set.");
455#endif
456#ifdef INET6
457SYSCTL_DECL(_net_inet6_ipsec6);
458SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_DEBUG, debug,
459    CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0,
460    "Enable IPsec debugging output when set.");
461#endif
462
463SYSCTL_DECL(_net_key);
464SYSCTL_INT(_net_key, KEYCTL_DEBUG_LEVEL,	debug,
465	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_debug_level), 0, "");
466
467/* max count of trial for the decision of spi value */
468SYSCTL_INT(_net_key, KEYCTL_SPI_TRY, spi_trycnt,
469	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_trycnt), 0, "");
470
471/* minimum spi value to allocate automatically. */
472SYSCTL_INT(_net_key, KEYCTL_SPI_MIN_VALUE, spi_minval,
473	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_minval), 0, "");
474
475/* maximun spi value to allocate automatically. */
476SYSCTL_INT(_net_key, KEYCTL_SPI_MAX_VALUE, spi_maxval,
477	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_maxval), 0, "");
478
479/* interval to initialize randseed */
480SYSCTL_INT(_net_key, KEYCTL_RANDOM_INT, int_random,
481	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_int_random), 0, "");
482
483/* lifetime for larval SA */
484SYSCTL_INT(_net_key, KEYCTL_LARVAL_LIFETIME, larval_lifetime,
485	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_larval_lifetime), 0, "");
486
487/* counter for blocking to send SADB_ACQUIRE to IKEd */
488SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_COUNT, blockacq_count,
489	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_count), 0, "");
490
491/* lifetime for blocking to send SADB_ACQUIRE to IKEd */
492SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_LIFETIME, blockacq_lifetime,
493	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_lifetime), 0, "");
494
495/* ESP auth */
496SYSCTL_INT(_net_key, KEYCTL_ESP_AUTH, esp_auth,
497	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_auth), 0, "");
498
499/* minimum ESP key length */
500SYSCTL_INT(_net_key, KEYCTL_ESP_KEYMIN, esp_keymin,
501	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_keymin), 0, "");
502
503/* minimum AH key length */
504SYSCTL_INT(_net_key, KEYCTL_AH_KEYMIN, ah_keymin,
505	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_ah_keymin), 0, "");
506
507/* perfered old SA rather than new SA */
508SYSCTL_INT(_net_key, KEYCTL_PREFERED_OLDSA, preferred_oldsa,
509	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_preferred_oldsa), 0, "");
510
511static SYSCTL_NODE(_net_key, OID_AUTO, spdcache, CTLFLAG_RW, 0, "SPD cache");
512
513SYSCTL_UINT(_net_key_spdcache, OID_AUTO, maxentries,
514	CTLFLAG_VNET | CTLFLAG_RDTUN, &VNET_NAME(key_spdcache_maxentries), 0,
515	"Maximum number of entries in the SPD cache"
516	" (power of 2, 0 to disable)");
517
518SYSCTL_UINT(_net_key_spdcache, OID_AUTO, threshold,
519	CTLFLAG_VNET | CTLFLAG_RDTUN, &VNET_NAME(key_spdcache_threshold), 0,
520	"Number of SPs that make the SPD cache active");
521
522#define __LIST_CHAINED(elm) \
523	(!((elm)->chain.le_next == NULL && (elm)->chain.le_prev == NULL))
524
525MALLOC_DEFINE(M_IPSEC_SA, "secasvar", "ipsec security association");
526MALLOC_DEFINE(M_IPSEC_SAH, "sahead", "ipsec sa head");
527MALLOC_DEFINE(M_IPSEC_SP, "ipsecpolicy", "ipsec security policy");
528MALLOC_DEFINE(M_IPSEC_SR, "ipsecrequest", "ipsec security request");
529MALLOC_DEFINE(M_IPSEC_MISC, "ipsec-misc", "ipsec miscellaneous");
530MALLOC_DEFINE(M_IPSEC_SAQ, "ipsec-saq", "ipsec sa acquire");
531MALLOC_DEFINE(M_IPSEC_SAR, "ipsec-reg", "ipsec sa acquire");
532MALLOC_DEFINE(M_IPSEC_SPDCACHE, "ipsec-spdcache", "ipsec SPD cache");
533
534VNET_DEFINE_STATIC(uma_zone_t, key_lft_zone);
535#define	V_key_lft_zone		VNET(key_lft_zone)
536
537/*
538 * set parameters into secpolicyindex buffer.
539 * Must allocate secpolicyindex buffer passed to this function.
540 */
541#define KEY_SETSECSPIDX(_dir, s, d, ps, pd, ulp, idx) \
542do { \
543	bzero((idx), sizeof(struct secpolicyindex));                         \
544	(idx)->dir = (_dir);                                                 \
545	(idx)->prefs = (ps);                                                 \
546	(idx)->prefd = (pd);                                                 \
547	(idx)->ul_proto = (ulp);                                             \
548	bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len);     \
549	bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len);     \
550} while (0)
551
552/*
553 * set parameters into secasindex buffer.
554 * Must allocate secasindex buffer before calling this function.
555 */
556#define KEY_SETSECASIDX(p, m, r, s, d, idx) \
557do { \
558	bzero((idx), sizeof(struct secasindex));                             \
559	(idx)->proto = (p);                                                  \
560	(idx)->mode = (m);                                                   \
561	(idx)->reqid = (r);                                                  \
562	bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len);     \
563	bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len);     \
564	key_porttosaddr(&(idx)->src.sa, 0);				     \
565	key_porttosaddr(&(idx)->dst.sa, 0);				     \
566} while (0)
567
568/* key statistics */
569struct _keystat {
570	u_long getspi_count; /* the avarage of count to try to get new SPI */
571} keystat;
572
573struct sadb_msghdr {
574	struct sadb_msg *msg;
575	struct sadb_ext *ext[SADB_EXT_MAX + 1];
576	int extoff[SADB_EXT_MAX + 1];
577	int extlen[SADB_EXT_MAX + 1];
578};
579
580static struct supported_ealgs {
581	int sadb_alg;
582	const struct enc_xform *xform;
583} supported_ealgs[] = {
584	{ SADB_EALG_DESCBC,		&enc_xform_des },
585	{ SADB_EALG_3DESCBC,		&enc_xform_3des },
586	{ SADB_X_EALG_AES,		&enc_xform_rijndael128 },
587	{ SADB_X_EALG_BLOWFISHCBC,	&enc_xform_blf },
588	{ SADB_X_EALG_CAST128CBC,	&enc_xform_cast5 },
589	{ SADB_EALG_NULL,		&enc_xform_null },
590	{ SADB_X_EALG_CAMELLIACBC,	&enc_xform_camellia },
591	{ SADB_X_EALG_AESCTR,		&enc_xform_aes_icm },
592	{ SADB_X_EALG_AESGCM16,		&enc_xform_aes_nist_gcm },
593	{ SADB_X_EALG_AESGMAC,		&enc_xform_aes_nist_gmac },
594};
595
596static struct supported_aalgs {
597	int sadb_alg;
598	const struct auth_hash *xform;
599} supported_aalgs[] = {
600	{ SADB_X_AALG_NULL,		&auth_hash_null },
601	{ SADB_AALG_MD5HMAC,		&auth_hash_hmac_md5 },
602	{ SADB_AALG_SHA1HMAC,		&auth_hash_hmac_sha1 },
603	{ SADB_X_AALG_RIPEMD160HMAC,	&auth_hash_hmac_ripemd_160 },
604	{ SADB_X_AALG_MD5,		&auth_hash_key_md5 },
605	{ SADB_X_AALG_SHA,		&auth_hash_key_sha1 },
606	{ SADB_X_AALG_SHA2_256,		&auth_hash_hmac_sha2_256 },
607	{ SADB_X_AALG_SHA2_384,		&auth_hash_hmac_sha2_384 },
608	{ SADB_X_AALG_SHA2_512,		&auth_hash_hmac_sha2_512 },
609	{ SADB_X_AALG_AES128GMAC,	&auth_hash_nist_gmac_aes_128 },
610	{ SADB_X_AALG_AES192GMAC,	&auth_hash_nist_gmac_aes_192 },
611	{ SADB_X_AALG_AES256GMAC,	&auth_hash_nist_gmac_aes_256 },
612};
613
614static struct supported_calgs {
615	int sadb_alg;
616	const struct comp_algo *xform;
617} supported_calgs[] = {
618	{ SADB_X_CALG_DEFLATE,		&comp_algo_deflate },
619};
620
621#ifndef IPSEC_DEBUG2
622static struct callout key_timer;
623#endif
624
625static void key_unlink(struct secpolicy *);
626static struct secpolicy *key_do_allocsp(struct secpolicyindex *spidx, u_int dir);
627static struct secpolicy *key_getsp(struct secpolicyindex *);
628static struct secpolicy *key_getspbyid(u_int32_t);
629static struct mbuf *key_gather_mbuf(struct mbuf *,
630	const struct sadb_msghdr *, int, int, ...);
631static int key_spdadd(struct socket *, struct mbuf *,
632	const struct sadb_msghdr *);
633static uint32_t key_getnewspid(void);
634static int key_spddelete(struct socket *, struct mbuf *,
635	const struct sadb_msghdr *);
636static int key_spddelete2(struct socket *, struct mbuf *,
637	const struct sadb_msghdr *);
638static int key_spdget(struct socket *, struct mbuf *,
639	const struct sadb_msghdr *);
640static int key_spdflush(struct socket *, struct mbuf *,
641	const struct sadb_msghdr *);
642static int key_spddump(struct socket *, struct mbuf *,
643	const struct sadb_msghdr *);
644static struct mbuf *key_setdumpsp(struct secpolicy *,
645	u_int8_t, u_int32_t, u_int32_t);
646static struct mbuf *key_sp2mbuf(struct secpolicy *);
647static size_t key_getspreqmsglen(struct secpolicy *);
648static int key_spdexpire(struct secpolicy *);
649static struct secashead *key_newsah(struct secasindex *);
650static void key_freesah(struct secashead **);
651static void key_delsah(struct secashead *);
652static struct secasvar *key_newsav(const struct sadb_msghdr *,
653    struct secasindex *, uint32_t, int *);
654static void key_delsav(struct secasvar *);
655static void key_unlinksav(struct secasvar *);
656static struct secashead *key_getsah(struct secasindex *);
657static int key_checkspidup(uint32_t);
658static struct secasvar *key_getsavbyspi(uint32_t);
659static int key_setnatt(struct secasvar *, const struct sadb_msghdr *);
660static int key_setsaval(struct secasvar *, const struct sadb_msghdr *);
661static int key_updatelifetimes(struct secasvar *, const struct sadb_msghdr *);
662static int key_updateaddresses(struct socket *, struct mbuf *,
663    const struct sadb_msghdr *, struct secasvar *, struct secasindex *);
664
665static struct mbuf *key_setdumpsa(struct secasvar *, u_int8_t,
666	u_int8_t, u_int32_t, u_int32_t);
667static struct mbuf *key_setsadbmsg(u_int8_t, u_int16_t, u_int8_t,
668	u_int32_t, pid_t, u_int16_t);
669static struct mbuf *key_setsadbsa(struct secasvar *);
670static struct mbuf *key_setsadbaddr(u_int16_t,
671	const struct sockaddr *, u_int8_t, u_int16_t);
672static struct mbuf *key_setsadbxport(u_int16_t, u_int16_t);
673static struct mbuf *key_setsadbxtype(u_int16_t);
674static struct mbuf *key_setsadbxsa2(u_int8_t, u_int32_t, u_int32_t);
675static struct mbuf *key_setsadbxsareplay(u_int32_t);
676static struct mbuf *key_setsadbxpolicy(u_int16_t, u_int8_t,
677	u_int32_t, u_int32_t);
678static struct seckey *key_dup_keymsg(const struct sadb_key *, size_t,
679    struct malloc_type *);
680static struct seclifetime *key_dup_lifemsg(const struct sadb_lifetime *src,
681    struct malloc_type *);
682
683/* flags for key_cmpsaidx() */
684#define CMP_HEAD	1	/* protocol, addresses. */
685#define CMP_MODE_REQID	2	/* additionally HEAD, reqid, mode. */
686#define CMP_REQID	3	/* additionally HEAD, reaid. */
687#define CMP_EXACTLY	4	/* all elements. */
688static int key_cmpsaidx(const struct secasindex *,
689    const struct secasindex *, int);
690static int key_cmpspidx_exactly(struct secpolicyindex *,
691    struct secpolicyindex *);
692static int key_cmpspidx_withmask(struct secpolicyindex *,
693    struct secpolicyindex *);
694static int key_bbcmp(const void *, const void *, u_int);
695static uint8_t key_satype2proto(uint8_t);
696static uint8_t key_proto2satype(uint8_t);
697
698static int key_getspi(struct socket *, struct mbuf *,
699	const struct sadb_msghdr *);
700static uint32_t key_do_getnewspi(struct sadb_spirange *, struct secasindex *);
701static int key_update(struct socket *, struct mbuf *,
702	const struct sadb_msghdr *);
703static int key_add(struct socket *, struct mbuf *,
704	const struct sadb_msghdr *);
705static int key_setident(struct secashead *, const struct sadb_msghdr *);
706static struct mbuf *key_getmsgbuf_x1(struct mbuf *,
707	const struct sadb_msghdr *);
708static int key_delete(struct socket *, struct mbuf *,
709	const struct sadb_msghdr *);
710static int key_delete_all(struct socket *, struct mbuf *,
711	const struct sadb_msghdr *, struct secasindex *);
712static int key_get(struct socket *, struct mbuf *,
713	const struct sadb_msghdr *);
714
715static void key_getcomb_setlifetime(struct sadb_comb *);
716static struct mbuf *key_getcomb_ealg(void);
717static struct mbuf *key_getcomb_ah(void);
718static struct mbuf *key_getcomb_ipcomp(void);
719static struct mbuf *key_getprop(const struct secasindex *);
720
721static int key_acquire(const struct secasindex *, struct secpolicy *);
722static uint32_t key_newacq(const struct secasindex *, int *);
723static uint32_t key_getacq(const struct secasindex *, int *);
724static int key_acqdone(const struct secasindex *, uint32_t);
725static int key_acqreset(uint32_t);
726static struct secspacq *key_newspacq(struct secpolicyindex *);
727static struct secspacq *key_getspacq(struct secpolicyindex *);
728static int key_acquire2(struct socket *, struct mbuf *,
729	const struct sadb_msghdr *);
730static int key_register(struct socket *, struct mbuf *,
731	const struct sadb_msghdr *);
732static int key_expire(struct secasvar *, int);
733static int key_flush(struct socket *, struct mbuf *,
734	const struct sadb_msghdr *);
735static int key_dump(struct socket *, struct mbuf *,
736	const struct sadb_msghdr *);
737static int key_promisc(struct socket *, struct mbuf *,
738	const struct sadb_msghdr *);
739static int key_senderror(struct socket *, struct mbuf *, int);
740static int key_validate_ext(const struct sadb_ext *, int);
741static int key_align(struct mbuf *, struct sadb_msghdr *);
742static struct mbuf *key_setlifetime(struct seclifetime *, uint16_t);
743static struct mbuf *key_setkey(struct seckey *, uint16_t);
744
745static void spdcache_init(void);
746static void spdcache_clear(void);
747static struct spdcache_entry *spdcache_entry_alloc(
748	const struct secpolicyindex *spidx,
749	struct secpolicy *policy);
750static void spdcache_entry_free(struct spdcache_entry *entry);
751#ifdef VIMAGE
752static void spdcache_destroy(void);
753#endif
754
755#define	DBG_IPSEC_INITREF(t, p)	do {				\
756	refcount_init(&(p)->refcnt, 1);				\
757	KEYDBG(KEY_STAMP,					\
758	    printf("%s: Initialize refcnt %s(%p) = %u\n",	\
759	    __func__, #t, (p), (p)->refcnt));			\
760} while (0)
761#define	DBG_IPSEC_ADDREF(t, p)	do {				\
762	refcount_acquire(&(p)->refcnt);				\
763	KEYDBG(KEY_STAMP,					\
764	    printf("%s: Acquire refcnt %s(%p) -> %u\n",		\
765	    __func__, #t, (p), (p)->refcnt));			\
766} while (0)
767#define	DBG_IPSEC_DELREF(t, p)	do {				\
768	KEYDBG(KEY_STAMP,					\
769	    printf("%s: Release refcnt %s(%p) -> %u\n",		\
770	    __func__, #t, (p), (p)->refcnt - 1));		\
771	refcount_release(&(p)->refcnt);				\
772} while (0)
773
774#define	IPSEC_INITREF(t, p)	refcount_init(&(p)->refcnt, 1)
775#define	IPSEC_ADDREF(t, p)	refcount_acquire(&(p)->refcnt)
776#define	IPSEC_DELREF(t, p)	refcount_release(&(p)->refcnt)
777
778#define	SP_INITREF(p)	IPSEC_INITREF(SP, p)
779#define	SP_ADDREF(p)	IPSEC_ADDREF(SP, p)
780#define	SP_DELREF(p)	IPSEC_DELREF(SP, p)
781
782#define	SAH_INITREF(p)	IPSEC_INITREF(SAH, p)
783#define	SAH_ADDREF(p)	IPSEC_ADDREF(SAH, p)
784#define	SAH_DELREF(p)	IPSEC_DELREF(SAH, p)
785
786#define	SAV_INITREF(p)	IPSEC_INITREF(SAV, p)
787#define	SAV_ADDREF(p)	IPSEC_ADDREF(SAV, p)
788#define	SAV_DELREF(p)	IPSEC_DELREF(SAV, p)
789
790/*
791 * Update the refcnt while holding the SPTREE lock.
792 */
793void
794key_addref(struct secpolicy *sp)
795{
796
797	SP_ADDREF(sp);
798}
799
800/*
801 * Return 0 when there are known to be no SP's for the specified
802 * direction.  Otherwise return 1.  This is used by IPsec code
803 * to optimize performance.
804 */
805int
806key_havesp(u_int dir)
807{
808
809	return (dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND ?
810		TAILQ_FIRST(&V_sptree[dir]) != NULL : 1);
811}
812
813/* %%% IPsec policy management */
814/*
815 * Return current SPDB generation.
816 */
817uint32_t
818key_getspgen(void)
819{
820
821	return (V_sp_genid);
822}
823
824void
825key_bumpspgen(void)
826{
827
828	V_sp_genid++;
829}
830
831static int
832key_checksockaddrs(struct sockaddr *src, struct sockaddr *dst)
833{
834
835	/* family match */
836	if (src->sa_family != dst->sa_family)
837		return (EINVAL);
838	/* sa_len match */
839	if (src->sa_len != dst->sa_len)
840		return (EINVAL);
841	switch (src->sa_family) {
842#ifdef INET
843	case AF_INET:
844		if (src->sa_len != sizeof(struct sockaddr_in))
845			return (EINVAL);
846		break;
847#endif
848#ifdef INET6
849	case AF_INET6:
850		if (src->sa_len != sizeof(struct sockaddr_in6))
851			return (EINVAL);
852		break;
853#endif
854	default:
855		return (EAFNOSUPPORT);
856	}
857	return (0);
858}
859
860struct secpolicy *
861key_do_allocsp(struct secpolicyindex *spidx, u_int dir)
862{
863	SPTREE_RLOCK_TRACKER;
864	struct secpolicy *sp;
865
866	IPSEC_ASSERT(spidx != NULL, ("null spidx"));
867	IPSEC_ASSERT(dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND,
868		("invalid direction %u", dir));
869
870	SPTREE_RLOCK();
871	TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
872		if (key_cmpspidx_withmask(&sp->spidx, spidx)) {
873			SP_ADDREF(sp);
874			break;
875		}
876	}
877	SPTREE_RUNLOCK();
878	return (sp);
879}
880
881
882/*
883 * allocating a SP for OUTBOUND or INBOUND packet.
884 * Must call key_freesp() later.
885 * OUT:	NULL:	not found
886 *	others:	found and return the pointer.
887 */
888struct secpolicy *
889key_allocsp(struct secpolicyindex *spidx, u_int dir)
890{
891	struct spdcache_entry *entry, *lastentry, *tmpentry;
892	struct secpolicy *sp;
893	uint32_t hashv;
894	int nb_entries;
895
896	if (!SPDCACHE_ACTIVE()) {
897		sp = key_do_allocsp(spidx, dir);
898		goto out;
899	}
900
901	hashv = SPDCACHE_HASHVAL(spidx);
902	SPDCACHE_LOCK(hashv);
903	nb_entries = 0;
904	LIST_FOREACH_SAFE(entry, &V_spdcachehashtbl[hashv], chain, tmpentry) {
905		/* Removed outdated entries */
906		if (entry->sp != NULL &&
907		    entry->sp->state == IPSEC_SPSTATE_DEAD) {
908			LIST_REMOVE(entry, chain);
909			spdcache_entry_free(entry);
910			continue;
911		}
912
913		nb_entries++;
914		if (!key_cmpspidx_exactly(&entry->spidx, spidx)) {
915			lastentry = entry;
916			continue;
917		}
918
919		sp = entry->sp;
920		if (entry->sp != NULL)
921			SP_ADDREF(sp);
922
923		/* IPSECSTAT_INC(ips_spdcache_hits); */
924
925		SPDCACHE_UNLOCK(hashv);
926		goto out;
927	}
928
929	/* IPSECSTAT_INC(ips_spdcache_misses); */
930
931	sp = key_do_allocsp(spidx, dir);
932	entry = spdcache_entry_alloc(spidx, sp);
933	if (entry != NULL) {
934		if (nb_entries >= SPDCACHE_MAX_ENTRIES_PER_HASH) {
935			LIST_REMOVE(lastentry, chain);
936			spdcache_entry_free(lastentry);
937		}
938
939		LIST_INSERT_HEAD(&V_spdcachehashtbl[hashv], entry, chain);
940	}
941
942	SPDCACHE_UNLOCK(hashv);
943
944out:
945	if (sp != NULL) {	/* found a SPD entry */
946		sp->lastused = time_second;
947		KEYDBG(IPSEC_STAMP,
948		    printf("%s: return SP(%p)\n", __func__, sp));
949		KEYDBG(IPSEC_DATA, kdebug_secpolicy(sp));
950	} else {
951		KEYDBG(IPSEC_DATA,
952		    printf("%s: lookup failed for ", __func__);
953		    kdebug_secpolicyindex(spidx, NULL));
954	}
955	return (sp);
956}
957
958/*
959 * Allocating an SA entry for an *INBOUND* or *OUTBOUND* TCP packet, signed
960 * or should be signed by MD5 signature.
961 * We don't use key_allocsa() for such lookups, because we don't know SPI.
962 * Unlike ESP and AH protocols, SPI isn't transmitted in the TCP header with
963 * signed packet. We use SADB only as storage for password.
964 * OUT:	positive:	corresponding SA for given saidx found.
965 *	NULL:		SA not found
966 */
967struct secasvar *
968key_allocsa_tcpmd5(struct secasindex *saidx)
969{
970	SAHTREE_RLOCK_TRACKER;
971	struct secashead *sah;
972	struct secasvar *sav;
973
974	IPSEC_ASSERT(saidx->proto == IPPROTO_TCP,
975	    ("unexpected security protocol %u", saidx->proto));
976	IPSEC_ASSERT(saidx->mode == IPSEC_MODE_TCPMD5,
977	    ("unexpected mode %u", saidx->mode));
978
979	SAHTREE_RLOCK();
980	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
981		KEYDBG(IPSEC_DUMP,
982		    printf("%s: checking SAH\n", __func__);
983		    kdebug_secash(sah, "  "));
984		if (sah->saidx.proto != IPPROTO_TCP)
985			continue;
986		if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
987		    !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
988			break;
989	}
990	if (sah != NULL) {
991		if (V_key_preferred_oldsa)
992			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
993		else
994			sav = TAILQ_FIRST(&sah->savtree_alive);
995		if (sav != NULL)
996			SAV_ADDREF(sav);
997	} else
998		sav = NULL;
999	SAHTREE_RUNLOCK();
1000
1001	if (sav != NULL) {
1002		KEYDBG(IPSEC_STAMP,
1003		    printf("%s: return SA(%p)\n", __func__, sav));
1004		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1005	} else {
1006		KEYDBG(IPSEC_STAMP,
1007		    printf("%s: SA not found\n", __func__));
1008		KEYDBG(IPSEC_DATA, kdebug_secasindex(saidx, NULL));
1009	}
1010	return (sav);
1011}
1012
1013/*
1014 * Allocating an SA entry for an *OUTBOUND* packet.
1015 * OUT:	positive:	corresponding SA for given saidx found.
1016 *	NULL:		SA not found, but will be acquired, check *error
1017 *			for acquiring status.
1018 */
1019struct secasvar *
1020key_allocsa_policy(struct secpolicy *sp, const struct secasindex *saidx,
1021    int *error)
1022{
1023	SAHTREE_RLOCK_TRACKER;
1024	struct secashead *sah;
1025	struct secasvar *sav;
1026
1027	IPSEC_ASSERT(saidx != NULL, ("null saidx"));
1028	IPSEC_ASSERT(saidx->mode == IPSEC_MODE_TRANSPORT ||
1029		saidx->mode == IPSEC_MODE_TUNNEL,
1030		("unexpected policy %u", saidx->mode));
1031
1032	/*
1033	 * We check new SA in the IPsec request because a different
1034	 * SA may be involved each time this request is checked, either
1035	 * because new SAs are being configured, or this request is
1036	 * associated with an unconnected datagram socket, or this request
1037	 * is associated with a system default policy.
1038	 */
1039	SAHTREE_RLOCK();
1040	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
1041		KEYDBG(IPSEC_DUMP,
1042		    printf("%s: checking SAH\n", __func__);
1043		    kdebug_secash(sah, "  "));
1044		if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID))
1045			break;
1046
1047	}
1048	if (sah != NULL) {
1049		/*
1050		 * Allocate the oldest SA available according to
1051		 * draft-jenkins-ipsec-rekeying-03.
1052		 */
1053		if (V_key_preferred_oldsa)
1054			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1055		else
1056			sav = TAILQ_FIRST(&sah->savtree_alive);
1057		if (sav != NULL)
1058			SAV_ADDREF(sav);
1059	} else
1060		sav = NULL;
1061	SAHTREE_RUNLOCK();
1062
1063	if (sav != NULL) {
1064		*error = 0;
1065		KEYDBG(IPSEC_STAMP,
1066		    printf("%s: chosen SA(%p) for SP(%p)\n", __func__,
1067			sav, sp));
1068		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1069		return (sav); /* return referenced SA */
1070	}
1071
1072	/* there is no SA */
1073	*error = key_acquire(saidx, sp);
1074	if ((*error) != 0)
1075		ipseclog((LOG_DEBUG,
1076		    "%s: error %d returned from key_acquire()\n",
1077			__func__, *error));
1078	KEYDBG(IPSEC_STAMP,
1079	    printf("%s: acquire SA for SP(%p), error %d\n",
1080		__func__, sp, *error));
1081	KEYDBG(IPSEC_DATA, kdebug_secasindex(saidx, NULL));
1082	return (NULL);
1083}
1084
1085/*
1086 * allocating a usable SA entry for a *INBOUND* packet.
1087 * Must call key_freesav() later.
1088 * OUT: positive:	pointer to a usable sav (i.e. MATURE or DYING state).
1089 *	NULL:		not found, or error occurred.
1090 *
1091 * According to RFC 2401 SA is uniquely identified by a triple SPI,
1092 * destination address, and security protocol. But according to RFC 4301,
1093 * SPI by itself suffices to specify an SA.
1094 *
1095 * Note that, however, we do need to keep source address in IPsec SA.
1096 * IKE specification and PF_KEY specification do assume that we
1097 * keep source address in IPsec SA.  We see a tricky situation here.
1098 */
1099struct secasvar *
1100key_allocsa(union sockaddr_union *dst, uint8_t proto, uint32_t spi)
1101{
1102	SAHTREE_RLOCK_TRACKER;
1103	struct secasvar *sav;
1104
1105	IPSEC_ASSERT(proto == IPPROTO_ESP || proto == IPPROTO_AH ||
1106	    proto == IPPROTO_IPCOMP, ("unexpected security protocol %u",
1107	    proto));
1108
1109	SAHTREE_RLOCK();
1110	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
1111		if (sav->spi == spi)
1112			break;
1113	}
1114	/*
1115	 * We use single SPI namespace for all protocols, so it is
1116	 * impossible to have SPI duplicates in the SAVHASH.
1117	 */
1118	if (sav != NULL) {
1119		if (sav->state != SADB_SASTATE_LARVAL &&
1120		    sav->sah->saidx.proto == proto &&
1121		    key_sockaddrcmp(&dst->sa,
1122			&sav->sah->saidx.dst.sa, 0) == 0)
1123			SAV_ADDREF(sav);
1124		else
1125			sav = NULL;
1126	}
1127	SAHTREE_RUNLOCK();
1128
1129	if (sav == NULL) {
1130		KEYDBG(IPSEC_STAMP,
1131		    char buf[IPSEC_ADDRSTRLEN];
1132		    printf("%s: SA not found for spi %u proto %u dst %s\n",
1133			__func__, ntohl(spi), proto, ipsec_address(dst, buf,
1134			sizeof(buf))));
1135	} else {
1136		KEYDBG(IPSEC_STAMP,
1137		    printf("%s: return SA(%p)\n", __func__, sav));
1138		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1139	}
1140	return (sav);
1141}
1142
1143struct secasvar *
1144key_allocsa_tunnel(union sockaddr_union *src, union sockaddr_union *dst,
1145    uint8_t proto)
1146{
1147	SAHTREE_RLOCK_TRACKER;
1148	struct secasindex saidx;
1149	struct secashead *sah;
1150	struct secasvar *sav;
1151
1152	IPSEC_ASSERT(src != NULL, ("null src address"));
1153	IPSEC_ASSERT(dst != NULL, ("null dst address"));
1154
1155	KEY_SETSECASIDX(proto, IPSEC_MODE_TUNNEL, 0, &src->sa,
1156	    &dst->sa, &saidx);
1157
1158	sav = NULL;
1159	SAHTREE_RLOCK();
1160	LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
1161		if (IPSEC_MODE_TUNNEL != sah->saidx.mode)
1162			continue;
1163		if (proto != sah->saidx.proto)
1164			continue;
1165		if (key_sockaddrcmp(&src->sa, &sah->saidx.src.sa, 0) != 0)
1166			continue;
1167		if (key_sockaddrcmp(&dst->sa, &sah->saidx.dst.sa, 0) != 0)
1168			continue;
1169		/* XXXAE: is key_preferred_oldsa reasonably?*/
1170		if (V_key_preferred_oldsa)
1171			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1172		else
1173			sav = TAILQ_FIRST(&sah->savtree_alive);
1174		if (sav != NULL) {
1175			SAV_ADDREF(sav);
1176			break;
1177		}
1178	}
1179	SAHTREE_RUNLOCK();
1180	KEYDBG(IPSEC_STAMP,
1181	    printf("%s: return SA(%p)\n", __func__, sav));
1182	if (sav != NULL)
1183		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1184	return (sav);
1185}
1186
1187/*
1188 * Must be called after calling key_allocsp().
1189 */
1190void
1191key_freesp(struct secpolicy **spp)
1192{
1193	struct secpolicy *sp = *spp;
1194
1195	IPSEC_ASSERT(sp != NULL, ("null sp"));
1196	if (SP_DELREF(sp) == 0)
1197		return;
1198
1199	KEYDBG(IPSEC_STAMP,
1200	    printf("%s: last reference to SP(%p)\n", __func__, sp));
1201	KEYDBG(IPSEC_DATA, kdebug_secpolicy(sp));
1202
1203	*spp = NULL;
1204	while (sp->tcount > 0)
1205		ipsec_delisr(sp->req[--sp->tcount]);
1206	free(sp, M_IPSEC_SP);
1207}
1208
1209static void
1210key_unlink(struct secpolicy *sp)
1211{
1212
1213	IPSEC_ASSERT(sp->spidx.dir == IPSEC_DIR_INBOUND ||
1214	    sp->spidx.dir == IPSEC_DIR_OUTBOUND,
1215	    ("invalid direction %u", sp->spidx.dir));
1216	SPTREE_UNLOCK_ASSERT();
1217
1218	KEYDBG(KEY_STAMP,
1219	    printf("%s: SP(%p)\n", __func__, sp));
1220	SPTREE_WLOCK();
1221	if (sp->state != IPSEC_SPSTATE_ALIVE) {
1222		/* SP is already unlinked */
1223		SPTREE_WUNLOCK();
1224		return;
1225	}
1226	sp->state = IPSEC_SPSTATE_DEAD;
1227	TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain);
1228	V_spd_size--;
1229	LIST_REMOVE(sp, idhash);
1230	V_sp_genid++;
1231	SPTREE_WUNLOCK();
1232	if (SPDCACHE_ENABLED())
1233		spdcache_clear();
1234	key_freesp(&sp);
1235}
1236
1237/*
1238 * insert a secpolicy into the SP database. Lower priorities first
1239 */
1240static void
1241key_insertsp(struct secpolicy *newsp)
1242{
1243	struct secpolicy *sp;
1244
1245	SPTREE_WLOCK_ASSERT();
1246	TAILQ_FOREACH(sp, &V_sptree[newsp->spidx.dir], chain) {
1247		if (newsp->priority < sp->priority) {
1248			TAILQ_INSERT_BEFORE(sp, newsp, chain);
1249			goto done;
1250		}
1251	}
1252	TAILQ_INSERT_TAIL(&V_sptree[newsp->spidx.dir], newsp, chain);
1253done:
1254	LIST_INSERT_HEAD(SPHASH_HASH(newsp->id), newsp, idhash);
1255	newsp->state = IPSEC_SPSTATE_ALIVE;
1256	V_spd_size++;
1257	V_sp_genid++;
1258}
1259
1260/*
1261 * Insert a bunch of VTI secpolicies into the SPDB.
1262 * We keep VTI policies in the separate list due to following reasons:
1263 * 1) they should be immutable to user's or some deamon's attempts to
1264 *    delete. The only way delete such policies - destroy or unconfigure
1265 *    corresponding virtual inteface.
1266 * 2) such policies have traffic selector that matches all traffic per
1267 *    address family.
1268 * Since all VTI policies have the same priority, we don't care about
1269 * policies order.
1270 */
1271int
1272key_register_ifnet(struct secpolicy **spp, u_int count)
1273{
1274	struct mbuf *m;
1275	u_int i;
1276
1277	SPTREE_WLOCK();
1278	/*
1279	 * First of try to acquire id for each SP.
1280	 */
1281	for (i = 0; i < count; i++) {
1282		IPSEC_ASSERT(spp[i]->spidx.dir == IPSEC_DIR_INBOUND ||
1283		    spp[i]->spidx.dir == IPSEC_DIR_OUTBOUND,
1284		    ("invalid direction %u", spp[i]->spidx.dir));
1285
1286		if ((spp[i]->id = key_getnewspid()) == 0) {
1287			SPTREE_WUNLOCK();
1288			return (EAGAIN);
1289		}
1290	}
1291	for (i = 0; i < count; i++) {
1292		TAILQ_INSERT_TAIL(&V_sptree_ifnet[spp[i]->spidx.dir],
1293		    spp[i], chain);
1294		/*
1295		 * NOTE: despite the fact that we keep VTI SP in the
1296		 * separate list, SPHASH contains policies from both
1297		 * sources. Thus SADB_X_SPDGET will correctly return
1298		 * SP by id, because it uses SPHASH for lookups.
1299		 */
1300		LIST_INSERT_HEAD(SPHASH_HASH(spp[i]->id), spp[i], idhash);
1301		spp[i]->state = IPSEC_SPSTATE_IFNET;
1302	}
1303	SPTREE_WUNLOCK();
1304	/*
1305	 * Notify user processes about new SP.
1306	 */
1307	for (i = 0; i < count; i++) {
1308		m = key_setdumpsp(spp[i], SADB_X_SPDADD, 0, 0);
1309		if (m != NULL)
1310			key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL);
1311	}
1312	return (0);
1313}
1314
1315void
1316key_unregister_ifnet(struct secpolicy **spp, u_int count)
1317{
1318	struct mbuf *m;
1319	u_int i;
1320
1321	SPTREE_WLOCK();
1322	for (i = 0; i < count; i++) {
1323		IPSEC_ASSERT(spp[i]->spidx.dir == IPSEC_DIR_INBOUND ||
1324		    spp[i]->spidx.dir == IPSEC_DIR_OUTBOUND,
1325		    ("invalid direction %u", spp[i]->spidx.dir));
1326
1327		if (spp[i]->state != IPSEC_SPSTATE_IFNET)
1328			continue;
1329		spp[i]->state = IPSEC_SPSTATE_DEAD;
1330		TAILQ_REMOVE(&V_sptree_ifnet[spp[i]->spidx.dir],
1331		    spp[i], chain);
1332		V_spd_size--;
1333		LIST_REMOVE(spp[i], idhash);
1334	}
1335	SPTREE_WUNLOCK();
1336	if (SPDCACHE_ENABLED())
1337		spdcache_clear();
1338
1339	for (i = 0; i < count; i++) {
1340		m = key_setdumpsp(spp[i], SADB_X_SPDDELETE, 0, 0);
1341		if (m != NULL)
1342			key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL);
1343	}
1344}
1345
1346/*
1347 * Must be called after calling key_allocsa().
1348 * This function is called by key_freesp() to free some SA allocated
1349 * for a policy.
1350 */
1351void
1352key_freesav(struct secasvar **psav)
1353{
1354	struct secasvar *sav = *psav;
1355
1356	IPSEC_ASSERT(sav != NULL, ("null sav"));
1357	if (SAV_DELREF(sav) == 0)
1358		return;
1359
1360	KEYDBG(IPSEC_STAMP,
1361	    printf("%s: last reference to SA(%p)\n", __func__, sav));
1362
1363	*psav = NULL;
1364	key_delsav(sav);
1365}
1366
1367/*
1368 * Unlink SA from SAH and SPI hash under SAHTREE_WLOCK.
1369 * Expect that SA has extra reference due to lookup.
1370 * Release this references, also release SAH reference after unlink.
1371 */
1372static void
1373key_unlinksav(struct secasvar *sav)
1374{
1375	struct secashead *sah;
1376
1377	KEYDBG(KEY_STAMP,
1378	    printf("%s: SA(%p)\n", __func__, sav));
1379
1380	SAHTREE_UNLOCK_ASSERT();
1381	SAHTREE_WLOCK();
1382	if (sav->state == SADB_SASTATE_DEAD) {
1383		/* SA is already unlinked */
1384		SAHTREE_WUNLOCK();
1385		return;
1386	}
1387	/* Unlink from SAH */
1388	if (sav->state == SADB_SASTATE_LARVAL)
1389		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
1390	else
1391		TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
1392	/* Unlink from SPI hash */
1393	LIST_REMOVE(sav, spihash);
1394	sav->state = SADB_SASTATE_DEAD;
1395	sah = sav->sah;
1396	SAHTREE_WUNLOCK();
1397	key_freesav(&sav);
1398	/* Since we are unlinked, release reference to SAH */
1399	key_freesah(&sah);
1400}
1401
1402/* %%% SPD management */
1403/*
1404 * search SPD
1405 * OUT:	NULL	: not found
1406 *	others	: found, pointer to a SP.
1407 */
1408static struct secpolicy *
1409key_getsp(struct secpolicyindex *spidx)
1410{
1411	SPTREE_RLOCK_TRACKER;
1412	struct secpolicy *sp;
1413
1414	IPSEC_ASSERT(spidx != NULL, ("null spidx"));
1415
1416	SPTREE_RLOCK();
1417	TAILQ_FOREACH(sp, &V_sptree[spidx->dir], chain) {
1418		if (key_cmpspidx_exactly(spidx, &sp->spidx)) {
1419			SP_ADDREF(sp);
1420			break;
1421		}
1422	}
1423	SPTREE_RUNLOCK();
1424
1425	return sp;
1426}
1427
1428/*
1429 * get SP by index.
1430 * OUT:	NULL	: not found
1431 *	others	: found, pointer to referenced SP.
1432 */
1433static struct secpolicy *
1434key_getspbyid(uint32_t id)
1435{
1436	SPTREE_RLOCK_TRACKER;
1437	struct secpolicy *sp;
1438
1439	SPTREE_RLOCK();
1440	LIST_FOREACH(sp, SPHASH_HASH(id), idhash) {
1441		if (sp->id == id) {
1442			SP_ADDREF(sp);
1443			break;
1444		}
1445	}
1446	SPTREE_RUNLOCK();
1447	return (sp);
1448}
1449
1450struct secpolicy *
1451key_newsp(void)
1452{
1453	struct secpolicy *sp;
1454
1455	sp = malloc(sizeof(*sp), M_IPSEC_SP, M_NOWAIT | M_ZERO);
1456	if (sp != NULL)
1457		SP_INITREF(sp);
1458	return (sp);
1459}
1460
1461struct ipsecrequest *
1462ipsec_newisr(void)
1463{
1464
1465	return (malloc(sizeof(struct ipsecrequest), M_IPSEC_SR,
1466	    M_NOWAIT | M_ZERO));
1467}
1468
1469void
1470ipsec_delisr(struct ipsecrequest *p)
1471{
1472
1473	free(p, M_IPSEC_SR);
1474}
1475
1476/*
1477 * create secpolicy structure from sadb_x_policy structure.
1478 * NOTE: `state', `secpolicyindex' and 'id' in secpolicy structure
1479 * are not set, so must be set properly later.
1480 */
1481struct secpolicy *
1482key_msg2sp(struct sadb_x_policy *xpl0, size_t len, int *error)
1483{
1484	struct secpolicy *newsp;
1485
1486	IPSEC_ASSERT(xpl0 != NULL, ("null xpl0"));
1487	IPSEC_ASSERT(len >= sizeof(*xpl0), ("policy too short: %zu", len));
1488
1489	if (len != PFKEY_EXTLEN(xpl0)) {
1490		ipseclog((LOG_DEBUG, "%s: Invalid msg length.\n", __func__));
1491		*error = EINVAL;
1492		return NULL;
1493	}
1494
1495	if ((newsp = key_newsp()) == NULL) {
1496		*error = ENOBUFS;
1497		return NULL;
1498	}
1499
1500	newsp->spidx.dir = xpl0->sadb_x_policy_dir;
1501	newsp->policy = xpl0->sadb_x_policy_type;
1502	newsp->priority = xpl0->sadb_x_policy_priority;
1503	newsp->tcount = 0;
1504
1505	/* check policy */
1506	switch (xpl0->sadb_x_policy_type) {
1507	case IPSEC_POLICY_DISCARD:
1508	case IPSEC_POLICY_NONE:
1509	case IPSEC_POLICY_ENTRUST:
1510	case IPSEC_POLICY_BYPASS:
1511		break;
1512
1513	case IPSEC_POLICY_IPSEC:
1514	    {
1515		struct sadb_x_ipsecrequest *xisr;
1516		struct ipsecrequest *isr;
1517		int tlen;
1518
1519		/* validity check */
1520		if (PFKEY_EXTLEN(xpl0) < sizeof(*xpl0)) {
1521			ipseclog((LOG_DEBUG, "%s: Invalid msg length.\n",
1522				__func__));
1523			key_freesp(&newsp);
1524			*error = EINVAL;
1525			return NULL;
1526		}
1527
1528		tlen = PFKEY_EXTLEN(xpl0) - sizeof(*xpl0);
1529		xisr = (struct sadb_x_ipsecrequest *)(xpl0 + 1);
1530
1531		while (tlen > 0) {
1532			/* length check */
1533			if (xisr->sadb_x_ipsecrequest_len < sizeof(*xisr) ||
1534			    xisr->sadb_x_ipsecrequest_len > tlen) {
1535				ipseclog((LOG_DEBUG, "%s: invalid ipsecrequest "
1536					"length.\n", __func__));
1537				key_freesp(&newsp);
1538				*error = EINVAL;
1539				return NULL;
1540			}
1541
1542			if (newsp->tcount >= IPSEC_MAXREQ) {
1543				ipseclog((LOG_DEBUG,
1544				    "%s: too many ipsecrequests.\n",
1545				    __func__));
1546				key_freesp(&newsp);
1547				*error = EINVAL;
1548				return (NULL);
1549			}
1550
1551			/* allocate request buffer */
1552			/* NB: data structure is zero'd */
1553			isr = ipsec_newisr();
1554			if (isr == NULL) {
1555				ipseclog((LOG_DEBUG,
1556				    "%s: No more memory.\n", __func__));
1557				key_freesp(&newsp);
1558				*error = ENOBUFS;
1559				return NULL;
1560			}
1561
1562			newsp->req[newsp->tcount++] = isr;
1563
1564			/* set values */
1565			switch (xisr->sadb_x_ipsecrequest_proto) {
1566			case IPPROTO_ESP:
1567			case IPPROTO_AH:
1568			case IPPROTO_IPCOMP:
1569				break;
1570			default:
1571				ipseclog((LOG_DEBUG,
1572				    "%s: invalid proto type=%u\n", __func__,
1573				    xisr->sadb_x_ipsecrequest_proto));
1574				key_freesp(&newsp);
1575				*error = EPROTONOSUPPORT;
1576				return NULL;
1577			}
1578			isr->saidx.proto =
1579			    (uint8_t)xisr->sadb_x_ipsecrequest_proto;
1580
1581			switch (xisr->sadb_x_ipsecrequest_mode) {
1582			case IPSEC_MODE_TRANSPORT:
1583			case IPSEC_MODE_TUNNEL:
1584				break;
1585			case IPSEC_MODE_ANY:
1586			default:
1587				ipseclog((LOG_DEBUG,
1588				    "%s: invalid mode=%u\n", __func__,
1589				    xisr->sadb_x_ipsecrequest_mode));
1590				key_freesp(&newsp);
1591				*error = EINVAL;
1592				return NULL;
1593			}
1594			isr->saidx.mode = xisr->sadb_x_ipsecrequest_mode;
1595
1596			switch (xisr->sadb_x_ipsecrequest_level) {
1597			case IPSEC_LEVEL_DEFAULT:
1598			case IPSEC_LEVEL_USE:
1599			case IPSEC_LEVEL_REQUIRE:
1600				break;
1601			case IPSEC_LEVEL_UNIQUE:
1602				/* validity check */
1603				/*
1604				 * If range violation of reqid, kernel will
1605				 * update it, don't refuse it.
1606				 */
1607				if (xisr->sadb_x_ipsecrequest_reqid
1608						> IPSEC_MANUAL_REQID_MAX) {
1609					ipseclog((LOG_DEBUG,
1610					    "%s: reqid=%d range "
1611					    "violation, updated by kernel.\n",
1612					    __func__,
1613					    xisr->sadb_x_ipsecrequest_reqid));
1614					xisr->sadb_x_ipsecrequest_reqid = 0;
1615				}
1616
1617				/* allocate new reqid id if reqid is zero. */
1618				if (xisr->sadb_x_ipsecrequest_reqid == 0) {
1619					u_int32_t reqid;
1620					if ((reqid = key_newreqid()) == 0) {
1621						key_freesp(&newsp);
1622						*error = ENOBUFS;
1623						return NULL;
1624					}
1625					isr->saidx.reqid = reqid;
1626					xisr->sadb_x_ipsecrequest_reqid = reqid;
1627				} else {
1628				/* set it for manual keying. */
1629					isr->saidx.reqid =
1630					    xisr->sadb_x_ipsecrequest_reqid;
1631				}
1632				break;
1633
1634			default:
1635				ipseclog((LOG_DEBUG, "%s: invalid level=%u\n",
1636					__func__,
1637					xisr->sadb_x_ipsecrequest_level));
1638				key_freesp(&newsp);
1639				*error = EINVAL;
1640				return NULL;
1641			}
1642			isr->level = xisr->sadb_x_ipsecrequest_level;
1643
1644			/* set IP addresses if there */
1645			if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
1646				struct sockaddr *paddr;
1647
1648				len = tlen - sizeof(*xisr);
1649				paddr = (struct sockaddr *)(xisr + 1);
1650				/* validity check */
1651				if (len < sizeof(struct sockaddr) ||
1652				    len < 2 * paddr->sa_len ||
1653				    paddr->sa_len > sizeof(isr->saidx.src)) {
1654					ipseclog((LOG_DEBUG, "%s: invalid "
1655						"request address length.\n",
1656						__func__));
1657					key_freesp(&newsp);
1658					*error = EINVAL;
1659					return NULL;
1660				}
1661				/*
1662				 * Request length should be enough to keep
1663				 * source and destination addresses.
1664				 */
1665				if (xisr->sadb_x_ipsecrequest_len <
1666				    sizeof(*xisr) + 2 * paddr->sa_len) {
1667					ipseclog((LOG_DEBUG, "%s: invalid "
1668					    "ipsecrequest length.\n",
1669					    __func__));
1670					key_freesp(&newsp);
1671					*error = EINVAL;
1672					return (NULL);
1673				}
1674				bcopy(paddr, &isr->saidx.src, paddr->sa_len);
1675				paddr = (struct sockaddr *)((caddr_t)paddr +
1676				    paddr->sa_len);
1677
1678				/* validity check */
1679				if (paddr->sa_len !=
1680				    isr->saidx.src.sa.sa_len) {
1681					ipseclog((LOG_DEBUG, "%s: invalid "
1682						"request address length.\n",
1683						__func__));
1684					key_freesp(&newsp);
1685					*error = EINVAL;
1686					return NULL;
1687				}
1688				/* AF family should match */
1689				if (paddr->sa_family !=
1690				    isr->saidx.src.sa.sa_family) {
1691					ipseclog((LOG_DEBUG, "%s: address "
1692					    "family doesn't match.\n",
1693						__func__));
1694					key_freesp(&newsp);
1695					*error = EINVAL;
1696					return (NULL);
1697				}
1698				bcopy(paddr, &isr->saidx.dst, paddr->sa_len);
1699			} else {
1700				/*
1701				 * Addresses for TUNNEL mode requests are
1702				 * mandatory.
1703				 */
1704				if (isr->saidx.mode == IPSEC_MODE_TUNNEL) {
1705					ipseclog((LOG_DEBUG, "%s: missing "
1706					    "request addresses.\n", __func__));
1707					key_freesp(&newsp);
1708					*error = EINVAL;
1709					return (NULL);
1710				}
1711			}
1712			tlen -= xisr->sadb_x_ipsecrequest_len;
1713
1714			/* validity check */
1715			if (tlen < 0) {
1716				ipseclog((LOG_DEBUG, "%s: becoming tlen < 0.\n",
1717					__func__));
1718				key_freesp(&newsp);
1719				*error = EINVAL;
1720				return NULL;
1721			}
1722
1723			xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr
1724			                 + xisr->sadb_x_ipsecrequest_len);
1725		}
1726		/* XXXAE: LARVAL SP */
1727		if (newsp->tcount < 1) {
1728			ipseclog((LOG_DEBUG, "%s: valid IPSEC transforms "
1729			    "not found.\n", __func__));
1730			key_freesp(&newsp);
1731			*error = EINVAL;
1732			return (NULL);
1733		}
1734	    }
1735		break;
1736	default:
1737		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
1738		key_freesp(&newsp);
1739		*error = EINVAL;
1740		return NULL;
1741	}
1742
1743	*error = 0;
1744	return (newsp);
1745}
1746
1747uint32_t
1748key_newreqid(void)
1749{
1750	static uint32_t auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1751
1752	if (auto_reqid == ~0)
1753		auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1754	else
1755		auto_reqid++;
1756
1757	/* XXX should be unique check */
1758	return (auto_reqid);
1759}
1760
1761/*
1762 * copy secpolicy struct to sadb_x_policy structure indicated.
1763 */
1764static struct mbuf *
1765key_sp2mbuf(struct secpolicy *sp)
1766{
1767	struct mbuf *m;
1768	size_t tlen;
1769
1770	tlen = key_getspreqmsglen(sp);
1771	m = m_get2(tlen, M_NOWAIT, MT_DATA, 0);
1772	if (m == NULL)
1773		return (NULL);
1774	m_align(m, tlen);
1775	m->m_len = tlen;
1776	if (key_sp2msg(sp, m->m_data, &tlen) != 0) {
1777		m_freem(m);
1778		return (NULL);
1779	}
1780	return (m);
1781}
1782
1783int
1784key_sp2msg(struct secpolicy *sp, void *request, size_t *len)
1785{
1786	struct sadb_x_ipsecrequest *xisr;
1787	struct sadb_x_policy *xpl;
1788	struct ipsecrequest *isr;
1789	size_t xlen, ilen;
1790	caddr_t p;
1791	int error, i;
1792
1793	IPSEC_ASSERT(sp != NULL, ("null policy"));
1794
1795	xlen = sizeof(*xpl);
1796	if (*len < xlen)
1797		return (EINVAL);
1798
1799	error = 0;
1800	bzero(request, *len);
1801	xpl = (struct sadb_x_policy *)request;
1802	xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
1803	xpl->sadb_x_policy_type = sp->policy;
1804	xpl->sadb_x_policy_dir = sp->spidx.dir;
1805	xpl->sadb_x_policy_id = sp->id;
1806	xpl->sadb_x_policy_priority = sp->priority;
1807	switch (sp->state) {
1808	case IPSEC_SPSTATE_IFNET:
1809		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_IFNET;
1810		break;
1811	case IPSEC_SPSTATE_PCB:
1812		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_PCB;
1813		break;
1814	default:
1815		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_GLOBAL;
1816	}
1817
1818	/* if is the policy for ipsec ? */
1819	if (sp->policy == IPSEC_POLICY_IPSEC) {
1820		p = (caddr_t)xpl + sizeof(*xpl);
1821		for (i = 0; i < sp->tcount; i++) {
1822			isr = sp->req[i];
1823			ilen = PFKEY_ALIGN8(sizeof(*xisr) +
1824			    isr->saidx.src.sa.sa_len +
1825			    isr->saidx.dst.sa.sa_len);
1826			xlen += ilen;
1827			if (xlen > *len) {
1828				error = ENOBUFS;
1829				/* Calculate needed size */
1830				continue;
1831			}
1832			xisr = (struct sadb_x_ipsecrequest *)p;
1833			xisr->sadb_x_ipsecrequest_len = ilen;
1834			xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto;
1835			xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode;
1836			xisr->sadb_x_ipsecrequest_level = isr->level;
1837			xisr->sadb_x_ipsecrequest_reqid = isr->saidx.reqid;
1838
1839			p += sizeof(*xisr);
1840			bcopy(&isr->saidx.src, p, isr->saidx.src.sa.sa_len);
1841			p += isr->saidx.src.sa.sa_len;
1842			bcopy(&isr->saidx.dst, p, isr->saidx.dst.sa.sa_len);
1843			p += isr->saidx.dst.sa.sa_len;
1844		}
1845	}
1846	xpl->sadb_x_policy_len = PFKEY_UNIT64(xlen);
1847	if (error == 0)
1848		*len = xlen;
1849	else
1850		*len = sizeof(*xpl);
1851	return (error);
1852}
1853
1854/* m will not be freed nor modified */
1855static struct mbuf *
1856key_gather_mbuf(struct mbuf *m, const struct sadb_msghdr *mhp,
1857    int ndeep, int nitem, ...)
1858{
1859	va_list ap;
1860	int idx;
1861	int i;
1862	struct mbuf *result = NULL, *n;
1863	int len;
1864
1865	IPSEC_ASSERT(m != NULL, ("null mbuf"));
1866	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
1867
1868	va_start(ap, nitem);
1869	for (i = 0; i < nitem; i++) {
1870		idx = va_arg(ap, int);
1871		if (idx < 0 || idx > SADB_EXT_MAX)
1872			goto fail;
1873		/* don't attempt to pull empty extension */
1874		if (idx == SADB_EXT_RESERVED && mhp->msg == NULL)
1875			continue;
1876		if (idx != SADB_EXT_RESERVED  &&
1877		    (mhp->ext[idx] == NULL || mhp->extlen[idx] == 0))
1878			continue;
1879
1880		if (idx == SADB_EXT_RESERVED) {
1881			len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
1882
1883			IPSEC_ASSERT(len <= MHLEN, ("header too big %u", len));
1884
1885			MGETHDR(n, M_NOWAIT, MT_DATA);
1886			if (!n)
1887				goto fail;
1888			n->m_len = len;
1889			n->m_next = NULL;
1890			m_copydata(m, 0, sizeof(struct sadb_msg),
1891			    mtod(n, caddr_t));
1892		} else if (i < ndeep) {
1893			len = mhp->extlen[idx];
1894			n = m_get2(len, M_NOWAIT, MT_DATA, 0);
1895			if (n == NULL)
1896				goto fail;
1897			m_align(n, len);
1898			n->m_len = len;
1899			m_copydata(m, mhp->extoff[idx], mhp->extlen[idx],
1900			    mtod(n, caddr_t));
1901		} else {
1902			n = m_copym(m, mhp->extoff[idx], mhp->extlen[idx],
1903			    M_NOWAIT);
1904		}
1905		if (n == NULL)
1906			goto fail;
1907
1908		if (result)
1909			m_cat(result, n);
1910		else
1911			result = n;
1912	}
1913	va_end(ap);
1914
1915	if ((result->m_flags & M_PKTHDR) != 0) {
1916		result->m_pkthdr.len = 0;
1917		for (n = result; n; n = n->m_next)
1918			result->m_pkthdr.len += n->m_len;
1919	}
1920
1921	return result;
1922
1923fail:
1924	m_freem(result);
1925	va_end(ap);
1926	return NULL;
1927}
1928
1929/*
1930 * SADB_X_SPDADD, SADB_X_SPDSETIDX or SADB_X_SPDUPDATE processing
1931 * add an entry to SP database, when received
1932 *   <base, address(SD), (lifetime(H),) policy>
1933 * from the user(?).
1934 * Adding to SP database,
1935 * and send
1936 *   <base, address(SD), (lifetime(H),) policy>
1937 * to the socket which was send.
1938 *
1939 * SPDADD set a unique policy entry.
1940 * SPDSETIDX like SPDADD without a part of policy requests.
1941 * SPDUPDATE replace a unique policy entry.
1942 *
1943 * XXXAE: serialize this in PF_KEY to avoid races.
1944 * m will always be freed.
1945 */
1946static int
1947key_spdadd(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
1948{
1949	struct secpolicyindex spidx;
1950	struct sadb_address *src0, *dst0;
1951	struct sadb_x_policy *xpl0, *xpl;
1952	struct sadb_lifetime *lft = NULL;
1953	struct secpolicy *newsp;
1954	int error;
1955
1956	IPSEC_ASSERT(so != NULL, ("null socket"));
1957	IPSEC_ASSERT(m != NULL, ("null mbuf"));
1958	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
1959	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
1960
1961	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
1962	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
1963	    SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY)) {
1964		ipseclog((LOG_DEBUG,
1965		    "%s: invalid message: missing required header.\n",
1966		    __func__));
1967		return key_senderror(so, m, EINVAL);
1968	}
1969	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
1970	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
1971	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
1972		ipseclog((LOG_DEBUG,
1973		    "%s: invalid message: wrong header size.\n", __func__));
1974		return key_senderror(so, m, EINVAL);
1975	}
1976	if (!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD)) {
1977		if (SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_HARD)) {
1978			ipseclog((LOG_DEBUG,
1979			    "%s: invalid message: wrong header size.\n",
1980			    __func__));
1981			return key_senderror(so, m, EINVAL);
1982		}
1983		lft = (struct sadb_lifetime *)mhp->ext[SADB_EXT_LIFETIME_HARD];
1984	}
1985
1986	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
1987	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
1988	xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
1989
1990	/* check the direciton */
1991	switch (xpl0->sadb_x_policy_dir) {
1992	case IPSEC_DIR_INBOUND:
1993	case IPSEC_DIR_OUTBOUND:
1994		break;
1995	default:
1996		ipseclog((LOG_DEBUG, "%s: invalid SP direction.\n", __func__));
1997		return key_senderror(so, m, EINVAL);
1998	}
1999	/* key_spdadd() accepts DISCARD, NONE and IPSEC. */
2000	if (xpl0->sadb_x_policy_type != IPSEC_POLICY_DISCARD &&
2001	    xpl0->sadb_x_policy_type != IPSEC_POLICY_NONE &&
2002	    xpl0->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
2003		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
2004		return key_senderror(so, m, EINVAL);
2005	}
2006
2007	/* policy requests are mandatory when action is ipsec. */
2008	if (xpl0->sadb_x_policy_type == IPSEC_POLICY_IPSEC &&
2009	    mhp->extlen[SADB_X_EXT_POLICY] <= sizeof(*xpl0)) {
2010		ipseclog((LOG_DEBUG,
2011		    "%s: policy requests required.\n", __func__));
2012		return key_senderror(so, m, EINVAL);
2013	}
2014
2015	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
2016	    (struct sockaddr *)(dst0 + 1));
2017	if (error != 0 ||
2018	    src0->sadb_address_proto != dst0->sadb_address_proto) {
2019		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
2020		return key_senderror(so, m, error);
2021	}
2022	/* make secindex */
2023	KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
2024	                src0 + 1,
2025	                dst0 + 1,
2026	                src0->sadb_address_prefixlen,
2027	                dst0->sadb_address_prefixlen,
2028	                src0->sadb_address_proto,
2029	                &spidx);
2030	/* Checking there is SP already or not. */
2031	newsp = key_getsp(&spidx);
2032	if (newsp != NULL) {
2033		if (mhp->msg->sadb_msg_type == SADB_X_SPDUPDATE) {
2034			KEYDBG(KEY_STAMP,
2035			    printf("%s: unlink SP(%p) for SPDUPDATE\n",
2036				__func__, newsp));
2037			KEYDBG(KEY_DATA, kdebug_secpolicy(newsp));
2038			key_unlink(newsp);
2039			key_freesp(&newsp);
2040		} else {
2041			key_freesp(&newsp);
2042			ipseclog((LOG_DEBUG,
2043			    "%s: a SP entry exists already.\n", __func__));
2044			return (key_senderror(so, m, EEXIST));
2045		}
2046	}
2047
2048	/* allocate new SP entry */
2049	if ((newsp = key_msg2sp(xpl0, PFKEY_EXTLEN(xpl0), &error)) == NULL) {
2050		return key_senderror(so, m, error);
2051	}
2052
2053	newsp->lastused = newsp->created = time_second;
2054	newsp->lifetime = lft ? lft->sadb_lifetime_addtime : 0;
2055	newsp->validtime = lft ? lft->sadb_lifetime_usetime : 0;
2056	bcopy(&spidx, &newsp->spidx, sizeof(spidx));
2057
2058	/* XXXAE: there is race between key_getsp() and key_insertsp() */
2059	SPTREE_WLOCK();
2060	if ((newsp->id = key_getnewspid()) == 0) {
2061		SPTREE_WUNLOCK();
2062		key_freesp(&newsp);
2063		return key_senderror(so, m, ENOBUFS);
2064	}
2065	key_insertsp(newsp);
2066	SPTREE_WUNLOCK();
2067	if (SPDCACHE_ENABLED())
2068		spdcache_clear();
2069
2070	KEYDBG(KEY_STAMP,
2071	    printf("%s: SP(%p)\n", __func__, newsp));
2072	KEYDBG(KEY_DATA, kdebug_secpolicy(newsp));
2073
2074    {
2075	struct mbuf *n, *mpolicy;
2076	struct sadb_msg *newmsg;
2077	int off;
2078
2079	/* create new sadb_msg to reply. */
2080	if (lft) {
2081		n = key_gather_mbuf(m, mhp, 2, 5, SADB_EXT_RESERVED,
2082		    SADB_X_EXT_POLICY, SADB_EXT_LIFETIME_HARD,
2083		    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2084	} else {
2085		n = key_gather_mbuf(m, mhp, 2, 4, SADB_EXT_RESERVED,
2086		    SADB_X_EXT_POLICY,
2087		    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2088	}
2089	if (!n)
2090		return key_senderror(so, m, ENOBUFS);
2091
2092	if (n->m_len < sizeof(*newmsg)) {
2093		n = m_pullup(n, sizeof(*newmsg));
2094		if (!n)
2095			return key_senderror(so, m, ENOBUFS);
2096	}
2097	newmsg = mtod(n, struct sadb_msg *);
2098	newmsg->sadb_msg_errno = 0;
2099	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2100
2101	off = 0;
2102	mpolicy = m_pulldown(n, PFKEY_ALIGN8(sizeof(struct sadb_msg)),
2103	    sizeof(*xpl), &off);
2104	if (mpolicy == NULL) {
2105		/* n is already freed */
2106		return key_senderror(so, m, ENOBUFS);
2107	}
2108	xpl = (struct sadb_x_policy *)(mtod(mpolicy, caddr_t) + off);
2109	if (xpl->sadb_x_policy_exttype != SADB_X_EXT_POLICY) {
2110		m_freem(n);
2111		return key_senderror(so, m, EINVAL);
2112	}
2113	xpl->sadb_x_policy_id = newsp->id;
2114
2115	m_freem(m);
2116	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2117    }
2118}
2119
2120/*
2121 * get new policy id.
2122 * OUT:
2123 *	0:	failure.
2124 *	others: success.
2125 */
2126static uint32_t
2127key_getnewspid(void)
2128{
2129	struct secpolicy *sp;
2130	uint32_t newid = 0;
2131	int count = V_key_spi_trycnt;	/* XXX */
2132
2133	SPTREE_WLOCK_ASSERT();
2134	while (count--) {
2135		if (V_policy_id == ~0) /* overflowed */
2136			newid = V_policy_id = 1;
2137		else
2138			newid = ++V_policy_id;
2139		LIST_FOREACH(sp, SPHASH_HASH(newid), idhash) {
2140			if (sp->id == newid)
2141				break;
2142		}
2143		if (sp == NULL)
2144			break;
2145	}
2146	if (count == 0 || newid == 0) {
2147		ipseclog((LOG_DEBUG, "%s: failed to allocate policy id.\n",
2148		    __func__));
2149		return (0);
2150	}
2151	return (newid);
2152}
2153
2154/*
2155 * SADB_SPDDELETE processing
2156 * receive
2157 *   <base, address(SD), policy(*)>
2158 * from the user(?), and set SADB_SASTATE_DEAD,
2159 * and send,
2160 *   <base, address(SD), policy(*)>
2161 * to the ikmpd.
2162 * policy(*) including direction of policy.
2163 *
2164 * m will always be freed.
2165 */
2166static int
2167key_spddelete(struct socket *so, struct mbuf *m,
2168    const struct sadb_msghdr *mhp)
2169{
2170	struct secpolicyindex spidx;
2171	struct sadb_address *src0, *dst0;
2172	struct sadb_x_policy *xpl0;
2173	struct secpolicy *sp;
2174
2175	IPSEC_ASSERT(so != NULL, ("null so"));
2176	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2177	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2178	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2179
2180	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
2181	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
2182	    SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY)) {
2183		ipseclog((LOG_DEBUG,
2184		    "%s: invalid message: missing required header.\n",
2185		    __func__));
2186		return key_senderror(so, m, EINVAL);
2187	}
2188	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
2189	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
2190	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2191		ipseclog((LOG_DEBUG,
2192		    "%s: invalid message: wrong header size.\n", __func__));
2193		return key_senderror(so, m, EINVAL);
2194	}
2195
2196	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
2197	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
2198	xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
2199
2200	/* check the direciton */
2201	switch (xpl0->sadb_x_policy_dir) {
2202	case IPSEC_DIR_INBOUND:
2203	case IPSEC_DIR_OUTBOUND:
2204		break;
2205	default:
2206		ipseclog((LOG_DEBUG, "%s: invalid SP direction.\n", __func__));
2207		return key_senderror(so, m, EINVAL);
2208	}
2209	/* Only DISCARD, NONE and IPSEC are allowed */
2210	if (xpl0->sadb_x_policy_type != IPSEC_POLICY_DISCARD &&
2211	    xpl0->sadb_x_policy_type != IPSEC_POLICY_NONE &&
2212	    xpl0->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
2213		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
2214		return key_senderror(so, m, EINVAL);
2215	}
2216	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
2217	    (struct sockaddr *)(dst0 + 1)) != 0 ||
2218	    src0->sadb_address_proto != dst0->sadb_address_proto) {
2219		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
2220		return key_senderror(so, m, EINVAL);
2221	}
2222	/* make secindex */
2223	KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
2224	                src0 + 1,
2225	                dst0 + 1,
2226	                src0->sadb_address_prefixlen,
2227	                dst0->sadb_address_prefixlen,
2228	                src0->sadb_address_proto,
2229	                &spidx);
2230
2231	/* Is there SP in SPD ? */
2232	if ((sp = key_getsp(&spidx)) == NULL) {
2233		ipseclog((LOG_DEBUG, "%s: no SP found.\n", __func__));
2234		return key_senderror(so, m, EINVAL);
2235	}
2236
2237	/* save policy id to buffer to be returned. */
2238	xpl0->sadb_x_policy_id = sp->id;
2239
2240	KEYDBG(KEY_STAMP,
2241	    printf("%s: SP(%p)\n", __func__, sp));
2242	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2243	key_unlink(sp);
2244	key_freesp(&sp);
2245
2246    {
2247	struct mbuf *n;
2248	struct sadb_msg *newmsg;
2249
2250	/* create new sadb_msg to reply. */
2251	n = key_gather_mbuf(m, mhp, 1, 4, SADB_EXT_RESERVED,
2252	    SADB_X_EXT_POLICY, SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2253	if (!n)
2254		return key_senderror(so, m, ENOBUFS);
2255
2256	newmsg = mtod(n, struct sadb_msg *);
2257	newmsg->sadb_msg_errno = 0;
2258	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2259
2260	m_freem(m);
2261	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2262    }
2263}
2264
2265/*
2266 * SADB_SPDDELETE2 processing
2267 * receive
2268 *   <base, policy(*)>
2269 * from the user(?), and set SADB_SASTATE_DEAD,
2270 * and send,
2271 *   <base, policy(*)>
2272 * to the ikmpd.
2273 * policy(*) including direction of policy.
2274 *
2275 * m will always be freed.
2276 */
2277static int
2278key_spddelete2(struct socket *so, struct mbuf *m,
2279    const struct sadb_msghdr *mhp)
2280{
2281	struct secpolicy *sp;
2282	uint32_t id;
2283
2284	IPSEC_ASSERT(so != NULL, ("null socket"));
2285	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2286	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2287	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2288
2289	if (SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY) ||
2290	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2291		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
2292		    __func__));
2293		return key_senderror(so, m, EINVAL);
2294	}
2295
2296	id = ((struct sadb_x_policy *)
2297	    mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
2298
2299	/* Is there SP in SPD ? */
2300	if ((sp = key_getspbyid(id)) == NULL) {
2301		ipseclog((LOG_DEBUG, "%s: no SP found for id %u.\n",
2302		    __func__, id));
2303		return key_senderror(so, m, EINVAL);
2304	}
2305
2306	KEYDBG(KEY_STAMP,
2307	    printf("%s: SP(%p)\n", __func__, sp));
2308	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2309	key_unlink(sp);
2310	if (sp->state != IPSEC_SPSTATE_DEAD) {
2311		ipseclog((LOG_DEBUG, "%s: failed to delete SP with id %u.\n",
2312		    __func__, id));
2313		key_freesp(&sp);
2314		return (key_senderror(so, m, EACCES));
2315	}
2316	key_freesp(&sp);
2317
2318    {
2319	struct mbuf *n, *nn;
2320	struct sadb_msg *newmsg;
2321	int off, len;
2322
2323	/* create new sadb_msg to reply. */
2324	len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
2325
2326	MGETHDR(n, M_NOWAIT, MT_DATA);
2327	if (n && len > MHLEN) {
2328		if (!(MCLGET(n, M_NOWAIT))) {
2329			m_freem(n);
2330			n = NULL;
2331		}
2332	}
2333	if (!n)
2334		return key_senderror(so, m, ENOBUFS);
2335
2336	n->m_len = len;
2337	n->m_next = NULL;
2338	off = 0;
2339
2340	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
2341	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
2342
2343	IPSEC_ASSERT(off == len, ("length inconsistency (off %u len %u)",
2344		off, len));
2345
2346	n->m_next = m_copym(m, mhp->extoff[SADB_X_EXT_POLICY],
2347	    mhp->extlen[SADB_X_EXT_POLICY], M_NOWAIT);
2348	if (!n->m_next) {
2349		m_freem(n);
2350		return key_senderror(so, m, ENOBUFS);
2351	}
2352
2353	n->m_pkthdr.len = 0;
2354	for (nn = n; nn; nn = nn->m_next)
2355		n->m_pkthdr.len += nn->m_len;
2356
2357	newmsg = mtod(n, struct sadb_msg *);
2358	newmsg->sadb_msg_errno = 0;
2359	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2360
2361	m_freem(m);
2362	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2363    }
2364}
2365
2366/*
2367 * SADB_X_SPDGET processing
2368 * receive
2369 *   <base, policy(*)>
2370 * from the user(?),
2371 * and send,
2372 *   <base, address(SD), policy>
2373 * to the ikmpd.
2374 * policy(*) including direction of policy.
2375 *
2376 * m will always be freed.
2377 */
2378static int
2379key_spdget(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2380{
2381	struct secpolicy *sp;
2382	struct mbuf *n;
2383	uint32_t id;
2384
2385	IPSEC_ASSERT(so != NULL, ("null socket"));
2386	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2387	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2388	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2389
2390	if (SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY) ||
2391	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2392		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
2393		    __func__));
2394		return key_senderror(so, m, EINVAL);
2395	}
2396
2397	id = ((struct sadb_x_policy *)
2398	    mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
2399
2400	/* Is there SP in SPD ? */
2401	if ((sp = key_getspbyid(id)) == NULL) {
2402		ipseclog((LOG_DEBUG, "%s: no SP found for id %u.\n",
2403		    __func__, id));
2404		return key_senderror(so, m, ENOENT);
2405	}
2406
2407	n = key_setdumpsp(sp, SADB_X_SPDGET, mhp->msg->sadb_msg_seq,
2408	    mhp->msg->sadb_msg_pid);
2409	key_freesp(&sp);
2410	if (n != NULL) {
2411		m_freem(m);
2412		return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2413	} else
2414		return key_senderror(so, m, ENOBUFS);
2415}
2416
2417/*
2418 * SADB_X_SPDACQUIRE processing.
2419 * Acquire policy and SA(s) for a *OUTBOUND* packet.
2420 * send
2421 *   <base, policy(*)>
2422 * to KMD, and expect to receive
2423 *   <base> with SADB_X_SPDACQUIRE if error occurred,
2424 * or
2425 *   <base, policy>
2426 * with SADB_X_SPDUPDATE from KMD by PF_KEY.
2427 * policy(*) is without policy requests.
2428 *
2429 *    0     : succeed
2430 *    others: error number
2431 */
2432int
2433key_spdacquire(struct secpolicy *sp)
2434{
2435	struct mbuf *result = NULL, *m;
2436	struct secspacq *newspacq;
2437
2438	IPSEC_ASSERT(sp != NULL, ("null secpolicy"));
2439	IPSEC_ASSERT(sp->req == NULL, ("policy exists"));
2440	IPSEC_ASSERT(sp->policy == IPSEC_POLICY_IPSEC,
2441		("policy not IPSEC %u", sp->policy));
2442
2443	/* Get an entry to check whether sent message or not. */
2444	newspacq = key_getspacq(&sp->spidx);
2445	if (newspacq != NULL) {
2446		if (V_key_blockacq_count < newspacq->count) {
2447			/* reset counter and do send message. */
2448			newspacq->count = 0;
2449		} else {
2450			/* increment counter and do nothing. */
2451			newspacq->count++;
2452			SPACQ_UNLOCK();
2453			return (0);
2454		}
2455		SPACQ_UNLOCK();
2456	} else {
2457		/* make new entry for blocking to send SADB_ACQUIRE. */
2458		newspacq = key_newspacq(&sp->spidx);
2459		if (newspacq == NULL)
2460			return ENOBUFS;
2461	}
2462
2463	/* create new sadb_msg to reply. */
2464	m = key_setsadbmsg(SADB_X_SPDACQUIRE, 0, 0, 0, 0, 0);
2465	if (!m)
2466		return ENOBUFS;
2467
2468	result = m;
2469
2470	result->m_pkthdr.len = 0;
2471	for (m = result; m; m = m->m_next)
2472		result->m_pkthdr.len += m->m_len;
2473
2474	mtod(result, struct sadb_msg *)->sadb_msg_len =
2475	    PFKEY_UNIT64(result->m_pkthdr.len);
2476
2477	return key_sendup_mbuf(NULL, m, KEY_SENDUP_REGISTERED);
2478}
2479
2480/*
2481 * SADB_SPDFLUSH processing
2482 * receive
2483 *   <base>
2484 * from the user, and free all entries in secpctree.
2485 * and send,
2486 *   <base>
2487 * to the user.
2488 * NOTE: what to do is only marking SADB_SASTATE_DEAD.
2489 *
2490 * m will always be freed.
2491 */
2492static int
2493key_spdflush(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2494{
2495	struct secpolicy_queue drainq;
2496	struct sadb_msg *newmsg;
2497	struct secpolicy *sp, *nextsp;
2498	u_int dir;
2499
2500	IPSEC_ASSERT(so != NULL, ("null socket"));
2501	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2502	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2503	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2504
2505	if (m->m_len != PFKEY_ALIGN8(sizeof(struct sadb_msg)))
2506		return key_senderror(so, m, EINVAL);
2507
2508	TAILQ_INIT(&drainq);
2509	SPTREE_WLOCK();
2510	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2511		TAILQ_CONCAT(&drainq, &V_sptree[dir], chain);
2512	}
2513	/*
2514	 * We need to set state to DEAD for each policy to be sure,
2515	 * that another thread won't try to unlink it.
2516	 * Also remove SP from sphash.
2517	 */
2518	TAILQ_FOREACH(sp, &drainq, chain) {
2519		sp->state = IPSEC_SPSTATE_DEAD;
2520		LIST_REMOVE(sp, idhash);
2521	}
2522	V_sp_genid++;
2523	V_spd_size = 0;
2524	SPTREE_WUNLOCK();
2525	if (SPDCACHE_ENABLED())
2526		spdcache_clear();
2527	sp = TAILQ_FIRST(&drainq);
2528	while (sp != NULL) {
2529		nextsp = TAILQ_NEXT(sp, chain);
2530		key_freesp(&sp);
2531		sp = nextsp;
2532	}
2533
2534	if (sizeof(struct sadb_msg) > m->m_len + M_TRAILINGSPACE(m)) {
2535		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
2536		return key_senderror(so, m, ENOBUFS);
2537	}
2538
2539	if (m->m_next)
2540		m_freem(m->m_next);
2541	m->m_next = NULL;
2542	m->m_pkthdr.len = m->m_len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
2543	newmsg = mtod(m, struct sadb_msg *);
2544	newmsg->sadb_msg_errno = 0;
2545	newmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
2546
2547	return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
2548}
2549
2550static uint8_t
2551key_satype2scopemask(uint8_t satype)
2552{
2553
2554	if (satype == IPSEC_POLICYSCOPE_ANY)
2555		return (0xff);
2556	return (satype);
2557}
2558/*
2559 * SADB_SPDDUMP processing
2560 * receive
2561 *   <base>
2562 * from the user, and dump all SP leaves and send,
2563 *   <base> .....
2564 * to the ikmpd.
2565 *
2566 * NOTE:
2567 *   sadb_msg_satype is considered as mask of policy scopes.
2568 *   m will always be freed.
2569 */
2570static int
2571key_spddump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2572{
2573	SPTREE_RLOCK_TRACKER;
2574	struct secpolicy *sp;
2575	struct mbuf *n;
2576	int cnt;
2577	u_int dir, scope;
2578
2579	IPSEC_ASSERT(so != NULL, ("null socket"));
2580	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2581	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2582	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2583
2584	/* search SPD entry and get buffer size. */
2585	cnt = 0;
2586	scope = key_satype2scopemask(mhp->msg->sadb_msg_satype);
2587	SPTREE_RLOCK();
2588	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2589		if (scope & IPSEC_POLICYSCOPE_GLOBAL) {
2590			TAILQ_FOREACH(sp, &V_sptree[dir], chain)
2591				cnt++;
2592		}
2593		if (scope & IPSEC_POLICYSCOPE_IFNET) {
2594			TAILQ_FOREACH(sp, &V_sptree_ifnet[dir], chain)
2595				cnt++;
2596		}
2597	}
2598
2599	if (cnt == 0) {
2600		SPTREE_RUNLOCK();
2601		return key_senderror(so, m, ENOENT);
2602	}
2603
2604	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2605		if (scope & IPSEC_POLICYSCOPE_GLOBAL) {
2606			TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
2607				--cnt;
2608				n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt,
2609				    mhp->msg->sadb_msg_pid);
2610
2611				if (n != NULL)
2612					key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2613			}
2614		}
2615		if (scope & IPSEC_POLICYSCOPE_IFNET) {
2616			TAILQ_FOREACH(sp, &V_sptree_ifnet[dir], chain) {
2617				--cnt;
2618				n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt,
2619				    mhp->msg->sadb_msg_pid);
2620
2621				if (n != NULL)
2622					key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2623			}
2624		}
2625	}
2626
2627	SPTREE_RUNLOCK();
2628	m_freem(m);
2629	return (0);
2630}
2631
2632static struct mbuf *
2633key_setdumpsp(struct secpolicy *sp, u_int8_t type, u_int32_t seq,
2634    u_int32_t pid)
2635{
2636	struct mbuf *result = NULL, *m;
2637	struct seclifetime lt;
2638
2639	m = key_setsadbmsg(type, 0, SADB_SATYPE_UNSPEC, seq, pid, sp->refcnt);
2640	if (!m)
2641		goto fail;
2642	result = m;
2643
2644	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
2645	    &sp->spidx.src.sa, sp->spidx.prefs,
2646	    sp->spidx.ul_proto);
2647	if (!m)
2648		goto fail;
2649	m_cat(result, m);
2650
2651	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
2652	    &sp->spidx.dst.sa, sp->spidx.prefd,
2653	    sp->spidx.ul_proto);
2654	if (!m)
2655		goto fail;
2656	m_cat(result, m);
2657
2658	m = key_sp2mbuf(sp);
2659	if (!m)
2660		goto fail;
2661	m_cat(result, m);
2662
2663	if(sp->lifetime){
2664		lt.addtime=sp->created;
2665		lt.usetime= sp->lastused;
2666		m = key_setlifetime(&lt, SADB_EXT_LIFETIME_CURRENT);
2667		if (!m)
2668			goto fail;
2669		m_cat(result, m);
2670
2671		lt.addtime=sp->lifetime;
2672		lt.usetime= sp->validtime;
2673		m = key_setlifetime(&lt, SADB_EXT_LIFETIME_HARD);
2674		if (!m)
2675			goto fail;
2676		m_cat(result, m);
2677	}
2678
2679	if ((result->m_flags & M_PKTHDR) == 0)
2680		goto fail;
2681
2682	if (result->m_len < sizeof(struct sadb_msg)) {
2683		result = m_pullup(result, sizeof(struct sadb_msg));
2684		if (result == NULL)
2685			goto fail;
2686	}
2687
2688	result->m_pkthdr.len = 0;
2689	for (m = result; m; m = m->m_next)
2690		result->m_pkthdr.len += m->m_len;
2691
2692	mtod(result, struct sadb_msg *)->sadb_msg_len =
2693	    PFKEY_UNIT64(result->m_pkthdr.len);
2694
2695	return result;
2696
2697fail:
2698	m_freem(result);
2699	return NULL;
2700}
2701/*
2702 * get PFKEY message length for security policy and request.
2703 */
2704static size_t
2705key_getspreqmsglen(struct secpolicy *sp)
2706{
2707	size_t tlen, len;
2708	int i;
2709
2710	tlen = sizeof(struct sadb_x_policy);
2711	/* if is the policy for ipsec ? */
2712	if (sp->policy != IPSEC_POLICY_IPSEC)
2713		return (tlen);
2714
2715	/* get length of ipsec requests */
2716	for (i = 0; i < sp->tcount; i++) {
2717		len = sizeof(struct sadb_x_ipsecrequest)
2718			+ sp->req[i]->saidx.src.sa.sa_len
2719			+ sp->req[i]->saidx.dst.sa.sa_len;
2720
2721		tlen += PFKEY_ALIGN8(len);
2722	}
2723	return (tlen);
2724}
2725
2726/*
2727 * SADB_SPDEXPIRE processing
2728 * send
2729 *   <base, address(SD), lifetime(CH), policy>
2730 * to KMD by PF_KEY.
2731 *
2732 * OUT:	0	: succeed
2733 *	others	: error number
2734 */
2735static int
2736key_spdexpire(struct secpolicy *sp)
2737{
2738	struct sadb_lifetime *lt;
2739	struct mbuf *result = NULL, *m;
2740	int len, error = -1;
2741
2742	IPSEC_ASSERT(sp != NULL, ("null secpolicy"));
2743
2744	KEYDBG(KEY_STAMP,
2745	    printf("%s: SP(%p)\n", __func__, sp));
2746	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2747
2748	/* set msg header */
2749	m = key_setsadbmsg(SADB_X_SPDEXPIRE, 0, 0, 0, 0, 0);
2750	if (!m) {
2751		error = ENOBUFS;
2752		goto fail;
2753	}
2754	result = m;
2755
2756	/* create lifetime extension (current and hard) */
2757	len = PFKEY_ALIGN8(sizeof(*lt)) * 2;
2758	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
2759	if (m == NULL) {
2760		error = ENOBUFS;
2761		goto fail;
2762	}
2763	m_align(m, len);
2764	m->m_len = len;
2765	bzero(mtod(m, caddr_t), len);
2766	lt = mtod(m, struct sadb_lifetime *);
2767	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2768	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
2769	lt->sadb_lifetime_allocations = 0;
2770	lt->sadb_lifetime_bytes = 0;
2771	lt->sadb_lifetime_addtime = sp->created;
2772	lt->sadb_lifetime_usetime = sp->lastused;
2773	lt = (struct sadb_lifetime *)(mtod(m, caddr_t) + len / 2);
2774	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2775	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
2776	lt->sadb_lifetime_allocations = 0;
2777	lt->sadb_lifetime_bytes = 0;
2778	lt->sadb_lifetime_addtime = sp->lifetime;
2779	lt->sadb_lifetime_usetime = sp->validtime;
2780	m_cat(result, m);
2781
2782	/* set sadb_address for source */
2783	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
2784	    &sp->spidx.src.sa,
2785	    sp->spidx.prefs, sp->spidx.ul_proto);
2786	if (!m) {
2787		error = ENOBUFS;
2788		goto fail;
2789	}
2790	m_cat(result, m);
2791
2792	/* set sadb_address for destination */
2793	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
2794	    &sp->spidx.dst.sa,
2795	    sp->spidx.prefd, sp->spidx.ul_proto);
2796	if (!m) {
2797		error = ENOBUFS;
2798		goto fail;
2799	}
2800	m_cat(result, m);
2801
2802	/* set secpolicy */
2803	m = key_sp2mbuf(sp);
2804	if (!m) {
2805		error = ENOBUFS;
2806		goto fail;
2807	}
2808	m_cat(result, m);
2809
2810	if ((result->m_flags & M_PKTHDR) == 0) {
2811		error = EINVAL;
2812		goto fail;
2813	}
2814
2815	if (result->m_len < sizeof(struct sadb_msg)) {
2816		result = m_pullup(result, sizeof(struct sadb_msg));
2817		if (result == NULL) {
2818			error = ENOBUFS;
2819			goto fail;
2820		}
2821	}
2822
2823	result->m_pkthdr.len = 0;
2824	for (m = result; m; m = m->m_next)
2825		result->m_pkthdr.len += m->m_len;
2826
2827	mtod(result, struct sadb_msg *)->sadb_msg_len =
2828	    PFKEY_UNIT64(result->m_pkthdr.len);
2829
2830	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
2831
2832 fail:
2833	if (result)
2834		m_freem(result);
2835	return error;
2836}
2837
2838/* %%% SAD management */
2839/*
2840 * allocating and initialize new SA head.
2841 * OUT:	NULL	: failure due to the lack of memory.
2842 *	others	: pointer to new SA head.
2843 */
2844static struct secashead *
2845key_newsah(struct secasindex *saidx)
2846{
2847	struct secashead *sah;
2848
2849	sah = malloc(sizeof(struct secashead), M_IPSEC_SAH,
2850	    M_NOWAIT | M_ZERO);
2851	if (sah == NULL) {
2852		PFKEYSTAT_INC(in_nomem);
2853		return (NULL);
2854	}
2855	TAILQ_INIT(&sah->savtree_larval);
2856	TAILQ_INIT(&sah->savtree_alive);
2857	sah->saidx = *saidx;
2858	sah->state = SADB_SASTATE_DEAD;
2859	SAH_INITREF(sah);
2860
2861	KEYDBG(KEY_STAMP,
2862	    printf("%s: SAH(%p)\n", __func__, sah));
2863	KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2864	return (sah);
2865}
2866
2867static void
2868key_freesah(struct secashead **psah)
2869{
2870	struct secashead *sah = *psah;
2871
2872	if (SAH_DELREF(sah) == 0)
2873		return;
2874
2875	KEYDBG(KEY_STAMP,
2876	    printf("%s: last reference to SAH(%p)\n", __func__, sah));
2877	KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2878
2879	*psah = NULL;
2880	key_delsah(sah);
2881}
2882
2883static void
2884key_delsah(struct secashead *sah)
2885{
2886	IPSEC_ASSERT(sah != NULL, ("NULL sah"));
2887	IPSEC_ASSERT(sah->state == SADB_SASTATE_DEAD,
2888	    ("Attempt to free non DEAD SAH %p", sah));
2889	IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_larval),
2890	    ("Attempt to free SAH %p with LARVAL SA", sah));
2891	IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_alive),
2892	    ("Attempt to free SAH %p with ALIVE SA", sah));
2893
2894	free(sah, M_IPSEC_SAH);
2895}
2896
2897/*
2898 * allocating a new SA for key_add() and key_getspi() call,
2899 * and copy the values of mhp into new buffer.
2900 * When SAD message type is SADB_GETSPI set SA state to LARVAL.
2901 * For SADB_ADD create and initialize SA with MATURE state.
2902 * OUT:	NULL	: fail
2903 *	others	: pointer to new secasvar.
2904 */
2905static struct secasvar *
2906key_newsav(const struct sadb_msghdr *mhp, struct secasindex *saidx,
2907    uint32_t spi, int *errp)
2908{
2909	struct secashead *sah;
2910	struct secasvar *sav;
2911	int isnew;
2912
2913	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2914	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2915	IPSEC_ASSERT(mhp->msg->sadb_msg_type == SADB_GETSPI ||
2916	    mhp->msg->sadb_msg_type == SADB_ADD, ("wrong message type"));
2917
2918	sav = NULL;
2919	sah = NULL;
2920	/* check SPI value */
2921	switch (saidx->proto) {
2922	case IPPROTO_ESP:
2923	case IPPROTO_AH:
2924		/*
2925		 * RFC 4302, 2.4. Security Parameters Index (SPI), SPI values
2926		 * 1-255 reserved by IANA for future use,
2927		 * 0 for implementation specific, local use.
2928		 */
2929		if (ntohl(spi) <= 255) {
2930			ipseclog((LOG_DEBUG, "%s: illegal range of SPI %u.\n",
2931			    __func__, ntohl(spi)));
2932			*errp = EINVAL;
2933			goto done;
2934		}
2935		break;
2936	}
2937
2938	sav = malloc(sizeof(struct secasvar), M_IPSEC_SA, M_NOWAIT | M_ZERO);
2939	if (sav == NULL) {
2940		*errp = ENOBUFS;
2941		goto done;
2942	}
2943	sav->lock = malloc(sizeof(struct mtx), M_IPSEC_MISC,
2944	    M_NOWAIT | M_ZERO);
2945	if (sav->lock == NULL) {
2946		*errp = ENOBUFS;
2947		goto done;
2948	}
2949	mtx_init(sav->lock, "ipsec association", NULL, MTX_DEF);
2950	sav->lft_c = uma_zalloc_pcpu(V_key_lft_zone, M_NOWAIT);
2951	if (sav->lft_c == NULL) {
2952		*errp = ENOBUFS;
2953		goto done;
2954	}
2955	counter_u64_zero(sav->lft_c_allocations);
2956	counter_u64_zero(sav->lft_c_bytes);
2957
2958	sav->spi = spi;
2959	sav->seq = mhp->msg->sadb_msg_seq;
2960	sav->state = SADB_SASTATE_LARVAL;
2961	sav->pid = (pid_t)mhp->msg->sadb_msg_pid;
2962	SAV_INITREF(sav);
2963again:
2964	sah = key_getsah(saidx);
2965	if (sah == NULL) {
2966		/* create a new SA index */
2967		sah = key_newsah(saidx);
2968		if (sah == NULL) {
2969			ipseclog((LOG_DEBUG,
2970			    "%s: No more memory.\n", __func__));
2971			*errp = ENOBUFS;
2972			goto done;
2973		}
2974		isnew = 1;
2975	} else
2976		isnew = 0;
2977
2978	sav->sah = sah;
2979	if (mhp->msg->sadb_msg_type == SADB_GETSPI) {
2980		sav->created = time_second;
2981	} else if (sav->state == SADB_SASTATE_LARVAL) {
2982		/*
2983		 * Do not call key_setsaval() second time in case
2984		 * of `goto again`. We will have MATURE state.
2985		 */
2986		*errp = key_setsaval(sav, mhp);
2987		if (*errp != 0)
2988			goto done;
2989		sav->state = SADB_SASTATE_MATURE;
2990	}
2991
2992	SAHTREE_WLOCK();
2993	/*
2994	 * Check that existing SAH wasn't unlinked.
2995	 * Since we didn't hold the SAHTREE lock, it is possible,
2996	 * that callout handler or key_flush() or key_delete() could
2997	 * unlink this SAH.
2998	 */
2999	if (isnew == 0 && sah->state == SADB_SASTATE_DEAD) {
3000		SAHTREE_WUNLOCK();
3001		key_freesah(&sah);	/* reference from key_getsah() */
3002		goto again;
3003	}
3004	if (isnew != 0) {
3005		/*
3006		 * Add new SAH into SADB.
3007		 *
3008		 * XXXAE: we can serialize key_add and key_getspi calls, so
3009		 * several threads will not fight in the race.
3010		 * Otherwise we should check under SAHTREE lock, that this
3011		 * SAH would not added twice.
3012		 */
3013		TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
3014		/* Add new SAH into hash by addresses */
3015		LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
3016		/* Now we are linked in the chain */
3017		sah->state = SADB_SASTATE_MATURE;
3018		/*
3019		 * SAV references this new SAH.
3020		 * In case of existing SAH we reuse reference
3021		 * from key_getsah().
3022		 */
3023		SAH_ADDREF(sah);
3024	}
3025	/* Link SAV with SAH */
3026	if (sav->state == SADB_SASTATE_MATURE)
3027		TAILQ_INSERT_HEAD(&sah->savtree_alive, sav, chain);
3028	else
3029		TAILQ_INSERT_HEAD(&sah->savtree_larval, sav, chain);
3030	/* Add SAV into SPI hash */
3031	LIST_INSERT_HEAD(SAVHASH_HASH(sav->spi), sav, spihash);
3032	SAHTREE_WUNLOCK();
3033	*errp = 0;	/* success */
3034done:
3035	if (*errp != 0) {
3036		if (sav != NULL) {
3037			if (sav->lock != NULL) {
3038				mtx_destroy(sav->lock);
3039				free(sav->lock, M_IPSEC_MISC);
3040			}
3041			if (sav->lft_c != NULL)
3042				uma_zfree_pcpu(V_key_lft_zone, sav->lft_c);
3043			free(sav, M_IPSEC_SA), sav = NULL;
3044		}
3045		if (sah != NULL)
3046			key_freesah(&sah);
3047		if (*errp == ENOBUFS) {
3048			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3049			    __func__));
3050			PFKEYSTAT_INC(in_nomem);
3051		}
3052	}
3053	return (sav);
3054}
3055
3056/*
3057 * free() SA variable entry.
3058 */
3059static void
3060key_cleansav(struct secasvar *sav)
3061{
3062
3063	if (sav->natt != NULL) {
3064		free(sav->natt, M_IPSEC_MISC);
3065		sav->natt = NULL;
3066	}
3067	if (sav->flags & SADB_X_EXT_F_CLONED)
3068		return;
3069	/*
3070	 * Cleanup xform state.  Note that zeroize'ing causes the
3071	 * keys to be cleared; otherwise we must do it ourself.
3072	 */
3073	if (sav->tdb_xform != NULL) {
3074		sav->tdb_xform->xf_zeroize(sav);
3075		sav->tdb_xform = NULL;
3076	} else {
3077		if (sav->key_auth != NULL)
3078			bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth));
3079		if (sav->key_enc != NULL)
3080			bzero(sav->key_enc->key_data, _KEYLEN(sav->key_enc));
3081	}
3082	if (sav->key_auth != NULL) {
3083		if (sav->key_auth->key_data != NULL)
3084			free(sav->key_auth->key_data, M_IPSEC_MISC);
3085		free(sav->key_auth, M_IPSEC_MISC);
3086		sav->key_auth = NULL;
3087	}
3088	if (sav->key_enc != NULL) {
3089		if (sav->key_enc->key_data != NULL)
3090			free(sav->key_enc->key_data, M_IPSEC_MISC);
3091		free(sav->key_enc, M_IPSEC_MISC);
3092		sav->key_enc = NULL;
3093	}
3094	if (sav->replay != NULL) {
3095		if (sav->replay->bitmap != NULL)
3096			free(sav->replay->bitmap, M_IPSEC_MISC);
3097		free(sav->replay, M_IPSEC_MISC);
3098		sav->replay = NULL;
3099	}
3100	if (sav->lft_h != NULL) {
3101		free(sav->lft_h, M_IPSEC_MISC);
3102		sav->lft_h = NULL;
3103	}
3104	if (sav->lft_s != NULL) {
3105		free(sav->lft_s, M_IPSEC_MISC);
3106		sav->lft_s = NULL;
3107	}
3108}
3109
3110/*
3111 * free() SA variable entry.
3112 */
3113static void
3114key_delsav(struct secasvar *sav)
3115{
3116	IPSEC_ASSERT(sav != NULL, ("null sav"));
3117	IPSEC_ASSERT(sav->state == SADB_SASTATE_DEAD,
3118	    ("attempt to free non DEAD SA %p", sav));
3119	IPSEC_ASSERT(sav->refcnt == 0, ("reference count %u > 0",
3120	    sav->refcnt));
3121
3122	/*
3123	 * SA must be unlinked from the chain and hashtbl.
3124	 * If SA was cloned, we leave all fields untouched,
3125	 * except NAT-T config.
3126	 */
3127	key_cleansav(sav);
3128	if ((sav->flags & SADB_X_EXT_F_CLONED) == 0) {
3129		mtx_destroy(sav->lock);
3130		free(sav->lock, M_IPSEC_MISC);
3131		uma_zfree(V_key_lft_zone, sav->lft_c);
3132	}
3133	free(sav, M_IPSEC_SA);
3134}
3135
3136/*
3137 * search SAH.
3138 * OUT:
3139 *	NULL	: not found
3140 *	others	: found, referenced pointer to a SAH.
3141 */
3142static struct secashead *
3143key_getsah(struct secasindex *saidx)
3144{
3145	SAHTREE_RLOCK_TRACKER;
3146	struct secashead *sah;
3147
3148	SAHTREE_RLOCK();
3149	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
3150	    if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID) != 0) {
3151		    SAH_ADDREF(sah);
3152		    break;
3153	    }
3154	}
3155	SAHTREE_RUNLOCK();
3156	return (sah);
3157}
3158
3159/*
3160 * Check not to be duplicated SPI.
3161 * OUT:
3162 *	0	: not found
3163 *	1	: found SA with given SPI.
3164 */
3165static int
3166key_checkspidup(uint32_t spi)
3167{
3168	SAHTREE_RLOCK_TRACKER;
3169	struct secasvar *sav;
3170
3171	/* Assume SPI is in network byte order */
3172	SAHTREE_RLOCK();
3173	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
3174		if (sav->spi == spi)
3175			break;
3176	}
3177	SAHTREE_RUNLOCK();
3178	return (sav != NULL);
3179}
3180
3181/*
3182 * Search SA by SPI.
3183 * OUT:
3184 *	NULL	: not found
3185 *	others	: found, referenced pointer to a SA.
3186 */
3187static struct secasvar *
3188key_getsavbyspi(uint32_t spi)
3189{
3190	SAHTREE_RLOCK_TRACKER;
3191	struct secasvar *sav;
3192
3193	/* Assume SPI is in network byte order */
3194	SAHTREE_RLOCK();
3195	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
3196		if (sav->spi != spi)
3197			continue;
3198		SAV_ADDREF(sav);
3199		break;
3200	}
3201	SAHTREE_RUNLOCK();
3202	return (sav);
3203}
3204
3205static int
3206key_updatelifetimes(struct secasvar *sav, const struct sadb_msghdr *mhp)
3207{
3208	struct seclifetime *lft_h, *lft_s, *tmp;
3209
3210	/* Lifetime extension is optional, check that it is present. */
3211	if (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
3212	    SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) {
3213		/*
3214		 * In case of SADB_UPDATE we may need to change
3215		 * existing lifetimes.
3216		 */
3217		if (sav->state == SADB_SASTATE_MATURE) {
3218			lft_h = lft_s = NULL;
3219			goto reset;
3220		}
3221		return (0);
3222	}
3223	/* Both HARD and SOFT extensions must present */
3224	if ((SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
3225	    !SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
3226	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
3227	    !SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
3228		ipseclog((LOG_DEBUG,
3229		    "%s: invalid message: missing required header.\n",
3230		    __func__));
3231		return (EINVAL);
3232	}
3233	if (SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_HARD) ||
3234	    SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_SOFT)) {
3235		ipseclog((LOG_DEBUG,
3236		    "%s: invalid message: wrong header size.\n", __func__));
3237		return (EINVAL);
3238	}
3239	lft_h = key_dup_lifemsg((const struct sadb_lifetime *)
3240	    mhp->ext[SADB_EXT_LIFETIME_HARD], M_IPSEC_MISC);
3241	if (lft_h == NULL) {
3242		PFKEYSTAT_INC(in_nomem);
3243		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3244		return (ENOBUFS);
3245	}
3246	lft_s = key_dup_lifemsg((const struct sadb_lifetime *)
3247	    mhp->ext[SADB_EXT_LIFETIME_SOFT], M_IPSEC_MISC);
3248	if (lft_s == NULL) {
3249		PFKEYSTAT_INC(in_nomem);
3250		free(lft_h, M_IPSEC_MISC);
3251		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3252		return (ENOBUFS);
3253	}
3254reset:
3255	if (sav->state != SADB_SASTATE_LARVAL) {
3256		/*
3257		 * key_update() holds reference to this SA,
3258		 * so it won't be deleted in meanwhile.
3259		 */
3260		SECASVAR_LOCK(sav);
3261		tmp = sav->lft_h;
3262		sav->lft_h = lft_h;
3263		lft_h = tmp;
3264
3265		tmp = sav->lft_s;
3266		sav->lft_s = lft_s;
3267		lft_s = tmp;
3268		SECASVAR_UNLOCK(sav);
3269		if (lft_h != NULL)
3270			free(lft_h, M_IPSEC_MISC);
3271		if (lft_s != NULL)
3272			free(lft_s, M_IPSEC_MISC);
3273		return (0);
3274	}
3275	/* We can update lifetime without holding a lock */
3276	IPSEC_ASSERT(sav->lft_h == NULL, ("lft_h is already initialized\n"));
3277	IPSEC_ASSERT(sav->lft_s == NULL, ("lft_s is already initialized\n"));
3278	sav->lft_h = lft_h;
3279	sav->lft_s = lft_s;
3280	return (0);
3281}
3282
3283/*
3284 * copy SA values from PF_KEY message except *SPI, SEQ, PID and TYPE*.
3285 * You must update these if need. Expects only LARVAL SAs.
3286 * OUT:	0:	success.
3287 *	!0:	failure.
3288 */
3289static int
3290key_setsaval(struct secasvar *sav, const struct sadb_msghdr *mhp)
3291{
3292	const struct sadb_sa *sa0;
3293	const struct sadb_key *key0;
3294	uint32_t replay;
3295	size_t len;
3296	int error;
3297
3298	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
3299	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
3300	IPSEC_ASSERT(sav->state == SADB_SASTATE_LARVAL,
3301	    ("Attempt to update non LARVAL SA"));
3302
3303	/* XXX rewrite */
3304	error = key_setident(sav->sah, mhp);
3305	if (error != 0)
3306		goto fail;
3307
3308	/* SA */
3309	if (!SADB_CHECKHDR(mhp, SADB_EXT_SA)) {
3310		if (SADB_CHECKLEN(mhp, SADB_EXT_SA)) {
3311			error = EINVAL;
3312			goto fail;
3313		}
3314		sa0 = (const struct sadb_sa *)mhp->ext[SADB_EXT_SA];
3315		sav->alg_auth = sa0->sadb_sa_auth;
3316		sav->alg_enc = sa0->sadb_sa_encrypt;
3317		sav->flags = sa0->sadb_sa_flags;
3318		if ((sav->flags & SADB_KEY_FLAGS_MAX) != sav->flags) {
3319			ipseclog((LOG_DEBUG,
3320			    "%s: invalid sa_flags 0x%08x.\n", __func__,
3321			    sav->flags));
3322			error = EINVAL;
3323			goto fail;
3324		}
3325
3326		/* Optional replay window */
3327		replay = 0;
3328		if ((sa0->sadb_sa_flags & SADB_X_EXT_OLD) == 0)
3329			replay = sa0->sadb_sa_replay;
3330		if (!SADB_CHECKHDR(mhp, SADB_X_EXT_SA_REPLAY)) {
3331			if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA_REPLAY)) {
3332				error = EINVAL;
3333				goto fail;
3334			}
3335			replay = ((const struct sadb_x_sa_replay *)
3336			    mhp->ext[SADB_X_EXT_SA_REPLAY])->sadb_x_sa_replay_replay;
3337
3338			if (replay > UINT32_MAX - 32) {
3339				ipseclog((LOG_DEBUG,
3340				    "%s: replay window too big.\n", __func__));
3341				error = EINVAL;
3342				goto fail;
3343			}
3344
3345			replay = (replay + 7) >> 3;
3346		}
3347
3348		sav->replay = malloc(sizeof(struct secreplay), M_IPSEC_MISC,
3349		    M_NOWAIT | M_ZERO);
3350		if (sav->replay == NULL) {
3351			PFKEYSTAT_INC(in_nomem);
3352			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3353			    __func__));
3354			error = ENOBUFS;
3355			goto fail;
3356		}
3357
3358		if (replay != 0) {
3359			/* number of 32b blocks to be allocated */
3360			uint32_t bitmap_size;
3361
3362			/* RFC 6479:
3363			 * - the allocated replay window size must be
3364			 *   a power of two.
3365			 * - use an extra 32b block as a redundant window.
3366			 */
3367			bitmap_size = 1;
3368			while (replay + 4 > bitmap_size)
3369				bitmap_size <<= 1;
3370			bitmap_size = bitmap_size / 4;
3371
3372			sav->replay->bitmap = malloc(
3373			    bitmap_size * sizeof(uint32_t), M_IPSEC_MISC,
3374			    M_NOWAIT | M_ZERO);
3375			if (sav->replay->bitmap == NULL) {
3376				PFKEYSTAT_INC(in_nomem);
3377				ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3378					__func__));
3379				error = ENOBUFS;
3380				goto fail;
3381			}
3382			sav->replay->bitmap_size = bitmap_size;
3383			sav->replay->wsize = replay;
3384		}
3385	}
3386
3387	/* Authentication keys */
3388	if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH)) {
3389		if (SADB_CHECKLEN(mhp, SADB_EXT_KEY_AUTH)) {
3390			error = EINVAL;
3391			goto fail;
3392		}
3393		error = 0;
3394		key0 = (const struct sadb_key *)mhp->ext[SADB_EXT_KEY_AUTH];
3395		len = mhp->extlen[SADB_EXT_KEY_AUTH];
3396		switch (mhp->msg->sadb_msg_satype) {
3397		case SADB_SATYPE_AH:
3398		case SADB_SATYPE_ESP:
3399		case SADB_X_SATYPE_TCPSIGNATURE:
3400			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
3401			    sav->alg_auth != SADB_X_AALG_NULL)
3402				error = EINVAL;
3403			break;
3404		case SADB_X_SATYPE_IPCOMP:
3405		default:
3406			error = EINVAL;
3407			break;
3408		}
3409		if (error) {
3410			ipseclog((LOG_DEBUG, "%s: invalid key_auth values.\n",
3411				__func__));
3412			goto fail;
3413		}
3414
3415		sav->key_auth = key_dup_keymsg(key0, len, M_IPSEC_MISC);
3416		if (sav->key_auth == NULL ) {
3417			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3418				  __func__));
3419			PFKEYSTAT_INC(in_nomem);
3420			error = ENOBUFS;
3421			goto fail;
3422		}
3423	}
3424
3425	/* Encryption key */
3426	if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT)) {
3427		if (SADB_CHECKLEN(mhp, SADB_EXT_KEY_ENCRYPT)) {
3428			error = EINVAL;
3429			goto fail;
3430		}
3431		error = 0;
3432		key0 = (const struct sadb_key *)mhp->ext[SADB_EXT_KEY_ENCRYPT];
3433		len = mhp->extlen[SADB_EXT_KEY_ENCRYPT];
3434		switch (mhp->msg->sadb_msg_satype) {
3435		case SADB_SATYPE_ESP:
3436			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
3437			    sav->alg_enc != SADB_EALG_NULL) {
3438				error = EINVAL;
3439				break;
3440			}
3441			sav->key_enc = key_dup_keymsg(key0, len, M_IPSEC_MISC);
3442			if (sav->key_enc == NULL) {
3443				ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3444					__func__));
3445				PFKEYSTAT_INC(in_nomem);
3446				error = ENOBUFS;
3447				goto fail;
3448			}
3449			break;
3450		case SADB_X_SATYPE_IPCOMP:
3451			if (len != PFKEY_ALIGN8(sizeof(struct sadb_key)))
3452				error = EINVAL;
3453			sav->key_enc = NULL;	/*just in case*/
3454			break;
3455		case SADB_SATYPE_AH:
3456		case SADB_X_SATYPE_TCPSIGNATURE:
3457		default:
3458			error = EINVAL;
3459			break;
3460		}
3461		if (error) {
3462			ipseclog((LOG_DEBUG, "%s: invalid key_enc value.\n",
3463				__func__));
3464			goto fail;
3465		}
3466	}
3467
3468	/* set iv */
3469	sav->ivlen = 0;
3470	switch (mhp->msg->sadb_msg_satype) {
3471	case SADB_SATYPE_AH:
3472		if (sav->flags & SADB_X_EXT_DERIV) {
3473			ipseclog((LOG_DEBUG, "%s: invalid flag (derived) "
3474			    "given to AH SA.\n", __func__));
3475			error = EINVAL;
3476			goto fail;
3477		}
3478		if (sav->alg_enc != SADB_EALG_NONE) {
3479			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3480			    "mismated.\n", __func__));
3481			error = EINVAL;
3482			goto fail;
3483		}
3484		error = xform_init(sav, XF_AH);
3485		break;
3486	case SADB_SATYPE_ESP:
3487		if ((sav->flags & (SADB_X_EXT_OLD | SADB_X_EXT_DERIV)) ==
3488		    (SADB_X_EXT_OLD | SADB_X_EXT_DERIV)) {
3489			ipseclog((LOG_DEBUG, "%s: invalid flag (derived) "
3490			    "given to old-esp.\n", __func__));
3491			error = EINVAL;
3492			goto fail;
3493		}
3494		error = xform_init(sav, XF_ESP);
3495		break;
3496	case SADB_X_SATYPE_IPCOMP:
3497		if (sav->alg_auth != SADB_AALG_NONE) {
3498			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3499			    "mismated.\n", __func__));
3500			error = EINVAL;
3501			goto fail;
3502		}
3503		if ((sav->flags & SADB_X_EXT_RAWCPI) == 0 &&
3504		    ntohl(sav->spi) >= 0x10000) {
3505			ipseclog((LOG_DEBUG, "%s: invalid cpi for IPComp.\n",
3506			    __func__));
3507			error = EINVAL;
3508			goto fail;
3509		}
3510		error = xform_init(sav, XF_IPCOMP);
3511		break;
3512	case SADB_X_SATYPE_TCPSIGNATURE:
3513		if (sav->alg_enc != SADB_EALG_NONE) {
3514			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3515			    "mismated.\n", __func__));
3516			error = EINVAL;
3517			goto fail;
3518		}
3519		error = xform_init(sav, XF_TCPSIGNATURE);
3520		break;
3521	default:
3522		ipseclog((LOG_DEBUG, "%s: Invalid satype.\n", __func__));
3523		error = EPROTONOSUPPORT;
3524		goto fail;
3525	}
3526	if (error) {
3527		ipseclog((LOG_DEBUG, "%s: unable to initialize SA type %u.\n",
3528		    __func__, mhp->msg->sadb_msg_satype));
3529		goto fail;
3530	}
3531
3532	/* Handle NAT-T headers */
3533	error = key_setnatt(sav, mhp);
3534	if (error != 0)
3535		goto fail;
3536
3537	/* Initialize lifetime for CURRENT */
3538	sav->firstused = 0;
3539	sav->created = time_second;
3540
3541	/* lifetimes for HARD and SOFT */
3542	error = key_updatelifetimes(sav, mhp);
3543	if (error == 0)
3544		return (0);
3545fail:
3546	key_cleansav(sav);
3547	return (error);
3548}
3549
3550/*
3551 * subroutine for SADB_GET and SADB_DUMP.
3552 */
3553static struct mbuf *
3554key_setdumpsa(struct secasvar *sav, uint8_t type, uint8_t satype,
3555    uint32_t seq, uint32_t pid)
3556{
3557	struct seclifetime lft_c;
3558	struct mbuf *result = NULL, *tres = NULL, *m;
3559	int i, dumporder[] = {
3560		SADB_EXT_SA, SADB_X_EXT_SA2, SADB_X_EXT_SA_REPLAY,
3561		SADB_EXT_LIFETIME_HARD, SADB_EXT_LIFETIME_SOFT,
3562		SADB_EXT_LIFETIME_CURRENT, SADB_EXT_ADDRESS_SRC,
3563		SADB_EXT_ADDRESS_DST, SADB_EXT_ADDRESS_PROXY,
3564		SADB_EXT_KEY_AUTH, SADB_EXT_KEY_ENCRYPT,
3565		SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST,
3566		SADB_EXT_SENSITIVITY,
3567		SADB_X_EXT_NAT_T_TYPE,
3568		SADB_X_EXT_NAT_T_SPORT, SADB_X_EXT_NAT_T_DPORT,
3569		SADB_X_EXT_NAT_T_OAI, SADB_X_EXT_NAT_T_OAR,
3570		SADB_X_EXT_NAT_T_FRAG,
3571	};
3572	uint32_t replay_count;
3573
3574	m = key_setsadbmsg(type, 0, satype, seq, pid, sav->refcnt);
3575	if (m == NULL)
3576		goto fail;
3577	result = m;
3578
3579	for (i = nitems(dumporder) - 1; i >= 0; i--) {
3580		m = NULL;
3581		switch (dumporder[i]) {
3582		case SADB_EXT_SA:
3583			m = key_setsadbsa(sav);
3584			if (!m)
3585				goto fail;
3586			break;
3587
3588		case SADB_X_EXT_SA2:
3589			SECASVAR_LOCK(sav);
3590			replay_count = sav->replay ? sav->replay->count : 0;
3591			SECASVAR_UNLOCK(sav);
3592			m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
3593					sav->sah->saidx.reqid);
3594			if (!m)
3595				goto fail;
3596			break;
3597
3598		case SADB_X_EXT_SA_REPLAY:
3599			if (sav->replay == NULL ||
3600			    sav->replay->wsize <= UINT8_MAX)
3601				continue;
3602
3603			m = key_setsadbxsareplay(sav->replay->wsize);
3604			if (!m)
3605				goto fail;
3606			break;
3607
3608		case SADB_EXT_ADDRESS_SRC:
3609			m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
3610			    &sav->sah->saidx.src.sa,
3611			    FULLMASK, IPSEC_ULPROTO_ANY);
3612			if (!m)
3613				goto fail;
3614			break;
3615
3616		case SADB_EXT_ADDRESS_DST:
3617			m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
3618			    &sav->sah->saidx.dst.sa,
3619			    FULLMASK, IPSEC_ULPROTO_ANY);
3620			if (!m)
3621				goto fail;
3622			break;
3623
3624		case SADB_EXT_KEY_AUTH:
3625			if (!sav->key_auth)
3626				continue;
3627			m = key_setkey(sav->key_auth, SADB_EXT_KEY_AUTH);
3628			if (!m)
3629				goto fail;
3630			break;
3631
3632		case SADB_EXT_KEY_ENCRYPT:
3633			if (!sav->key_enc)
3634				continue;
3635			m = key_setkey(sav->key_enc, SADB_EXT_KEY_ENCRYPT);
3636			if (!m)
3637				goto fail;
3638			break;
3639
3640		case SADB_EXT_LIFETIME_CURRENT:
3641			lft_c.addtime = sav->created;
3642			lft_c.allocations = (uint32_t)counter_u64_fetch(
3643			    sav->lft_c_allocations);
3644			lft_c.bytes = counter_u64_fetch(sav->lft_c_bytes);
3645			lft_c.usetime = sav->firstused;
3646			m = key_setlifetime(&lft_c, SADB_EXT_LIFETIME_CURRENT);
3647			if (!m)
3648				goto fail;
3649			break;
3650
3651		case SADB_EXT_LIFETIME_HARD:
3652			if (!sav->lft_h)
3653				continue;
3654			m = key_setlifetime(sav->lft_h,
3655					    SADB_EXT_LIFETIME_HARD);
3656			if (!m)
3657				goto fail;
3658			break;
3659
3660		case SADB_EXT_LIFETIME_SOFT:
3661			if (!sav->lft_s)
3662				continue;
3663			m = key_setlifetime(sav->lft_s,
3664					    SADB_EXT_LIFETIME_SOFT);
3665
3666			if (!m)
3667				goto fail;
3668			break;
3669
3670		case SADB_X_EXT_NAT_T_TYPE:
3671			if (sav->natt == NULL)
3672				continue;
3673			m = key_setsadbxtype(UDP_ENCAP_ESPINUDP);
3674			if (!m)
3675				goto fail;
3676			break;
3677
3678		case SADB_X_EXT_NAT_T_DPORT:
3679			if (sav->natt == NULL)
3680				continue;
3681			m = key_setsadbxport(sav->natt->dport,
3682			    SADB_X_EXT_NAT_T_DPORT);
3683			if (!m)
3684				goto fail;
3685			break;
3686
3687		case SADB_X_EXT_NAT_T_SPORT:
3688			if (sav->natt == NULL)
3689				continue;
3690			m = key_setsadbxport(sav->natt->sport,
3691			    SADB_X_EXT_NAT_T_SPORT);
3692			if (!m)
3693				goto fail;
3694			break;
3695
3696		case SADB_X_EXT_NAT_T_OAI:
3697			if (sav->natt == NULL ||
3698			    (sav->natt->flags & IPSEC_NATT_F_OAI) == 0)
3699				continue;
3700			m = key_setsadbaddr(SADB_X_EXT_NAT_T_OAI,
3701			    &sav->natt->oai.sa, FULLMASK, IPSEC_ULPROTO_ANY);
3702			if (!m)
3703				goto fail;
3704			break;
3705		case SADB_X_EXT_NAT_T_OAR:
3706			if (sav->natt == NULL ||
3707			    (sav->natt->flags & IPSEC_NATT_F_OAR) == 0)
3708				continue;
3709			m = key_setsadbaddr(SADB_X_EXT_NAT_T_OAR,
3710			    &sav->natt->oar.sa, FULLMASK, IPSEC_ULPROTO_ANY);
3711			if (!m)
3712				goto fail;
3713			break;
3714		case SADB_X_EXT_NAT_T_FRAG:
3715			/* We do not (yet) support those. */
3716			continue;
3717
3718		case SADB_EXT_ADDRESS_PROXY:
3719		case SADB_EXT_IDENTITY_SRC:
3720		case SADB_EXT_IDENTITY_DST:
3721			/* XXX: should we brought from SPD ? */
3722		case SADB_EXT_SENSITIVITY:
3723		default:
3724			continue;
3725		}
3726
3727		if (!m)
3728			goto fail;
3729		if (tres)
3730			m_cat(m, tres);
3731		tres = m;
3732	}
3733
3734	m_cat(result, tres);
3735	tres = NULL;
3736	if (result->m_len < sizeof(struct sadb_msg)) {
3737		result = m_pullup(result, sizeof(struct sadb_msg));
3738		if (result == NULL)
3739			goto fail;
3740	}
3741
3742	result->m_pkthdr.len = 0;
3743	for (m = result; m; m = m->m_next)
3744		result->m_pkthdr.len += m->m_len;
3745
3746	mtod(result, struct sadb_msg *)->sadb_msg_len =
3747	    PFKEY_UNIT64(result->m_pkthdr.len);
3748
3749	return result;
3750
3751fail:
3752	m_freem(result);
3753	m_freem(tres);
3754	return NULL;
3755}
3756
3757/*
3758 * set data into sadb_msg.
3759 */
3760static struct mbuf *
3761key_setsadbmsg(u_int8_t type, u_int16_t tlen, u_int8_t satype, u_int32_t seq,
3762    pid_t pid, u_int16_t reserved)
3763{
3764	struct mbuf *m;
3765	struct sadb_msg *p;
3766	int len;
3767
3768	len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
3769	if (len > MCLBYTES)
3770		return NULL;
3771	MGETHDR(m, M_NOWAIT, MT_DATA);
3772	if (m && len > MHLEN) {
3773		if (!(MCLGET(m, M_NOWAIT))) {
3774			m_freem(m);
3775			m = NULL;
3776		}
3777	}
3778	if (!m)
3779		return NULL;
3780	m->m_pkthdr.len = m->m_len = len;
3781	m->m_next = NULL;
3782
3783	p = mtod(m, struct sadb_msg *);
3784
3785	bzero(p, len);
3786	p->sadb_msg_version = PF_KEY_V2;
3787	p->sadb_msg_type = type;
3788	p->sadb_msg_errno = 0;
3789	p->sadb_msg_satype = satype;
3790	p->sadb_msg_len = PFKEY_UNIT64(tlen);
3791	p->sadb_msg_reserved = reserved;
3792	p->sadb_msg_seq = seq;
3793	p->sadb_msg_pid = (u_int32_t)pid;
3794
3795	return m;
3796}
3797
3798/*
3799 * copy secasvar data into sadb_address.
3800 */
3801static struct mbuf *
3802key_setsadbsa(struct secasvar *sav)
3803{
3804	struct mbuf *m;
3805	struct sadb_sa *p;
3806	int len;
3807
3808	len = PFKEY_ALIGN8(sizeof(struct sadb_sa));
3809	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3810	if (m == NULL)
3811		return (NULL);
3812	m_align(m, len);
3813	m->m_len = len;
3814	p = mtod(m, struct sadb_sa *);
3815	bzero(p, len);
3816	p->sadb_sa_len = PFKEY_UNIT64(len);
3817	p->sadb_sa_exttype = SADB_EXT_SA;
3818	p->sadb_sa_spi = sav->spi;
3819	p->sadb_sa_replay = sav->replay ?
3820	    (sav->replay->wsize > UINT8_MAX ? UINT8_MAX :
3821		sav->replay->wsize): 0;
3822	p->sadb_sa_state = sav->state;
3823	p->sadb_sa_auth = sav->alg_auth;
3824	p->sadb_sa_encrypt = sav->alg_enc;
3825	p->sadb_sa_flags = sav->flags & SADB_KEY_FLAGS_MAX;
3826	return (m);
3827}
3828
3829/*
3830 * set data into sadb_address.
3831 */
3832static struct mbuf *
3833key_setsadbaddr(u_int16_t exttype, const struct sockaddr *saddr,
3834    u_int8_t prefixlen, u_int16_t ul_proto)
3835{
3836	struct mbuf *m;
3837	struct sadb_address *p;
3838	size_t len;
3839
3840	len = PFKEY_ALIGN8(sizeof(struct sadb_address)) +
3841	    PFKEY_ALIGN8(saddr->sa_len);
3842	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3843	if (m == NULL)
3844		return (NULL);
3845	m_align(m, len);
3846	m->m_len = len;
3847	p = mtod(m, struct sadb_address *);
3848
3849	bzero(p, len);
3850	p->sadb_address_len = PFKEY_UNIT64(len);
3851	p->sadb_address_exttype = exttype;
3852	p->sadb_address_proto = ul_proto;
3853	if (prefixlen == FULLMASK) {
3854		switch (saddr->sa_family) {
3855		case AF_INET:
3856			prefixlen = sizeof(struct in_addr) << 3;
3857			break;
3858		case AF_INET6:
3859			prefixlen = sizeof(struct in6_addr) << 3;
3860			break;
3861		default:
3862			; /*XXX*/
3863		}
3864	}
3865	p->sadb_address_prefixlen = prefixlen;
3866	p->sadb_address_reserved = 0;
3867
3868	bcopy(saddr,
3869	    mtod(m, caddr_t) + PFKEY_ALIGN8(sizeof(struct sadb_address)),
3870	    saddr->sa_len);
3871
3872	return m;
3873}
3874
3875/*
3876 * set data into sadb_x_sa2.
3877 */
3878static struct mbuf *
3879key_setsadbxsa2(u_int8_t mode, u_int32_t seq, u_int32_t reqid)
3880{
3881	struct mbuf *m;
3882	struct sadb_x_sa2 *p;
3883	size_t len;
3884
3885	len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa2));
3886	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3887	if (m == NULL)
3888		return (NULL);
3889	m_align(m, len);
3890	m->m_len = len;
3891	p = mtod(m, struct sadb_x_sa2 *);
3892
3893	bzero(p, len);
3894	p->sadb_x_sa2_len = PFKEY_UNIT64(len);
3895	p->sadb_x_sa2_exttype = SADB_X_EXT_SA2;
3896	p->sadb_x_sa2_mode = mode;
3897	p->sadb_x_sa2_reserved1 = 0;
3898	p->sadb_x_sa2_reserved2 = 0;
3899	p->sadb_x_sa2_sequence = seq;
3900	p->sadb_x_sa2_reqid = reqid;
3901
3902	return m;
3903}
3904
3905/*
3906 * Set data into sadb_x_sa_replay.
3907 */
3908static struct mbuf *
3909key_setsadbxsareplay(u_int32_t replay)
3910{
3911	struct mbuf *m;
3912	struct sadb_x_sa_replay *p;
3913	size_t len;
3914
3915	len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa_replay));
3916	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3917	if (m == NULL)
3918		return (NULL);
3919	m_align(m, len);
3920	m->m_len = len;
3921	p = mtod(m, struct sadb_x_sa_replay *);
3922
3923	bzero(p, len);
3924	p->sadb_x_sa_replay_len = PFKEY_UNIT64(len);
3925	p->sadb_x_sa_replay_exttype = SADB_X_EXT_SA_REPLAY;
3926	p->sadb_x_sa_replay_replay = (replay << 3);
3927
3928	return m;
3929}
3930
3931/*
3932 * Set a type in sadb_x_nat_t_type.
3933 */
3934static struct mbuf *
3935key_setsadbxtype(u_int16_t type)
3936{
3937	struct mbuf *m;
3938	size_t len;
3939	struct sadb_x_nat_t_type *p;
3940
3941	len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_type));
3942
3943	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3944	if (m == NULL)
3945		return (NULL);
3946	m_align(m, len);
3947	m->m_len = len;
3948	p = mtod(m, struct sadb_x_nat_t_type *);
3949
3950	bzero(p, len);
3951	p->sadb_x_nat_t_type_len = PFKEY_UNIT64(len);
3952	p->sadb_x_nat_t_type_exttype = SADB_X_EXT_NAT_T_TYPE;
3953	p->sadb_x_nat_t_type_type = type;
3954
3955	return (m);
3956}
3957/*
3958 * Set a port in sadb_x_nat_t_port.
3959 * In contrast to default RFC 2367 behaviour, port is in network byte order.
3960 */
3961static struct mbuf *
3962key_setsadbxport(u_int16_t port, u_int16_t type)
3963{
3964	struct mbuf *m;
3965	size_t len;
3966	struct sadb_x_nat_t_port *p;
3967
3968	len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_port));
3969
3970	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3971	if (m == NULL)
3972		return (NULL);
3973	m_align(m, len);
3974	m->m_len = len;
3975	p = mtod(m, struct sadb_x_nat_t_port *);
3976
3977	bzero(p, len);
3978	p->sadb_x_nat_t_port_len = PFKEY_UNIT64(len);
3979	p->sadb_x_nat_t_port_exttype = type;
3980	p->sadb_x_nat_t_port_port = port;
3981
3982	return (m);
3983}
3984
3985/*
3986 * Get port from sockaddr. Port is in network byte order.
3987 */
3988uint16_t
3989key_portfromsaddr(struct sockaddr *sa)
3990{
3991
3992	switch (sa->sa_family) {
3993#ifdef INET
3994	case AF_INET:
3995		return ((struct sockaddr_in *)sa)->sin_port;
3996#endif
3997#ifdef INET6
3998	case AF_INET6:
3999		return ((struct sockaddr_in6 *)sa)->sin6_port;
4000#endif
4001	}
4002	return (0);
4003}
4004
4005/*
4006 * Set port in struct sockaddr. Port is in network byte order.
4007 */
4008void
4009key_porttosaddr(struct sockaddr *sa, uint16_t port)
4010{
4011
4012	switch (sa->sa_family) {
4013#ifdef INET
4014	case AF_INET:
4015		((struct sockaddr_in *)sa)->sin_port = port;
4016		break;
4017#endif
4018#ifdef INET6
4019	case AF_INET6:
4020		((struct sockaddr_in6 *)sa)->sin6_port = port;
4021		break;
4022#endif
4023	default:
4024		ipseclog((LOG_DEBUG, "%s: unexpected address family %d.\n",
4025			__func__, sa->sa_family));
4026		break;
4027	}
4028}
4029
4030/*
4031 * set data into sadb_x_policy
4032 */
4033static struct mbuf *
4034key_setsadbxpolicy(u_int16_t type, u_int8_t dir, u_int32_t id, u_int32_t priority)
4035{
4036	struct mbuf *m;
4037	struct sadb_x_policy *p;
4038	size_t len;
4039
4040	len = PFKEY_ALIGN8(sizeof(struct sadb_x_policy));
4041	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
4042	if (m == NULL)
4043		return (NULL);
4044	m_align(m, len);
4045	m->m_len = len;
4046	p = mtod(m, struct sadb_x_policy *);
4047
4048	bzero(p, len);
4049	p->sadb_x_policy_len = PFKEY_UNIT64(len);
4050	p->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
4051	p->sadb_x_policy_type = type;
4052	p->sadb_x_policy_dir = dir;
4053	p->sadb_x_policy_id = id;
4054	p->sadb_x_policy_priority = priority;
4055
4056	return m;
4057}
4058
4059/* %%% utilities */
4060/* Take a key message (sadb_key) from the socket and turn it into one
4061 * of the kernel's key structures (seckey).
4062 *
4063 * IN: pointer to the src
4064 * OUT: NULL no more memory
4065 */
4066struct seckey *
4067key_dup_keymsg(const struct sadb_key *src, size_t len,
4068    struct malloc_type *type)
4069{
4070	struct seckey *dst;
4071
4072	dst = malloc(sizeof(*dst), type, M_NOWAIT);
4073	if (dst != NULL) {
4074		dst->bits = src->sadb_key_bits;
4075		dst->key_data = malloc(len, type, M_NOWAIT);
4076		if (dst->key_data != NULL) {
4077			bcopy((const char *)(src + 1), dst->key_data, len);
4078		} else {
4079			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
4080			    __func__));
4081			free(dst, type);
4082			dst = NULL;
4083		}
4084	} else {
4085		ipseclog((LOG_DEBUG, "%s: No more memory.\n",
4086		    __func__));
4087
4088	}
4089	return (dst);
4090}
4091
4092/* Take a lifetime message (sadb_lifetime) passed in on a socket and
4093 * turn it into one of the kernel's lifetime structures (seclifetime).
4094 *
4095 * IN: pointer to the destination, source and malloc type
4096 * OUT: NULL, no more memory
4097 */
4098
4099static struct seclifetime *
4100key_dup_lifemsg(const struct sadb_lifetime *src, struct malloc_type *type)
4101{
4102	struct seclifetime *dst;
4103
4104	dst = malloc(sizeof(*dst), type, M_NOWAIT);
4105	if (dst == NULL) {
4106		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
4107		return (NULL);
4108	}
4109	dst->allocations = src->sadb_lifetime_allocations;
4110	dst->bytes = src->sadb_lifetime_bytes;
4111	dst->addtime = src->sadb_lifetime_addtime;
4112	dst->usetime = src->sadb_lifetime_usetime;
4113	return (dst);
4114}
4115
4116/*
4117 * compare two secasindex structure.
4118 * flag can specify to compare 2 saidxes.
4119 * compare two secasindex structure without both mode and reqid.
4120 * don't compare port.
4121 * IN:
4122 *      saidx0: source, it can be in SAD.
4123 *      saidx1: object.
4124 * OUT:
4125 *      1 : equal
4126 *      0 : not equal
4127 */
4128static int
4129key_cmpsaidx(const struct secasindex *saidx0, const struct secasindex *saidx1,
4130    int flag)
4131{
4132
4133	/* sanity */
4134	if (saidx0 == NULL && saidx1 == NULL)
4135		return 1;
4136
4137	if (saidx0 == NULL || saidx1 == NULL)
4138		return 0;
4139
4140	if (saidx0->proto != saidx1->proto)
4141		return 0;
4142
4143	if (flag == CMP_EXACTLY) {
4144		if (saidx0->mode != saidx1->mode)
4145			return 0;
4146		if (saidx0->reqid != saidx1->reqid)
4147			return 0;
4148		if (bcmp(&saidx0->src, &saidx1->src,
4149		    saidx0->src.sa.sa_len) != 0 ||
4150		    bcmp(&saidx0->dst, &saidx1->dst,
4151		    saidx0->dst.sa.sa_len) != 0)
4152			return 0;
4153	} else {
4154
4155		/* CMP_MODE_REQID, CMP_REQID, CMP_HEAD */
4156		if (flag == CMP_MODE_REQID || flag == CMP_REQID) {
4157			/*
4158			 * If reqid of SPD is non-zero, unique SA is required.
4159			 * The result must be of same reqid in this case.
4160			 */
4161			if (saidx1->reqid != 0 &&
4162			    saidx0->reqid != saidx1->reqid)
4163				return 0;
4164		}
4165
4166		if (flag == CMP_MODE_REQID) {
4167			if (saidx0->mode != IPSEC_MODE_ANY
4168			 && saidx0->mode != saidx1->mode)
4169				return 0;
4170		}
4171
4172		if (key_sockaddrcmp(&saidx0->src.sa, &saidx1->src.sa, 0) != 0)
4173			return 0;
4174		if (key_sockaddrcmp(&saidx0->dst.sa, &saidx1->dst.sa, 0) != 0)
4175			return 0;
4176	}
4177
4178	return 1;
4179}
4180
4181/*
4182 * compare two secindex structure exactly.
4183 * IN:
4184 *	spidx0: source, it is often in SPD.
4185 *	spidx1: object, it is often from PFKEY message.
4186 * OUT:
4187 *	1 : equal
4188 *	0 : not equal
4189 */
4190static int
4191key_cmpspidx_exactly(struct secpolicyindex *spidx0,
4192    struct secpolicyindex *spidx1)
4193{
4194	/* sanity */
4195	if (spidx0 == NULL && spidx1 == NULL)
4196		return 1;
4197
4198	if (spidx0 == NULL || spidx1 == NULL)
4199		return 0;
4200
4201	if (spidx0->prefs != spidx1->prefs
4202	 || spidx0->prefd != spidx1->prefd
4203	 || spidx0->ul_proto != spidx1->ul_proto
4204	 || spidx0->dir != spidx1->dir)
4205		return 0;
4206
4207	return key_sockaddrcmp(&spidx0->src.sa, &spidx1->src.sa, 1) == 0 &&
4208	       key_sockaddrcmp(&spidx0->dst.sa, &spidx1->dst.sa, 1) == 0;
4209}
4210
4211/*
4212 * compare two secindex structure with mask.
4213 * IN:
4214 *	spidx0: source, it is often in SPD.
4215 *	spidx1: object, it is often from IP header.
4216 * OUT:
4217 *	1 : equal
4218 *	0 : not equal
4219 */
4220static int
4221key_cmpspidx_withmask(struct secpolicyindex *spidx0,
4222    struct secpolicyindex *spidx1)
4223{
4224	/* sanity */
4225	if (spidx0 == NULL && spidx1 == NULL)
4226		return 1;
4227
4228	if (spidx0 == NULL || spidx1 == NULL)
4229		return 0;
4230
4231	if (spidx0->src.sa.sa_family != spidx1->src.sa.sa_family ||
4232	    spidx0->dst.sa.sa_family != spidx1->dst.sa.sa_family ||
4233	    spidx0->src.sa.sa_len != spidx1->src.sa.sa_len ||
4234	    spidx0->dst.sa.sa_len != spidx1->dst.sa.sa_len)
4235		return 0;
4236
4237	/* if spidx.ul_proto == IPSEC_ULPROTO_ANY, ignore. */
4238	if (spidx0->ul_proto != (u_int16_t)IPSEC_ULPROTO_ANY
4239	 && spidx0->ul_proto != spidx1->ul_proto)
4240		return 0;
4241
4242	switch (spidx0->src.sa.sa_family) {
4243	case AF_INET:
4244		if (spidx0->src.sin.sin_port != IPSEC_PORT_ANY
4245		 && spidx0->src.sin.sin_port != spidx1->src.sin.sin_port)
4246			return 0;
4247		if (!key_bbcmp(&spidx0->src.sin.sin_addr,
4248		    &spidx1->src.sin.sin_addr, spidx0->prefs))
4249			return 0;
4250		break;
4251	case AF_INET6:
4252		if (spidx0->src.sin6.sin6_port != IPSEC_PORT_ANY
4253		 && spidx0->src.sin6.sin6_port != spidx1->src.sin6.sin6_port)
4254			return 0;
4255		/*
4256		 * scope_id check. if sin6_scope_id is 0, we regard it
4257		 * as a wildcard scope, which matches any scope zone ID.
4258		 */
4259		if (spidx0->src.sin6.sin6_scope_id &&
4260		    spidx1->src.sin6.sin6_scope_id &&
4261		    spidx0->src.sin6.sin6_scope_id != spidx1->src.sin6.sin6_scope_id)
4262			return 0;
4263		if (!key_bbcmp(&spidx0->src.sin6.sin6_addr,
4264		    &spidx1->src.sin6.sin6_addr, spidx0->prefs))
4265			return 0;
4266		break;
4267	default:
4268		/* XXX */
4269		if (bcmp(&spidx0->src, &spidx1->src, spidx0->src.sa.sa_len) != 0)
4270			return 0;
4271		break;
4272	}
4273
4274	switch (spidx0->dst.sa.sa_family) {
4275	case AF_INET:
4276		if (spidx0->dst.sin.sin_port != IPSEC_PORT_ANY
4277		 && spidx0->dst.sin.sin_port != spidx1->dst.sin.sin_port)
4278			return 0;
4279		if (!key_bbcmp(&spidx0->dst.sin.sin_addr,
4280		    &spidx1->dst.sin.sin_addr, spidx0->prefd))
4281			return 0;
4282		break;
4283	case AF_INET6:
4284		if (spidx0->dst.sin6.sin6_port != IPSEC_PORT_ANY
4285		 && spidx0->dst.sin6.sin6_port != spidx1->dst.sin6.sin6_port)
4286			return 0;
4287		/*
4288		 * scope_id check. if sin6_scope_id is 0, we regard it
4289		 * as a wildcard scope, which matches any scope zone ID.
4290		 */
4291		if (spidx0->dst.sin6.sin6_scope_id &&
4292		    spidx1->dst.sin6.sin6_scope_id &&
4293		    spidx0->dst.sin6.sin6_scope_id != spidx1->dst.sin6.sin6_scope_id)
4294			return 0;
4295		if (!key_bbcmp(&spidx0->dst.sin6.sin6_addr,
4296		    &spidx1->dst.sin6.sin6_addr, spidx0->prefd))
4297			return 0;
4298		break;
4299	default:
4300		/* XXX */
4301		if (bcmp(&spidx0->dst, &spidx1->dst, spidx0->dst.sa.sa_len) != 0)
4302			return 0;
4303		break;
4304	}
4305
4306	/* XXX Do we check other field ?  e.g. flowinfo */
4307
4308	return 1;
4309}
4310
4311#ifdef satosin
4312#undef satosin
4313#endif
4314#define satosin(s) ((const struct sockaddr_in *)s)
4315#ifdef satosin6
4316#undef satosin6
4317#endif
4318#define satosin6(s) ((const struct sockaddr_in6 *)s)
4319/* returns 0 on match */
4320int
4321key_sockaddrcmp(const struct sockaddr *sa1, const struct sockaddr *sa2,
4322    int port)
4323{
4324	if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
4325		return 1;
4326
4327	switch (sa1->sa_family) {
4328#ifdef INET
4329	case AF_INET:
4330		if (sa1->sa_len != sizeof(struct sockaddr_in))
4331			return 1;
4332		if (satosin(sa1)->sin_addr.s_addr !=
4333		    satosin(sa2)->sin_addr.s_addr) {
4334			return 1;
4335		}
4336		if (port && satosin(sa1)->sin_port != satosin(sa2)->sin_port)
4337			return 1;
4338		break;
4339#endif
4340#ifdef INET6
4341	case AF_INET6:
4342		if (sa1->sa_len != sizeof(struct sockaddr_in6))
4343			return 1;	/*EINVAL*/
4344		if (satosin6(sa1)->sin6_scope_id !=
4345		    satosin6(sa2)->sin6_scope_id) {
4346			return 1;
4347		}
4348		if (!IN6_ARE_ADDR_EQUAL(&satosin6(sa1)->sin6_addr,
4349		    &satosin6(sa2)->sin6_addr)) {
4350			return 1;
4351		}
4352		if (port &&
4353		    satosin6(sa1)->sin6_port != satosin6(sa2)->sin6_port) {
4354			return 1;
4355		}
4356		break;
4357#endif
4358	default:
4359		if (bcmp(sa1, sa2, sa1->sa_len) != 0)
4360			return 1;
4361		break;
4362	}
4363
4364	return 0;
4365}
4366
4367/* returns 0 on match */
4368int
4369key_sockaddrcmp_withmask(const struct sockaddr *sa1,
4370    const struct sockaddr *sa2, size_t mask)
4371{
4372	if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
4373		return (1);
4374
4375	switch (sa1->sa_family) {
4376#ifdef INET
4377	case AF_INET:
4378		return (!key_bbcmp(&satosin(sa1)->sin_addr,
4379		    &satosin(sa2)->sin_addr, mask));
4380#endif
4381#ifdef INET6
4382	case AF_INET6:
4383		if (satosin6(sa1)->sin6_scope_id !=
4384		    satosin6(sa2)->sin6_scope_id)
4385			return (1);
4386		return (!key_bbcmp(&satosin6(sa1)->sin6_addr,
4387		    &satosin6(sa2)->sin6_addr, mask));
4388#endif
4389	}
4390	return (1);
4391}
4392#undef satosin
4393#undef satosin6
4394
4395/*
4396 * compare two buffers with mask.
4397 * IN:
4398 *	addr1: source
4399 *	addr2: object
4400 *	bits:  Number of bits to compare
4401 * OUT:
4402 *	1 : equal
4403 *	0 : not equal
4404 */
4405static int
4406key_bbcmp(const void *a1, const void *a2, u_int bits)
4407{
4408	const unsigned char *p1 = a1;
4409	const unsigned char *p2 = a2;
4410
4411	/* XXX: This could be considerably faster if we compare a word
4412	 * at a time, but it is complicated on LSB Endian machines */
4413
4414	/* Handle null pointers */
4415	if (p1 == NULL || p2 == NULL)
4416		return (p1 == p2);
4417
4418	while (bits >= 8) {
4419		if (*p1++ != *p2++)
4420			return 0;
4421		bits -= 8;
4422	}
4423
4424	if (bits > 0) {
4425		u_int8_t mask = ~((1<<(8-bits))-1);
4426		if ((*p1 & mask) != (*p2 & mask))
4427			return 0;
4428	}
4429	return 1;	/* Match! */
4430}
4431
4432static void
4433key_flush_spd(time_t now)
4434{
4435	SPTREE_RLOCK_TRACKER;
4436	struct secpolicy_list drainq;
4437	struct secpolicy *sp, *nextsp;
4438	u_int dir;
4439
4440	LIST_INIT(&drainq);
4441	SPTREE_RLOCK();
4442	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
4443		TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
4444			if (sp->lifetime == 0 && sp->validtime == 0)
4445				continue;
4446			if ((sp->lifetime &&
4447			    now - sp->created > sp->lifetime) ||
4448			    (sp->validtime &&
4449			    now - sp->lastused > sp->validtime)) {
4450				/* Hold extra reference to send SPDEXPIRE */
4451				SP_ADDREF(sp);
4452				LIST_INSERT_HEAD(&drainq, sp, drainq);
4453			}
4454		}
4455	}
4456	SPTREE_RUNLOCK();
4457	if (LIST_EMPTY(&drainq))
4458		return;
4459
4460	SPTREE_WLOCK();
4461	sp = LIST_FIRST(&drainq);
4462	while (sp != NULL) {
4463		nextsp = LIST_NEXT(sp, drainq);
4464		/* Check that SP is still linked */
4465		if (sp->state != IPSEC_SPSTATE_ALIVE) {
4466			LIST_REMOVE(sp, drainq);
4467			key_freesp(&sp); /* release extra reference */
4468			sp = nextsp;
4469			continue;
4470		}
4471		TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain);
4472		V_spd_size--;
4473		LIST_REMOVE(sp, idhash);
4474		sp->state = IPSEC_SPSTATE_DEAD;
4475		sp = nextsp;
4476	}
4477	V_sp_genid++;
4478	SPTREE_WUNLOCK();
4479	if (SPDCACHE_ENABLED())
4480		spdcache_clear();
4481
4482	sp = LIST_FIRST(&drainq);
4483	while (sp != NULL) {
4484		nextsp = LIST_NEXT(sp, drainq);
4485		key_spdexpire(sp);
4486		key_freesp(&sp); /* release extra reference */
4487		key_freesp(&sp); /* release last reference */
4488		sp = nextsp;
4489	}
4490}
4491
4492static void
4493key_flush_sad(time_t now)
4494{
4495	SAHTREE_RLOCK_TRACKER;
4496	struct secashead_list emptyq;
4497	struct secasvar_list drainq, hexpireq, sexpireq, freeq;
4498	struct secashead *sah, *nextsah;
4499	struct secasvar *sav, *nextsav;
4500
4501	LIST_INIT(&drainq);
4502	LIST_INIT(&hexpireq);
4503	LIST_INIT(&sexpireq);
4504	LIST_INIT(&emptyq);
4505
4506	SAHTREE_RLOCK();
4507	TAILQ_FOREACH(sah, &V_sahtree, chain) {
4508		/* Check for empty SAH */
4509		if (TAILQ_EMPTY(&sah->savtree_larval) &&
4510		    TAILQ_EMPTY(&sah->savtree_alive)) {
4511			SAH_ADDREF(sah);
4512			LIST_INSERT_HEAD(&emptyq, sah, drainq);
4513			continue;
4514		}
4515		/* Add all stale LARVAL SAs into drainq */
4516		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
4517			if (now - sav->created < V_key_larval_lifetime)
4518				continue;
4519			SAV_ADDREF(sav);
4520			LIST_INSERT_HEAD(&drainq, sav, drainq);
4521		}
4522		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
4523			/* lifetimes aren't specified */
4524			if (sav->lft_h == NULL)
4525				continue;
4526			SECASVAR_LOCK(sav);
4527			/*
4528			 * Check again with lock held, because it may
4529			 * be updated by SADB_UPDATE.
4530			 */
4531			if (sav->lft_h == NULL) {
4532				SECASVAR_UNLOCK(sav);
4533				continue;
4534			}
4535			/*
4536			 * RFC 2367:
4537			 * HARD lifetimes MUST take precedence over SOFT
4538			 * lifetimes, meaning if the HARD and SOFT lifetimes
4539			 * are the same, the HARD lifetime will appear on the
4540			 * EXPIRE message.
4541			 */
4542			/* check HARD lifetime */
4543			if ((sav->lft_h->addtime != 0 &&
4544			    now - sav->created > sav->lft_h->addtime) ||
4545			    (sav->lft_h->usetime != 0 && sav->firstused &&
4546			    now - sav->firstused > sav->lft_h->usetime) ||
4547			    (sav->lft_h->bytes != 0 && counter_u64_fetch(
4548			        sav->lft_c_bytes) > sav->lft_h->bytes)) {
4549				SECASVAR_UNLOCK(sav);
4550				SAV_ADDREF(sav);
4551				LIST_INSERT_HEAD(&hexpireq, sav, drainq);
4552				continue;
4553			}
4554			/* check SOFT lifetime (only for MATURE SAs) */
4555			if (sav->state == SADB_SASTATE_MATURE && (
4556			    (sav->lft_s->addtime != 0 &&
4557			    now - sav->created > sav->lft_s->addtime) ||
4558			    (sav->lft_s->usetime != 0 && sav->firstused &&
4559			    now - sav->firstused > sav->lft_s->usetime) ||
4560			    (sav->lft_s->bytes != 0 && counter_u64_fetch(
4561				sav->lft_c_bytes) > sav->lft_s->bytes))) {
4562				SECASVAR_UNLOCK(sav);
4563				SAV_ADDREF(sav);
4564				LIST_INSERT_HEAD(&sexpireq, sav, drainq);
4565				continue;
4566			}
4567			SECASVAR_UNLOCK(sav);
4568		}
4569	}
4570	SAHTREE_RUNLOCK();
4571
4572	if (LIST_EMPTY(&emptyq) && LIST_EMPTY(&drainq) &&
4573	    LIST_EMPTY(&hexpireq) && LIST_EMPTY(&sexpireq))
4574		return;
4575
4576	LIST_INIT(&freeq);
4577	SAHTREE_WLOCK();
4578	/* Unlink stale LARVAL SAs */
4579	sav = LIST_FIRST(&drainq);
4580	while (sav != NULL) {
4581		nextsav = LIST_NEXT(sav, drainq);
4582		/* Check that SA is still LARVAL */
4583		if (sav->state != SADB_SASTATE_LARVAL) {
4584			LIST_REMOVE(sav, drainq);
4585			LIST_INSERT_HEAD(&freeq, sav, drainq);
4586			sav = nextsav;
4587			continue;
4588		}
4589		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
4590		LIST_REMOVE(sav, spihash);
4591		sav->state = SADB_SASTATE_DEAD;
4592		sav = nextsav;
4593	}
4594	/* Unlink all SAs with expired HARD lifetime */
4595	sav = LIST_FIRST(&hexpireq);
4596	while (sav != NULL) {
4597		nextsav = LIST_NEXT(sav, drainq);
4598		/* Check that SA is not unlinked */
4599		if (sav->state == SADB_SASTATE_DEAD) {
4600			LIST_REMOVE(sav, drainq);
4601			LIST_INSERT_HEAD(&freeq, sav, drainq);
4602			sav = nextsav;
4603			continue;
4604		}
4605		TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
4606		LIST_REMOVE(sav, spihash);
4607		sav->state = SADB_SASTATE_DEAD;
4608		sav = nextsav;
4609	}
4610	/* Mark all SAs with expired SOFT lifetime as DYING */
4611	sav = LIST_FIRST(&sexpireq);
4612	while (sav != NULL) {
4613		nextsav = LIST_NEXT(sav, drainq);
4614		/* Check that SA is not unlinked */
4615		if (sav->state == SADB_SASTATE_DEAD) {
4616			LIST_REMOVE(sav, drainq);
4617			LIST_INSERT_HEAD(&freeq, sav, drainq);
4618			sav = nextsav;
4619			continue;
4620		}
4621		/*
4622		 * NOTE: this doesn't change SA order in the chain.
4623		 */
4624		sav->state = SADB_SASTATE_DYING;
4625		sav = nextsav;
4626	}
4627	/* Unlink empty SAHs */
4628	sah = LIST_FIRST(&emptyq);
4629	while (sah != NULL) {
4630		nextsah = LIST_NEXT(sah, drainq);
4631		/* Check that SAH is still empty and not unlinked */
4632		if (sah->state == SADB_SASTATE_DEAD ||
4633		    !TAILQ_EMPTY(&sah->savtree_larval) ||
4634		    !TAILQ_EMPTY(&sah->savtree_alive)) {
4635			LIST_REMOVE(sah, drainq);
4636			key_freesah(&sah); /* release extra reference */
4637			sah = nextsah;
4638			continue;
4639		}
4640		TAILQ_REMOVE(&V_sahtree, sah, chain);
4641		LIST_REMOVE(sah, addrhash);
4642		sah->state = SADB_SASTATE_DEAD;
4643		sah = nextsah;
4644	}
4645	SAHTREE_WUNLOCK();
4646
4647	/* Send SPDEXPIRE messages */
4648	sav = LIST_FIRST(&hexpireq);
4649	while (sav != NULL) {
4650		nextsav = LIST_NEXT(sav, drainq);
4651		key_expire(sav, 1);
4652		key_freesah(&sav->sah); /* release reference from SAV */
4653		key_freesav(&sav); /* release extra reference */
4654		key_freesav(&sav); /* release last reference */
4655		sav = nextsav;
4656	}
4657	sav = LIST_FIRST(&sexpireq);
4658	while (sav != NULL) {
4659		nextsav = LIST_NEXT(sav, drainq);
4660		key_expire(sav, 0);
4661		key_freesav(&sav); /* release extra reference */
4662		sav = nextsav;
4663	}
4664	/* Free stale LARVAL SAs */
4665	sav = LIST_FIRST(&drainq);
4666	while (sav != NULL) {
4667		nextsav = LIST_NEXT(sav, drainq);
4668		key_freesah(&sav->sah); /* release reference from SAV */
4669		key_freesav(&sav); /* release extra reference */
4670		key_freesav(&sav); /* release last reference */
4671		sav = nextsav;
4672	}
4673	/* Free SAs that were unlinked/changed by someone else */
4674	sav = LIST_FIRST(&freeq);
4675	while (sav != NULL) {
4676		nextsav = LIST_NEXT(sav, drainq);
4677		key_freesav(&sav); /* release extra reference */
4678		sav = nextsav;
4679	}
4680	/* Free empty SAH */
4681	sah = LIST_FIRST(&emptyq);
4682	while (sah != NULL) {
4683		nextsah = LIST_NEXT(sah, drainq);
4684		key_freesah(&sah); /* release extra reference */
4685		key_freesah(&sah); /* release last reference */
4686		sah = nextsah;
4687	}
4688}
4689
4690static void
4691key_flush_acq(time_t now)
4692{
4693	struct secacq *acq, *nextacq;
4694
4695	/* ACQ tree */
4696	ACQ_LOCK();
4697	acq = LIST_FIRST(&V_acqtree);
4698	while (acq != NULL) {
4699		nextacq = LIST_NEXT(acq, chain);
4700		if (now - acq->created > V_key_blockacq_lifetime) {
4701			LIST_REMOVE(acq, chain);
4702			LIST_REMOVE(acq, addrhash);
4703			LIST_REMOVE(acq, seqhash);
4704			free(acq, M_IPSEC_SAQ);
4705		}
4706		acq = nextacq;
4707	}
4708	ACQ_UNLOCK();
4709}
4710
4711static void
4712key_flush_spacq(time_t now)
4713{
4714	struct secspacq *acq, *nextacq;
4715
4716	/* SP ACQ tree */
4717	SPACQ_LOCK();
4718	for (acq = LIST_FIRST(&V_spacqtree); acq != NULL; acq = nextacq) {
4719		nextacq = LIST_NEXT(acq, chain);
4720		if (now - acq->created > V_key_blockacq_lifetime
4721		 && __LIST_CHAINED(acq)) {
4722			LIST_REMOVE(acq, chain);
4723			free(acq, M_IPSEC_SAQ);
4724		}
4725	}
4726	SPACQ_UNLOCK();
4727}
4728
4729/*
4730 * time handler.
4731 * scanning SPD and SAD to check status for each entries,
4732 * and do to remove or to expire.
4733 * XXX: year 2038 problem may remain.
4734 */
4735static void
4736key_timehandler(void *arg)
4737{
4738	VNET_ITERATOR_DECL(vnet_iter);
4739	time_t now = time_second;
4740
4741	VNET_LIST_RLOCK_NOSLEEP();
4742	VNET_FOREACH(vnet_iter) {
4743		CURVNET_SET(vnet_iter);
4744		key_flush_spd(now);
4745		key_flush_sad(now);
4746		key_flush_acq(now);
4747		key_flush_spacq(now);
4748		CURVNET_RESTORE();
4749	}
4750	VNET_LIST_RUNLOCK_NOSLEEP();
4751
4752#ifndef IPSEC_DEBUG2
4753	/* do exchange to tick time !! */
4754	callout_schedule(&key_timer, hz);
4755#endif /* IPSEC_DEBUG2 */
4756}
4757
4758u_long
4759key_random()
4760{
4761	u_long value;
4762
4763	arc4random_buf(&value, sizeof(value));
4764	return value;
4765}
4766
4767/*
4768 * map SADB_SATYPE_* to IPPROTO_*.
4769 * if satype == SADB_SATYPE then satype is mapped to ~0.
4770 * OUT:
4771 *	0: invalid satype.
4772 */
4773static uint8_t
4774key_satype2proto(uint8_t satype)
4775{
4776	switch (satype) {
4777	case SADB_SATYPE_UNSPEC:
4778		return IPSEC_PROTO_ANY;
4779	case SADB_SATYPE_AH:
4780		return IPPROTO_AH;
4781	case SADB_SATYPE_ESP:
4782		return IPPROTO_ESP;
4783	case SADB_X_SATYPE_IPCOMP:
4784		return IPPROTO_IPCOMP;
4785	case SADB_X_SATYPE_TCPSIGNATURE:
4786		return IPPROTO_TCP;
4787	default:
4788		return 0;
4789	}
4790	/* NOTREACHED */
4791}
4792
4793/*
4794 * map IPPROTO_* to SADB_SATYPE_*
4795 * OUT:
4796 *	0: invalid protocol type.
4797 */
4798static uint8_t
4799key_proto2satype(uint8_t proto)
4800{
4801	switch (proto) {
4802	case IPPROTO_AH:
4803		return SADB_SATYPE_AH;
4804	case IPPROTO_ESP:
4805		return SADB_SATYPE_ESP;
4806	case IPPROTO_IPCOMP:
4807		return SADB_X_SATYPE_IPCOMP;
4808	case IPPROTO_TCP:
4809		return SADB_X_SATYPE_TCPSIGNATURE;
4810	default:
4811		return 0;
4812	}
4813	/* NOTREACHED */
4814}
4815
4816/* %%% PF_KEY */
4817/*
4818 * SADB_GETSPI processing is to receive
4819 *	<base, (SA2), src address, dst address, (SPI range)>
4820 * from the IKMPd, to assign a unique spi value, to hang on the INBOUND
4821 * tree with the status of LARVAL, and send
4822 *	<base, SA(*), address(SD)>
4823 * to the IKMPd.
4824 *
4825 * IN:	mhp: pointer to the pointer to each header.
4826 * OUT:	NULL if fail.
4827 *	other if success, return pointer to the message to send.
4828 */
4829static int
4830key_getspi(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
4831{
4832	struct secasindex saidx;
4833	struct sadb_address *src0, *dst0;
4834	struct secasvar *sav;
4835	uint32_t reqid, spi;
4836	int error;
4837	uint8_t mode, proto;
4838
4839	IPSEC_ASSERT(so != NULL, ("null socket"));
4840	IPSEC_ASSERT(m != NULL, ("null mbuf"));
4841	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
4842	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
4843
4844	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
4845	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST)
4846#ifdef PFKEY_STRICT_CHECKS
4847	    || SADB_CHECKHDR(mhp, SADB_EXT_SPIRANGE)
4848#endif
4849	    ) {
4850		ipseclog((LOG_DEBUG,
4851		    "%s: invalid message: missing required header.\n",
4852		    __func__));
4853		error = EINVAL;
4854		goto fail;
4855	}
4856	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
4857	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)
4858#ifdef PFKEY_STRICT_CHECKS
4859	    || SADB_CHECKLEN(mhp, SADB_EXT_SPIRANGE)
4860#endif
4861	    ) {
4862		ipseclog((LOG_DEBUG,
4863		    "%s: invalid message: wrong header size.\n", __func__));
4864		error = EINVAL;
4865		goto fail;
4866	}
4867	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
4868		mode = IPSEC_MODE_ANY;
4869		reqid = 0;
4870	} else {
4871		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
4872			ipseclog((LOG_DEBUG,
4873			    "%s: invalid message: wrong header size.\n",
4874			    __func__));
4875			error = EINVAL;
4876			goto fail;
4877		}
4878		mode = ((struct sadb_x_sa2 *)
4879		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
4880		reqid = ((struct sadb_x_sa2 *)
4881		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
4882	}
4883
4884	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
4885	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
4886
4887	/* map satype to proto */
4888	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
4889		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
4890			__func__));
4891		error = EINVAL;
4892		goto fail;
4893	}
4894	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
4895	    (struct sockaddr *)(dst0 + 1));
4896	if (error != 0) {
4897		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
4898		error = EINVAL;
4899		goto fail;
4900	}
4901	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
4902
4903	/* SPI allocation */
4904	spi = key_do_getnewspi(
4905	    (struct sadb_spirange *)mhp->ext[SADB_EXT_SPIRANGE], &saidx);
4906	if (spi == 0) {
4907		/*
4908		 * Requested SPI or SPI range is not available or
4909		 * already used.
4910		 */
4911		error = EEXIST;
4912		goto fail;
4913	}
4914	sav = key_newsav(mhp, &saidx, spi, &error);
4915	if (sav == NULL)
4916		goto fail;
4917
4918	if (sav->seq != 0) {
4919		/*
4920		 * RFC2367:
4921		 * If the SADB_GETSPI message is in response to a
4922		 * kernel-generated SADB_ACQUIRE, the sadb_msg_seq
4923		 * MUST be the same as the SADB_ACQUIRE message.
4924		 *
4925		 * XXXAE: However it doesn't definethe behaviour how to
4926		 * check this and what to do if it doesn't match.
4927		 * Also what we should do if it matches?
4928		 *
4929		 * We can compare saidx used in SADB_ACQUIRE with saidx
4930		 * used in SADB_GETSPI, but this probably can break
4931		 * existing software. For now just warn if it doesn't match.
4932		 *
4933		 * XXXAE: anyway it looks useless.
4934		 */
4935		key_acqdone(&saidx, sav->seq);
4936	}
4937	KEYDBG(KEY_STAMP,
4938	    printf("%s: SA(%p)\n", __func__, sav));
4939	KEYDBG(KEY_DATA, kdebug_secasv(sav));
4940
4941    {
4942	struct mbuf *n, *nn;
4943	struct sadb_sa *m_sa;
4944	struct sadb_msg *newmsg;
4945	int off, len;
4946
4947	/* create new sadb_msg to reply. */
4948	len = PFKEY_ALIGN8(sizeof(struct sadb_msg)) +
4949	    PFKEY_ALIGN8(sizeof(struct sadb_sa));
4950
4951	MGETHDR(n, M_NOWAIT, MT_DATA);
4952	if (len > MHLEN) {
4953		if (!(MCLGET(n, M_NOWAIT))) {
4954			m_freem(n);
4955			n = NULL;
4956		}
4957	}
4958	if (!n) {
4959		error = ENOBUFS;
4960		goto fail;
4961	}
4962
4963	n->m_len = len;
4964	n->m_next = NULL;
4965	off = 0;
4966
4967	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
4968	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
4969
4970	m_sa = (struct sadb_sa *)(mtod(n, caddr_t) + off);
4971	m_sa->sadb_sa_len = PFKEY_UNIT64(sizeof(struct sadb_sa));
4972	m_sa->sadb_sa_exttype = SADB_EXT_SA;
4973	m_sa->sadb_sa_spi = spi; /* SPI is already in network byte order */
4974	off += PFKEY_ALIGN8(sizeof(struct sadb_sa));
4975
4976	IPSEC_ASSERT(off == len,
4977		("length inconsistency (off %u len %u)", off, len));
4978
4979	n->m_next = key_gather_mbuf(m, mhp, 0, 2, SADB_EXT_ADDRESS_SRC,
4980	    SADB_EXT_ADDRESS_DST);
4981	if (!n->m_next) {
4982		m_freem(n);
4983		error = ENOBUFS;
4984		goto fail;
4985	}
4986
4987	if (n->m_len < sizeof(struct sadb_msg)) {
4988		n = m_pullup(n, sizeof(struct sadb_msg));
4989		if (n == NULL)
4990			return key_sendup_mbuf(so, m, KEY_SENDUP_ONE);
4991	}
4992
4993	n->m_pkthdr.len = 0;
4994	for (nn = n; nn; nn = nn->m_next)
4995		n->m_pkthdr.len += nn->m_len;
4996
4997	newmsg = mtod(n, struct sadb_msg *);
4998	newmsg->sadb_msg_seq = sav->seq;
4999	newmsg->sadb_msg_errno = 0;
5000	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
5001
5002	m_freem(m);
5003	return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
5004    }
5005
5006fail:
5007	return (key_senderror(so, m, error));
5008}
5009
5010/*
5011 * allocating new SPI
5012 * called by key_getspi().
5013 * OUT:
5014 *	0:	failure.
5015 *	others: success, SPI in network byte order.
5016 */
5017static uint32_t
5018key_do_getnewspi(struct sadb_spirange *spirange, struct secasindex *saidx)
5019{
5020	uint32_t min, max, newspi, t;
5021	int count = V_key_spi_trycnt;
5022
5023	/* set spi range to allocate */
5024	if (spirange != NULL) {
5025		min = spirange->sadb_spirange_min;
5026		max = spirange->sadb_spirange_max;
5027	} else {
5028		min = V_key_spi_minval;
5029		max = V_key_spi_maxval;
5030	}
5031	/* IPCOMP needs 2-byte SPI */
5032	if (saidx->proto == IPPROTO_IPCOMP) {
5033		if (min >= 0x10000)
5034			min = 0xffff;
5035		if (max >= 0x10000)
5036			max = 0xffff;
5037		if (min > max) {
5038			t = min; min = max; max = t;
5039		}
5040	}
5041
5042	if (min == max) {
5043		if (!key_checkspidup(htonl(min))) {
5044			ipseclog((LOG_DEBUG, "%s: SPI %u exists already.\n",
5045			    __func__, min));
5046			return 0;
5047		}
5048
5049		count--; /* taking one cost. */
5050		newspi = min;
5051	} else {
5052
5053		/* init SPI */
5054		newspi = 0;
5055
5056		/* when requesting to allocate spi ranged */
5057		while (count--) {
5058			/* generate pseudo-random SPI value ranged. */
5059			newspi = min + (key_random() % (max - min + 1));
5060			if (!key_checkspidup(htonl(newspi)))
5061				break;
5062		}
5063
5064		if (count == 0 || newspi == 0) {
5065			ipseclog((LOG_DEBUG,
5066			    "%s: failed to allocate SPI.\n", __func__));
5067			return 0;
5068		}
5069	}
5070
5071	/* statistics */
5072	keystat.getspi_count =
5073	    (keystat.getspi_count + V_key_spi_trycnt - count) / 2;
5074
5075	return (htonl(newspi));
5076}
5077
5078/*
5079 * Find TCP-MD5 SA with corresponding secasindex.
5080 * If not found, return NULL and fill SPI with usable value if needed.
5081 */
5082static struct secasvar *
5083key_getsav_tcpmd5(struct secasindex *saidx, uint32_t *spi)
5084{
5085	SAHTREE_RLOCK_TRACKER;
5086	struct secashead *sah;
5087	struct secasvar *sav;
5088
5089	IPSEC_ASSERT(saidx->proto == IPPROTO_TCP, ("wrong proto"));
5090	SAHTREE_RLOCK();
5091	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
5092		if (sah->saidx.proto != IPPROTO_TCP)
5093			continue;
5094		if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
5095		    !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
5096			break;
5097	}
5098	if (sah != NULL) {
5099		if (V_key_preferred_oldsa)
5100			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
5101		else
5102			sav = TAILQ_FIRST(&sah->savtree_alive);
5103		if (sav != NULL) {
5104			SAV_ADDREF(sav);
5105			SAHTREE_RUNLOCK();
5106			return (sav);
5107		}
5108	}
5109	if (spi == NULL) {
5110		/* No SPI required */
5111		SAHTREE_RUNLOCK();
5112		return (NULL);
5113	}
5114	/* Check that SPI is unique */
5115	LIST_FOREACH(sav, SAVHASH_HASH(*spi), spihash) {
5116		if (sav->spi == *spi)
5117			break;
5118	}
5119	if (sav == NULL) {
5120		SAHTREE_RUNLOCK();
5121		/* SPI is already unique */
5122		return (NULL);
5123	}
5124	SAHTREE_RUNLOCK();
5125	/* XXX: not optimal */
5126	*spi = key_do_getnewspi(NULL, saidx);
5127	return (NULL);
5128}
5129
5130static int
5131key_updateaddresses(struct socket *so, struct mbuf *m,
5132    const struct sadb_msghdr *mhp, struct secasvar *sav,
5133    struct secasindex *saidx)
5134{
5135	struct sockaddr *newaddr;
5136	struct secashead *sah;
5137	struct secasvar *newsav, *tmp;
5138	struct mbuf *n;
5139	int error, isnew;
5140
5141	/* Check that we need to change SAH */
5142	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC)) {
5143		newaddr = (struct sockaddr *)(
5144		    ((struct sadb_address *)
5145		    mhp->ext[SADB_X_EXT_NEW_ADDRESS_SRC]) + 1);
5146		bcopy(newaddr, &saidx->src, newaddr->sa_len);
5147		key_porttosaddr(&saidx->src.sa, 0);
5148	}
5149	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST)) {
5150		newaddr = (struct sockaddr *)(
5151		    ((struct sadb_address *)
5152		    mhp->ext[SADB_X_EXT_NEW_ADDRESS_DST]) + 1);
5153		bcopy(newaddr, &saidx->dst, newaddr->sa_len);
5154		key_porttosaddr(&saidx->dst.sa, 0);
5155	}
5156	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC) ||
5157	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST)) {
5158		error = key_checksockaddrs(&saidx->src.sa, &saidx->dst.sa);
5159		if (error != 0) {
5160			ipseclog((LOG_DEBUG, "%s: invalid new sockaddr.\n",
5161			    __func__));
5162			return (error);
5163		}
5164
5165		sah = key_getsah(saidx);
5166		if (sah == NULL) {
5167			/* create a new SA index */
5168			sah = key_newsah(saidx);
5169			if (sah == NULL) {
5170				ipseclog((LOG_DEBUG,
5171				    "%s: No more memory.\n", __func__));
5172				return (ENOBUFS);
5173			}
5174			isnew = 2; /* SAH is new */
5175		} else
5176			isnew = 1; /* existing SAH is referenced */
5177	} else {
5178		/*
5179		 * src and dst addresses are still the same.
5180		 * Do we want to change NAT-T config?
5181		 */
5182		if (sav->sah->saidx.proto != IPPROTO_ESP ||
5183		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5184		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_SPORT) ||
5185		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5186			ipseclog((LOG_DEBUG,
5187			    "%s: invalid message: missing required header.\n",
5188			    __func__));
5189			return (EINVAL);
5190		}
5191		/* We hold reference to SA, thus SAH will be referenced too. */
5192		sah = sav->sah;
5193		isnew = 0;
5194	}
5195
5196	newsav = malloc(sizeof(struct secasvar), M_IPSEC_SA,
5197	    M_NOWAIT | M_ZERO);
5198	if (newsav == NULL) {
5199		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5200		error = ENOBUFS;
5201		goto fail;
5202	}
5203
5204	/* Clone SA's content into newsav */
5205	SAV_INITREF(newsav);
5206	bcopy(sav, newsav, offsetof(struct secasvar, chain));
5207	/*
5208	 * We create new NAT-T config if it is needed.
5209	 * Old NAT-T config will be freed by key_cleansav() when
5210	 * last reference to SA will be released.
5211	 */
5212	newsav->natt = NULL;
5213	newsav->sah = sah;
5214	newsav->state = SADB_SASTATE_MATURE;
5215	error = key_setnatt(newsav, mhp);
5216	if (error != 0)
5217		goto fail;
5218
5219	SAHTREE_WLOCK();
5220	/* Check that SA is still alive */
5221	if (sav->state == SADB_SASTATE_DEAD) {
5222		/* SA was unlinked */
5223		SAHTREE_WUNLOCK();
5224		error = ESRCH;
5225		goto fail;
5226	}
5227
5228	/* Unlink SA from SAH and SPI hash */
5229	IPSEC_ASSERT((sav->flags & SADB_X_EXT_F_CLONED) == 0,
5230	    ("SA is already cloned"));
5231	IPSEC_ASSERT(sav->state == SADB_SASTATE_MATURE ||
5232	    sav->state == SADB_SASTATE_DYING,
5233	    ("Wrong SA state %u\n", sav->state));
5234	TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
5235	LIST_REMOVE(sav, spihash);
5236	sav->state = SADB_SASTATE_DEAD;
5237
5238	/*
5239	 * Link new SA with SAH. Keep SAs ordered by
5240	 * create time (newer are first).
5241	 */
5242	TAILQ_FOREACH(tmp, &sah->savtree_alive, chain) {
5243		if (newsav->created > tmp->created) {
5244			TAILQ_INSERT_BEFORE(tmp, newsav, chain);
5245			break;
5246		}
5247	}
5248	if (tmp == NULL)
5249		TAILQ_INSERT_TAIL(&sah->savtree_alive, newsav, chain);
5250
5251	/* Add new SA into SPI hash. */
5252	LIST_INSERT_HEAD(SAVHASH_HASH(newsav->spi), newsav, spihash);
5253
5254	/* Add new SAH into SADB. */
5255	if (isnew == 2) {
5256		TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
5257		LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
5258		sah->state = SADB_SASTATE_MATURE;
5259		SAH_ADDREF(sah); /* newsav references new SAH */
5260	}
5261	/*
5262	 * isnew == 1 -> @sah was referenced by key_getsah().
5263	 * isnew == 0 -> we use the same @sah, that was used by @sav,
5264	 *	and we use its reference for @newsav.
5265	 */
5266	SECASVAR_LOCK(sav);
5267	/* XXX: replace cntr with pointer? */
5268	newsav->cntr = sav->cntr;
5269	sav->flags |= SADB_X_EXT_F_CLONED;
5270	SECASVAR_UNLOCK(sav);
5271
5272	SAHTREE_WUNLOCK();
5273
5274	KEYDBG(KEY_STAMP,
5275	    printf("%s: SA(%p) cloned into SA(%p)\n",
5276	    __func__, sav, newsav));
5277	KEYDBG(KEY_DATA, kdebug_secasv(newsav));
5278
5279	key_freesav(&sav); /* release last reference */
5280
5281	/* set msg buf from mhp */
5282	n = key_getmsgbuf_x1(m, mhp);
5283	if (n == NULL) {
5284		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5285		return (ENOBUFS);
5286	}
5287	m_freem(m);
5288	key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5289	return (0);
5290fail:
5291	if (isnew != 0)
5292		key_freesah(&sah);
5293	if (newsav != NULL) {
5294		if (newsav->natt != NULL)
5295			free(newsav->natt, M_IPSEC_MISC);
5296		free(newsav, M_IPSEC_SA);
5297	}
5298	return (error);
5299}
5300
5301/*
5302 * SADB_UPDATE processing
5303 * receive
5304 *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5305 *       key(AE), (identity(SD),) (sensitivity)>
5306 * from the ikmpd, and update a secasvar entry whose status is SADB_SASTATE_LARVAL.
5307 * and send
5308 *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5309 *       (identity(SD),) (sensitivity)>
5310 * to the ikmpd.
5311 *
5312 * m will always be freed.
5313 */
5314static int
5315key_update(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5316{
5317	struct secasindex saidx;
5318	struct sadb_address *src0, *dst0;
5319	struct sadb_sa *sa0;
5320	struct secasvar *sav;
5321	uint32_t reqid;
5322	int error;
5323	uint8_t mode, proto;
5324
5325	IPSEC_ASSERT(so != NULL, ("null socket"));
5326	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5327	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5328	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5329
5330	/* map satype to proto */
5331	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5332		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5333		    __func__));
5334		return key_senderror(so, m, EINVAL);
5335	}
5336
5337	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
5338	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5339	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5340	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
5341		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
5342	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
5343		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
5344		ipseclog((LOG_DEBUG,
5345		    "%s: invalid message: missing required header.\n",
5346		    __func__));
5347		return key_senderror(so, m, EINVAL);
5348	}
5349	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
5350	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5351	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5352		ipseclog((LOG_DEBUG,
5353		    "%s: invalid message: wrong header size.\n", __func__));
5354		return key_senderror(so, m, EINVAL);
5355	}
5356	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
5357		mode = IPSEC_MODE_ANY;
5358		reqid = 0;
5359	} else {
5360		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
5361			ipseclog((LOG_DEBUG,
5362			    "%s: invalid message: wrong header size.\n",
5363			    __func__));
5364			return key_senderror(so, m, EINVAL);
5365		}
5366		mode = ((struct sadb_x_sa2 *)
5367		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
5368		reqid = ((struct sadb_x_sa2 *)
5369		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
5370	}
5371
5372	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5373	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
5374	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
5375
5376	/*
5377	 * Only SADB_SASTATE_MATURE SAs may be submitted in an
5378	 * SADB_UPDATE message.
5379	 */
5380	if (sa0->sadb_sa_state != SADB_SASTATE_MATURE) {
5381		ipseclog((LOG_DEBUG, "%s: invalid state.\n", __func__));
5382#ifdef PFKEY_STRICT_CHECKS
5383		return key_senderror(so, m, EINVAL);
5384#endif
5385	}
5386	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
5387	    (struct sockaddr *)(dst0 + 1));
5388	if (error != 0) {
5389		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5390		return key_senderror(so, m, error);
5391	}
5392	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
5393	sav = key_getsavbyspi(sa0->sadb_sa_spi);
5394	if (sav == NULL) {
5395		ipseclog((LOG_DEBUG, "%s: no SA found for SPI %u\n",
5396		    __func__, ntohl(sa0->sadb_sa_spi)));
5397		return key_senderror(so, m, EINVAL);
5398	}
5399	/*
5400	 * Check that SADB_UPDATE issued by the same process that did
5401	 * SADB_GETSPI or SADB_ADD.
5402	 */
5403	if (sav->pid != mhp->msg->sadb_msg_pid) {
5404		ipseclog((LOG_DEBUG,
5405		    "%s: pid mismatched (SPI %u, pid %u vs. %u)\n", __func__,
5406		    ntohl(sav->spi), sav->pid, mhp->msg->sadb_msg_pid));
5407		key_freesav(&sav);
5408		return key_senderror(so, m, EINVAL);
5409	}
5410	/* saidx should match with SA. */
5411	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_MODE_REQID) == 0) {
5412		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u\n",
5413		    __func__, ntohl(sav->spi)));
5414		key_freesav(&sav);
5415		return key_senderror(so, m, ESRCH);
5416	}
5417
5418	if (sav->state == SADB_SASTATE_LARVAL) {
5419		if ((mhp->msg->sadb_msg_satype == SADB_SATYPE_ESP &&
5420		    SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT)) ||
5421		    (mhp->msg->sadb_msg_satype == SADB_SATYPE_AH &&
5422		    SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH))) {
5423			ipseclog((LOG_DEBUG,
5424			    "%s: invalid message: missing required header.\n",
5425			    __func__));
5426			key_freesav(&sav);
5427			return key_senderror(so, m, EINVAL);
5428		}
5429		/*
5430		 * We can set any values except src, dst and SPI.
5431		 */
5432		error = key_setsaval(sav, mhp);
5433		if (error != 0) {
5434			key_freesav(&sav);
5435			return (key_senderror(so, m, error));
5436		}
5437		/* Change SA state to MATURE */
5438		SAHTREE_WLOCK();
5439		if (sav->state != SADB_SASTATE_LARVAL) {
5440			/* SA was deleted or another thread made it MATURE. */
5441			SAHTREE_WUNLOCK();
5442			key_freesav(&sav);
5443			return (key_senderror(so, m, ESRCH));
5444		}
5445		/*
5446		 * NOTE: we keep SAs in savtree_alive ordered by created
5447		 * time. When SA's state changed from LARVAL to MATURE,
5448		 * we update its created time in key_setsaval() and move
5449		 * it into head of savtree_alive.
5450		 */
5451		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
5452		TAILQ_INSERT_HEAD(&sav->sah->savtree_alive, sav, chain);
5453		sav->state = SADB_SASTATE_MATURE;
5454		SAHTREE_WUNLOCK();
5455	} else {
5456		/*
5457		 * For DYING and MATURE SA we can change only state
5458		 * and lifetimes. Report EINVAL if something else attempted
5459		 * to change.
5460		 */
5461		if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT) ||
5462		    !SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH)) {
5463			key_freesav(&sav);
5464			return (key_senderror(so, m, EINVAL));
5465		}
5466		error = key_updatelifetimes(sav, mhp);
5467		if (error != 0) {
5468			key_freesav(&sav);
5469			return (key_senderror(so, m, error));
5470		}
5471		/*
5472		 * This is FreeBSD extension to RFC2367.
5473		 * IKEd can specify SADB_X_EXT_NEW_ADDRESS_SRC and/or
5474		 * SADB_X_EXT_NEW_ADDRESS_DST when it wants to change
5475		 * SA addresses (for example to implement MOBIKE protocol
5476		 * as described in RFC4555). Also we allow to change
5477		 * NAT-T config.
5478		 */
5479		if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC) ||
5480		    !SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST) ||
5481		    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5482		    sav->natt != NULL) {
5483			error = key_updateaddresses(so, m, mhp, sav, &saidx);
5484			key_freesav(&sav);
5485			if (error != 0)
5486				return (key_senderror(so, m, error));
5487			return (0);
5488		}
5489		/* Check that SA is still alive */
5490		SAHTREE_WLOCK();
5491		if (sav->state == SADB_SASTATE_DEAD) {
5492			/* SA was unlinked */
5493			SAHTREE_WUNLOCK();
5494			key_freesav(&sav);
5495			return (key_senderror(so, m, ESRCH));
5496		}
5497		/*
5498		 * NOTE: there is possible state moving from DYING to MATURE,
5499		 * but this doesn't change created time, so we won't reorder
5500		 * this SA.
5501		 */
5502		sav->state = SADB_SASTATE_MATURE;
5503		SAHTREE_WUNLOCK();
5504	}
5505	KEYDBG(KEY_STAMP,
5506	    printf("%s: SA(%p)\n", __func__, sav));
5507	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5508	key_freesav(&sav);
5509
5510    {
5511	struct mbuf *n;
5512
5513	/* set msg buf from mhp */
5514	n = key_getmsgbuf_x1(m, mhp);
5515	if (n == NULL) {
5516		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5517		return key_senderror(so, m, ENOBUFS);
5518	}
5519
5520	m_freem(m);
5521	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5522    }
5523}
5524
5525/*
5526 * SADB_ADD processing
5527 * add an entry to SA database, when received
5528 *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5529 *       key(AE), (identity(SD),) (sensitivity)>
5530 * from the ikmpd,
5531 * and send
5532 *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5533 *       (identity(SD),) (sensitivity)>
5534 * to the ikmpd.
5535 *
5536 * IGNORE identity and sensitivity messages.
5537 *
5538 * m will always be freed.
5539 */
5540static int
5541key_add(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5542{
5543	struct secasindex saidx;
5544	struct sadb_address *src0, *dst0;
5545	struct sadb_sa *sa0;
5546	struct secasvar *sav;
5547	uint32_t reqid, spi;
5548	uint8_t mode, proto;
5549	int error;
5550
5551	IPSEC_ASSERT(so != NULL, ("null socket"));
5552	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5553	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5554	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5555
5556	/* map satype to proto */
5557	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5558		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5559		    __func__));
5560		return key_senderror(so, m, EINVAL);
5561	}
5562
5563	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
5564	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5565	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5566	    (mhp->msg->sadb_msg_satype == SADB_SATYPE_ESP && (
5567		SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT) ||
5568		SADB_CHECKLEN(mhp, SADB_EXT_KEY_ENCRYPT))) ||
5569	    (mhp->msg->sadb_msg_satype == SADB_SATYPE_AH && (
5570		SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH) ||
5571		SADB_CHECKLEN(mhp, SADB_EXT_KEY_AUTH))) ||
5572	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
5573		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
5574	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
5575		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
5576		ipseclog((LOG_DEBUG,
5577		    "%s: invalid message: missing required header.\n",
5578		    __func__));
5579		return key_senderror(so, m, EINVAL);
5580	}
5581	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
5582	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5583	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5584		ipseclog((LOG_DEBUG,
5585		    "%s: invalid message: wrong header size.\n", __func__));
5586		return key_senderror(so, m, EINVAL);
5587	}
5588	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
5589		mode = IPSEC_MODE_ANY;
5590		reqid = 0;
5591	} else {
5592		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
5593			ipseclog((LOG_DEBUG,
5594			    "%s: invalid message: wrong header size.\n",
5595			    __func__));
5596			return key_senderror(so, m, EINVAL);
5597		}
5598		mode = ((struct sadb_x_sa2 *)
5599		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
5600		reqid = ((struct sadb_x_sa2 *)
5601		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
5602	}
5603
5604	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5605	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
5606	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
5607
5608	/*
5609	 * Only SADB_SASTATE_MATURE SAs may be submitted in an
5610	 * SADB_ADD message.
5611	 */
5612	if (sa0->sadb_sa_state != SADB_SASTATE_MATURE) {
5613		ipseclog((LOG_DEBUG, "%s: invalid state.\n", __func__));
5614#ifdef PFKEY_STRICT_CHECKS
5615		return key_senderror(so, m, EINVAL);
5616#endif
5617	}
5618	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
5619	    (struct sockaddr *)(dst0 + 1));
5620	if (error != 0) {
5621		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5622		return key_senderror(so, m, error);
5623	}
5624	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
5625	spi = sa0->sadb_sa_spi;
5626	/*
5627	 * For TCP-MD5 SAs we don't use SPI. Check the uniqueness using
5628	 * secasindex.
5629	 * XXXAE: IPComp seems also doesn't use SPI.
5630	 */
5631	if (proto == IPPROTO_TCP) {
5632		sav = key_getsav_tcpmd5(&saidx, &spi);
5633		if (sav == NULL && spi == 0) {
5634			/* Failed to allocate SPI */
5635			ipseclog((LOG_DEBUG, "%s: SA already exists.\n",
5636			    __func__));
5637			return key_senderror(so, m, EEXIST);
5638		}
5639		/* XXX: SPI that we report back can have another value */
5640	} else {
5641		/* We can create new SA only if SPI is different. */
5642		sav = key_getsavbyspi(spi);
5643	}
5644	if (sav != NULL) {
5645		key_freesav(&sav);
5646		ipseclog((LOG_DEBUG, "%s: SA already exists.\n", __func__));
5647		return key_senderror(so, m, EEXIST);
5648	}
5649
5650	sav = key_newsav(mhp, &saidx, spi, &error);
5651	if (sav == NULL)
5652		return key_senderror(so, m, error);
5653	KEYDBG(KEY_STAMP,
5654	    printf("%s: return SA(%p)\n", __func__, sav));
5655	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5656	/*
5657	 * If SADB_ADD was in response to SADB_ACQUIRE, we need to schedule
5658	 * ACQ for deletion.
5659	 */
5660	if (sav->seq != 0)
5661		key_acqdone(&saidx, sav->seq);
5662
5663    {
5664	/*
5665	 * Don't call key_freesav() on error here, as we would like to
5666	 * keep the SA in the database.
5667	 */
5668	struct mbuf *n;
5669
5670	/* set msg buf from mhp */
5671	n = key_getmsgbuf_x1(m, mhp);
5672	if (n == NULL) {
5673		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5674		return key_senderror(so, m, ENOBUFS);
5675	}
5676
5677	m_freem(m);
5678	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5679    }
5680}
5681
5682/*
5683 * NAT-T support.
5684 * IKEd may request the use ESP in UDP encapsulation when it detects the
5685 * presence of NAT. It uses NAT-T extension headers for such SAs to specify
5686 * parameters needed for encapsulation and decapsulation. These PF_KEY
5687 * extension headers are not standardized, so this comment addresses our
5688 * implementation.
5689 * SADB_X_EXT_NAT_T_TYPE specifies type of encapsulation, we support only
5690 * UDP_ENCAP_ESPINUDP as described in RFC3948.
5691 * SADB_X_EXT_NAT_T_SPORT/DPORT specifies source and destination ports for
5692 * UDP header. We use these ports in UDP encapsulation procedure, also we
5693 * can check them in UDP decapsulation procedure.
5694 * SADB_X_EXT_NAT_T_OA[IR] specifies original address of initiator or
5695 * responder. These addresses can be used for transport mode to adjust
5696 * checksum after decapsulation and decryption. Since original IP addresses
5697 * used by peer usually different (we detected presence of NAT), TCP/UDP
5698 * pseudo header checksum and IP header checksum was calculated using original
5699 * addresses. After decapsulation and decryption we need to adjust checksum
5700 * to have correct datagram.
5701 *
5702 * We expect presence of NAT-T extension headers only in SADB_ADD and
5703 * SADB_UPDATE messages. We report NAT-T extension headers in replies
5704 * to SADB_ADD, SADB_UPDATE, SADB_GET, and SADB_DUMP messages.
5705 */
5706static int
5707key_setnatt(struct secasvar *sav, const struct sadb_msghdr *mhp)
5708{
5709	struct sadb_x_nat_t_port *port;
5710	struct sadb_x_nat_t_type *type;
5711	struct sadb_address *oai, *oar;
5712	struct sockaddr *sa;
5713	uint32_t addr;
5714	uint16_t cksum;
5715
5716	IPSEC_ASSERT(sav->natt == NULL, ("natt is already initialized"));
5717	/*
5718	 * Ignore NAT-T headers if sproto isn't ESP.
5719	 */
5720	if (sav->sah->saidx.proto != IPPROTO_ESP)
5721		return (0);
5722
5723	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) &&
5724	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_SPORT) &&
5725	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5726		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5727		    SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_SPORT) ||
5728		    SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5729			ipseclog((LOG_DEBUG,
5730			    "%s: invalid message: wrong header size.\n",
5731			    __func__));
5732			return (EINVAL);
5733		}
5734	} else
5735		return (0);
5736
5737	type = (struct sadb_x_nat_t_type *)mhp->ext[SADB_X_EXT_NAT_T_TYPE];
5738	if (type->sadb_x_nat_t_type_type != UDP_ENCAP_ESPINUDP) {
5739		ipseclog((LOG_DEBUG, "%s: unsupported NAT-T type %u.\n",
5740		    __func__, type->sadb_x_nat_t_type_type));
5741		return (EINVAL);
5742	}
5743	/*
5744	 * Allocate storage for NAT-T config.
5745	 * On error it will be released by key_cleansav().
5746	 */
5747	sav->natt = malloc(sizeof(struct secnatt), M_IPSEC_MISC,
5748	    M_NOWAIT | M_ZERO);
5749	if (sav->natt == NULL) {
5750		PFKEYSTAT_INC(in_nomem);
5751		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5752		return (ENOBUFS);
5753	}
5754	port = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_SPORT];
5755	if (port->sadb_x_nat_t_port_port == 0) {
5756		ipseclog((LOG_DEBUG, "%s: invalid NAT-T sport specified.\n",
5757		    __func__));
5758		return (EINVAL);
5759	}
5760	sav->natt->sport = port->sadb_x_nat_t_port_port;
5761	port = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_DPORT];
5762	if (port->sadb_x_nat_t_port_port == 0) {
5763		ipseclog((LOG_DEBUG, "%s: invalid NAT-T dport specified.\n",
5764		    __func__));
5765		return (EINVAL);
5766	}
5767	sav->natt->dport = port->sadb_x_nat_t_port_port;
5768
5769	/*
5770	 * SADB_X_EXT_NAT_T_OAI and SADB_X_EXT_NAT_T_OAR are optional
5771	 * and needed only for transport mode IPsec.
5772	 * Usually NAT translates only one address, but it is possible,
5773	 * that both addresses could be translated.
5774	 * NOTE: Value of SADB_X_EXT_NAT_T_OAI is equal to SADB_X_EXT_NAT_T_OA.
5775	 */
5776	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_OAI)) {
5777		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_OAI)) {
5778			ipseclog((LOG_DEBUG,
5779			    "%s: invalid message: wrong header size.\n",
5780			    __func__));
5781			return (EINVAL);
5782		}
5783		oai = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAI];
5784	} else
5785		oai = NULL;
5786	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_OAR)) {
5787		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_OAR)) {
5788			ipseclog((LOG_DEBUG,
5789			    "%s: invalid message: wrong header size.\n",
5790			    __func__));
5791			return (EINVAL);
5792		}
5793		oar = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAR];
5794	} else
5795		oar = NULL;
5796
5797	/* Initialize addresses only for transport mode */
5798	if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL) {
5799		cksum = 0;
5800		if (oai != NULL) {
5801			/* Currently we support only AF_INET */
5802			sa = (struct sockaddr *)(oai + 1);
5803			if (sa->sa_family != AF_INET ||
5804			    sa->sa_len != sizeof(struct sockaddr_in)) {
5805				ipseclog((LOG_DEBUG,
5806				    "%s: wrong NAT-OAi header.\n",
5807				    __func__));
5808				return (EINVAL);
5809			}
5810			/* Ignore address if it the same */
5811			if (((struct sockaddr_in *)sa)->sin_addr.s_addr !=
5812			    sav->sah->saidx.src.sin.sin_addr.s_addr) {
5813				bcopy(sa, &sav->natt->oai.sa, sa->sa_len);
5814				sav->natt->flags |= IPSEC_NATT_F_OAI;
5815				/* Calculate checksum delta */
5816				addr = sav->sah->saidx.src.sin.sin_addr.s_addr;
5817				cksum = in_addword(cksum, ~addr >> 16);
5818				cksum = in_addword(cksum, ~addr & 0xffff);
5819				addr = sav->natt->oai.sin.sin_addr.s_addr;
5820				cksum = in_addword(cksum, addr >> 16);
5821				cksum = in_addword(cksum, addr & 0xffff);
5822			}
5823		}
5824		if (oar != NULL) {
5825			/* Currently we support only AF_INET */
5826			sa = (struct sockaddr *)(oar + 1);
5827			if (sa->sa_family != AF_INET ||
5828			    sa->sa_len != sizeof(struct sockaddr_in)) {
5829				ipseclog((LOG_DEBUG,
5830				    "%s: wrong NAT-OAr header.\n",
5831				    __func__));
5832				return (EINVAL);
5833			}
5834			/* Ignore address if it the same */
5835			if (((struct sockaddr_in *)sa)->sin_addr.s_addr !=
5836			    sav->sah->saidx.dst.sin.sin_addr.s_addr) {
5837				bcopy(sa, &sav->natt->oar.sa, sa->sa_len);
5838				sav->natt->flags |= IPSEC_NATT_F_OAR;
5839				/* Calculate checksum delta */
5840				addr = sav->sah->saidx.dst.sin.sin_addr.s_addr;
5841				cksum = in_addword(cksum, ~addr >> 16);
5842				cksum = in_addword(cksum, ~addr & 0xffff);
5843				addr = sav->natt->oar.sin.sin_addr.s_addr;
5844				cksum = in_addword(cksum, addr >> 16);
5845				cksum = in_addword(cksum, addr & 0xffff);
5846			}
5847		}
5848		sav->natt->cksum = cksum;
5849	}
5850	return (0);
5851}
5852
5853static int
5854key_setident(struct secashead *sah, const struct sadb_msghdr *mhp)
5855{
5856	const struct sadb_ident *idsrc, *iddst;
5857
5858	IPSEC_ASSERT(sah != NULL, ("null secashead"));
5859	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5860	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5861
5862	/* don't make buffer if not there */
5863	if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) &&
5864	    SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) {
5865		sah->idents = NULL;
5866		sah->identd = NULL;
5867		return (0);
5868	}
5869
5870	if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) ||
5871	    SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) {
5872		ipseclog((LOG_DEBUG, "%s: invalid identity.\n", __func__));
5873		return (EINVAL);
5874	}
5875
5876	idsrc = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_SRC];
5877	iddst = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_DST];
5878
5879	/* validity check */
5880	if (idsrc->sadb_ident_type != iddst->sadb_ident_type) {
5881		ipseclog((LOG_DEBUG, "%s: ident type mismatch.\n", __func__));
5882		return EINVAL;
5883	}
5884
5885	switch (idsrc->sadb_ident_type) {
5886	case SADB_IDENTTYPE_PREFIX:
5887	case SADB_IDENTTYPE_FQDN:
5888	case SADB_IDENTTYPE_USERFQDN:
5889	default:
5890		/* XXX do nothing */
5891		sah->idents = NULL;
5892		sah->identd = NULL;
5893	 	return 0;
5894	}
5895
5896	/* make structure */
5897	sah->idents = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5898	if (sah->idents == NULL) {
5899		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5900		return ENOBUFS;
5901	}
5902	sah->identd = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5903	if (sah->identd == NULL) {
5904		free(sah->idents, M_IPSEC_MISC);
5905		sah->idents = NULL;
5906		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5907		return ENOBUFS;
5908	}
5909	sah->idents->type = idsrc->sadb_ident_type;
5910	sah->idents->id = idsrc->sadb_ident_id;
5911
5912	sah->identd->type = iddst->sadb_ident_type;
5913	sah->identd->id = iddst->sadb_ident_id;
5914
5915	return 0;
5916}
5917
5918/*
5919 * m will not be freed on return.
5920 * it is caller's responsibility to free the result.
5921 *
5922 * Called from SADB_ADD and SADB_UPDATE. Reply will contain headers
5923 * from the request in defined order.
5924 */
5925static struct mbuf *
5926key_getmsgbuf_x1(struct mbuf *m, const struct sadb_msghdr *mhp)
5927{
5928	struct mbuf *n;
5929
5930	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5931	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5932	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5933
5934	/* create new sadb_msg to reply. */
5935	n = key_gather_mbuf(m, mhp, 1, 16, SADB_EXT_RESERVED,
5936	    SADB_EXT_SA, SADB_X_EXT_SA2,
5937	    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST,
5938	    SADB_EXT_LIFETIME_HARD, SADB_EXT_LIFETIME_SOFT,
5939	    SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST,
5940	    SADB_X_EXT_NAT_T_TYPE, SADB_X_EXT_NAT_T_SPORT,
5941	    SADB_X_EXT_NAT_T_DPORT, SADB_X_EXT_NAT_T_OAI,
5942	    SADB_X_EXT_NAT_T_OAR, SADB_X_EXT_NEW_ADDRESS_SRC,
5943	    SADB_X_EXT_NEW_ADDRESS_DST);
5944	if (!n)
5945		return NULL;
5946
5947	if (n->m_len < sizeof(struct sadb_msg)) {
5948		n = m_pullup(n, sizeof(struct sadb_msg));
5949		if (n == NULL)
5950			return NULL;
5951	}
5952	mtod(n, struct sadb_msg *)->sadb_msg_errno = 0;
5953	mtod(n, struct sadb_msg *)->sadb_msg_len =
5954	    PFKEY_UNIT64(n->m_pkthdr.len);
5955
5956	return n;
5957}
5958
5959/*
5960 * SADB_DELETE processing
5961 * receive
5962 *   <base, SA(*), address(SD)>
5963 * from the ikmpd, and set SADB_SASTATE_DEAD,
5964 * and send,
5965 *   <base, SA(*), address(SD)>
5966 * to the ikmpd.
5967 *
5968 * m will always be freed.
5969 */
5970static int
5971key_delete(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5972{
5973	struct secasindex saidx;
5974	struct sadb_address *src0, *dst0;
5975	struct secasvar *sav;
5976	struct sadb_sa *sa0;
5977	uint8_t proto;
5978
5979	IPSEC_ASSERT(so != NULL, ("null socket"));
5980	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5981	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5982	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5983
5984	/* map satype to proto */