Lines Matching refs:assoc
348 sadb_delete_cluster(ipsa_t *assoc) in sadb_delete_cluster() argument
353 ((assoc->ipsa_state == IPSA_STATE_LARVAL) || in sadb_delete_cluster()
354 (assoc->ipsa_state == IPSA_STATE_MATURE))) { in sadb_delete_cluster()
355 protocol = (assoc->ipsa_type == SADB_SATYPE_AH) ? in sadb_delete_cluster()
357 cl_inet_deletespi(assoc->ipsa_netstack->netstack_stackid, in sadb_delete_cluster()
358 protocol, assoc->ipsa_spi, NULL); in sadb_delete_cluster()
1088 sadb_sa_t *assoc; in sadb_sa2msg() local
1266 assoc = (sadb_sa_t *)(newsamsg + 1); in sadb_sa2msg()
1267 assoc->sadb_sa_len = SADB_8TO64(sizeof (*assoc)); in sadb_sa2msg()
1268 assoc->sadb_sa_exttype = SADB_EXT_SA; in sadb_sa2msg()
1269 assoc->sadb_sa_spi = ipsa->ipsa_spi; in sadb_sa2msg()
1270 assoc->sadb_sa_replay = ipsa->ipsa_replay_wsize; in sadb_sa2msg()
1271 assoc->sadb_sa_state = ipsa->ipsa_state; in sadb_sa2msg()
1272 assoc->sadb_sa_auth = ipsa->ipsa_auth_alg; in sadb_sa2msg()
1273 assoc->sadb_sa_encrypt = ipsa->ipsa_encr_alg; in sadb_sa2msg()
1274 assoc->sadb_sa_flags = ipsa->ipsa_flags; in sadb_sa2msg()
1276 lt = (sadb_lifetime_t *)(assoc + 1); in sadb_sa2msg()
2232 sq->assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA]; in sadb_form_query()
2242 if ((req & IPSA_Q_SA) && (sq->assoc == NULL)) { in sadb_form_query()
2249 sq->spi = sq->assoc->sadb_sa_spi; in sadb_form_query()
2364 sq->inhash = INBOUND_HASH(sq->sp, sq->assoc->sadb_sa_spi); in sadb_form_query()
2529 sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA]; in sadb_delpair_state() local
2542 ps.sadb_sa_state = assoc->sadb_sa_state; in sadb_delpair_state()
2696 if (sq->assoc->sadb_sa_flags & IPSA_F_INBOUND) { in get_ipsa_pair()
2698 sq->assoc->sadb_sa_spi, sq->srcaddr, sq->dstaddr, sq->af); in get_ipsa_pair()
2705 sq->assoc->sadb_sa_spi, sq->srcaddr, sq->dstaddr, in get_ipsa_pair()
2714 sq->assoc->sadb_sa_spi, sq->srcaddr, sq->dstaddr, sq->af); in get_ipsa_pair()
2720 sq->assoc->sadb_sa_spi, sq->srcaddr, sq->dstaddr, in get_ipsa_pair()
2751 sq->assoc->sadb_sa_spi, sq->srcaddr, sq->dstaddr, sq->af); in get_ipsa_pair()
2913 sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA]; local
2966 if (assoc == NULL) {
2999 (assoc->sadb_sa_state != SADB_X_SASTATE_ACTIVE_ELSEWHERE)) {
3001 assoc->sadb_sa_spi, NULL);
3022 newbie = sadb_makelarvalassoc(assoc->sadb_sa_spi,
3110 ASSERT((assoc->sadb_sa_state == SADB_SASTATE_MATURE) ||
3111 (assoc->sadb_sa_state == SADB_X_SASTATE_ACTIVE_ELSEWHERE));
3112 newbie->ipsa_auth_alg = assoc->sadb_sa_auth;
3113 newbie->ipsa_encr_alg = assoc->sadb_sa_encrypt;
3115 newbie->ipsa_flags |= assoc->sadb_sa_flags;
3144 newbie->ipsa_replay_wsize = assoc->sadb_sa_replay;
3548 newbie->ipsa_state = assoc->sadb_sa_state;
3705 assoc->sadb_sa_flags = newbie->ipsa_flags;
3718 sadb_set_usetime(ipsa_t *assoc) argument
3722 mutex_enter(&assoc->ipsa_lock);
3723 assoc->ipsa_lastuse = snapshot;
3724 assoc->ipsa_idleexpiretime = snapshot + assoc->ipsa_idletime;
3730 if (assoc->ipsa_usetime == 0) {
3736 assoc->ipsa_flags |= IPSA_F_USED;
3737 assoc->ipsa_usetime = snapshot;
3743 UPDATE_EXPIRE(assoc, softuselt, softexpiretime);
3744 UPDATE_EXPIRE(assoc, harduselt, hardexpiretime);
3746 mutex_exit(&assoc->ipsa_lock);
3753 sadb_expire_assoc(queue_t *pfkey_q, ipsa_t *assoc) argument
3763 ASSERT(MUTEX_HELD(&assoc->ipsa_lock));
3780 af = assoc->ipsa_addrfam;
3796 tunnel_mode = (assoc->ipsa_flags & IPSA_F_TUNNEL);
3799 switch (assoc->ipsa_innerfam) {
3832 samsg->sadb_msg_satype = assoc->ipsa_type;
3842 saext->sadb_sa_spi = assoc->ipsa_spi;
3843 saext->sadb_sa_replay = assoc->ipsa_replay_wsize;
3844 saext->sadb_sa_state = assoc->ipsa_state;
3845 saext->sadb_sa_auth = assoc->ipsa_auth_alg;
3846 saext->sadb_sa_encrypt = assoc->ipsa_encr_alg;
3847 saext->sadb_sa_flags = assoc->ipsa_flags;
3855 current->sadb_lifetime_bytes = assoc->ipsa_bytes;
3856 current->sadb_lifetime_addtime = assoc->ipsa_addtime;
3857 current->sadb_lifetime_usetime = assoc->ipsa_usetime;
3863 if (assoc->ipsa_state == IPSA_STATE_DEAD) {
3865 expire->sadb_lifetime_allocations = assoc->ipsa_hardalloc;
3866 expire->sadb_lifetime_bytes = assoc->ipsa_hardbyteslt;
3867 expire->sadb_lifetime_addtime = assoc->ipsa_hardaddlt;
3868 expire->sadb_lifetime_usetime = assoc->ipsa_harduselt;
3869 } else if (assoc->ipsa_state == IPSA_STATE_DYING) {
3871 expire->sadb_lifetime_allocations = assoc->ipsa_softalloc;
3872 expire->sadb_lifetime_bytes = assoc->ipsa_softbyteslt;
3873 expire->sadb_lifetime_addtime = assoc->ipsa_softaddlt;
3874 expire->sadb_lifetime_usetime = assoc->ipsa_softuselt;
3876 ASSERT(assoc->ipsa_state == IPSA_STATE_MATURE);
3880 expire->sadb_lifetime_addtime = assoc->ipsa_idleaddlt;
3881 expire->sadb_lifetime_usetime = assoc->ipsa_idleuselt;
3885 af, assoc->ipsa_srcaddr, tunnel_mode ? 0 : SA_SRCPORT(assoc),
3886 SA_PROTO(assoc), 0);
3890 af, assoc->ipsa_dstaddr, tunnel_mode ? 0 : SA_DSTPORT(assoc),
3891 SA_PROTO(assoc), 0);
3896 SADB_X_EXT_ADDRESS_INNER_SRC, assoc->ipsa_innerfam,
3897 assoc->ipsa_innersrc, SA_SRCPORT(assoc), SA_IPROTO(assoc),
3898 assoc->ipsa_innersrcpfx);
3901 SADB_X_EXT_ADDRESS_INNER_DST, assoc->ipsa_innerfam,
3902 assoc->ipsa_innerdst, SA_DSTPORT(assoc), SA_IPROTO(assoc),
3903 assoc->ipsa_innerdstpfx);
3907 mp->b_wptr = sadb_make_kmc_ext(mp->b_wptr, end, assoc->ipsa_kmp,
3908 assoc->ipsa_kmc);
3923 sadb_age_bytes(queue_t *pfkey_q, ipsa_t *assoc, uint64_t bytes, argument
3929 mutex_enter(&assoc->ipsa_lock);
3930 newtotal = assoc->ipsa_bytes + bytes;
3931 if (assoc->ipsa_hardbyteslt != 0 &&
3932 newtotal >= assoc->ipsa_hardbyteslt) {
3933 if (assoc->ipsa_state != IPSA_STATE_DEAD) {
3934 sadb_delete_cluster(assoc);
3940 assoc->ipsa_state = IPSA_STATE_DEAD;
3942 sadb_expire_assoc(pfkey_q, assoc);
3947 assoc->ipsa_hardexpiretime = (time_t)1;
3950 } else if (assoc->ipsa_softbyteslt != 0 &&
3951 (newtotal >= assoc->ipsa_softbyteslt)) {
3952 if (assoc->ipsa_state < IPSA_STATE_DYING) {
3957 assoc->ipsa_state = IPSA_STATE_DYING;
3958 assoc->ipsa_bytes = newtotal;
3960 sadb_expire_assoc(pfkey_q, assoc);
3964 assoc->ipsa_bytes = newtotal;
3965 mutex_exit(&assoc->ipsa_lock);
4000 sadb_idle_activities(ipsa_t *assoc, time_t delta, boolean_t inbound) argument
4002 ipsecesp_stack_t *espstack = assoc->ipsa_netstack->netstack_ipsecesp;
4005 ASSERT(MUTEX_HELD(&assoc->ipsa_lock));
4007 if (!inbound && (assoc->ipsa_flags & IPSA_F_NATT_LOC) &&
4009 gethrestime_sec() - assoc->ipsa_last_nat_t_ka >= nat_t_interval) {
4010 ASSERT(assoc->ipsa_type == SADB_SATYPE_ESP);
4011 assoc->ipsa_last_nat_t_ka = gethrestime_sec();
4012 mutex_exit(&assoc->ipsa_lock);
4013 ipsecesp_send_keepalive(assoc);
4024 sadb_age_assoc(isaf_t *head, queue_t *pfkey_q, ipsa_t *assoc, argument
4032 mutex_enter(&assoc->ipsa_lock);
4034 if (((assoc->ipsa_state == IPSA_STATE_LARVAL) ||
4035 ((assoc->ipsa_state == IPSA_STATE_IDLE) ||
4036 (assoc->ipsa_state == IPSA_STATE_ACTIVE_ELSEWHERE) &&
4037 (assoc->ipsa_hardexpiretime != 0))) &&
4038 (assoc->ipsa_hardexpiretime <= current)) {
4039 assoc->ipsa_state = IPSA_STATE_DEAD;
4040 return (sadb_torch_assoc(head, assoc));
4051 if (assoc->ipsa_hardexpiretime != 0 &&
4052 assoc->ipsa_hardexpiretime <= current) {
4053 if (assoc->ipsa_state == IPSA_STATE_DEAD)
4054 return (sadb_torch_assoc(head, assoc));
4057 sadb_delete_cluster(assoc);
4063 assoc->ipsa_state = IPSA_STATE_DEAD;
4064 if (assoc->ipsa_haspeer || assoc->ipsa_otherspi != 0) {
4075 IPSA_REFHOLD(assoc);
4076 retval = assoc;
4078 sadb_expire_assoc(pfkey_q, assoc);
4079 assoc->ipsa_hardexpiretime = current + reap_delay;
4080 } else if (assoc->ipsa_softexpiretime != 0 &&
4081 assoc->ipsa_softexpiretime <= current &&
4082 assoc->ipsa_state < IPSA_STATE_DYING) {
4087 assoc->ipsa_state = IPSA_STATE_DYING;
4088 if (assoc->ipsa_haspeer) {
4101 IPSA_REFHOLD(assoc);
4102 retval = assoc;
4104 sadb_expire_assoc(pfkey_q, assoc);
4105 } else if (assoc->ipsa_idletime != 0 &&
4106 assoc->ipsa_idleexpiretime <= current) {
4107 if (assoc->ipsa_state == IPSA_STATE_ACTIVE_ELSEWHERE) {
4108 assoc->ipsa_state = IPSA_STATE_IDLE;
4114 if (assoc->ipsa_state == IPSA_STATE_MATURE) {
4115 sadb_expire_assoc(pfkey_q, assoc);
4119 dropped_mutex = sadb_idle_activities(assoc,
4120 current - assoc->ipsa_lastuse, inbound);
4124 mutex_exit(&assoc->ipsa_lock);
4141 ipsa_t *assoc, *spare; local
4174 for (assoc = bucket->isaf_ipsa; assoc != NULL;
4175 assoc = spare) {
4176 spare = assoc->ipsa_next;
4177 if (sadb_age_assoc(bucket, pfkey_q, assoc, current,
4193 IPSA_REFRELE(assoc);
4197 newbie->ipsa = assoc;
4211 for (assoc = bucket->isaf_ipsa; assoc != NULL;
4212 assoc = spare) {
4213 spare = assoc->ipsa_next;
4214 if (sadb_age_assoc(bucket, pfkey_q, assoc, current,
4226 IPSA_REFRELE(assoc);
4230 newbie->ipsa = assoc;
4298 sadb_update_lifetimes(ipsa_t *assoc, sadb_lifetime_t *hard, argument
4301 mutex_enter(&assoc->ipsa_lock);
4311 assoc->ipsa_hardbyteslt = hard->sadb_lifetime_bytes;
4313 assoc->ipsa_harduselt = hard->sadb_lifetime_usetime;
4315 assoc->ipsa_hardaddlt = hard->sadb_lifetime_addtime;
4316 if (assoc->ipsa_hardaddlt != 0) {
4317 assoc->ipsa_hardexpiretime =
4318 assoc->ipsa_addtime + assoc->ipsa_hardaddlt;
4320 if (assoc->ipsa_harduselt != 0 &&
4321 assoc->ipsa_flags & IPSA_F_USED) {
4322 UPDATE_EXPIRE(assoc, harduselt, hardexpiretime);
4325 assoc->ipsa_hardalloc = hard->sadb_lifetime_allocations;
4331 assoc->ipsa_hardbyteslt) {
4332 assoc->ipsa_softbyteslt =
4333 assoc->ipsa_hardbyteslt;
4335 assoc->ipsa_softbyteslt =
4341 assoc->ipsa_harduselt) {
4342 assoc->ipsa_softuselt =
4343 assoc->ipsa_harduselt;
4345 assoc->ipsa_softuselt =
4351 assoc->ipsa_hardexpiretime) {
4352 assoc->ipsa_softexpiretime =
4353 assoc->ipsa_hardexpiretime;
4355 assoc->ipsa_softaddlt =
4359 if (assoc->ipsa_softaddlt != 0) {
4360 assoc->ipsa_softexpiretime =
4361 assoc->ipsa_addtime + assoc->ipsa_softaddlt;
4363 if (assoc->ipsa_softuselt != 0 &&
4364 assoc->ipsa_flags & IPSA_F_USED) {
4365 UPDATE_EXPIRE(assoc, softuselt, softexpiretime);
4367 if (outbound && assoc->ipsa_softexpiretime != 0) {
4368 if (assoc->ipsa_state == IPSA_STATE_MATURE)
4369 lifetime_fuzz(assoc);
4373 assoc->ipsa_softalloc = soft->sadb_lifetime_allocations;
4378 if ((assoc->ipsa_idleexpiretime <= current) &&
4379 (assoc->ipsa_idleaddlt == idle->sadb_lifetime_addtime)) {
4380 assoc->ipsa_idleexpiretime =
4381 current + assoc->ipsa_idleaddlt;
4384 assoc->ipsa_idleaddlt = idle->sadb_lifetime_addtime;
4386 assoc->ipsa_idleuselt = idle->sadb_lifetime_usetime;
4387 if (assoc->ipsa_idleaddlt != 0) {
4388 assoc->ipsa_idleexpiretime =
4390 assoc->ipsa_idletime = idle->sadb_lifetime_addtime;
4392 if (assoc->ipsa_idleuselt != 0) {
4393 if (assoc->ipsa_idletime != 0) {
4394 assoc->ipsa_idletime = min(assoc->ipsa_idletime,
4395 assoc->ipsa_idleuselt);
4396 assoc->ipsa_idleexpiretime =
4397 current + assoc->ipsa_idletime;
4399 assoc->ipsa_idleexpiretime =
4400 current + assoc->ipsa_idleuselt;
4401 assoc->ipsa_idletime = assoc->ipsa_idleuselt;
4405 mutex_exit(&assoc->ipsa_lock);
4409 sadb_update_state(ipsa_t *assoc, uint_t new_state, mblk_t **ipkt_lst) argument
4414 mutex_enter(&assoc->ipsa_lock);
4418 if (assoc->ipsa_state == SADB_X_SASTATE_IDLE) {
4419 assoc->ipsa_state = IPSA_STATE_ACTIVE_ELSEWHERE;
4420 assoc->ipsa_idleexpiretime =
4421 current + assoc->ipsa_idletime;
4425 if (assoc->ipsa_state == SADB_X_SASTATE_ACTIVE_ELSEWHERE) {
4426 assoc->ipsa_state = IPSA_STATE_IDLE;
4427 assoc->ipsa_idleexpiretime =
4428 current + assoc->ipsa_idletime;
4435 if (assoc->ipsa_state != SADB_X_SASTATE_IDLE) {
4439 assoc->ipsa_state = IPSA_STATE_MATURE;
4440 assoc->ipsa_idleexpiretime = current + assoc->ipsa_idletime;
4446 if (assoc->ipsa_bpkt_head != NULL) {
4447 *ipkt_lst = assoc->ipsa_bpkt_head;
4448 assoc->ipsa_bpkt_head = assoc->ipsa_bpkt_tail = NULL;
4449 assoc->ipsa_mblkcnt = 0;
4459 mutex_exit(&assoc->ipsa_lock);
4574 if (sq.assoc->sadb_sa_state == SADB_X_SASTATE_ACTIVE_ELSEWHERE) {
4578 sq.assoc->sadb_sa_state, NULL)) != 0) {
4586 sq.assoc->sadb_sa_state, NULL)) != 0) {
4592 if (sq.assoc->sadb_sa_state == SADB_X_SASTATE_ACTIVE) {
4595 sq.assoc->sadb_sa_state,
4605 sq.assoc->sadb_sa_state,
4625 if (!((sq.assoc->sadb_sa_state == SADB_SASTATE_MATURE) ||
4626 (sq.assoc->sadb_sa_state == SADB_X_SASTATE_ACTIVE_ELSEWHERE))) {
4631 if (sq.assoc->sadb_sa_flags & ~spp->s_updateflags) {
4739 sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA]; local
4748 assoc->sadb_sa_spi) {
4813 oipsapp.ipsap_psa_ptr->ipsa_otherspi = assoc->sadb_sa_spi;
6480 sadb_replay_delete(ipsa_t *assoc) argument
6482 mutex_enter(&assoc->ipsa_lock);
6483 assoc->ipsa_hardexpiretime = (time_t)1;
6484 mutex_exit(&assoc->ipsa_lock);
7604 sadb_whack_label_v4(mblk_t *mp, ipsa_t *assoc, kstat_named_t *counter, argument
7611 uint8_t *opt_storage = assoc->ipsa_opt_storage;
7659 delta = tsol_prepend_option(assoc->ipsa_opt_storage, ipha, MBLKL(mp));
7684 sadb_whack_label_v6(mblk_t *mp, ipsa_t *assoc, kstat_named_t *counter, argument
7691 uint8_t *opt_storage = assoc->ipsa_opt_storage;
7748 delta = tsol_prepend_option_v6(assoc->ipsa_opt_storage,
7775 sadb_whack_label(mblk_t *mp, ipsa_t *assoc, ip_xmit_attr_t *ixa, argument
7786 mp = sadb_whack_label_v4(mp, assoc, counter, dropper);
7798 mp = sadb_whack_label_v6(mp, assoc, counter, dropper);
7821 lifetime_fuzz(ipsa_t *assoc) argument
7825 if (assoc->ipsa_softaddlt == 0)
7830 assoc->ipsa_softexpiretime -= rnd;
7831 assoc->ipsa_softaddlt -= rnd;
7983 update_iv(uint8_t *iv_ptr, queue_t *pfkey_q, ipsa_t *assoc, argument
7993 if (!(assoc->ipsa_flags & IPSA_F_COUNTERMODE)) {
7994 (void) random_get_pseudo_bytes(iv_ptr, assoc->ipsa_iv_len);
7998 mutex_enter(&assoc->ipsa_lock);
8000 (*assoc->ipsa_iv)++;
8002 if (*assoc->ipsa_iv == assoc->ipsa_iv_hardexpire) {
8005 } else if (*assoc->ipsa_iv == assoc->ipsa_iv_softexpire) {
8006 if (assoc->ipsa_state != IPSA_STATE_DYING) {
8022 assoc->ipsa_state = sa_new_state;
8023 if (assoc->ipsa_addrfam == AF_INET6) {
8028 inbound_bucket = INBOUND_BUCKET(sp, assoc->ipsa_otherspi);
8029 sadb_expire_assoc(pfkey_q, assoc);
8032 bcopy(assoc->ipsa_iv, iv_ptr, assoc->ipsa_iv_len);
8034 mutex_exit(&assoc->ipsa_lock);
8040 assoc->ipsa_otherspi, assoc->ipsa_dstaddr,
8041 assoc->ipsa_srcaddr, assoc->ipsa_addrfam);
8055 ccm_params_init(ipsa_t *assoc, uchar_t *esph, uint_t data_len, uchar_t *iv_ptr, argument
8065 params->ulMACSize = assoc->ipsa_mac_len;
8066 params->ulNonceSize = assoc->ipsa_nonce_len;
8072 cm_mech->combined_mech.cm_type = assoc->ipsa_emech.cm_type;
8076 bcopy(assoc->ipsa_nonce, nonce, assoc->ipsa_saltlen);
8077 nonce += assoc->ipsa_saltlen;
8078 bcopy(iv_ptr, nonce, assoc->ipsa_iv_len);
8084 cbc_params_init(ipsa_t *assoc, uchar_t *esph, uint_t data_len, uchar_t *iv_ptr, argument
8087 cm_mech->combined_mech.cm_type = assoc->ipsa_emech.cm_type;
8095 gcm_params_init(ipsa_t *assoc, uchar_t *esph, uint_t data_len, uchar_t *iv_ptr, argument
8107 params->ulIvLen = assoc->ipsa_nonce_len;
8108 params->ulIvBits = SADB_8TO1(assoc->ipsa_nonce_len);
8111 params->ulTagBits = SADB_8TO1(assoc->ipsa_mac_len);
8113 cm_mech->combined_mech.cm_type = assoc->ipsa_emech.cm_type;
8124 bcopy(assoc->ipsa_nonce, nonce, assoc->ipsa_saltlen);
8125 nonce += assoc->ipsa_saltlen;
8126 bcopy(iv_ptr, nonce, assoc->ipsa_iv_len);