xref: /freebsd/sys/netipsec/key.c (revision 3332f1b444d4a73238e9f59cca27bfc95fe936bd)
1 /*	$FreeBSD$	*/
2 /*	$KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $	*/
3 
4 /*-
5  * SPDX-License-Identifier: BSD-3-Clause
6  *
7  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
8  * All rights reserved.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of the project nor the names of its contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  */
34 
35 /*
36  * This code is referd to RFC 2367
37  */
38 
39 #include "opt_inet.h"
40 #include "opt_inet6.h"
41 #include "opt_ipsec.h"
42 
43 #include <sys/types.h>
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/kernel.h>
47 #include <sys/fnv_hash.h>
48 #include <sys/lock.h>
49 #include <sys/mutex.h>
50 #include <sys/mbuf.h>
51 #include <sys/domain.h>
52 #include <sys/protosw.h>
53 #include <sys/malloc.h>
54 #include <sys/rmlock.h>
55 #include <sys/socket.h>
56 #include <sys/socketvar.h>
57 #include <sys/sysctl.h>
58 #include <sys/errno.h>
59 #include <sys/proc.h>
60 #include <sys/queue.h>
61 #include <sys/refcount.h>
62 #include <sys/syslog.h>
63 
64 #include <vm/uma.h>
65 
66 #include <net/if.h>
67 #include <net/if_var.h>
68 #include <net/vnet.h>
69 #include <net/raw_cb.h>
70 
71 #include <netinet/in.h>
72 #include <netinet/in_systm.h>
73 #include <netinet/ip.h>
74 #include <netinet/in_var.h>
75 #include <netinet/udp.h>
76 
77 #ifdef INET6
78 #include <netinet/ip6.h>
79 #include <netinet6/in6_var.h>
80 #include <netinet6/ip6_var.h>
81 #endif /* INET6 */
82 
83 #include <net/pfkeyv2.h>
84 #include <netipsec/keydb.h>
85 #include <netipsec/key.h>
86 #include <netipsec/keysock.h>
87 #include <netipsec/key_debug.h>
88 
89 #include <netipsec/ipsec.h>
90 #ifdef INET6
91 #include <netipsec/ipsec6.h>
92 #endif
93 
94 #include <netipsec/xform.h>
95 #include <machine/in_cksum.h>
96 #include <machine/stdarg.h>
97 
98 /* randomness */
99 #include <sys/random.h>
100 
101 #define FULLMASK	0xff
102 #define	_BITS(bytes)	((bytes) << 3)
103 
104 #define	UINT32_80PCT	0xcccccccc
105 /*
106  * Note on SA reference counting:
107  * - SAs that are not in DEAD state will have (total external reference + 1)
108  *   following value in reference count field.  they cannot be freed and are
109  *   referenced from SA header.
110  * - SAs that are in DEAD state will have (total external reference)
111  *   in reference count field.  they are ready to be freed.  reference from
112  *   SA header will be removed in key_delsav(), when the reference count
113  *   field hits 0 (= no external reference other than from SA header.
114  */
115 
116 VNET_DEFINE(u_int32_t, key_debug_level) = 0;
117 VNET_DEFINE_STATIC(u_int, key_spi_trycnt) = 1000;
118 VNET_DEFINE_STATIC(u_int32_t, key_spi_minval) = 0x100;
119 VNET_DEFINE_STATIC(u_int32_t, key_spi_maxval) = 0x0fffffff;	/* XXX */
120 VNET_DEFINE_STATIC(u_int32_t, policy_id) = 0;
121 /*interval to initialize randseed,1(m)*/
122 VNET_DEFINE_STATIC(u_int, key_int_random) = 60;
123 /* interval to expire acquiring, 30(s)*/
124 VNET_DEFINE_STATIC(u_int, key_larval_lifetime) = 30;
125 /* counter for blocking SADB_ACQUIRE.*/
126 VNET_DEFINE_STATIC(int, key_blockacq_count) = 10;
127 /* lifetime for blocking SADB_ACQUIRE.*/
128 VNET_DEFINE_STATIC(int, key_blockacq_lifetime) = 20;
129 /* preferred old sa rather than new sa.*/
130 VNET_DEFINE_STATIC(int, key_preferred_oldsa) = 1;
131 #define	V_key_spi_trycnt	VNET(key_spi_trycnt)
132 #define	V_key_spi_minval	VNET(key_spi_minval)
133 #define	V_key_spi_maxval	VNET(key_spi_maxval)
134 #define	V_policy_id		VNET(policy_id)
135 #define	V_key_int_random	VNET(key_int_random)
136 #define	V_key_larval_lifetime	VNET(key_larval_lifetime)
137 #define	V_key_blockacq_count	VNET(key_blockacq_count)
138 #define	V_key_blockacq_lifetime	VNET(key_blockacq_lifetime)
139 #define	V_key_preferred_oldsa	VNET(key_preferred_oldsa)
140 
141 VNET_DEFINE_STATIC(u_int32_t, acq_seq) = 0;
142 #define	V_acq_seq		VNET(acq_seq)
143 
144 VNET_DEFINE_STATIC(uint32_t, sp_genid) = 0;
145 #define	V_sp_genid		VNET(sp_genid)
146 
147 /* SPD */
148 TAILQ_HEAD(secpolicy_queue, secpolicy);
149 LIST_HEAD(secpolicy_list, secpolicy);
150 VNET_DEFINE_STATIC(struct secpolicy_queue, sptree[IPSEC_DIR_MAX]);
151 VNET_DEFINE_STATIC(struct secpolicy_queue, sptree_ifnet[IPSEC_DIR_MAX]);
152 static struct rmlock sptree_lock;
153 #define	V_sptree		VNET(sptree)
154 #define	V_sptree_ifnet		VNET(sptree_ifnet)
155 #define	SPTREE_LOCK_INIT()      rm_init(&sptree_lock, "sptree")
156 #define	SPTREE_LOCK_DESTROY()   rm_destroy(&sptree_lock)
157 #define	SPTREE_RLOCK_TRACKER    struct rm_priotracker sptree_tracker
158 #define	SPTREE_RLOCK()          rm_rlock(&sptree_lock, &sptree_tracker)
159 #define	SPTREE_RUNLOCK()        rm_runlock(&sptree_lock, &sptree_tracker)
160 #define	SPTREE_RLOCK_ASSERT()   rm_assert(&sptree_lock, RA_RLOCKED)
161 #define	SPTREE_WLOCK()          rm_wlock(&sptree_lock)
162 #define	SPTREE_WUNLOCK()        rm_wunlock(&sptree_lock)
163 #define	SPTREE_WLOCK_ASSERT()   rm_assert(&sptree_lock, RA_WLOCKED)
164 #define	SPTREE_UNLOCK_ASSERT()  rm_assert(&sptree_lock, RA_UNLOCKED)
165 
166 /* Hash table for lookup SP using unique id */
167 VNET_DEFINE_STATIC(struct secpolicy_list *, sphashtbl);
168 VNET_DEFINE_STATIC(u_long, sphash_mask);
169 #define	V_sphashtbl		VNET(sphashtbl)
170 #define	V_sphash_mask		VNET(sphash_mask)
171 
172 #define	SPHASH_NHASH_LOG2	7
173 #define	SPHASH_NHASH		(1 << SPHASH_NHASH_LOG2)
174 #define	SPHASH_HASHVAL(id)	(key_u32hash(id) & V_sphash_mask)
175 #define	SPHASH_HASH(id)		&V_sphashtbl[SPHASH_HASHVAL(id)]
176 
177 /* SPD cache */
178 struct spdcache_entry {
179    struct secpolicyindex spidx;	/* secpolicyindex */
180    struct secpolicy *sp;	/* cached policy to be used */
181 
182    LIST_ENTRY(spdcache_entry) chain;
183 };
184 LIST_HEAD(spdcache_entry_list, spdcache_entry);
185 
186 #define	SPDCACHE_MAX_ENTRIES_PER_HASH	8
187 
188 VNET_DEFINE_STATIC(u_int, key_spdcache_maxentries) = 0;
189 #define	V_key_spdcache_maxentries	VNET(key_spdcache_maxentries)
190 VNET_DEFINE_STATIC(u_int, key_spdcache_threshold) = 32;
191 #define	V_key_spdcache_threshold	VNET(key_spdcache_threshold)
192 VNET_DEFINE_STATIC(unsigned long, spd_size) = 0;
193 #define	V_spd_size		VNET(spd_size)
194 
195 #define SPDCACHE_ENABLED()	(V_key_spdcache_maxentries != 0)
196 #define SPDCACHE_ACTIVE() \
197 	(SPDCACHE_ENABLED() && V_spd_size >= V_key_spdcache_threshold)
198 
199 VNET_DEFINE_STATIC(struct spdcache_entry_list *, spdcachehashtbl);
200 VNET_DEFINE_STATIC(u_long, spdcachehash_mask);
201 #define	V_spdcachehashtbl	VNET(spdcachehashtbl)
202 #define	V_spdcachehash_mask	VNET(spdcachehash_mask)
203 
204 #define	SPDCACHE_HASHVAL(idx) \
205 	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->ul_proto) &  \
206 	    V_spdcachehash_mask)
207 
208 /* Each cache line is protected by a mutex */
209 VNET_DEFINE_STATIC(struct mtx *, spdcache_lock);
210 #define	V_spdcache_lock		VNET(spdcache_lock)
211 
212 #define	SPDCACHE_LOCK_INIT(a) \
213 	mtx_init(&V_spdcache_lock[a], "spdcache", \
214 	    "fast ipsec SPD cache", MTX_DEF|MTX_DUPOK)
215 #define	SPDCACHE_LOCK_DESTROY(a)	mtx_destroy(&V_spdcache_lock[a])
216 #define	SPDCACHE_LOCK(a)		mtx_lock(&V_spdcache_lock[a]);
217 #define	SPDCACHE_UNLOCK(a)		mtx_unlock(&V_spdcache_lock[a]);
218 
219 static struct sx spi_alloc_lock;
220 #define	SPI_ALLOC_LOCK_INIT()		sx_init(&spi_alloc_lock, "spialloc")
221 #define	SPI_ALLOC_LOCK_DESTROY()	sx_destroy(&spi_alloc_lock)
222 #define	SPI_ALLOC_LOCK()          	sx_xlock(&spi_alloc_lock)
223 #define	SPI_ALLOC_UNLOCK()        	sx_unlock(&spi_alloc_lock)
224 #define	SPI_ALLOC_LOCK_ASSERT()   	sx_assert(&spi_alloc_lock, SA_XLOCKED)
225 
226 /* SAD */
227 TAILQ_HEAD(secashead_queue, secashead);
228 LIST_HEAD(secashead_list, secashead);
229 VNET_DEFINE_STATIC(struct secashead_queue, sahtree);
230 static struct rmlock sahtree_lock;
231 #define	V_sahtree		VNET(sahtree)
232 #define	SAHTREE_LOCK_INIT()	rm_init(&sahtree_lock, "sahtree")
233 #define	SAHTREE_LOCK_DESTROY()	rm_destroy(&sahtree_lock)
234 #define	SAHTREE_RLOCK_TRACKER	struct rm_priotracker sahtree_tracker
235 #define	SAHTREE_RLOCK()		rm_rlock(&sahtree_lock, &sahtree_tracker)
236 #define	SAHTREE_RUNLOCK()	rm_runlock(&sahtree_lock, &sahtree_tracker)
237 #define	SAHTREE_RLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_RLOCKED)
238 #define	SAHTREE_WLOCK()		rm_wlock(&sahtree_lock)
239 #define	SAHTREE_WUNLOCK()	rm_wunlock(&sahtree_lock)
240 #define	SAHTREE_WLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_WLOCKED)
241 #define	SAHTREE_UNLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_UNLOCKED)
242 
243 /* Hash table for lookup in SAD using SA addresses */
244 VNET_DEFINE_STATIC(struct secashead_list *, sahaddrhashtbl);
245 VNET_DEFINE_STATIC(u_long, sahaddrhash_mask);
246 #define	V_sahaddrhashtbl	VNET(sahaddrhashtbl)
247 #define	V_sahaddrhash_mask	VNET(sahaddrhash_mask)
248 
249 #define	SAHHASH_NHASH_LOG2	7
250 #define	SAHHASH_NHASH		(1 << SAHHASH_NHASH_LOG2)
251 #define	SAHADDRHASH_HASHVAL(idx)	\
252 	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->proto) & \
253 	    V_sahaddrhash_mask)
254 #define	SAHADDRHASH_HASH(saidx)		\
255     &V_sahaddrhashtbl[SAHADDRHASH_HASHVAL(saidx)]
256 
257 /* Hash table for lookup in SAD using SPI */
258 LIST_HEAD(secasvar_list, secasvar);
259 VNET_DEFINE_STATIC(struct secasvar_list *, savhashtbl);
260 VNET_DEFINE_STATIC(u_long, savhash_mask);
261 #define	V_savhashtbl		VNET(savhashtbl)
262 #define	V_savhash_mask		VNET(savhash_mask)
263 #define	SAVHASH_NHASH_LOG2	7
264 #define	SAVHASH_NHASH		(1 << SAVHASH_NHASH_LOG2)
265 #define	SAVHASH_HASHVAL(spi)	(key_u32hash(spi) & V_savhash_mask)
266 #define	SAVHASH_HASH(spi)	&V_savhashtbl[SAVHASH_HASHVAL(spi)]
267 
268 static uint32_t
269 key_addrprotohash(const union sockaddr_union *src,
270     const union sockaddr_union *dst, const uint8_t *proto)
271 {
272 	uint32_t hval;
273 
274 	hval = fnv_32_buf(proto, sizeof(*proto),
275 	    FNV1_32_INIT);
276 	switch (dst->sa.sa_family) {
277 #ifdef INET
278 	case AF_INET:
279 		hval = fnv_32_buf(&src->sin.sin_addr,
280 		    sizeof(in_addr_t), hval);
281 		hval = fnv_32_buf(&dst->sin.sin_addr,
282 		    sizeof(in_addr_t), hval);
283 		break;
284 #endif
285 #ifdef INET6
286 	case AF_INET6:
287 		hval = fnv_32_buf(&src->sin6.sin6_addr,
288 		    sizeof(struct in6_addr), hval);
289 		hval = fnv_32_buf(&dst->sin6.sin6_addr,
290 		    sizeof(struct in6_addr), hval);
291 		break;
292 #endif
293 	default:
294 		hval = 0;
295 		ipseclog((LOG_DEBUG, "%s: unknown address family %d\n",
296 		    __func__, dst->sa.sa_family));
297 	}
298 	return (hval);
299 }
300 
301 static uint32_t
302 key_u32hash(uint32_t val)
303 {
304 
305 	return (fnv_32_buf(&val, sizeof(val), FNV1_32_INIT));
306 }
307 
308 							/* registed list */
309 VNET_DEFINE_STATIC(LIST_HEAD(_regtree, secreg), regtree[SADB_SATYPE_MAX + 1]);
310 #define	V_regtree		VNET(regtree)
311 static struct mtx regtree_lock;
312 #define	REGTREE_LOCK_INIT() \
313 	mtx_init(&regtree_lock, "regtree", "fast ipsec regtree", MTX_DEF)
314 #define	REGTREE_LOCK_DESTROY()	mtx_destroy(&regtree_lock)
315 #define	REGTREE_LOCK()		mtx_lock(&regtree_lock)
316 #define	REGTREE_UNLOCK()	mtx_unlock(&regtree_lock)
317 #define	REGTREE_LOCK_ASSERT()	mtx_assert(&regtree_lock, MA_OWNED)
318 
319 /* Acquiring list */
320 LIST_HEAD(secacq_list, secacq);
321 VNET_DEFINE_STATIC(struct secacq_list, acqtree);
322 #define	V_acqtree		VNET(acqtree)
323 static struct mtx acq_lock;
324 #define	ACQ_LOCK_INIT() \
325     mtx_init(&acq_lock, "acqtree", "ipsec SA acquiring list", MTX_DEF)
326 #define	ACQ_LOCK_DESTROY()	mtx_destroy(&acq_lock)
327 #define	ACQ_LOCK()		mtx_lock(&acq_lock)
328 #define	ACQ_UNLOCK()		mtx_unlock(&acq_lock)
329 #define	ACQ_LOCK_ASSERT()	mtx_assert(&acq_lock, MA_OWNED)
330 
331 /* Hash table for lookup in ACQ list using SA addresses */
332 VNET_DEFINE_STATIC(struct secacq_list *, acqaddrhashtbl);
333 VNET_DEFINE_STATIC(u_long, acqaddrhash_mask);
334 #define	V_acqaddrhashtbl	VNET(acqaddrhashtbl)
335 #define	V_acqaddrhash_mask	VNET(acqaddrhash_mask)
336 
337 /* Hash table for lookup in ACQ list using SEQ number */
338 VNET_DEFINE_STATIC(struct secacq_list *, acqseqhashtbl);
339 VNET_DEFINE_STATIC(u_long, acqseqhash_mask);
340 #define	V_acqseqhashtbl		VNET(acqseqhashtbl)
341 #define	V_acqseqhash_mask	VNET(acqseqhash_mask)
342 
343 #define	ACQHASH_NHASH_LOG2	7
344 #define	ACQHASH_NHASH		(1 << ACQHASH_NHASH_LOG2)
345 #define	ACQADDRHASH_HASHVAL(idx)	\
346 	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->proto) & \
347 	    V_acqaddrhash_mask)
348 #define	ACQSEQHASH_HASHVAL(seq)		\
349     (key_u32hash(seq) & V_acqseqhash_mask)
350 #define	ACQADDRHASH_HASH(saidx)	\
351     &V_acqaddrhashtbl[ACQADDRHASH_HASHVAL(saidx)]
352 #define	ACQSEQHASH_HASH(seq)	\
353     &V_acqseqhashtbl[ACQSEQHASH_HASHVAL(seq)]
354 							/* SP acquiring list */
355 VNET_DEFINE_STATIC(LIST_HEAD(_spacqtree, secspacq), spacqtree);
356 #define	V_spacqtree		VNET(spacqtree)
357 static struct mtx spacq_lock;
358 #define	SPACQ_LOCK_INIT() \
359 	mtx_init(&spacq_lock, "spacqtree", \
360 		"fast ipsec security policy acquire list", MTX_DEF)
361 #define	SPACQ_LOCK_DESTROY()	mtx_destroy(&spacq_lock)
362 #define	SPACQ_LOCK()		mtx_lock(&spacq_lock)
363 #define	SPACQ_UNLOCK()		mtx_unlock(&spacq_lock)
364 #define	SPACQ_LOCK_ASSERT()	mtx_assert(&spacq_lock, MA_OWNED)
365 
366 static const int minsize[] = {
367 	sizeof(struct sadb_msg),	/* SADB_EXT_RESERVED */
368 	sizeof(struct sadb_sa),		/* SADB_EXT_SA */
369 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_CURRENT */
370 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_HARD */
371 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_SOFT */
372 	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_SRC */
373 	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_DST */
374 	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_PROXY */
375 	sizeof(struct sadb_key),	/* SADB_EXT_KEY_AUTH */
376 	sizeof(struct sadb_key),	/* SADB_EXT_KEY_ENCRYPT */
377 	sizeof(struct sadb_ident),	/* SADB_EXT_IDENTITY_SRC */
378 	sizeof(struct sadb_ident),	/* SADB_EXT_IDENTITY_DST */
379 	sizeof(struct sadb_sens),	/* SADB_EXT_SENSITIVITY */
380 	sizeof(struct sadb_prop),	/* SADB_EXT_PROPOSAL */
381 	sizeof(struct sadb_supported),	/* SADB_EXT_SUPPORTED_AUTH */
382 	sizeof(struct sadb_supported),	/* SADB_EXT_SUPPORTED_ENCRYPT */
383 	sizeof(struct sadb_spirange),	/* SADB_EXT_SPIRANGE */
384 	0,				/* SADB_X_EXT_KMPRIVATE */
385 	sizeof(struct sadb_x_policy),	/* SADB_X_EXT_POLICY */
386 	sizeof(struct sadb_x_sa2),	/* SADB_X_SA2 */
387 	sizeof(struct sadb_x_nat_t_type),/* SADB_X_EXT_NAT_T_TYPE */
388 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */
389 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */
390 	sizeof(struct sadb_address),	/* SADB_X_EXT_NAT_T_OAI */
391 	sizeof(struct sadb_address),	/* SADB_X_EXT_NAT_T_OAR */
392 	sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
393 	sizeof(struct sadb_x_sa_replay), /* SADB_X_EXT_SA_REPLAY */
394 	sizeof(struct sadb_address),	/* SADB_X_EXT_NEW_ADDRESS_SRC */
395 	sizeof(struct sadb_address),	/* SADB_X_EXT_NEW_ADDRESS_DST */
396 };
397 _Static_assert(sizeof(minsize)/sizeof(int) == SADB_EXT_MAX + 1, "minsize size mismatch");
398 
399 static const int maxsize[] = {
400 	sizeof(struct sadb_msg),	/* SADB_EXT_RESERVED */
401 	sizeof(struct sadb_sa),		/* SADB_EXT_SA */
402 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_CURRENT */
403 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_HARD */
404 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_SOFT */
405 	0,				/* SADB_EXT_ADDRESS_SRC */
406 	0,				/* SADB_EXT_ADDRESS_DST */
407 	0,				/* SADB_EXT_ADDRESS_PROXY */
408 	0,				/* SADB_EXT_KEY_AUTH */
409 	0,				/* SADB_EXT_KEY_ENCRYPT */
410 	0,				/* SADB_EXT_IDENTITY_SRC */
411 	0,				/* SADB_EXT_IDENTITY_DST */
412 	0,				/* SADB_EXT_SENSITIVITY */
413 	0,				/* SADB_EXT_PROPOSAL */
414 	0,				/* SADB_EXT_SUPPORTED_AUTH */
415 	0,				/* SADB_EXT_SUPPORTED_ENCRYPT */
416 	sizeof(struct sadb_spirange),	/* SADB_EXT_SPIRANGE */
417 	0,				/* SADB_X_EXT_KMPRIVATE */
418 	0,				/* SADB_X_EXT_POLICY */
419 	sizeof(struct sadb_x_sa2),	/* SADB_X_SA2 */
420 	sizeof(struct sadb_x_nat_t_type),/* SADB_X_EXT_NAT_T_TYPE */
421 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */
422 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */
423 	0,				/* SADB_X_EXT_NAT_T_OAI */
424 	0,				/* SADB_X_EXT_NAT_T_OAR */
425 	sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
426 	sizeof(struct sadb_x_sa_replay), /* SADB_X_EXT_SA_REPLAY */
427 	0,				/* SADB_X_EXT_NEW_ADDRESS_SRC */
428 	0,				/* SADB_X_EXT_NEW_ADDRESS_DST */
429 };
430 _Static_assert(sizeof(maxsize)/sizeof(int) == SADB_EXT_MAX + 1, "minsize size mismatch");
431 
432 /*
433  * Internal values for SA flags:
434  * SADB_X_EXT_F_CLONED means that SA was cloned by key_updateaddresses,
435  *	thus we will not free the most of SA content in key_delsav().
436  */
437 #define	SADB_X_EXT_F_CLONED	0x80000000
438 
439 #define	SADB_CHECKLEN(_mhp, _ext)			\
440     ((_mhp)->extlen[(_ext)] < minsize[(_ext)] || (maxsize[(_ext)] != 0 && \
441 	((_mhp)->extlen[(_ext)] > maxsize[(_ext)])))
442 #define	SADB_CHECKHDR(_mhp, _ext)	((_mhp)->ext[(_ext)] == NULL)
443 
444 VNET_DEFINE_STATIC(int, ipsec_esp_keymin) = 256;
445 VNET_DEFINE_STATIC(int, ipsec_esp_auth) = 0;
446 VNET_DEFINE_STATIC(int, ipsec_ah_keymin) = 128;
447 
448 #define	V_ipsec_esp_keymin	VNET(ipsec_esp_keymin)
449 #define	V_ipsec_esp_auth	VNET(ipsec_esp_auth)
450 #define	V_ipsec_ah_keymin	VNET(ipsec_ah_keymin)
451 
452 #ifdef IPSEC_DEBUG
453 VNET_DEFINE(int, ipsec_debug) = 1;
454 #else
455 VNET_DEFINE(int, ipsec_debug) = 0;
456 #endif
457 
458 #ifdef INET
459 SYSCTL_DECL(_net_inet_ipsec);
460 SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEBUG, debug,
461     CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0,
462     "Enable IPsec debugging output when set.");
463 #endif
464 #ifdef INET6
465 SYSCTL_DECL(_net_inet6_ipsec6);
466 SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_DEBUG, debug,
467     CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0,
468     "Enable IPsec debugging output when set.");
469 #endif
470 
471 SYSCTL_DECL(_net_key);
472 SYSCTL_INT(_net_key, KEYCTL_DEBUG_LEVEL,	debug,
473 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_debug_level), 0, "");
474 
475 /* max count of trial for the decision of spi value */
476 SYSCTL_INT(_net_key, KEYCTL_SPI_TRY, spi_trycnt,
477 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_trycnt), 0, "");
478 
479 /* minimum spi value to allocate automatically. */
480 SYSCTL_INT(_net_key, KEYCTL_SPI_MIN_VALUE, spi_minval,
481 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_minval), 0, "");
482 
483 /* maximun spi value to allocate automatically. */
484 SYSCTL_INT(_net_key, KEYCTL_SPI_MAX_VALUE, spi_maxval,
485 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_maxval), 0, "");
486 
487 /* interval to initialize randseed */
488 SYSCTL_INT(_net_key, KEYCTL_RANDOM_INT, int_random,
489 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_int_random), 0, "");
490 
491 /* lifetime for larval SA */
492 SYSCTL_INT(_net_key, KEYCTL_LARVAL_LIFETIME, larval_lifetime,
493 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_larval_lifetime), 0, "");
494 
495 /* counter for blocking to send SADB_ACQUIRE to IKEd */
496 SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_COUNT, blockacq_count,
497 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_count), 0, "");
498 
499 /* lifetime for blocking to send SADB_ACQUIRE to IKEd */
500 SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_LIFETIME, blockacq_lifetime,
501 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_lifetime), 0, "");
502 
503 /* ESP auth */
504 SYSCTL_INT(_net_key, KEYCTL_ESP_AUTH, esp_auth,
505 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_auth), 0, "");
506 
507 /* minimum ESP key length */
508 SYSCTL_INT(_net_key, KEYCTL_ESP_KEYMIN, esp_keymin,
509 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_keymin), 0, "");
510 
511 /* minimum AH key length */
512 SYSCTL_INT(_net_key, KEYCTL_AH_KEYMIN, ah_keymin,
513 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_ah_keymin), 0, "");
514 
515 /* perfered old SA rather than new SA */
516 SYSCTL_INT(_net_key, KEYCTL_PREFERED_OLDSA, preferred_oldsa,
517 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_preferred_oldsa), 0, "");
518 
519 static SYSCTL_NODE(_net_key, OID_AUTO, spdcache,
520     CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
521     "SPD cache");
522 
523 SYSCTL_UINT(_net_key_spdcache, OID_AUTO, maxentries,
524 	CTLFLAG_VNET | CTLFLAG_RDTUN, &VNET_NAME(key_spdcache_maxentries), 0,
525 	"Maximum number of entries in the SPD cache"
526 	" (power of 2, 0 to disable)");
527 
528 SYSCTL_UINT(_net_key_spdcache, OID_AUTO, threshold,
529 	CTLFLAG_VNET | CTLFLAG_RDTUN, &VNET_NAME(key_spdcache_threshold), 0,
530 	"Number of SPs that make the SPD cache active");
531 
532 #define __LIST_CHAINED(elm) \
533 	(!((elm)->chain.le_next == NULL && (elm)->chain.le_prev == NULL))
534 
535 MALLOC_DEFINE(M_IPSEC_SA, "secasvar", "ipsec security association");
536 MALLOC_DEFINE(M_IPSEC_SAH, "sahead", "ipsec sa head");
537 MALLOC_DEFINE(M_IPSEC_SP, "ipsecpolicy", "ipsec security policy");
538 MALLOC_DEFINE(M_IPSEC_SR, "ipsecrequest", "ipsec security request");
539 MALLOC_DEFINE(M_IPSEC_MISC, "ipsec-misc", "ipsec miscellaneous");
540 MALLOC_DEFINE(M_IPSEC_SAQ, "ipsec-saq", "ipsec sa acquire");
541 MALLOC_DEFINE(M_IPSEC_SAR, "ipsec-reg", "ipsec sa acquire");
542 MALLOC_DEFINE(M_IPSEC_SPDCACHE, "ipsec-spdcache", "ipsec SPD cache");
543 
544 static uma_zone_t __read_mostly ipsec_key_lft_zone;
545 
546 /*
547  * set parameters into secpolicyindex buffer.
548  * Must allocate secpolicyindex buffer passed to this function.
549  */
550 #define KEY_SETSECSPIDX(_dir, s, d, ps, pd, ulp, idx) \
551 do { \
552 	bzero((idx), sizeof(struct secpolicyindex));                         \
553 	(idx)->dir = (_dir);                                                 \
554 	(idx)->prefs = (ps);                                                 \
555 	(idx)->prefd = (pd);                                                 \
556 	(idx)->ul_proto = (ulp);                                             \
557 	bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len);     \
558 	bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len);     \
559 } while (0)
560 
561 /*
562  * set parameters into secasindex buffer.
563  * Must allocate secasindex buffer before calling this function.
564  */
565 #define KEY_SETSECASIDX(p, m, r, s, d, idx) \
566 do { \
567 	bzero((idx), sizeof(struct secasindex));                             \
568 	(idx)->proto = (p);                                                  \
569 	(idx)->mode = (m);                                                   \
570 	(idx)->reqid = (r);                                                  \
571 	bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len);     \
572 	bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len);     \
573 	key_porttosaddr(&(idx)->src.sa, 0);				     \
574 	key_porttosaddr(&(idx)->dst.sa, 0);				     \
575 } while (0)
576 
577 /* key statistics */
578 struct _keystat {
579 	u_long getspi_count; /* the avarage of count to try to get new SPI */
580 } keystat;
581 
582 struct sadb_msghdr {
583 	struct sadb_msg *msg;
584 	struct sadb_ext *ext[SADB_EXT_MAX + 1];
585 	int extoff[SADB_EXT_MAX + 1];
586 	int extlen[SADB_EXT_MAX + 1];
587 };
588 
589 static struct supported_ealgs {
590 	int sadb_alg;
591 	const struct enc_xform *xform;
592 } supported_ealgs[] = {
593 	{ SADB_X_EALG_AES,		&enc_xform_rijndael128 },
594 	{ SADB_EALG_NULL,		&enc_xform_null },
595 	{ SADB_X_EALG_AESCTR,		&enc_xform_aes_icm },
596 	{ SADB_X_EALG_AESGCM16,		&enc_xform_aes_nist_gcm },
597 	{ SADB_X_EALG_AESGMAC,		&enc_xform_aes_nist_gmac },
598 };
599 
600 static struct supported_aalgs {
601 	int sadb_alg;
602 	const struct auth_hash *xform;
603 } supported_aalgs[] = {
604 	{ SADB_X_AALG_NULL,		&auth_hash_null },
605 	{ SADB_AALG_SHA1HMAC,		&auth_hash_hmac_sha1 },
606 	{ SADB_X_AALG_SHA2_256,		&auth_hash_hmac_sha2_256 },
607 	{ SADB_X_AALG_SHA2_384,		&auth_hash_hmac_sha2_384 },
608 	{ SADB_X_AALG_SHA2_512,		&auth_hash_hmac_sha2_512 },
609 	{ SADB_X_AALG_AES128GMAC,	&auth_hash_nist_gmac_aes_128 },
610 	{ SADB_X_AALG_AES192GMAC,	&auth_hash_nist_gmac_aes_192 },
611 	{ SADB_X_AALG_AES256GMAC,	&auth_hash_nist_gmac_aes_256 },
612 };
613 
614 static struct supported_calgs {
615 	int sadb_alg;
616 	const struct comp_algo *xform;
617 } supported_calgs[] = {
618 	{ SADB_X_CALG_DEFLATE,		&comp_algo_deflate },
619 };
620 
621 #ifndef IPSEC_DEBUG2
622 static struct callout key_timer;
623 #endif
624 
625 static void key_unlink(struct secpolicy *);
626 static void key_detach(struct secpolicy *);
627 static struct secpolicy *key_do_allocsp(struct secpolicyindex *spidx, u_int dir);
628 static struct secpolicy *key_getsp(struct secpolicyindex *);
629 static struct secpolicy *key_getspbyid(u_int32_t);
630 static struct mbuf *key_gather_mbuf(struct mbuf *,
631 	const struct sadb_msghdr *, int, int, ...);
632 static int key_spdadd(struct socket *, struct mbuf *,
633 	const struct sadb_msghdr *);
634 static uint32_t key_getnewspid(void);
635 static int key_spddelete(struct socket *, struct mbuf *,
636 	const struct sadb_msghdr *);
637 static int key_spddelete2(struct socket *, struct mbuf *,
638 	const struct sadb_msghdr *);
639 static int key_spdget(struct socket *, struct mbuf *,
640 	const struct sadb_msghdr *);
641 static int key_spdflush(struct socket *, struct mbuf *,
642 	const struct sadb_msghdr *);
643 static int key_spddump(struct socket *, struct mbuf *,
644 	const struct sadb_msghdr *);
645 static struct mbuf *key_setdumpsp(struct secpolicy *,
646 	u_int8_t, u_int32_t, u_int32_t);
647 static struct mbuf *key_sp2mbuf(struct secpolicy *);
648 static size_t key_getspreqmsglen(struct secpolicy *);
649 static int key_spdexpire(struct secpolicy *);
650 static struct secashead *key_newsah(struct secasindex *);
651 static void key_freesah(struct secashead **);
652 static void key_delsah(struct secashead *);
653 static struct secasvar *key_newsav(const struct sadb_msghdr *,
654     struct secasindex *, uint32_t, int *);
655 static void key_delsav(struct secasvar *);
656 static void key_unlinksav(struct secasvar *);
657 static struct secashead *key_getsah(struct secasindex *);
658 static int key_checkspidup(uint32_t);
659 static struct secasvar *key_getsavbyspi(uint32_t);
660 static int key_setnatt(struct secasvar *, const struct sadb_msghdr *);
661 static int key_setsaval(struct secasvar *, const struct sadb_msghdr *);
662 static int key_updatelifetimes(struct secasvar *, const struct sadb_msghdr *);
663 static int key_updateaddresses(struct socket *, struct mbuf *,
664     const struct sadb_msghdr *, struct secasvar *, struct secasindex *);
665 
666 static struct mbuf *key_setdumpsa(struct secasvar *, u_int8_t,
667 	u_int8_t, u_int32_t, u_int32_t);
668 static struct mbuf *key_setsadbmsg(u_int8_t, u_int16_t, u_int8_t,
669 	u_int32_t, pid_t, u_int16_t);
670 static struct mbuf *key_setsadbsa(struct secasvar *);
671 static struct mbuf *key_setsadbaddr(u_int16_t,
672 	const struct sockaddr *, u_int8_t, u_int16_t);
673 static struct mbuf *key_setsadbxport(u_int16_t, u_int16_t);
674 static struct mbuf *key_setsadbxtype(u_int16_t);
675 static struct mbuf *key_setsadbxsa2(u_int8_t, u_int32_t, u_int32_t);
676 static struct mbuf *key_setsadbxsareplay(u_int32_t);
677 static struct mbuf *key_setsadbxpolicy(u_int16_t, u_int8_t,
678 	u_int32_t, u_int32_t);
679 static struct seckey *key_dup_keymsg(const struct sadb_key *, size_t,
680     struct malloc_type *);
681 static struct seclifetime *key_dup_lifemsg(const struct sadb_lifetime *src,
682     struct malloc_type *);
683 
684 /* flags for key_cmpsaidx() */
685 #define CMP_HEAD	1	/* protocol, addresses. */
686 #define CMP_MODE_REQID	2	/* additionally HEAD, reqid, mode. */
687 #define CMP_REQID	3	/* additionally HEAD, reaid. */
688 #define CMP_EXACTLY	4	/* all elements. */
689 static int key_cmpsaidx(const struct secasindex *,
690     const struct secasindex *, int);
691 static int key_cmpspidx_exactly(struct secpolicyindex *,
692     struct secpolicyindex *);
693 static int key_cmpspidx_withmask(struct secpolicyindex *,
694     struct secpolicyindex *);
695 static int key_bbcmp(const void *, const void *, u_int);
696 static uint8_t key_satype2proto(uint8_t);
697 static uint8_t key_proto2satype(uint8_t);
698 
699 static int key_getspi(struct socket *, struct mbuf *,
700 	const struct sadb_msghdr *);
701 static uint32_t key_do_getnewspi(struct sadb_spirange *, struct secasindex *);
702 static int key_update(struct socket *, struct mbuf *,
703 	const struct sadb_msghdr *);
704 static int key_add(struct socket *, struct mbuf *,
705 	const struct sadb_msghdr *);
706 static int key_setident(struct secashead *, const struct sadb_msghdr *);
707 static struct mbuf *key_getmsgbuf_x1(struct mbuf *,
708 	const struct sadb_msghdr *);
709 static int key_delete(struct socket *, struct mbuf *,
710 	const struct sadb_msghdr *);
711 static int key_delete_all(struct socket *, struct mbuf *,
712 	const struct sadb_msghdr *, struct secasindex *);
713 static int key_get(struct socket *, struct mbuf *,
714 	const struct sadb_msghdr *);
715 
716 static void key_getcomb_setlifetime(struct sadb_comb *);
717 static struct mbuf *key_getcomb_ealg(void);
718 static struct mbuf *key_getcomb_ah(void);
719 static struct mbuf *key_getcomb_ipcomp(void);
720 static struct mbuf *key_getprop(const struct secasindex *);
721 
722 static int key_acquire(const struct secasindex *, struct secpolicy *);
723 static uint32_t key_newacq(const struct secasindex *, int *);
724 static uint32_t key_getacq(const struct secasindex *, int *);
725 static int key_acqdone(const struct secasindex *, uint32_t);
726 static int key_acqreset(uint32_t);
727 static struct secspacq *key_newspacq(struct secpolicyindex *);
728 static struct secspacq *key_getspacq(struct secpolicyindex *);
729 static int key_acquire2(struct socket *, struct mbuf *,
730 	const struct sadb_msghdr *);
731 static int key_register(struct socket *, struct mbuf *,
732 	const struct sadb_msghdr *);
733 static int key_expire(struct secasvar *, int);
734 static int key_flush(struct socket *, struct mbuf *,
735 	const struct sadb_msghdr *);
736 static int key_dump(struct socket *, struct mbuf *,
737 	const struct sadb_msghdr *);
738 static int key_promisc(struct socket *, struct mbuf *,
739 	const struct sadb_msghdr *);
740 static int key_senderror(struct socket *, struct mbuf *, int);
741 static int key_validate_ext(const struct sadb_ext *, int);
742 static int key_align(struct mbuf *, struct sadb_msghdr *);
743 static struct mbuf *key_setlifetime(struct seclifetime *, uint16_t);
744 static struct mbuf *key_setkey(struct seckey *, uint16_t);
745 
746 static void spdcache_init(void);
747 static void spdcache_clear(void);
748 static struct spdcache_entry *spdcache_entry_alloc(
749 	const struct secpolicyindex *spidx,
750 	struct secpolicy *policy);
751 static void spdcache_entry_free(struct spdcache_entry *entry);
752 #ifdef VIMAGE
753 static void spdcache_destroy(void);
754 #endif
755 
756 #define	DBG_IPSEC_INITREF(t, p)	do {				\
757 	refcount_init(&(p)->refcnt, 1);				\
758 	KEYDBG(KEY_STAMP,					\
759 	    printf("%s: Initialize refcnt %s(%p) = %u\n",	\
760 	    __func__, #t, (p), (p)->refcnt));			\
761 } while (0)
762 #define	DBG_IPSEC_ADDREF(t, p)	do {				\
763 	refcount_acquire(&(p)->refcnt);				\
764 	KEYDBG(KEY_STAMP,					\
765 	    printf("%s: Acquire refcnt %s(%p) -> %u\n",		\
766 	    __func__, #t, (p), (p)->refcnt));			\
767 } while (0)
768 #define	DBG_IPSEC_DELREF(t, p)	do {				\
769 	KEYDBG(KEY_STAMP,					\
770 	    printf("%s: Release refcnt %s(%p) -> %u\n",		\
771 	    __func__, #t, (p), (p)->refcnt - 1));		\
772 	refcount_release(&(p)->refcnt);				\
773 } while (0)
774 
775 #define	IPSEC_INITREF(t, p)	refcount_init(&(p)->refcnt, 1)
776 #define	IPSEC_ADDREF(t, p)	refcount_acquire(&(p)->refcnt)
777 #define	IPSEC_DELREF(t, p)	refcount_release(&(p)->refcnt)
778 
779 #define	SP_INITREF(p)	IPSEC_INITREF(SP, p)
780 #define	SP_ADDREF(p)	IPSEC_ADDREF(SP, p)
781 #define	SP_DELREF(p)	IPSEC_DELREF(SP, p)
782 
783 #define	SAH_INITREF(p)	IPSEC_INITREF(SAH, p)
784 #define	SAH_ADDREF(p)	IPSEC_ADDREF(SAH, p)
785 #define	SAH_DELREF(p)	IPSEC_DELREF(SAH, p)
786 
787 #define	SAV_INITREF(p)	IPSEC_INITREF(SAV, p)
788 #define	SAV_ADDREF(p)	IPSEC_ADDREF(SAV, p)
789 #define	SAV_DELREF(p)	IPSEC_DELREF(SAV, p)
790 
791 /*
792  * Update the refcnt while holding the SPTREE lock.
793  */
794 void
795 key_addref(struct secpolicy *sp)
796 {
797 
798 	SP_ADDREF(sp);
799 }
800 
801 /*
802  * Return 0 when there are known to be no SP's for the specified
803  * direction.  Otherwise return 1.  This is used by IPsec code
804  * to optimize performance.
805  */
806 int
807 key_havesp(u_int dir)
808 {
809 
810 	return (dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND ?
811 		TAILQ_FIRST(&V_sptree[dir]) != NULL : 1);
812 }
813 
814 /* %%% IPsec policy management */
815 /*
816  * Return current SPDB generation.
817  */
818 uint32_t
819 key_getspgen(void)
820 {
821 
822 	return (V_sp_genid);
823 }
824 
825 void
826 key_bumpspgen(void)
827 {
828 
829 	V_sp_genid++;
830 }
831 
832 static int
833 key_checksockaddrs(struct sockaddr *src, struct sockaddr *dst)
834 {
835 
836 	/* family match */
837 	if (src->sa_family != dst->sa_family)
838 		return (EINVAL);
839 	/* sa_len match */
840 	if (src->sa_len != dst->sa_len)
841 		return (EINVAL);
842 	switch (src->sa_family) {
843 #ifdef INET
844 	case AF_INET:
845 		if (src->sa_len != sizeof(struct sockaddr_in))
846 			return (EINVAL);
847 		break;
848 #endif
849 #ifdef INET6
850 	case AF_INET6:
851 		if (src->sa_len != sizeof(struct sockaddr_in6))
852 			return (EINVAL);
853 		break;
854 #endif
855 	default:
856 		return (EAFNOSUPPORT);
857 	}
858 	return (0);
859 }
860 
861 struct secpolicy *
862 key_do_allocsp(struct secpolicyindex *spidx, u_int dir)
863 {
864 	SPTREE_RLOCK_TRACKER;
865 	struct secpolicy *sp;
866 
867 	IPSEC_ASSERT(spidx != NULL, ("null spidx"));
868 	IPSEC_ASSERT(dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND,
869 		("invalid direction %u", dir));
870 
871 	SPTREE_RLOCK();
872 	TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
873 		if (key_cmpspidx_withmask(&sp->spidx, spidx)) {
874 			SP_ADDREF(sp);
875 			break;
876 		}
877 	}
878 	SPTREE_RUNLOCK();
879 	return (sp);
880 }
881 
882 /*
883  * allocating a SP for OUTBOUND or INBOUND packet.
884  * Must call key_freesp() later.
885  * OUT:	NULL:	not found
886  *	others:	found and return the pointer.
887  */
888 struct secpolicy *
889 key_allocsp(struct secpolicyindex *spidx, u_int dir)
890 {
891 	struct spdcache_entry *entry, *lastentry, *tmpentry;
892 	struct secpolicy *sp;
893 	uint32_t hashv;
894 	int nb_entries;
895 
896 	if (!SPDCACHE_ACTIVE()) {
897 		sp = key_do_allocsp(spidx, dir);
898 		goto out;
899 	}
900 
901 	hashv = SPDCACHE_HASHVAL(spidx);
902 	SPDCACHE_LOCK(hashv);
903 	nb_entries = 0;
904 	LIST_FOREACH_SAFE(entry, &V_spdcachehashtbl[hashv], chain, tmpentry) {
905 		/* Removed outdated entries */
906 		if (entry->sp != NULL &&
907 		    entry->sp->state == IPSEC_SPSTATE_DEAD) {
908 			LIST_REMOVE(entry, chain);
909 			spdcache_entry_free(entry);
910 			continue;
911 		}
912 
913 		nb_entries++;
914 		if (!key_cmpspidx_exactly(&entry->spidx, spidx)) {
915 			lastentry = entry;
916 			continue;
917 		}
918 
919 		sp = entry->sp;
920 		if (entry->sp != NULL)
921 			SP_ADDREF(sp);
922 
923 		/* IPSECSTAT_INC(ips_spdcache_hits); */
924 
925 		SPDCACHE_UNLOCK(hashv);
926 		goto out;
927 	}
928 
929 	/* IPSECSTAT_INC(ips_spdcache_misses); */
930 
931 	sp = key_do_allocsp(spidx, dir);
932 	entry = spdcache_entry_alloc(spidx, sp);
933 	if (entry != NULL) {
934 		if (nb_entries >= SPDCACHE_MAX_ENTRIES_PER_HASH) {
935 			LIST_REMOVE(lastentry, chain);
936 			spdcache_entry_free(lastentry);
937 		}
938 
939 		LIST_INSERT_HEAD(&V_spdcachehashtbl[hashv], entry, chain);
940 	}
941 
942 	SPDCACHE_UNLOCK(hashv);
943 
944 out:
945 	if (sp != NULL) {	/* found a SPD entry */
946 		sp->lastused = time_second;
947 		KEYDBG(IPSEC_STAMP,
948 		    printf("%s: return SP(%p)\n", __func__, sp));
949 		KEYDBG(IPSEC_DATA, kdebug_secpolicy(sp));
950 	} else {
951 		KEYDBG(IPSEC_DATA,
952 		    printf("%s: lookup failed for ", __func__);
953 		    kdebug_secpolicyindex(spidx, NULL));
954 	}
955 	return (sp);
956 }
957 
958 /*
959  * Allocating an SA entry for an *INBOUND* or *OUTBOUND* TCP packet, signed
960  * or should be signed by MD5 signature.
961  * We don't use key_allocsa() for such lookups, because we don't know SPI.
962  * Unlike ESP and AH protocols, SPI isn't transmitted in the TCP header with
963  * signed packet. We use SADB only as storage for password.
964  * OUT:	positive:	corresponding SA for given saidx found.
965  *	NULL:		SA not found
966  */
967 struct secasvar *
968 key_allocsa_tcpmd5(struct secasindex *saidx)
969 {
970 	SAHTREE_RLOCK_TRACKER;
971 	struct secashead *sah;
972 	struct secasvar *sav;
973 
974 	IPSEC_ASSERT(saidx->proto == IPPROTO_TCP,
975 	    ("unexpected security protocol %u", saidx->proto));
976 	IPSEC_ASSERT(saidx->mode == IPSEC_MODE_TCPMD5,
977 	    ("unexpected mode %u", saidx->mode));
978 
979 	SAHTREE_RLOCK();
980 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
981 		KEYDBG(IPSEC_DUMP,
982 		    printf("%s: checking SAH\n", __func__);
983 		    kdebug_secash(sah, "  "));
984 		if (sah->saidx.proto != IPPROTO_TCP)
985 			continue;
986 		if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
987 		    !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
988 			break;
989 	}
990 	if (sah != NULL) {
991 		if (V_key_preferred_oldsa)
992 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
993 		else
994 			sav = TAILQ_FIRST(&sah->savtree_alive);
995 		if (sav != NULL)
996 			SAV_ADDREF(sav);
997 	} else
998 		sav = NULL;
999 	SAHTREE_RUNLOCK();
1000 
1001 	if (sav != NULL) {
1002 		KEYDBG(IPSEC_STAMP,
1003 		    printf("%s: return SA(%p)\n", __func__, sav));
1004 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1005 	} else {
1006 		KEYDBG(IPSEC_STAMP,
1007 		    printf("%s: SA not found\n", __func__));
1008 		KEYDBG(IPSEC_DATA, kdebug_secasindex(saidx, NULL));
1009 	}
1010 	return (sav);
1011 }
1012 
1013 /*
1014  * Allocating an SA entry for an *OUTBOUND* packet.
1015  * OUT:	positive:	corresponding SA for given saidx found.
1016  *	NULL:		SA not found, but will be acquired, check *error
1017  *			for acquiring status.
1018  */
1019 struct secasvar *
1020 key_allocsa_policy(struct secpolicy *sp, const struct secasindex *saidx,
1021     int *error)
1022 {
1023 	SAHTREE_RLOCK_TRACKER;
1024 	struct secashead *sah;
1025 	struct secasvar *sav;
1026 
1027 	IPSEC_ASSERT(saidx != NULL, ("null saidx"));
1028 	IPSEC_ASSERT(saidx->mode == IPSEC_MODE_TRANSPORT ||
1029 		saidx->mode == IPSEC_MODE_TUNNEL,
1030 		("unexpected policy %u", saidx->mode));
1031 
1032 	/*
1033 	 * We check new SA in the IPsec request because a different
1034 	 * SA may be involved each time this request is checked, either
1035 	 * because new SAs are being configured, or this request is
1036 	 * associated with an unconnected datagram socket, or this request
1037 	 * is associated with a system default policy.
1038 	 */
1039 	SAHTREE_RLOCK();
1040 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
1041 		KEYDBG(IPSEC_DUMP,
1042 		    printf("%s: checking SAH\n", __func__);
1043 		    kdebug_secash(sah, "  "));
1044 		if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID))
1045 			break;
1046 	}
1047 	if (sah != NULL) {
1048 		/*
1049 		 * Allocate the oldest SA available according to
1050 		 * draft-jenkins-ipsec-rekeying-03.
1051 		 */
1052 		if (V_key_preferred_oldsa)
1053 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1054 		else
1055 			sav = TAILQ_FIRST(&sah->savtree_alive);
1056 		if (sav != NULL)
1057 			SAV_ADDREF(sav);
1058 	} else
1059 		sav = NULL;
1060 	SAHTREE_RUNLOCK();
1061 
1062 	if (sav != NULL) {
1063 		*error = 0;
1064 		KEYDBG(IPSEC_STAMP,
1065 		    printf("%s: chosen SA(%p) for SP(%p)\n", __func__,
1066 			sav, sp));
1067 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1068 		return (sav); /* return referenced SA */
1069 	}
1070 
1071 	/* there is no SA */
1072 	*error = key_acquire(saidx, sp);
1073 	if ((*error) != 0)
1074 		ipseclog((LOG_DEBUG,
1075 		    "%s: error %d returned from key_acquire()\n",
1076 			__func__, *error));
1077 	KEYDBG(IPSEC_STAMP,
1078 	    printf("%s: acquire SA for SP(%p), error %d\n",
1079 		__func__, sp, *error));
1080 	KEYDBG(IPSEC_DATA, kdebug_secasindex(saidx, NULL));
1081 	return (NULL);
1082 }
1083 
1084 /*
1085  * allocating a usable SA entry for a *INBOUND* packet.
1086  * Must call key_freesav() later.
1087  * OUT: positive:	pointer to a usable sav (i.e. MATURE or DYING state).
1088  *	NULL:		not found, or error occurred.
1089  *
1090  * According to RFC 2401 SA is uniquely identified by a triple SPI,
1091  * destination address, and security protocol. But according to RFC 4301,
1092  * SPI by itself suffices to specify an SA.
1093  *
1094  * Note that, however, we do need to keep source address in IPsec SA.
1095  * IKE specification and PF_KEY specification do assume that we
1096  * keep source address in IPsec SA.  We see a tricky situation here.
1097  */
1098 struct secasvar *
1099 key_allocsa(union sockaddr_union *dst, uint8_t proto, uint32_t spi)
1100 {
1101 	SAHTREE_RLOCK_TRACKER;
1102 	struct secasvar *sav;
1103 
1104 	IPSEC_ASSERT(proto == IPPROTO_ESP || proto == IPPROTO_AH ||
1105 	    proto == IPPROTO_IPCOMP, ("unexpected security protocol %u",
1106 	    proto));
1107 
1108 	SAHTREE_RLOCK();
1109 	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
1110 		if (sav->spi == spi)
1111 			break;
1112 	}
1113 	/*
1114 	 * We use single SPI namespace for all protocols, so it is
1115 	 * impossible to have SPI duplicates in the SAVHASH.
1116 	 */
1117 	if (sav != NULL) {
1118 		if (sav->state != SADB_SASTATE_LARVAL &&
1119 		    sav->sah->saidx.proto == proto &&
1120 		    key_sockaddrcmp(&dst->sa,
1121 			&sav->sah->saidx.dst.sa, 0) == 0)
1122 			SAV_ADDREF(sav);
1123 		else
1124 			sav = NULL;
1125 	}
1126 	SAHTREE_RUNLOCK();
1127 
1128 	if (sav == NULL) {
1129 		KEYDBG(IPSEC_STAMP,
1130 		    char buf[IPSEC_ADDRSTRLEN];
1131 		    printf("%s: SA not found for spi %u proto %u dst %s\n",
1132 			__func__, ntohl(spi), proto, ipsec_address(dst, buf,
1133 			sizeof(buf))));
1134 	} else {
1135 		KEYDBG(IPSEC_STAMP,
1136 		    printf("%s: return SA(%p)\n", __func__, sav));
1137 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1138 	}
1139 	return (sav);
1140 }
1141 
1142 struct secasvar *
1143 key_allocsa_tunnel(union sockaddr_union *src, union sockaddr_union *dst,
1144     uint8_t proto)
1145 {
1146 	SAHTREE_RLOCK_TRACKER;
1147 	struct secasindex saidx;
1148 	struct secashead *sah;
1149 	struct secasvar *sav;
1150 
1151 	IPSEC_ASSERT(src != NULL, ("null src address"));
1152 	IPSEC_ASSERT(dst != NULL, ("null dst address"));
1153 
1154 	KEY_SETSECASIDX(proto, IPSEC_MODE_TUNNEL, 0, &src->sa,
1155 	    &dst->sa, &saidx);
1156 
1157 	sav = NULL;
1158 	SAHTREE_RLOCK();
1159 	LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
1160 		if (IPSEC_MODE_TUNNEL != sah->saidx.mode)
1161 			continue;
1162 		if (proto != sah->saidx.proto)
1163 			continue;
1164 		if (key_sockaddrcmp(&src->sa, &sah->saidx.src.sa, 0) != 0)
1165 			continue;
1166 		if (key_sockaddrcmp(&dst->sa, &sah->saidx.dst.sa, 0) != 0)
1167 			continue;
1168 		/* XXXAE: is key_preferred_oldsa reasonably?*/
1169 		if (V_key_preferred_oldsa)
1170 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1171 		else
1172 			sav = TAILQ_FIRST(&sah->savtree_alive);
1173 		if (sav != NULL) {
1174 			SAV_ADDREF(sav);
1175 			break;
1176 		}
1177 	}
1178 	SAHTREE_RUNLOCK();
1179 	KEYDBG(IPSEC_STAMP,
1180 	    printf("%s: return SA(%p)\n", __func__, sav));
1181 	if (sav != NULL)
1182 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1183 	return (sav);
1184 }
1185 
1186 /*
1187  * Must be called after calling key_allocsp().
1188  */
1189 void
1190 key_freesp(struct secpolicy **spp)
1191 {
1192 	struct secpolicy *sp = *spp;
1193 
1194 	IPSEC_ASSERT(sp != NULL, ("null sp"));
1195 	if (SP_DELREF(sp) == 0)
1196 		return;
1197 
1198 	KEYDBG(IPSEC_STAMP,
1199 	    printf("%s: last reference to SP(%p)\n", __func__, sp));
1200 	KEYDBG(IPSEC_DATA, kdebug_secpolicy(sp));
1201 
1202 	*spp = NULL;
1203 	while (sp->tcount > 0)
1204 		ipsec_delisr(sp->req[--sp->tcount]);
1205 	free(sp, M_IPSEC_SP);
1206 }
1207 
1208 static void
1209 key_unlink(struct secpolicy *sp)
1210 {
1211 	SPTREE_WLOCK();
1212 	key_detach(sp);
1213 	SPTREE_WUNLOCK();
1214 	if (SPDCACHE_ENABLED())
1215 		spdcache_clear();
1216 	key_freesp(&sp);
1217 }
1218 
1219 static void
1220 key_detach(struct secpolicy *sp)
1221 {
1222 	IPSEC_ASSERT(sp->spidx.dir == IPSEC_DIR_INBOUND ||
1223 	    sp->spidx.dir == IPSEC_DIR_OUTBOUND,
1224 	    ("invalid direction %u", sp->spidx.dir));
1225 	SPTREE_WLOCK_ASSERT();
1226 
1227 	KEYDBG(KEY_STAMP,
1228 	    printf("%s: SP(%p)\n", __func__, sp));
1229 	if (sp->state != IPSEC_SPSTATE_ALIVE) {
1230 		/* SP is already unlinked */
1231 		return;
1232 	}
1233 	sp->state = IPSEC_SPSTATE_DEAD;
1234 	TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain);
1235 	V_spd_size--;
1236 	LIST_REMOVE(sp, idhash);
1237 	V_sp_genid++;
1238 }
1239 
1240 /*
1241  * insert a secpolicy into the SP database. Lower priorities first
1242  */
1243 static void
1244 key_insertsp(struct secpolicy *newsp)
1245 {
1246 	struct secpolicy *sp;
1247 
1248 	SPTREE_WLOCK_ASSERT();
1249 	TAILQ_FOREACH(sp, &V_sptree[newsp->spidx.dir], chain) {
1250 		if (newsp->priority < sp->priority) {
1251 			TAILQ_INSERT_BEFORE(sp, newsp, chain);
1252 			goto done;
1253 		}
1254 	}
1255 	TAILQ_INSERT_TAIL(&V_sptree[newsp->spidx.dir], newsp, chain);
1256 done:
1257 	LIST_INSERT_HEAD(SPHASH_HASH(newsp->id), newsp, idhash);
1258 	newsp->state = IPSEC_SPSTATE_ALIVE;
1259 	V_spd_size++;
1260 	V_sp_genid++;
1261 }
1262 
1263 /*
1264  * Insert a bunch of VTI secpolicies into the SPDB.
1265  * We keep VTI policies in the separate list due to following reasons:
1266  * 1) they should be immutable to user's or some deamon's attempts to
1267  *    delete. The only way delete such policies - destroy or unconfigure
1268  *    corresponding virtual inteface.
1269  * 2) such policies have traffic selector that matches all traffic per
1270  *    address family.
1271  * Since all VTI policies have the same priority, we don't care about
1272  * policies order.
1273  */
1274 int
1275 key_register_ifnet(struct secpolicy **spp, u_int count)
1276 {
1277 	struct mbuf *m;
1278 	u_int i;
1279 
1280 	SPTREE_WLOCK();
1281 	/*
1282 	 * First of try to acquire id for each SP.
1283 	 */
1284 	for (i = 0; i < count; i++) {
1285 		IPSEC_ASSERT(spp[i]->spidx.dir == IPSEC_DIR_INBOUND ||
1286 		    spp[i]->spidx.dir == IPSEC_DIR_OUTBOUND,
1287 		    ("invalid direction %u", spp[i]->spidx.dir));
1288 
1289 		if ((spp[i]->id = key_getnewspid()) == 0) {
1290 			SPTREE_WUNLOCK();
1291 			return (EAGAIN);
1292 		}
1293 	}
1294 	for (i = 0; i < count; i++) {
1295 		TAILQ_INSERT_TAIL(&V_sptree_ifnet[spp[i]->spidx.dir],
1296 		    spp[i], chain);
1297 		/*
1298 		 * NOTE: despite the fact that we keep VTI SP in the
1299 		 * separate list, SPHASH contains policies from both
1300 		 * sources. Thus SADB_X_SPDGET will correctly return
1301 		 * SP by id, because it uses SPHASH for lookups.
1302 		 */
1303 		LIST_INSERT_HEAD(SPHASH_HASH(spp[i]->id), spp[i], idhash);
1304 		spp[i]->state = IPSEC_SPSTATE_IFNET;
1305 	}
1306 	SPTREE_WUNLOCK();
1307 	/*
1308 	 * Notify user processes about new SP.
1309 	 */
1310 	for (i = 0; i < count; i++) {
1311 		m = key_setdumpsp(spp[i], SADB_X_SPDADD, 0, 0);
1312 		if (m != NULL)
1313 			key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL);
1314 	}
1315 	return (0);
1316 }
1317 
1318 void
1319 key_unregister_ifnet(struct secpolicy **spp, u_int count)
1320 {
1321 	struct mbuf *m;
1322 	u_int i;
1323 
1324 	SPTREE_WLOCK();
1325 	for (i = 0; i < count; i++) {
1326 		IPSEC_ASSERT(spp[i]->spidx.dir == IPSEC_DIR_INBOUND ||
1327 		    spp[i]->spidx.dir == IPSEC_DIR_OUTBOUND,
1328 		    ("invalid direction %u", spp[i]->spidx.dir));
1329 
1330 		if (spp[i]->state != IPSEC_SPSTATE_IFNET)
1331 			continue;
1332 		spp[i]->state = IPSEC_SPSTATE_DEAD;
1333 		TAILQ_REMOVE(&V_sptree_ifnet[spp[i]->spidx.dir],
1334 		    spp[i], chain);
1335 		V_spd_size--;
1336 		LIST_REMOVE(spp[i], idhash);
1337 	}
1338 	SPTREE_WUNLOCK();
1339 	if (SPDCACHE_ENABLED())
1340 		spdcache_clear();
1341 
1342 	for (i = 0; i < count; i++) {
1343 		m = key_setdumpsp(spp[i], SADB_X_SPDDELETE, 0, 0);
1344 		if (m != NULL)
1345 			key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL);
1346 	}
1347 }
1348 
1349 /*
1350  * Must be called after calling key_allocsa().
1351  * This function is called by key_freesp() to free some SA allocated
1352  * for a policy.
1353  */
1354 void
1355 key_freesav(struct secasvar **psav)
1356 {
1357 	struct secasvar *sav = *psav;
1358 
1359 	IPSEC_ASSERT(sav != NULL, ("null sav"));
1360 	if (SAV_DELREF(sav) == 0)
1361 		return;
1362 
1363 	KEYDBG(IPSEC_STAMP,
1364 	    printf("%s: last reference to SA(%p)\n", __func__, sav));
1365 
1366 	*psav = NULL;
1367 	key_delsav(sav);
1368 }
1369 
1370 /*
1371  * Unlink SA from SAH and SPI hash under SAHTREE_WLOCK.
1372  * Expect that SA has extra reference due to lookup.
1373  * Release this references, also release SAH reference after unlink.
1374  */
1375 static void
1376 key_unlinksav(struct secasvar *sav)
1377 {
1378 	struct secashead *sah;
1379 
1380 	KEYDBG(KEY_STAMP,
1381 	    printf("%s: SA(%p)\n", __func__, sav));
1382 
1383 	SAHTREE_UNLOCK_ASSERT();
1384 	SAHTREE_WLOCK();
1385 	if (sav->state == SADB_SASTATE_DEAD) {
1386 		/* SA is already unlinked */
1387 		SAHTREE_WUNLOCK();
1388 		return;
1389 	}
1390 	/* Unlink from SAH */
1391 	if (sav->state == SADB_SASTATE_LARVAL)
1392 		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
1393 	else
1394 		TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
1395 	/* Unlink from SPI hash */
1396 	LIST_REMOVE(sav, spihash);
1397 	sav->state = SADB_SASTATE_DEAD;
1398 	sah = sav->sah;
1399 	SAHTREE_WUNLOCK();
1400 	key_freesav(&sav);
1401 	/* Since we are unlinked, release reference to SAH */
1402 	key_freesah(&sah);
1403 }
1404 
1405 /* %%% SPD management */
1406 /*
1407  * search SPD
1408  * OUT:	NULL	: not found
1409  *	others	: found, pointer to a SP.
1410  */
1411 static struct secpolicy *
1412 key_getsp(struct secpolicyindex *spidx)
1413 {
1414 	SPTREE_RLOCK_TRACKER;
1415 	struct secpolicy *sp;
1416 
1417 	IPSEC_ASSERT(spidx != NULL, ("null spidx"));
1418 
1419 	SPTREE_RLOCK();
1420 	TAILQ_FOREACH(sp, &V_sptree[spidx->dir], chain) {
1421 		if (key_cmpspidx_exactly(spidx, &sp->spidx)) {
1422 			SP_ADDREF(sp);
1423 			break;
1424 		}
1425 	}
1426 	SPTREE_RUNLOCK();
1427 
1428 	return sp;
1429 }
1430 
1431 /*
1432  * get SP by index.
1433  * OUT:	NULL	: not found
1434  *	others	: found, pointer to referenced SP.
1435  */
1436 static struct secpolicy *
1437 key_getspbyid(uint32_t id)
1438 {
1439 	SPTREE_RLOCK_TRACKER;
1440 	struct secpolicy *sp;
1441 
1442 	SPTREE_RLOCK();
1443 	LIST_FOREACH(sp, SPHASH_HASH(id), idhash) {
1444 		if (sp->id == id) {
1445 			SP_ADDREF(sp);
1446 			break;
1447 		}
1448 	}
1449 	SPTREE_RUNLOCK();
1450 	return (sp);
1451 }
1452 
1453 struct secpolicy *
1454 key_newsp(void)
1455 {
1456 	struct secpolicy *sp;
1457 
1458 	sp = malloc(sizeof(*sp), M_IPSEC_SP, M_NOWAIT | M_ZERO);
1459 	if (sp != NULL)
1460 		SP_INITREF(sp);
1461 	return (sp);
1462 }
1463 
1464 struct ipsecrequest *
1465 ipsec_newisr(void)
1466 {
1467 
1468 	return (malloc(sizeof(struct ipsecrequest), M_IPSEC_SR,
1469 	    M_NOWAIT | M_ZERO));
1470 }
1471 
1472 void
1473 ipsec_delisr(struct ipsecrequest *p)
1474 {
1475 
1476 	free(p, M_IPSEC_SR);
1477 }
1478 
1479 /*
1480  * create secpolicy structure from sadb_x_policy structure.
1481  * NOTE: `state', `secpolicyindex' and 'id' in secpolicy structure
1482  * are not set, so must be set properly later.
1483  */
1484 struct secpolicy *
1485 key_msg2sp(struct sadb_x_policy *xpl0, size_t len, int *error)
1486 {
1487 	struct secpolicy *newsp;
1488 
1489 	IPSEC_ASSERT(xpl0 != NULL, ("null xpl0"));
1490 	IPSEC_ASSERT(len >= sizeof(*xpl0), ("policy too short: %zu", len));
1491 
1492 	if (len != PFKEY_EXTLEN(xpl0)) {
1493 		ipseclog((LOG_DEBUG, "%s: Invalid msg length.\n", __func__));
1494 		*error = EINVAL;
1495 		return NULL;
1496 	}
1497 
1498 	if ((newsp = key_newsp()) == NULL) {
1499 		*error = ENOBUFS;
1500 		return NULL;
1501 	}
1502 
1503 	newsp->spidx.dir = xpl0->sadb_x_policy_dir;
1504 	newsp->policy = xpl0->sadb_x_policy_type;
1505 	newsp->priority = xpl0->sadb_x_policy_priority;
1506 	newsp->tcount = 0;
1507 
1508 	/* check policy */
1509 	switch (xpl0->sadb_x_policy_type) {
1510 	case IPSEC_POLICY_DISCARD:
1511 	case IPSEC_POLICY_NONE:
1512 	case IPSEC_POLICY_ENTRUST:
1513 	case IPSEC_POLICY_BYPASS:
1514 		break;
1515 
1516 	case IPSEC_POLICY_IPSEC:
1517 	    {
1518 		struct sadb_x_ipsecrequest *xisr;
1519 		struct ipsecrequest *isr;
1520 		int tlen;
1521 
1522 		/* validity check */
1523 		if (PFKEY_EXTLEN(xpl0) < sizeof(*xpl0)) {
1524 			ipseclog((LOG_DEBUG, "%s: Invalid msg length.\n",
1525 				__func__));
1526 			key_freesp(&newsp);
1527 			*error = EINVAL;
1528 			return NULL;
1529 		}
1530 
1531 		tlen = PFKEY_EXTLEN(xpl0) - sizeof(*xpl0);
1532 		xisr = (struct sadb_x_ipsecrequest *)(xpl0 + 1);
1533 
1534 		while (tlen > 0) {
1535 			/* length check */
1536 			if (xisr->sadb_x_ipsecrequest_len < sizeof(*xisr) ||
1537 			    xisr->sadb_x_ipsecrequest_len > tlen) {
1538 				ipseclog((LOG_DEBUG, "%s: invalid ipsecrequest "
1539 					"length.\n", __func__));
1540 				key_freesp(&newsp);
1541 				*error = EINVAL;
1542 				return NULL;
1543 			}
1544 
1545 			if (newsp->tcount >= IPSEC_MAXREQ) {
1546 				ipseclog((LOG_DEBUG,
1547 				    "%s: too many ipsecrequests.\n",
1548 				    __func__));
1549 				key_freesp(&newsp);
1550 				*error = EINVAL;
1551 				return (NULL);
1552 			}
1553 
1554 			/* allocate request buffer */
1555 			/* NB: data structure is zero'd */
1556 			isr = ipsec_newisr();
1557 			if (isr == NULL) {
1558 				ipseclog((LOG_DEBUG,
1559 				    "%s: No more memory.\n", __func__));
1560 				key_freesp(&newsp);
1561 				*error = ENOBUFS;
1562 				return NULL;
1563 			}
1564 
1565 			newsp->req[newsp->tcount++] = isr;
1566 
1567 			/* set values */
1568 			switch (xisr->sadb_x_ipsecrequest_proto) {
1569 			case IPPROTO_ESP:
1570 			case IPPROTO_AH:
1571 			case IPPROTO_IPCOMP:
1572 				break;
1573 			default:
1574 				ipseclog((LOG_DEBUG,
1575 				    "%s: invalid proto type=%u\n", __func__,
1576 				    xisr->sadb_x_ipsecrequest_proto));
1577 				key_freesp(&newsp);
1578 				*error = EPROTONOSUPPORT;
1579 				return NULL;
1580 			}
1581 			isr->saidx.proto =
1582 			    (uint8_t)xisr->sadb_x_ipsecrequest_proto;
1583 
1584 			switch (xisr->sadb_x_ipsecrequest_mode) {
1585 			case IPSEC_MODE_TRANSPORT:
1586 			case IPSEC_MODE_TUNNEL:
1587 				break;
1588 			case IPSEC_MODE_ANY:
1589 			default:
1590 				ipseclog((LOG_DEBUG,
1591 				    "%s: invalid mode=%u\n", __func__,
1592 				    xisr->sadb_x_ipsecrequest_mode));
1593 				key_freesp(&newsp);
1594 				*error = EINVAL;
1595 				return NULL;
1596 			}
1597 			isr->saidx.mode = xisr->sadb_x_ipsecrequest_mode;
1598 
1599 			switch (xisr->sadb_x_ipsecrequest_level) {
1600 			case IPSEC_LEVEL_DEFAULT:
1601 			case IPSEC_LEVEL_USE:
1602 			case IPSEC_LEVEL_REQUIRE:
1603 				break;
1604 			case IPSEC_LEVEL_UNIQUE:
1605 				/* validity check */
1606 				/*
1607 				 * If range violation of reqid, kernel will
1608 				 * update it, don't refuse it.
1609 				 */
1610 				if (xisr->sadb_x_ipsecrequest_reqid
1611 						> IPSEC_MANUAL_REQID_MAX) {
1612 					ipseclog((LOG_DEBUG,
1613 					    "%s: reqid=%d range "
1614 					    "violation, updated by kernel.\n",
1615 					    __func__,
1616 					    xisr->sadb_x_ipsecrequest_reqid));
1617 					xisr->sadb_x_ipsecrequest_reqid = 0;
1618 				}
1619 
1620 				/* allocate new reqid id if reqid is zero. */
1621 				if (xisr->sadb_x_ipsecrequest_reqid == 0) {
1622 					u_int32_t reqid;
1623 					if ((reqid = key_newreqid()) == 0) {
1624 						key_freesp(&newsp);
1625 						*error = ENOBUFS;
1626 						return NULL;
1627 					}
1628 					isr->saidx.reqid = reqid;
1629 					xisr->sadb_x_ipsecrequest_reqid = reqid;
1630 				} else {
1631 				/* set it for manual keying. */
1632 					isr->saidx.reqid =
1633 					    xisr->sadb_x_ipsecrequest_reqid;
1634 				}
1635 				break;
1636 
1637 			default:
1638 				ipseclog((LOG_DEBUG, "%s: invalid level=%u\n",
1639 					__func__,
1640 					xisr->sadb_x_ipsecrequest_level));
1641 				key_freesp(&newsp);
1642 				*error = EINVAL;
1643 				return NULL;
1644 			}
1645 			isr->level = xisr->sadb_x_ipsecrequest_level;
1646 
1647 			/* set IP addresses if there */
1648 			if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
1649 				struct sockaddr *paddr;
1650 
1651 				len = tlen - sizeof(*xisr);
1652 				paddr = (struct sockaddr *)(xisr + 1);
1653 				/* validity check */
1654 				if (len < sizeof(struct sockaddr) ||
1655 				    len < 2 * paddr->sa_len ||
1656 				    paddr->sa_len > sizeof(isr->saidx.src)) {
1657 					ipseclog((LOG_DEBUG, "%s: invalid "
1658 						"request address length.\n",
1659 						__func__));
1660 					key_freesp(&newsp);
1661 					*error = EINVAL;
1662 					return NULL;
1663 				}
1664 				/*
1665 				 * Request length should be enough to keep
1666 				 * source and destination addresses.
1667 				 */
1668 				if (xisr->sadb_x_ipsecrequest_len <
1669 				    sizeof(*xisr) + 2 * paddr->sa_len) {
1670 					ipseclog((LOG_DEBUG, "%s: invalid "
1671 					    "ipsecrequest length.\n",
1672 					    __func__));
1673 					key_freesp(&newsp);
1674 					*error = EINVAL;
1675 					return (NULL);
1676 				}
1677 				bcopy(paddr, &isr->saidx.src, paddr->sa_len);
1678 				paddr = (struct sockaddr *)((caddr_t)paddr +
1679 				    paddr->sa_len);
1680 
1681 				/* validity check */
1682 				if (paddr->sa_len !=
1683 				    isr->saidx.src.sa.sa_len) {
1684 					ipseclog((LOG_DEBUG, "%s: invalid "
1685 						"request address length.\n",
1686 						__func__));
1687 					key_freesp(&newsp);
1688 					*error = EINVAL;
1689 					return NULL;
1690 				}
1691 				/* AF family should match */
1692 				if (paddr->sa_family !=
1693 				    isr->saidx.src.sa.sa_family) {
1694 					ipseclog((LOG_DEBUG, "%s: address "
1695 					    "family doesn't match.\n",
1696 						__func__));
1697 					key_freesp(&newsp);
1698 					*error = EINVAL;
1699 					return (NULL);
1700 				}
1701 				bcopy(paddr, &isr->saidx.dst, paddr->sa_len);
1702 			} else {
1703 				/*
1704 				 * Addresses for TUNNEL mode requests are
1705 				 * mandatory.
1706 				 */
1707 				if (isr->saidx.mode == IPSEC_MODE_TUNNEL) {
1708 					ipseclog((LOG_DEBUG, "%s: missing "
1709 					    "request addresses.\n", __func__));
1710 					key_freesp(&newsp);
1711 					*error = EINVAL;
1712 					return (NULL);
1713 				}
1714 			}
1715 			tlen -= xisr->sadb_x_ipsecrequest_len;
1716 
1717 			/* validity check */
1718 			if (tlen < 0) {
1719 				ipseclog((LOG_DEBUG, "%s: becoming tlen < 0.\n",
1720 					__func__));
1721 				key_freesp(&newsp);
1722 				*error = EINVAL;
1723 				return NULL;
1724 			}
1725 
1726 			xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr
1727 			                 + xisr->sadb_x_ipsecrequest_len);
1728 		}
1729 		/* XXXAE: LARVAL SP */
1730 		if (newsp->tcount < 1) {
1731 			ipseclog((LOG_DEBUG, "%s: valid IPSEC transforms "
1732 			    "not found.\n", __func__));
1733 			key_freesp(&newsp);
1734 			*error = EINVAL;
1735 			return (NULL);
1736 		}
1737 	    }
1738 		break;
1739 	default:
1740 		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
1741 		key_freesp(&newsp);
1742 		*error = EINVAL;
1743 		return NULL;
1744 	}
1745 
1746 	*error = 0;
1747 	return (newsp);
1748 }
1749 
1750 uint32_t
1751 key_newreqid(void)
1752 {
1753 	static uint32_t auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1754 
1755 	if (auto_reqid == ~0)
1756 		auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1757 	else
1758 		auto_reqid++;
1759 
1760 	/* XXX should be unique check */
1761 	return (auto_reqid);
1762 }
1763 
1764 /*
1765  * copy secpolicy struct to sadb_x_policy structure indicated.
1766  */
1767 static struct mbuf *
1768 key_sp2mbuf(struct secpolicy *sp)
1769 {
1770 	struct mbuf *m;
1771 	size_t tlen;
1772 
1773 	tlen = key_getspreqmsglen(sp);
1774 	m = m_get2(tlen, M_NOWAIT, MT_DATA, 0);
1775 	if (m == NULL)
1776 		return (NULL);
1777 	m_align(m, tlen);
1778 	m->m_len = tlen;
1779 	if (key_sp2msg(sp, m->m_data, &tlen) != 0) {
1780 		m_freem(m);
1781 		return (NULL);
1782 	}
1783 	return (m);
1784 }
1785 
1786 int
1787 key_sp2msg(struct secpolicy *sp, void *request, size_t *len)
1788 {
1789 	struct sadb_x_ipsecrequest *xisr;
1790 	struct sadb_x_policy *xpl;
1791 	struct ipsecrequest *isr;
1792 	size_t xlen, ilen;
1793 	caddr_t p;
1794 	int error, i;
1795 
1796 	IPSEC_ASSERT(sp != NULL, ("null policy"));
1797 
1798 	xlen = sizeof(*xpl);
1799 	if (*len < xlen)
1800 		return (EINVAL);
1801 
1802 	error = 0;
1803 	bzero(request, *len);
1804 	xpl = (struct sadb_x_policy *)request;
1805 	xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
1806 	xpl->sadb_x_policy_type = sp->policy;
1807 	xpl->sadb_x_policy_dir = sp->spidx.dir;
1808 	xpl->sadb_x_policy_id = sp->id;
1809 	xpl->sadb_x_policy_priority = sp->priority;
1810 	switch (sp->state) {
1811 	case IPSEC_SPSTATE_IFNET:
1812 		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_IFNET;
1813 		break;
1814 	case IPSEC_SPSTATE_PCB:
1815 		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_PCB;
1816 		break;
1817 	default:
1818 		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_GLOBAL;
1819 	}
1820 
1821 	/* if is the policy for ipsec ? */
1822 	if (sp->policy == IPSEC_POLICY_IPSEC) {
1823 		p = (caddr_t)xpl + sizeof(*xpl);
1824 		for (i = 0; i < sp->tcount; i++) {
1825 			isr = sp->req[i];
1826 			ilen = PFKEY_ALIGN8(sizeof(*xisr) +
1827 			    isr->saidx.src.sa.sa_len +
1828 			    isr->saidx.dst.sa.sa_len);
1829 			xlen += ilen;
1830 			if (xlen > *len) {
1831 				error = ENOBUFS;
1832 				/* Calculate needed size */
1833 				continue;
1834 			}
1835 			xisr = (struct sadb_x_ipsecrequest *)p;
1836 			xisr->sadb_x_ipsecrequest_len = ilen;
1837 			xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto;
1838 			xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode;
1839 			xisr->sadb_x_ipsecrequest_level = isr->level;
1840 			xisr->sadb_x_ipsecrequest_reqid = isr->saidx.reqid;
1841 
1842 			p += sizeof(*xisr);
1843 			bcopy(&isr->saidx.src, p, isr->saidx.src.sa.sa_len);
1844 			p += isr->saidx.src.sa.sa_len;
1845 			bcopy(&isr->saidx.dst, p, isr->saidx.dst.sa.sa_len);
1846 			p += isr->saidx.dst.sa.sa_len;
1847 		}
1848 	}
1849 	xpl->sadb_x_policy_len = PFKEY_UNIT64(xlen);
1850 	if (error == 0)
1851 		*len = xlen;
1852 	else
1853 		*len = sizeof(*xpl);
1854 	return (error);
1855 }
1856 
1857 /* m will not be freed nor modified */
1858 static struct mbuf *
1859 key_gather_mbuf(struct mbuf *m, const struct sadb_msghdr *mhp,
1860     int ndeep, int nitem, ...)
1861 {
1862 	va_list ap;
1863 	int idx;
1864 	int i;
1865 	struct mbuf *result = NULL, *n;
1866 	int len;
1867 
1868 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
1869 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
1870 
1871 	va_start(ap, nitem);
1872 	for (i = 0; i < nitem; i++) {
1873 		idx = va_arg(ap, int);
1874 		if (idx < 0 || idx > SADB_EXT_MAX)
1875 			goto fail;
1876 		/* don't attempt to pull empty extension */
1877 		if (idx == SADB_EXT_RESERVED && mhp->msg == NULL)
1878 			continue;
1879 		if (idx != SADB_EXT_RESERVED  &&
1880 		    (mhp->ext[idx] == NULL || mhp->extlen[idx] == 0))
1881 			continue;
1882 
1883 		if (idx == SADB_EXT_RESERVED) {
1884 			len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
1885 
1886 			IPSEC_ASSERT(len <= MHLEN, ("header too big %u", len));
1887 
1888 			MGETHDR(n, M_NOWAIT, MT_DATA);
1889 			if (!n)
1890 				goto fail;
1891 			n->m_len = len;
1892 			n->m_next = NULL;
1893 			m_copydata(m, 0, sizeof(struct sadb_msg),
1894 			    mtod(n, caddr_t));
1895 		} else if (i < ndeep) {
1896 			len = mhp->extlen[idx];
1897 			n = m_get2(len, M_NOWAIT, MT_DATA, 0);
1898 			if (n == NULL)
1899 				goto fail;
1900 			m_align(n, len);
1901 			n->m_len = len;
1902 			m_copydata(m, mhp->extoff[idx], mhp->extlen[idx],
1903 			    mtod(n, caddr_t));
1904 		} else {
1905 			n = m_copym(m, mhp->extoff[idx], mhp->extlen[idx],
1906 			    M_NOWAIT);
1907 		}
1908 		if (n == NULL)
1909 			goto fail;
1910 
1911 		if (result)
1912 			m_cat(result, n);
1913 		else
1914 			result = n;
1915 	}
1916 	va_end(ap);
1917 
1918 	if ((result->m_flags & M_PKTHDR) != 0) {
1919 		result->m_pkthdr.len = 0;
1920 		for (n = result; n; n = n->m_next)
1921 			result->m_pkthdr.len += n->m_len;
1922 	}
1923 
1924 	return result;
1925 
1926 fail:
1927 	m_freem(result);
1928 	va_end(ap);
1929 	return NULL;
1930 }
1931 
1932 /*
1933  * SADB_X_SPDADD, SADB_X_SPDSETIDX or SADB_X_SPDUPDATE processing
1934  * add an entry to SP database, when received
1935  *   <base, address(SD), (lifetime(H),) policy>
1936  * from the user(?).
1937  * Adding to SP database,
1938  * and send
1939  *   <base, address(SD), (lifetime(H),) policy>
1940  * to the socket which was send.
1941  *
1942  * SPDADD set a unique policy entry.
1943  * SPDSETIDX like SPDADD without a part of policy requests.
1944  * SPDUPDATE replace a unique policy entry.
1945  *
1946  * XXXAE: serialize this in PF_KEY to avoid races.
1947  * m will always be freed.
1948  */
1949 static int
1950 key_spdadd(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
1951 {
1952 	struct secpolicyindex spidx;
1953 	struct sadb_address *src0, *dst0;
1954 	struct sadb_x_policy *xpl0, *xpl;
1955 	struct sadb_lifetime *lft = NULL;
1956 	struct secpolicy *newsp, *oldsp;
1957 	int error;
1958 
1959 	IPSEC_ASSERT(so != NULL, ("null socket"));
1960 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
1961 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
1962 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
1963 
1964 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
1965 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
1966 	    SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY)) {
1967 		ipseclog((LOG_DEBUG,
1968 		    "%s: invalid message: missing required header.\n",
1969 		    __func__));
1970 		return key_senderror(so, m, EINVAL);
1971 	}
1972 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
1973 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
1974 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
1975 		ipseclog((LOG_DEBUG,
1976 		    "%s: invalid message: wrong header size.\n", __func__));
1977 		return key_senderror(so, m, EINVAL);
1978 	}
1979 	if (!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD)) {
1980 		if (SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_HARD)) {
1981 			ipseclog((LOG_DEBUG,
1982 			    "%s: invalid message: wrong header size.\n",
1983 			    __func__));
1984 			return key_senderror(so, m, EINVAL);
1985 		}
1986 		lft = (struct sadb_lifetime *)mhp->ext[SADB_EXT_LIFETIME_HARD];
1987 	}
1988 
1989 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
1990 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
1991 	xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
1992 
1993 	/* check the direciton */
1994 	switch (xpl0->sadb_x_policy_dir) {
1995 	case IPSEC_DIR_INBOUND:
1996 	case IPSEC_DIR_OUTBOUND:
1997 		break;
1998 	default:
1999 		ipseclog((LOG_DEBUG, "%s: invalid SP direction.\n", __func__));
2000 		return key_senderror(so, m, EINVAL);
2001 	}
2002 	/* key_spdadd() accepts DISCARD, NONE and IPSEC. */
2003 	if (xpl0->sadb_x_policy_type != IPSEC_POLICY_DISCARD &&
2004 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_NONE &&
2005 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
2006 		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
2007 		return key_senderror(so, m, EINVAL);
2008 	}
2009 
2010 	/* policy requests are mandatory when action is ipsec. */
2011 	if (xpl0->sadb_x_policy_type == IPSEC_POLICY_IPSEC &&
2012 	    mhp->extlen[SADB_X_EXT_POLICY] <= sizeof(*xpl0)) {
2013 		ipseclog((LOG_DEBUG,
2014 		    "%s: policy requests required.\n", __func__));
2015 		return key_senderror(so, m, EINVAL);
2016 	}
2017 
2018 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
2019 	    (struct sockaddr *)(dst0 + 1));
2020 	if (error != 0 ||
2021 	    src0->sadb_address_proto != dst0->sadb_address_proto) {
2022 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
2023 		return key_senderror(so, m, error);
2024 	}
2025 	/* make secindex */
2026 	KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
2027 	                src0 + 1,
2028 	                dst0 + 1,
2029 	                src0->sadb_address_prefixlen,
2030 	                dst0->sadb_address_prefixlen,
2031 	                src0->sadb_address_proto,
2032 	                &spidx);
2033 	/* Checking there is SP already or not. */
2034 	oldsp = key_getsp(&spidx);
2035 	if (oldsp != NULL) {
2036 		if (mhp->msg->sadb_msg_type == SADB_X_SPDUPDATE) {
2037 			KEYDBG(KEY_STAMP,
2038 			    printf("%s: unlink SP(%p) for SPDUPDATE\n",
2039 				__func__, oldsp));
2040 			KEYDBG(KEY_DATA, kdebug_secpolicy(oldsp));
2041 		} else {
2042 			key_freesp(&newsp);
2043 			ipseclog((LOG_DEBUG,
2044 			    "%s: a SP entry exists already.\n", __func__));
2045 			return (key_senderror(so, m, EEXIST));
2046 		}
2047 	}
2048 
2049 	/* allocate new SP entry */
2050 	if ((newsp = key_msg2sp(xpl0, PFKEY_EXTLEN(xpl0), &error)) == NULL) {
2051 		if (oldsp != NULL) {
2052 			key_unlink(oldsp);
2053 			key_freesp(&oldsp); /* second for our reference */
2054 		}
2055 		return key_senderror(so, m, error);
2056 	}
2057 
2058 	newsp->lastused = newsp->created = time_second;
2059 	newsp->lifetime = lft ? lft->sadb_lifetime_addtime : 0;
2060 	newsp->validtime = lft ? lft->sadb_lifetime_usetime : 0;
2061 	bcopy(&spidx, &newsp->spidx, sizeof(spidx));
2062 
2063 	SPTREE_WLOCK();
2064 	if ((newsp->id = key_getnewspid()) == 0) {
2065 		if (oldsp != NULL)
2066 			key_detach(oldsp);
2067 		SPTREE_WUNLOCK();
2068 		if (oldsp != NULL) {
2069 			key_freesp(&oldsp); /* first for key_detach */
2070 			IPSEC_ASSERT(oldsp != NULL, ("null oldsp: refcount bug"));
2071 			key_freesp(&oldsp); /* second for our reference */
2072 			if (SPDCACHE_ENABLED()) /* refresh cache because of key_detach */
2073 				spdcache_clear();
2074 		}
2075 		key_freesp(&newsp);
2076 		return key_senderror(so, m, ENOBUFS);
2077 	}
2078 	if (oldsp != NULL)
2079 		key_detach(oldsp);
2080 	key_insertsp(newsp);
2081 	SPTREE_WUNLOCK();
2082 	if (oldsp != NULL) {
2083 		key_freesp(&oldsp); /* first for key_detach */
2084 		IPSEC_ASSERT(oldsp != NULL, ("null oldsp: refcount bug"));
2085 		key_freesp(&oldsp); /* second for our reference */
2086 	}
2087 	if (SPDCACHE_ENABLED())
2088 		spdcache_clear();
2089 	KEYDBG(KEY_STAMP,
2090 	    printf("%s: SP(%p)\n", __func__, newsp));
2091 	KEYDBG(KEY_DATA, kdebug_secpolicy(newsp));
2092 
2093     {
2094 	struct mbuf *n, *mpolicy;
2095 	struct sadb_msg *newmsg;
2096 	int off;
2097 
2098 	/* create new sadb_msg to reply. */
2099 	if (lft) {
2100 		n = key_gather_mbuf(m, mhp, 2, 5, SADB_EXT_RESERVED,
2101 		    SADB_X_EXT_POLICY, SADB_EXT_LIFETIME_HARD,
2102 		    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2103 	} else {
2104 		n = key_gather_mbuf(m, mhp, 2, 4, SADB_EXT_RESERVED,
2105 		    SADB_X_EXT_POLICY,
2106 		    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2107 	}
2108 	if (!n)
2109 		return key_senderror(so, m, ENOBUFS);
2110 
2111 	if (n->m_len < sizeof(*newmsg)) {
2112 		n = m_pullup(n, sizeof(*newmsg));
2113 		if (!n)
2114 			return key_senderror(so, m, ENOBUFS);
2115 	}
2116 	newmsg = mtod(n, struct sadb_msg *);
2117 	newmsg->sadb_msg_errno = 0;
2118 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2119 
2120 	off = 0;
2121 	mpolicy = m_pulldown(n, PFKEY_ALIGN8(sizeof(struct sadb_msg)),
2122 	    sizeof(*xpl), &off);
2123 	if (mpolicy == NULL) {
2124 		/* n is already freed */
2125 		return key_senderror(so, m, ENOBUFS);
2126 	}
2127 	xpl = (struct sadb_x_policy *)(mtod(mpolicy, caddr_t) + off);
2128 	if (xpl->sadb_x_policy_exttype != SADB_X_EXT_POLICY) {
2129 		m_freem(n);
2130 		return key_senderror(so, m, EINVAL);
2131 	}
2132 	xpl->sadb_x_policy_id = newsp->id;
2133 
2134 	m_freem(m);
2135 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2136     }
2137 }
2138 
2139 /*
2140  * get new policy id.
2141  * OUT:
2142  *	0:	failure.
2143  *	others: success.
2144  */
2145 static uint32_t
2146 key_getnewspid(void)
2147 {
2148 	struct secpolicy *sp;
2149 	uint32_t newid = 0;
2150 	int count = V_key_spi_trycnt;	/* XXX */
2151 
2152 	SPTREE_WLOCK_ASSERT();
2153 	while (count--) {
2154 		if (V_policy_id == ~0) /* overflowed */
2155 			newid = V_policy_id = 1;
2156 		else
2157 			newid = ++V_policy_id;
2158 		LIST_FOREACH(sp, SPHASH_HASH(newid), idhash) {
2159 			if (sp->id == newid)
2160 				break;
2161 		}
2162 		if (sp == NULL)
2163 			break;
2164 	}
2165 	if (count == 0 || newid == 0) {
2166 		ipseclog((LOG_DEBUG, "%s: failed to allocate policy id.\n",
2167 		    __func__));
2168 		return (0);
2169 	}
2170 	return (newid);
2171 }
2172 
2173 /*
2174  * SADB_SPDDELETE processing
2175  * receive
2176  *   <base, address(SD), policy(*)>
2177  * from the user(?), and set SADB_SASTATE_DEAD,
2178  * and send,
2179  *   <base, address(SD), policy(*)>
2180  * to the ikmpd.
2181  * policy(*) including direction of policy.
2182  *
2183  * m will always be freed.
2184  */
2185 static int
2186 key_spddelete(struct socket *so, struct mbuf *m,
2187     const struct sadb_msghdr *mhp)
2188 {
2189 	struct secpolicyindex spidx;
2190 	struct sadb_address *src0, *dst0;
2191 	struct sadb_x_policy *xpl0;
2192 	struct secpolicy *sp;
2193 
2194 	IPSEC_ASSERT(so != NULL, ("null so"));
2195 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2196 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2197 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2198 
2199 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
2200 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
2201 	    SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY)) {
2202 		ipseclog((LOG_DEBUG,
2203 		    "%s: invalid message: missing required header.\n",
2204 		    __func__));
2205 		return key_senderror(so, m, EINVAL);
2206 	}
2207 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
2208 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
2209 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2210 		ipseclog((LOG_DEBUG,
2211 		    "%s: invalid message: wrong header size.\n", __func__));
2212 		return key_senderror(so, m, EINVAL);
2213 	}
2214 
2215 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
2216 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
2217 	xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
2218 
2219 	/* check the direciton */
2220 	switch (xpl0->sadb_x_policy_dir) {
2221 	case IPSEC_DIR_INBOUND:
2222 	case IPSEC_DIR_OUTBOUND:
2223 		break;
2224 	default:
2225 		ipseclog((LOG_DEBUG, "%s: invalid SP direction.\n", __func__));
2226 		return key_senderror(so, m, EINVAL);
2227 	}
2228 	/* Only DISCARD, NONE and IPSEC are allowed */
2229 	if (xpl0->sadb_x_policy_type != IPSEC_POLICY_DISCARD &&
2230 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_NONE &&
2231 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
2232 		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
2233 		return key_senderror(so, m, EINVAL);
2234 	}
2235 	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
2236 	    (struct sockaddr *)(dst0 + 1)) != 0 ||
2237 	    src0->sadb_address_proto != dst0->sadb_address_proto) {
2238 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
2239 		return key_senderror(so, m, EINVAL);
2240 	}
2241 	/* make secindex */
2242 	KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
2243 	                src0 + 1,
2244 	                dst0 + 1,
2245 	                src0->sadb_address_prefixlen,
2246 	                dst0->sadb_address_prefixlen,
2247 	                src0->sadb_address_proto,
2248 	                &spidx);
2249 
2250 	/* Is there SP in SPD ? */
2251 	if ((sp = key_getsp(&spidx)) == NULL) {
2252 		ipseclog((LOG_DEBUG, "%s: no SP found.\n", __func__));
2253 		return key_senderror(so, m, EINVAL);
2254 	}
2255 
2256 	/* save policy id to buffer to be returned. */
2257 	xpl0->sadb_x_policy_id = sp->id;
2258 
2259 	KEYDBG(KEY_STAMP,
2260 	    printf("%s: SP(%p)\n", __func__, sp));
2261 	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2262 	key_unlink(sp);
2263 	key_freesp(&sp);
2264 
2265     {
2266 	struct mbuf *n;
2267 	struct sadb_msg *newmsg;
2268 
2269 	/* create new sadb_msg to reply. */
2270 	n = key_gather_mbuf(m, mhp, 1, 4, SADB_EXT_RESERVED,
2271 	    SADB_X_EXT_POLICY, SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2272 	if (!n)
2273 		return key_senderror(so, m, ENOBUFS);
2274 
2275 	newmsg = mtod(n, struct sadb_msg *);
2276 	newmsg->sadb_msg_errno = 0;
2277 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2278 
2279 	m_freem(m);
2280 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2281     }
2282 }
2283 
2284 /*
2285  * SADB_SPDDELETE2 processing
2286  * receive
2287  *   <base, policy(*)>
2288  * from the user(?), and set SADB_SASTATE_DEAD,
2289  * and send,
2290  *   <base, policy(*)>
2291  * to the ikmpd.
2292  * policy(*) including direction of policy.
2293  *
2294  * m will always be freed.
2295  */
2296 static int
2297 key_spddelete2(struct socket *so, struct mbuf *m,
2298     const struct sadb_msghdr *mhp)
2299 {
2300 	struct secpolicy *sp;
2301 	uint32_t id;
2302 
2303 	IPSEC_ASSERT(so != NULL, ("null socket"));
2304 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2305 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2306 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2307 
2308 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY) ||
2309 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2310 		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
2311 		    __func__));
2312 		return key_senderror(so, m, EINVAL);
2313 	}
2314 
2315 	id = ((struct sadb_x_policy *)
2316 	    mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
2317 
2318 	/* Is there SP in SPD ? */
2319 	if ((sp = key_getspbyid(id)) == NULL) {
2320 		ipseclog((LOG_DEBUG, "%s: no SP found for id %u.\n",
2321 		    __func__, id));
2322 		return key_senderror(so, m, EINVAL);
2323 	}
2324 
2325 	KEYDBG(KEY_STAMP,
2326 	    printf("%s: SP(%p)\n", __func__, sp));
2327 	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2328 	key_unlink(sp);
2329 	if (sp->state != IPSEC_SPSTATE_DEAD) {
2330 		ipseclog((LOG_DEBUG, "%s: failed to delete SP with id %u.\n",
2331 		    __func__, id));
2332 		key_freesp(&sp);
2333 		return (key_senderror(so, m, EACCES));
2334 	}
2335 	key_freesp(&sp);
2336 
2337     {
2338 	struct mbuf *n, *nn;
2339 	struct sadb_msg *newmsg;
2340 	int off, len;
2341 
2342 	/* create new sadb_msg to reply. */
2343 	len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
2344 
2345 	MGETHDR(n, M_NOWAIT, MT_DATA);
2346 	if (n && len > MHLEN) {
2347 		if (!(MCLGET(n, M_NOWAIT))) {
2348 			m_freem(n);
2349 			n = NULL;
2350 		}
2351 	}
2352 	if (!n)
2353 		return key_senderror(so, m, ENOBUFS);
2354 
2355 	n->m_len = len;
2356 	n->m_next = NULL;
2357 	off = 0;
2358 
2359 	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
2360 	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
2361 
2362 	IPSEC_ASSERT(off == len, ("length inconsistency (off %u len %u)",
2363 		off, len));
2364 
2365 	n->m_next = m_copym(m, mhp->extoff[SADB_X_EXT_POLICY],
2366 	    mhp->extlen[SADB_X_EXT_POLICY], M_NOWAIT);
2367 	if (!n->m_next) {
2368 		m_freem(n);
2369 		return key_senderror(so, m, ENOBUFS);
2370 	}
2371 
2372 	n->m_pkthdr.len = 0;
2373 	for (nn = n; nn; nn = nn->m_next)
2374 		n->m_pkthdr.len += nn->m_len;
2375 
2376 	newmsg = mtod(n, struct sadb_msg *);
2377 	newmsg->sadb_msg_errno = 0;
2378 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2379 
2380 	m_freem(m);
2381 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2382     }
2383 }
2384 
2385 /*
2386  * SADB_X_SPDGET processing
2387  * receive
2388  *   <base, policy(*)>
2389  * from the user(?),
2390  * and send,
2391  *   <base, address(SD), policy>
2392  * to the ikmpd.
2393  * policy(*) including direction of policy.
2394  *
2395  * m will always be freed.
2396  */
2397 static int
2398 key_spdget(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2399 {
2400 	struct secpolicy *sp;
2401 	struct mbuf *n;
2402 	uint32_t id;
2403 
2404 	IPSEC_ASSERT(so != NULL, ("null socket"));
2405 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2406 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2407 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2408 
2409 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY) ||
2410 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2411 		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
2412 		    __func__));
2413 		return key_senderror(so, m, EINVAL);
2414 	}
2415 
2416 	id = ((struct sadb_x_policy *)
2417 	    mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
2418 
2419 	/* Is there SP in SPD ? */
2420 	if ((sp = key_getspbyid(id)) == NULL) {
2421 		ipseclog((LOG_DEBUG, "%s: no SP found for id %u.\n",
2422 		    __func__, id));
2423 		return key_senderror(so, m, ENOENT);
2424 	}
2425 
2426 	n = key_setdumpsp(sp, SADB_X_SPDGET, mhp->msg->sadb_msg_seq,
2427 	    mhp->msg->sadb_msg_pid);
2428 	key_freesp(&sp);
2429 	if (n != NULL) {
2430 		m_freem(m);
2431 		return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2432 	} else
2433 		return key_senderror(so, m, ENOBUFS);
2434 }
2435 
2436 /*
2437  * SADB_X_SPDACQUIRE processing.
2438  * Acquire policy and SA(s) for a *OUTBOUND* packet.
2439  * send
2440  *   <base, policy(*)>
2441  * to KMD, and expect to receive
2442  *   <base> with SADB_X_SPDACQUIRE if error occurred,
2443  * or
2444  *   <base, policy>
2445  * with SADB_X_SPDUPDATE from KMD by PF_KEY.
2446  * policy(*) is without policy requests.
2447  *
2448  *    0     : succeed
2449  *    others: error number
2450  */
2451 int
2452 key_spdacquire(struct secpolicy *sp)
2453 {
2454 	struct mbuf *result = NULL, *m;
2455 	struct secspacq *newspacq;
2456 
2457 	IPSEC_ASSERT(sp != NULL, ("null secpolicy"));
2458 	IPSEC_ASSERT(sp->req == NULL, ("policy exists"));
2459 	IPSEC_ASSERT(sp->policy == IPSEC_POLICY_IPSEC,
2460 		("policy not IPSEC %u", sp->policy));
2461 
2462 	/* Get an entry to check whether sent message or not. */
2463 	newspacq = key_getspacq(&sp->spidx);
2464 	if (newspacq != NULL) {
2465 		if (V_key_blockacq_count < newspacq->count) {
2466 			/* reset counter and do send message. */
2467 			newspacq->count = 0;
2468 		} else {
2469 			/* increment counter and do nothing. */
2470 			newspacq->count++;
2471 			SPACQ_UNLOCK();
2472 			return (0);
2473 		}
2474 		SPACQ_UNLOCK();
2475 	} else {
2476 		/* make new entry for blocking to send SADB_ACQUIRE. */
2477 		newspacq = key_newspacq(&sp->spidx);
2478 		if (newspacq == NULL)
2479 			return ENOBUFS;
2480 	}
2481 
2482 	/* create new sadb_msg to reply. */
2483 	m = key_setsadbmsg(SADB_X_SPDACQUIRE, 0, 0, 0, 0, 0);
2484 	if (!m)
2485 		return ENOBUFS;
2486 
2487 	result = m;
2488 
2489 	result->m_pkthdr.len = 0;
2490 	for (m = result; m; m = m->m_next)
2491 		result->m_pkthdr.len += m->m_len;
2492 
2493 	mtod(result, struct sadb_msg *)->sadb_msg_len =
2494 	    PFKEY_UNIT64(result->m_pkthdr.len);
2495 
2496 	return key_sendup_mbuf(NULL, m, KEY_SENDUP_REGISTERED);
2497 }
2498 
2499 /*
2500  * SADB_SPDFLUSH processing
2501  * receive
2502  *   <base>
2503  * from the user, and free all entries in secpctree.
2504  * and send,
2505  *   <base>
2506  * to the user.
2507  * NOTE: what to do is only marking SADB_SASTATE_DEAD.
2508  *
2509  * m will always be freed.
2510  */
2511 static int
2512 key_spdflush(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2513 {
2514 	struct secpolicy_queue drainq;
2515 	struct sadb_msg *newmsg;
2516 	struct secpolicy *sp, *nextsp;
2517 	u_int dir;
2518 
2519 	IPSEC_ASSERT(so != NULL, ("null socket"));
2520 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2521 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2522 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2523 
2524 	if (m->m_len != PFKEY_ALIGN8(sizeof(struct sadb_msg)))
2525 		return key_senderror(so, m, EINVAL);
2526 
2527 	TAILQ_INIT(&drainq);
2528 	SPTREE_WLOCK();
2529 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2530 		TAILQ_CONCAT(&drainq, &V_sptree[dir], chain);
2531 	}
2532 	/*
2533 	 * We need to set state to DEAD for each policy to be sure,
2534 	 * that another thread won't try to unlink it.
2535 	 * Also remove SP from sphash.
2536 	 */
2537 	TAILQ_FOREACH(sp, &drainq, chain) {
2538 		sp->state = IPSEC_SPSTATE_DEAD;
2539 		LIST_REMOVE(sp, idhash);
2540 	}
2541 	V_sp_genid++;
2542 	V_spd_size = 0;
2543 	SPTREE_WUNLOCK();
2544 	if (SPDCACHE_ENABLED())
2545 		spdcache_clear();
2546 	sp = TAILQ_FIRST(&drainq);
2547 	while (sp != NULL) {
2548 		nextsp = TAILQ_NEXT(sp, chain);
2549 		key_freesp(&sp);
2550 		sp = nextsp;
2551 	}
2552 
2553 	if (sizeof(struct sadb_msg) > m->m_len + M_TRAILINGSPACE(m)) {
2554 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
2555 		return key_senderror(so, m, ENOBUFS);
2556 	}
2557 
2558 	if (m->m_next)
2559 		m_freem(m->m_next);
2560 	m->m_next = NULL;
2561 	m->m_pkthdr.len = m->m_len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
2562 	newmsg = mtod(m, struct sadb_msg *);
2563 	newmsg->sadb_msg_errno = 0;
2564 	newmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
2565 
2566 	return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
2567 }
2568 
2569 static uint8_t
2570 key_satype2scopemask(uint8_t satype)
2571 {
2572 
2573 	if (satype == IPSEC_POLICYSCOPE_ANY)
2574 		return (0xff);
2575 	return (satype);
2576 }
2577 /*
2578  * SADB_SPDDUMP processing
2579  * receive
2580  *   <base>
2581  * from the user, and dump all SP leaves and send,
2582  *   <base> .....
2583  * to the ikmpd.
2584  *
2585  * NOTE:
2586  *   sadb_msg_satype is considered as mask of policy scopes.
2587  *   m will always be freed.
2588  */
2589 static int
2590 key_spddump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2591 {
2592 	SPTREE_RLOCK_TRACKER;
2593 	struct secpolicy *sp;
2594 	struct mbuf *n;
2595 	int cnt;
2596 	u_int dir, scope;
2597 
2598 	IPSEC_ASSERT(so != NULL, ("null socket"));
2599 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2600 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2601 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2602 
2603 	/* search SPD entry and get buffer size. */
2604 	cnt = 0;
2605 	scope = key_satype2scopemask(mhp->msg->sadb_msg_satype);
2606 	SPTREE_RLOCK();
2607 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2608 		if (scope & IPSEC_POLICYSCOPE_GLOBAL) {
2609 			TAILQ_FOREACH(sp, &V_sptree[dir], chain)
2610 				cnt++;
2611 		}
2612 		if (scope & IPSEC_POLICYSCOPE_IFNET) {
2613 			TAILQ_FOREACH(sp, &V_sptree_ifnet[dir], chain)
2614 				cnt++;
2615 		}
2616 	}
2617 
2618 	if (cnt == 0) {
2619 		SPTREE_RUNLOCK();
2620 		return key_senderror(so, m, ENOENT);
2621 	}
2622 
2623 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2624 		if (scope & IPSEC_POLICYSCOPE_GLOBAL) {
2625 			TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
2626 				--cnt;
2627 				n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt,
2628 				    mhp->msg->sadb_msg_pid);
2629 
2630 				if (n != NULL)
2631 					key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2632 			}
2633 		}
2634 		if (scope & IPSEC_POLICYSCOPE_IFNET) {
2635 			TAILQ_FOREACH(sp, &V_sptree_ifnet[dir], chain) {
2636 				--cnt;
2637 				n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt,
2638 				    mhp->msg->sadb_msg_pid);
2639 
2640 				if (n != NULL)
2641 					key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2642 			}
2643 		}
2644 	}
2645 
2646 	SPTREE_RUNLOCK();
2647 	m_freem(m);
2648 	return (0);
2649 }
2650 
2651 static struct mbuf *
2652 key_setdumpsp(struct secpolicy *sp, u_int8_t type, u_int32_t seq,
2653     u_int32_t pid)
2654 {
2655 	struct mbuf *result = NULL, *m;
2656 	struct seclifetime lt;
2657 
2658 	m = key_setsadbmsg(type, 0, SADB_SATYPE_UNSPEC, seq, pid, sp->refcnt);
2659 	if (!m)
2660 		goto fail;
2661 	result = m;
2662 
2663 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
2664 	    &sp->spidx.src.sa, sp->spidx.prefs,
2665 	    sp->spidx.ul_proto);
2666 	if (!m)
2667 		goto fail;
2668 	m_cat(result, m);
2669 
2670 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
2671 	    &sp->spidx.dst.sa, sp->spidx.prefd,
2672 	    sp->spidx.ul_proto);
2673 	if (!m)
2674 		goto fail;
2675 	m_cat(result, m);
2676 
2677 	m = key_sp2mbuf(sp);
2678 	if (!m)
2679 		goto fail;
2680 	m_cat(result, m);
2681 
2682 	if(sp->lifetime){
2683 		lt.addtime=sp->created;
2684 		lt.usetime= sp->lastused;
2685 		m = key_setlifetime(&lt, SADB_EXT_LIFETIME_CURRENT);
2686 		if (!m)
2687 			goto fail;
2688 		m_cat(result, m);
2689 
2690 		lt.addtime=sp->lifetime;
2691 		lt.usetime= sp->validtime;
2692 		m = key_setlifetime(&lt, SADB_EXT_LIFETIME_HARD);
2693 		if (!m)
2694 			goto fail;
2695 		m_cat(result, m);
2696 	}
2697 
2698 	if ((result->m_flags & M_PKTHDR) == 0)
2699 		goto fail;
2700 
2701 	if (result->m_len < sizeof(struct sadb_msg)) {
2702 		result = m_pullup(result, sizeof(struct sadb_msg));
2703 		if (result == NULL)
2704 			goto fail;
2705 	}
2706 
2707 	result->m_pkthdr.len = 0;
2708 	for (m = result; m; m = m->m_next)
2709 		result->m_pkthdr.len += m->m_len;
2710 
2711 	mtod(result, struct sadb_msg *)->sadb_msg_len =
2712 	    PFKEY_UNIT64(result->m_pkthdr.len);
2713 
2714 	return result;
2715 
2716 fail:
2717 	m_freem(result);
2718 	return NULL;
2719 }
2720 /*
2721  * get PFKEY message length for security policy and request.
2722  */
2723 static size_t
2724 key_getspreqmsglen(struct secpolicy *sp)
2725 {
2726 	size_t tlen, len;
2727 	int i;
2728 
2729 	tlen = sizeof(struct sadb_x_policy);
2730 	/* if is the policy for ipsec ? */
2731 	if (sp->policy != IPSEC_POLICY_IPSEC)
2732 		return (tlen);
2733 
2734 	/* get length of ipsec requests */
2735 	for (i = 0; i < sp->tcount; i++) {
2736 		len = sizeof(struct sadb_x_ipsecrequest)
2737 			+ sp->req[i]->saidx.src.sa.sa_len
2738 			+ sp->req[i]->saidx.dst.sa.sa_len;
2739 
2740 		tlen += PFKEY_ALIGN8(len);
2741 	}
2742 	return (tlen);
2743 }
2744 
2745 /*
2746  * SADB_SPDEXPIRE processing
2747  * send
2748  *   <base, address(SD), lifetime(CH), policy>
2749  * to KMD by PF_KEY.
2750  *
2751  * OUT:	0	: succeed
2752  *	others	: error number
2753  */
2754 static int
2755 key_spdexpire(struct secpolicy *sp)
2756 {
2757 	struct sadb_lifetime *lt;
2758 	struct mbuf *result = NULL, *m;
2759 	int len, error = -1;
2760 
2761 	IPSEC_ASSERT(sp != NULL, ("null secpolicy"));
2762 
2763 	KEYDBG(KEY_STAMP,
2764 	    printf("%s: SP(%p)\n", __func__, sp));
2765 	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2766 
2767 	/* set msg header */
2768 	m = key_setsadbmsg(SADB_X_SPDEXPIRE, 0, 0, 0, 0, 0);
2769 	if (!m) {
2770 		error = ENOBUFS;
2771 		goto fail;
2772 	}
2773 	result = m;
2774 
2775 	/* create lifetime extension (current and hard) */
2776 	len = PFKEY_ALIGN8(sizeof(*lt)) * 2;
2777 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
2778 	if (m == NULL) {
2779 		error = ENOBUFS;
2780 		goto fail;
2781 	}
2782 	m_align(m, len);
2783 	m->m_len = len;
2784 	bzero(mtod(m, caddr_t), len);
2785 	lt = mtod(m, struct sadb_lifetime *);
2786 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2787 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
2788 	lt->sadb_lifetime_allocations = 0;
2789 	lt->sadb_lifetime_bytes = 0;
2790 	lt->sadb_lifetime_addtime = sp->created;
2791 	lt->sadb_lifetime_usetime = sp->lastused;
2792 	lt = (struct sadb_lifetime *)(mtod(m, caddr_t) + len / 2);
2793 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2794 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
2795 	lt->sadb_lifetime_allocations = 0;
2796 	lt->sadb_lifetime_bytes = 0;
2797 	lt->sadb_lifetime_addtime = sp->lifetime;
2798 	lt->sadb_lifetime_usetime = sp->validtime;
2799 	m_cat(result, m);
2800 
2801 	/* set sadb_address for source */
2802 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
2803 	    &sp->spidx.src.sa,
2804 	    sp->spidx.prefs, sp->spidx.ul_proto);
2805 	if (!m) {
2806 		error = ENOBUFS;
2807 		goto fail;
2808 	}
2809 	m_cat(result, m);
2810 
2811 	/* set sadb_address for destination */
2812 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
2813 	    &sp->spidx.dst.sa,
2814 	    sp->spidx.prefd, sp->spidx.ul_proto);
2815 	if (!m) {
2816 		error = ENOBUFS;
2817 		goto fail;
2818 	}
2819 	m_cat(result, m);
2820 
2821 	/* set secpolicy */
2822 	m = key_sp2mbuf(sp);
2823 	if (!m) {
2824 		error = ENOBUFS;
2825 		goto fail;
2826 	}
2827 	m_cat(result, m);
2828 
2829 	if ((result->m_flags & M_PKTHDR) == 0) {
2830 		error = EINVAL;
2831 		goto fail;
2832 	}
2833 
2834 	if (result->m_len < sizeof(struct sadb_msg)) {
2835 		result = m_pullup(result, sizeof(struct sadb_msg));
2836 		if (result == NULL) {
2837 			error = ENOBUFS;
2838 			goto fail;
2839 		}
2840 	}
2841 
2842 	result->m_pkthdr.len = 0;
2843 	for (m = result; m; m = m->m_next)
2844 		result->m_pkthdr.len += m->m_len;
2845 
2846 	mtod(result, struct sadb_msg *)->sadb_msg_len =
2847 	    PFKEY_UNIT64(result->m_pkthdr.len);
2848 
2849 	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
2850 
2851  fail:
2852 	if (result)
2853 		m_freem(result);
2854 	return error;
2855 }
2856 
2857 /* %%% SAD management */
2858 /*
2859  * allocating and initialize new SA head.
2860  * OUT:	NULL	: failure due to the lack of memory.
2861  *	others	: pointer to new SA head.
2862  */
2863 static struct secashead *
2864 key_newsah(struct secasindex *saidx)
2865 {
2866 	struct secashead *sah;
2867 
2868 	sah = malloc(sizeof(struct secashead), M_IPSEC_SAH,
2869 	    M_NOWAIT | M_ZERO);
2870 	if (sah == NULL) {
2871 		PFKEYSTAT_INC(in_nomem);
2872 		return (NULL);
2873 	}
2874 	TAILQ_INIT(&sah->savtree_larval);
2875 	TAILQ_INIT(&sah->savtree_alive);
2876 	sah->saidx = *saidx;
2877 	sah->state = SADB_SASTATE_DEAD;
2878 	SAH_INITREF(sah);
2879 
2880 	KEYDBG(KEY_STAMP,
2881 	    printf("%s: SAH(%p)\n", __func__, sah));
2882 	KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2883 	return (sah);
2884 }
2885 
2886 static void
2887 key_freesah(struct secashead **psah)
2888 {
2889 	struct secashead *sah = *psah;
2890 
2891 	if (SAH_DELREF(sah) == 0)
2892 		return;
2893 
2894 	KEYDBG(KEY_STAMP,
2895 	    printf("%s: last reference to SAH(%p)\n", __func__, sah));
2896 	KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2897 
2898 	*psah = NULL;
2899 	key_delsah(sah);
2900 }
2901 
2902 static void
2903 key_delsah(struct secashead *sah)
2904 {
2905 	IPSEC_ASSERT(sah != NULL, ("NULL sah"));
2906 	IPSEC_ASSERT(sah->state == SADB_SASTATE_DEAD,
2907 	    ("Attempt to free non DEAD SAH %p", sah));
2908 	IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_larval),
2909 	    ("Attempt to free SAH %p with LARVAL SA", sah));
2910 	IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_alive),
2911 	    ("Attempt to free SAH %p with ALIVE SA", sah));
2912 
2913 	free(sah, M_IPSEC_SAH);
2914 }
2915 
2916 /*
2917  * allocating a new SA for key_add() and key_getspi() call,
2918  * and copy the values of mhp into new buffer.
2919  * When SAD message type is SADB_GETSPI set SA state to LARVAL.
2920  * For SADB_ADD create and initialize SA with MATURE state.
2921  * OUT:	NULL	: fail
2922  *	others	: pointer to new secasvar.
2923  */
2924 static struct secasvar *
2925 key_newsav(const struct sadb_msghdr *mhp, struct secasindex *saidx,
2926     uint32_t spi, int *errp)
2927 {
2928 	struct secashead *sah;
2929 	struct secasvar *sav;
2930 	int isnew;
2931 
2932 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2933 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2934 	IPSEC_ASSERT(mhp->msg->sadb_msg_type == SADB_GETSPI ||
2935 	    mhp->msg->sadb_msg_type == SADB_ADD, ("wrong message type"));
2936 
2937 	sav = NULL;
2938 	sah = NULL;
2939 	/* check SPI value */
2940 	switch (saidx->proto) {
2941 	case IPPROTO_ESP:
2942 	case IPPROTO_AH:
2943 		/*
2944 		 * RFC 4302, 2.4. Security Parameters Index (SPI), SPI values
2945 		 * 1-255 reserved by IANA for future use,
2946 		 * 0 for implementation specific, local use.
2947 		 */
2948 		if (ntohl(spi) <= 255) {
2949 			ipseclog((LOG_DEBUG, "%s: illegal range of SPI %u.\n",
2950 			    __func__, ntohl(spi)));
2951 			*errp = EINVAL;
2952 			goto done;
2953 		}
2954 		break;
2955 	}
2956 
2957 	sav = malloc(sizeof(struct secasvar), M_IPSEC_SA, M_NOWAIT | M_ZERO);
2958 	if (sav == NULL) {
2959 		*errp = ENOBUFS;
2960 		goto done;
2961 	}
2962 	sav->lock = malloc(sizeof(struct mtx), M_IPSEC_MISC,
2963 	    M_NOWAIT | M_ZERO);
2964 	if (sav->lock == NULL) {
2965 		*errp = ENOBUFS;
2966 		goto done;
2967 	}
2968 	mtx_init(sav->lock, "ipsec association", NULL, MTX_DEF);
2969 	sav->lft_c = uma_zalloc_pcpu(ipsec_key_lft_zone, M_NOWAIT | M_ZERO);
2970 	if (sav->lft_c == NULL) {
2971 		*errp = ENOBUFS;
2972 		goto done;
2973 	}
2974 
2975 	sav->spi = spi;
2976 	sav->seq = mhp->msg->sadb_msg_seq;
2977 	sav->state = SADB_SASTATE_LARVAL;
2978 	sav->pid = (pid_t)mhp->msg->sadb_msg_pid;
2979 	SAV_INITREF(sav);
2980 again:
2981 	sah = key_getsah(saidx);
2982 	if (sah == NULL) {
2983 		/* create a new SA index */
2984 		sah = key_newsah(saidx);
2985 		if (sah == NULL) {
2986 			ipseclog((LOG_DEBUG,
2987 			    "%s: No more memory.\n", __func__));
2988 			*errp = ENOBUFS;
2989 			goto done;
2990 		}
2991 		isnew = 1;
2992 	} else
2993 		isnew = 0;
2994 
2995 	sav->sah = sah;
2996 	if (mhp->msg->sadb_msg_type == SADB_GETSPI) {
2997 		sav->created = time_second;
2998 	} else if (sav->state == SADB_SASTATE_LARVAL) {
2999 		/*
3000 		 * Do not call key_setsaval() second time in case
3001 		 * of `goto again`. We will have MATURE state.
3002 		 */
3003 		*errp = key_setsaval(sav, mhp);
3004 		if (*errp != 0)
3005 			goto done;
3006 		sav->state = SADB_SASTATE_MATURE;
3007 	}
3008 
3009 	SAHTREE_WLOCK();
3010 	/*
3011 	 * Check that existing SAH wasn't unlinked.
3012 	 * Since we didn't hold the SAHTREE lock, it is possible,
3013 	 * that callout handler or key_flush() or key_delete() could
3014 	 * unlink this SAH.
3015 	 */
3016 	if (isnew == 0 && sah->state == SADB_SASTATE_DEAD) {
3017 		SAHTREE_WUNLOCK();
3018 		key_freesah(&sah);	/* reference from key_getsah() */
3019 		goto again;
3020 	}
3021 	if (isnew != 0) {
3022 		/*
3023 		 * Add new SAH into SADB.
3024 		 *
3025 		 * XXXAE: we can serialize key_add and key_getspi calls, so
3026 		 * several threads will not fight in the race.
3027 		 * Otherwise we should check under SAHTREE lock, that this
3028 		 * SAH would not added twice.
3029 		 */
3030 		TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
3031 		/* Add new SAH into hash by addresses */
3032 		LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
3033 		/* Now we are linked in the chain */
3034 		sah->state = SADB_SASTATE_MATURE;
3035 		/*
3036 		 * SAV references this new SAH.
3037 		 * In case of existing SAH we reuse reference
3038 		 * from key_getsah().
3039 		 */
3040 		SAH_ADDREF(sah);
3041 	}
3042 	/* Link SAV with SAH */
3043 	if (sav->state == SADB_SASTATE_MATURE)
3044 		TAILQ_INSERT_HEAD(&sah->savtree_alive, sav, chain);
3045 	else
3046 		TAILQ_INSERT_HEAD(&sah->savtree_larval, sav, chain);
3047 	/* Add SAV into SPI hash */
3048 	LIST_INSERT_HEAD(SAVHASH_HASH(sav->spi), sav, spihash);
3049 	SAHTREE_WUNLOCK();
3050 	*errp = 0;	/* success */
3051 done:
3052 	if (*errp != 0) {
3053 		if (sav != NULL) {
3054 			if (sav->lock != NULL) {
3055 				mtx_destroy(sav->lock);
3056 				free(sav->lock, M_IPSEC_MISC);
3057 			}
3058 			if (sav->lft_c != NULL)
3059 				uma_zfree_pcpu(ipsec_key_lft_zone, sav->lft_c);
3060 			free(sav, M_IPSEC_SA), sav = NULL;
3061 		}
3062 		if (sah != NULL)
3063 			key_freesah(&sah);
3064 		if (*errp == ENOBUFS) {
3065 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3066 			    __func__));
3067 			PFKEYSTAT_INC(in_nomem);
3068 		}
3069 	}
3070 	return (sav);
3071 }
3072 
3073 /*
3074  * free() SA variable entry.
3075  */
3076 static void
3077 key_cleansav(struct secasvar *sav)
3078 {
3079 
3080 	if (sav->natt != NULL) {
3081 		free(sav->natt, M_IPSEC_MISC);
3082 		sav->natt = NULL;
3083 	}
3084 	if (sav->flags & SADB_X_EXT_F_CLONED)
3085 		return;
3086 	if (sav->tdb_xform != NULL) {
3087 		sav->tdb_xform->xf_cleanup(sav);
3088 		sav->tdb_xform = NULL;
3089 	}
3090 	if (sav->key_auth != NULL) {
3091 		zfree(sav->key_auth->key_data, M_IPSEC_MISC);
3092 		free(sav->key_auth, M_IPSEC_MISC);
3093 		sav->key_auth = NULL;
3094 	}
3095 	if (sav->key_enc != NULL) {
3096 		zfree(sav->key_enc->key_data, M_IPSEC_MISC);
3097 		free(sav->key_enc, M_IPSEC_MISC);
3098 		sav->key_enc = NULL;
3099 	}
3100 	if (sav->replay != NULL) {
3101 		if (sav->replay->bitmap != NULL)
3102 			free(sav->replay->bitmap, M_IPSEC_MISC);
3103 		free(sav->replay, M_IPSEC_MISC);
3104 		sav->replay = NULL;
3105 	}
3106 	if (sav->lft_h != NULL) {
3107 		free(sav->lft_h, M_IPSEC_MISC);
3108 		sav->lft_h = NULL;
3109 	}
3110 	if (sav->lft_s != NULL) {
3111 		free(sav->lft_s, M_IPSEC_MISC);
3112 		sav->lft_s = NULL;
3113 	}
3114 }
3115 
3116 /*
3117  * free() SA variable entry.
3118  */
3119 static void
3120 key_delsav(struct secasvar *sav)
3121 {
3122 	IPSEC_ASSERT(sav != NULL, ("null sav"));
3123 	IPSEC_ASSERT(sav->state == SADB_SASTATE_DEAD,
3124 	    ("attempt to free non DEAD SA %p", sav));
3125 	IPSEC_ASSERT(sav->refcnt == 0, ("reference count %u > 0",
3126 	    sav->refcnt));
3127 
3128 	/*
3129 	 * SA must be unlinked from the chain and hashtbl.
3130 	 * If SA was cloned, we leave all fields untouched,
3131 	 * except NAT-T config.
3132 	 */
3133 	key_cleansav(sav);
3134 	if ((sav->flags & SADB_X_EXT_F_CLONED) == 0) {
3135 		mtx_destroy(sav->lock);
3136 		free(sav->lock, M_IPSEC_MISC);
3137 		uma_zfree_pcpu(ipsec_key_lft_zone, sav->lft_c);
3138 	}
3139 	free(sav, M_IPSEC_SA);
3140 }
3141 
3142 /*
3143  * search SAH.
3144  * OUT:
3145  *	NULL	: not found
3146  *	others	: found, referenced pointer to a SAH.
3147  */
3148 static struct secashead *
3149 key_getsah(struct secasindex *saidx)
3150 {
3151 	SAHTREE_RLOCK_TRACKER;
3152 	struct secashead *sah;
3153 
3154 	SAHTREE_RLOCK();
3155 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
3156 	    if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID) != 0) {
3157 		    SAH_ADDREF(sah);
3158 		    break;
3159 	    }
3160 	}
3161 	SAHTREE_RUNLOCK();
3162 	return (sah);
3163 }
3164 
3165 /*
3166  * Check not to be duplicated SPI.
3167  * OUT:
3168  *	0	: not found
3169  *	1	: found SA with given SPI.
3170  */
3171 static int
3172 key_checkspidup(uint32_t spi)
3173 {
3174 	SAHTREE_RLOCK_TRACKER;
3175 	struct secasvar *sav;
3176 
3177 	/* Assume SPI is in network byte order */
3178 	SAHTREE_RLOCK();
3179 	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
3180 		if (sav->spi == spi)
3181 			break;
3182 	}
3183 	SAHTREE_RUNLOCK();
3184 	return (sav != NULL);
3185 }
3186 
3187 /*
3188  * Search SA by SPI.
3189  * OUT:
3190  *	NULL	: not found
3191  *	others	: found, referenced pointer to a SA.
3192  */
3193 static struct secasvar *
3194 key_getsavbyspi(uint32_t spi)
3195 {
3196 	SAHTREE_RLOCK_TRACKER;
3197 	struct secasvar *sav;
3198 
3199 	/* Assume SPI is in network byte order */
3200 	SAHTREE_RLOCK();
3201 	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
3202 		if (sav->spi != spi)
3203 			continue;
3204 		SAV_ADDREF(sav);
3205 		break;
3206 	}
3207 	SAHTREE_RUNLOCK();
3208 	return (sav);
3209 }
3210 
3211 static int
3212 key_updatelifetimes(struct secasvar *sav, const struct sadb_msghdr *mhp)
3213 {
3214 	struct seclifetime *lft_h, *lft_s, *tmp;
3215 
3216 	/* Lifetime extension is optional, check that it is present. */
3217 	if (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
3218 	    SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) {
3219 		/*
3220 		 * In case of SADB_UPDATE we may need to change
3221 		 * existing lifetimes.
3222 		 */
3223 		if (sav->state == SADB_SASTATE_MATURE) {
3224 			lft_h = lft_s = NULL;
3225 			goto reset;
3226 		}
3227 		return (0);
3228 	}
3229 	/* Both HARD and SOFT extensions must present */
3230 	if ((SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
3231 	    !SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
3232 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
3233 	    !SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
3234 		ipseclog((LOG_DEBUG,
3235 		    "%s: invalid message: missing required header.\n",
3236 		    __func__));
3237 		return (EINVAL);
3238 	}
3239 	if (SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_HARD) ||
3240 	    SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_SOFT)) {
3241 		ipseclog((LOG_DEBUG,
3242 		    "%s: invalid message: wrong header size.\n", __func__));
3243 		return (EINVAL);
3244 	}
3245 	lft_h = key_dup_lifemsg((const struct sadb_lifetime *)
3246 	    mhp->ext[SADB_EXT_LIFETIME_HARD], M_IPSEC_MISC);
3247 	if (lft_h == NULL) {
3248 		PFKEYSTAT_INC(in_nomem);
3249 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3250 		return (ENOBUFS);
3251 	}
3252 	lft_s = key_dup_lifemsg((const struct sadb_lifetime *)
3253 	    mhp->ext[SADB_EXT_LIFETIME_SOFT], M_IPSEC_MISC);
3254 	if (lft_s == NULL) {
3255 		PFKEYSTAT_INC(in_nomem);
3256 		free(lft_h, M_IPSEC_MISC);
3257 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3258 		return (ENOBUFS);
3259 	}
3260 reset:
3261 	if (sav->state != SADB_SASTATE_LARVAL) {
3262 		/*
3263 		 * key_update() holds reference to this SA,
3264 		 * so it won't be deleted in meanwhile.
3265 		 */
3266 		SECASVAR_LOCK(sav);
3267 		tmp = sav->lft_h;
3268 		sav->lft_h = lft_h;
3269 		lft_h = tmp;
3270 
3271 		tmp = sav->lft_s;
3272 		sav->lft_s = lft_s;
3273 		lft_s = tmp;
3274 		SECASVAR_UNLOCK(sav);
3275 		if (lft_h != NULL)
3276 			free(lft_h, M_IPSEC_MISC);
3277 		if (lft_s != NULL)
3278 			free(lft_s, M_IPSEC_MISC);
3279 		return (0);
3280 	}
3281 	/* We can update lifetime without holding a lock */
3282 	IPSEC_ASSERT(sav->lft_h == NULL, ("lft_h is already initialized\n"));
3283 	IPSEC_ASSERT(sav->lft_s == NULL, ("lft_s is already initialized\n"));
3284 	sav->lft_h = lft_h;
3285 	sav->lft_s = lft_s;
3286 	return (0);
3287 }
3288 
3289 /*
3290  * copy SA values from PF_KEY message except *SPI, SEQ, PID and TYPE*.
3291  * You must update these if need. Expects only LARVAL SAs.
3292  * OUT:	0:	success.
3293  *	!0:	failure.
3294  */
3295 static int
3296 key_setsaval(struct secasvar *sav, const struct sadb_msghdr *mhp)
3297 {
3298 	const struct sadb_sa *sa0;
3299 	const struct sadb_key *key0;
3300 	uint32_t replay;
3301 	size_t len;
3302 	int error;
3303 
3304 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
3305 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
3306 	IPSEC_ASSERT(sav->state == SADB_SASTATE_LARVAL,
3307 	    ("Attempt to update non LARVAL SA"));
3308 
3309 	/* XXX rewrite */
3310 	error = key_setident(sav->sah, mhp);
3311 	if (error != 0)
3312 		goto fail;
3313 
3314 	/* SA */
3315 	if (!SADB_CHECKHDR(mhp, SADB_EXT_SA)) {
3316 		if (SADB_CHECKLEN(mhp, SADB_EXT_SA)) {
3317 			error = EINVAL;
3318 			goto fail;
3319 		}
3320 		sa0 = (const struct sadb_sa *)mhp->ext[SADB_EXT_SA];
3321 		sav->alg_auth = sa0->sadb_sa_auth;
3322 		sav->alg_enc = sa0->sadb_sa_encrypt;
3323 		sav->flags = sa0->sadb_sa_flags;
3324 		if ((sav->flags & SADB_KEY_FLAGS_MAX) != sav->flags) {
3325 			ipseclog((LOG_DEBUG,
3326 			    "%s: invalid sa_flags 0x%08x.\n", __func__,
3327 			    sav->flags));
3328 			error = EINVAL;
3329 			goto fail;
3330 		}
3331 
3332 		/* Optional replay window */
3333 		replay = 0;
3334 		if ((sa0->sadb_sa_flags & SADB_X_EXT_OLD) == 0)
3335 			replay = sa0->sadb_sa_replay;
3336 		if (!SADB_CHECKHDR(mhp, SADB_X_EXT_SA_REPLAY)) {
3337 			if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA_REPLAY)) {
3338 				error = EINVAL;
3339 				goto fail;
3340 			}
3341 			replay = ((const struct sadb_x_sa_replay *)
3342 			    mhp->ext[SADB_X_EXT_SA_REPLAY])->sadb_x_sa_replay_replay;
3343 
3344 			if (replay > UINT32_MAX - 32) {
3345 				ipseclog((LOG_DEBUG,
3346 				    "%s: replay window too big.\n", __func__));
3347 				error = EINVAL;
3348 				goto fail;
3349 			}
3350 
3351 			replay = (replay + 7) >> 3;
3352 		}
3353 
3354 		sav->replay = malloc(sizeof(struct secreplay), M_IPSEC_MISC,
3355 		    M_NOWAIT | M_ZERO);
3356 		if (sav->replay == NULL) {
3357 			PFKEYSTAT_INC(in_nomem);
3358 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3359 			    __func__));
3360 			error = ENOBUFS;
3361 			goto fail;
3362 		}
3363 
3364 		if (replay != 0) {
3365 			/* number of 32b blocks to be allocated */
3366 			uint32_t bitmap_size;
3367 
3368 			/* RFC 6479:
3369 			 * - the allocated replay window size must be
3370 			 *   a power of two.
3371 			 * - use an extra 32b block as a redundant window.
3372 			 */
3373 			bitmap_size = 1;
3374 			while (replay + 4 > bitmap_size)
3375 				bitmap_size <<= 1;
3376 			bitmap_size = bitmap_size / 4;
3377 
3378 			sav->replay->bitmap = malloc(
3379 			    bitmap_size * sizeof(uint32_t), M_IPSEC_MISC,
3380 			    M_NOWAIT | M_ZERO);
3381 			if (sav->replay->bitmap == NULL) {
3382 				PFKEYSTAT_INC(in_nomem);
3383 				ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3384 					__func__));
3385 				error = ENOBUFS;
3386 				goto fail;
3387 			}
3388 			sav->replay->bitmap_size = bitmap_size;
3389 			sav->replay->wsize = replay;
3390 		}
3391 	}
3392 
3393 	/* Authentication keys */
3394 	if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH)) {
3395 		if (SADB_CHECKLEN(mhp, SADB_EXT_KEY_AUTH)) {
3396 			error = EINVAL;
3397 			goto fail;
3398 		}
3399 		error = 0;
3400 		key0 = (const struct sadb_key *)mhp->ext[SADB_EXT_KEY_AUTH];
3401 		len = mhp->extlen[SADB_EXT_KEY_AUTH];
3402 		switch (mhp->msg->sadb_msg_satype) {
3403 		case SADB_SATYPE_AH:
3404 		case SADB_SATYPE_ESP:
3405 		case SADB_X_SATYPE_TCPSIGNATURE:
3406 			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
3407 			    sav->alg_auth != SADB_X_AALG_NULL)
3408 				error = EINVAL;
3409 			break;
3410 		case SADB_X_SATYPE_IPCOMP:
3411 		default:
3412 			error = EINVAL;
3413 			break;
3414 		}
3415 		if (error) {
3416 			ipseclog((LOG_DEBUG, "%s: invalid key_auth values.\n",
3417 				__func__));
3418 			goto fail;
3419 		}
3420 
3421 		sav->key_auth = key_dup_keymsg(key0, len, M_IPSEC_MISC);
3422 		if (sav->key_auth == NULL ) {
3423 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3424 				  __func__));
3425 			PFKEYSTAT_INC(in_nomem);
3426 			error = ENOBUFS;
3427 			goto fail;
3428 		}
3429 	}
3430 
3431 	/* Encryption key */
3432 	if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT)) {
3433 		if (SADB_CHECKLEN(mhp, SADB_EXT_KEY_ENCRYPT)) {
3434 			error = EINVAL;
3435 			goto fail;
3436 		}
3437 		error = 0;
3438 		key0 = (const struct sadb_key *)mhp->ext[SADB_EXT_KEY_ENCRYPT];
3439 		len = mhp->extlen[SADB_EXT_KEY_ENCRYPT];
3440 		switch (mhp->msg->sadb_msg_satype) {
3441 		case SADB_SATYPE_ESP:
3442 			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
3443 			    sav->alg_enc != SADB_EALG_NULL) {
3444 				error = EINVAL;
3445 				break;
3446 			}
3447 			sav->key_enc = key_dup_keymsg(key0, len, M_IPSEC_MISC);
3448 			if (sav->key_enc == NULL) {
3449 				ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3450 					__func__));
3451 				PFKEYSTAT_INC(in_nomem);
3452 				error = ENOBUFS;
3453 				goto fail;
3454 			}
3455 			break;
3456 		case SADB_X_SATYPE_IPCOMP:
3457 			if (len != PFKEY_ALIGN8(sizeof(struct sadb_key)))
3458 				error = EINVAL;
3459 			sav->key_enc = NULL;	/*just in case*/
3460 			break;
3461 		case SADB_SATYPE_AH:
3462 		case SADB_X_SATYPE_TCPSIGNATURE:
3463 		default:
3464 			error = EINVAL;
3465 			break;
3466 		}
3467 		if (error) {
3468 			ipseclog((LOG_DEBUG, "%s: invalid key_enc value.\n",
3469 				__func__));
3470 			goto fail;
3471 		}
3472 	}
3473 
3474 	/* set iv */
3475 	sav->ivlen = 0;
3476 	switch (mhp->msg->sadb_msg_satype) {
3477 	case SADB_SATYPE_AH:
3478 		if (sav->flags & SADB_X_EXT_DERIV) {
3479 			ipseclog((LOG_DEBUG, "%s: invalid flag (derived) "
3480 			    "given to AH SA.\n", __func__));
3481 			error = EINVAL;
3482 			goto fail;
3483 		}
3484 		if (sav->alg_enc != SADB_EALG_NONE) {
3485 			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3486 			    "mismated.\n", __func__));
3487 			error = EINVAL;
3488 			goto fail;
3489 		}
3490 		error = xform_init(sav, XF_AH);
3491 		break;
3492 	case SADB_SATYPE_ESP:
3493 		if ((sav->flags & (SADB_X_EXT_OLD | SADB_X_EXT_DERIV)) ==
3494 		    (SADB_X_EXT_OLD | SADB_X_EXT_DERIV)) {
3495 			ipseclog((LOG_DEBUG, "%s: invalid flag (derived) "
3496 			    "given to old-esp.\n", __func__));
3497 			error = EINVAL;
3498 			goto fail;
3499 		}
3500 		error = xform_init(sav, XF_ESP);
3501 		break;
3502 	case SADB_X_SATYPE_IPCOMP:
3503 		if (sav->alg_auth != SADB_AALG_NONE) {
3504 			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3505 			    "mismated.\n", __func__));
3506 			error = EINVAL;
3507 			goto fail;
3508 		}
3509 		if ((sav->flags & SADB_X_EXT_RAWCPI) == 0 &&
3510 		    ntohl(sav->spi) >= 0x10000) {
3511 			ipseclog((LOG_DEBUG, "%s: invalid cpi for IPComp.\n",
3512 			    __func__));
3513 			error = EINVAL;
3514 			goto fail;
3515 		}
3516 		error = xform_init(sav, XF_IPCOMP);
3517 		break;
3518 	case SADB_X_SATYPE_TCPSIGNATURE:
3519 		if (sav->alg_enc != SADB_EALG_NONE) {
3520 			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3521 			    "mismated.\n", __func__));
3522 			error = EINVAL;
3523 			goto fail;
3524 		}
3525 		error = xform_init(sav, XF_TCPSIGNATURE);
3526 		break;
3527 	default:
3528 		ipseclog((LOG_DEBUG, "%s: Invalid satype.\n", __func__));
3529 		error = EPROTONOSUPPORT;
3530 		goto fail;
3531 	}
3532 	if (error) {
3533 		ipseclog((LOG_DEBUG, "%s: unable to initialize SA type %u.\n",
3534 		    __func__, mhp->msg->sadb_msg_satype));
3535 		goto fail;
3536 	}
3537 
3538 	/* Handle NAT-T headers */
3539 	error = key_setnatt(sav, mhp);
3540 	if (error != 0)
3541 		goto fail;
3542 
3543 	/* Initialize lifetime for CURRENT */
3544 	sav->firstused = 0;
3545 	sav->created = time_second;
3546 
3547 	/* lifetimes for HARD and SOFT */
3548 	error = key_updatelifetimes(sav, mhp);
3549 	if (error == 0)
3550 		return (0);
3551 fail:
3552 	key_cleansav(sav);
3553 	return (error);
3554 }
3555 
3556 /*
3557  * subroutine for SADB_GET and SADB_DUMP.
3558  */
3559 static struct mbuf *
3560 key_setdumpsa(struct secasvar *sav, uint8_t type, uint8_t satype,
3561     uint32_t seq, uint32_t pid)
3562 {
3563 	struct seclifetime lft_c;
3564 	struct mbuf *result = NULL, *tres = NULL, *m;
3565 	int i, dumporder[] = {
3566 		SADB_EXT_SA, SADB_X_EXT_SA2, SADB_X_EXT_SA_REPLAY,
3567 		SADB_EXT_LIFETIME_HARD, SADB_EXT_LIFETIME_SOFT,
3568 		SADB_EXT_LIFETIME_CURRENT, SADB_EXT_ADDRESS_SRC,
3569 		SADB_EXT_ADDRESS_DST, SADB_EXT_ADDRESS_PROXY,
3570 		SADB_EXT_KEY_AUTH, SADB_EXT_KEY_ENCRYPT,
3571 		SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST,
3572 		SADB_EXT_SENSITIVITY,
3573 		SADB_X_EXT_NAT_T_TYPE,
3574 		SADB_X_EXT_NAT_T_SPORT, SADB_X_EXT_NAT_T_DPORT,
3575 		SADB_X_EXT_NAT_T_OAI, SADB_X_EXT_NAT_T_OAR,
3576 		SADB_X_EXT_NAT_T_FRAG,
3577 	};
3578 	uint32_t replay_count;
3579 
3580 	m = key_setsadbmsg(type, 0, satype, seq, pid, sav->refcnt);
3581 	if (m == NULL)
3582 		goto fail;
3583 	result = m;
3584 
3585 	for (i = nitems(dumporder) - 1; i >= 0; i--) {
3586 		m = NULL;
3587 		switch (dumporder[i]) {
3588 		case SADB_EXT_SA:
3589 			m = key_setsadbsa(sav);
3590 			if (!m)
3591 				goto fail;
3592 			break;
3593 
3594 		case SADB_X_EXT_SA2:
3595 			SECASVAR_LOCK(sav);
3596 			replay_count = sav->replay ? sav->replay->count : 0;
3597 			SECASVAR_UNLOCK(sav);
3598 			m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
3599 					sav->sah->saidx.reqid);
3600 			if (!m)
3601 				goto fail;
3602 			break;
3603 
3604 		case SADB_X_EXT_SA_REPLAY:
3605 			if (sav->replay == NULL ||
3606 			    sav->replay->wsize <= UINT8_MAX)
3607 				continue;
3608 
3609 			m = key_setsadbxsareplay(sav->replay->wsize);
3610 			if (!m)
3611 				goto fail;
3612 			break;
3613 
3614 		case SADB_EXT_ADDRESS_SRC:
3615 			m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
3616 			    &sav->sah->saidx.src.sa,
3617 			    FULLMASK, IPSEC_ULPROTO_ANY);
3618 			if (!m)
3619 				goto fail;
3620 			break;
3621 
3622 		case SADB_EXT_ADDRESS_DST:
3623 			m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
3624 			    &sav->sah->saidx.dst.sa,
3625 			    FULLMASK, IPSEC_ULPROTO_ANY);
3626 			if (!m)
3627 				goto fail;
3628 			break;
3629 
3630 		case SADB_EXT_KEY_AUTH:
3631 			if (!sav->key_auth)
3632 				continue;
3633 			m = key_setkey(sav->key_auth, SADB_EXT_KEY_AUTH);
3634 			if (!m)
3635 				goto fail;
3636 			break;
3637 
3638 		case SADB_EXT_KEY_ENCRYPT:
3639 			if (!sav->key_enc)
3640 				continue;
3641 			m = key_setkey(sav->key_enc, SADB_EXT_KEY_ENCRYPT);
3642 			if (!m)
3643 				goto fail;
3644 			break;
3645 
3646 		case SADB_EXT_LIFETIME_CURRENT:
3647 			lft_c.addtime = sav->created;
3648 			lft_c.allocations = (uint32_t)counter_u64_fetch(
3649 			    sav->lft_c_allocations);
3650 			lft_c.bytes = counter_u64_fetch(sav->lft_c_bytes);
3651 			lft_c.usetime = sav->firstused;
3652 			m = key_setlifetime(&lft_c, SADB_EXT_LIFETIME_CURRENT);
3653 			if (!m)
3654 				goto fail;
3655 			break;
3656 
3657 		case SADB_EXT_LIFETIME_HARD:
3658 			if (!sav->lft_h)
3659 				continue;
3660 			m = key_setlifetime(sav->lft_h,
3661 					    SADB_EXT_LIFETIME_HARD);
3662 			if (!m)
3663 				goto fail;
3664 			break;
3665 
3666 		case SADB_EXT_LIFETIME_SOFT:
3667 			if (!sav->lft_s)
3668 				continue;
3669 			m = key_setlifetime(sav->lft_s,
3670 					    SADB_EXT_LIFETIME_SOFT);
3671 
3672 			if (!m)
3673 				goto fail;
3674 			break;
3675 
3676 		case SADB_X_EXT_NAT_T_TYPE:
3677 			if (sav->natt == NULL)
3678 				continue;
3679 			m = key_setsadbxtype(UDP_ENCAP_ESPINUDP);
3680 			if (!m)
3681 				goto fail;
3682 			break;
3683 
3684 		case SADB_X_EXT_NAT_T_DPORT:
3685 			if (sav->natt == NULL)
3686 				continue;
3687 			m = key_setsadbxport(sav->natt->dport,
3688 			    SADB_X_EXT_NAT_T_DPORT);
3689 			if (!m)
3690 				goto fail;
3691 			break;
3692 
3693 		case SADB_X_EXT_NAT_T_SPORT:
3694 			if (sav->natt == NULL)
3695 				continue;
3696 			m = key_setsadbxport(sav->natt->sport,
3697 			    SADB_X_EXT_NAT_T_SPORT);
3698 			if (!m)
3699 				goto fail;
3700 			break;
3701 
3702 		case SADB_X_EXT_NAT_T_OAI:
3703 			if (sav->natt == NULL ||
3704 			    (sav->natt->flags & IPSEC_NATT_F_OAI) == 0)
3705 				continue;
3706 			m = key_setsadbaddr(SADB_X_EXT_NAT_T_OAI,
3707 			    &sav->natt->oai.sa, FULLMASK, IPSEC_ULPROTO_ANY);
3708 			if (!m)
3709 				goto fail;
3710 			break;
3711 		case SADB_X_EXT_NAT_T_OAR:
3712 			if (sav->natt == NULL ||
3713 			    (sav->natt->flags & IPSEC_NATT_F_OAR) == 0)
3714 				continue;
3715 			m = key_setsadbaddr(SADB_X_EXT_NAT_T_OAR,
3716 			    &sav->natt->oar.sa, FULLMASK, IPSEC_ULPROTO_ANY);
3717 			if (!m)
3718 				goto fail;
3719 			break;
3720 		case SADB_X_EXT_NAT_T_FRAG:
3721 			/* We do not (yet) support those. */
3722 			continue;
3723 
3724 		case SADB_EXT_ADDRESS_PROXY:
3725 		case SADB_EXT_IDENTITY_SRC:
3726 		case SADB_EXT_IDENTITY_DST:
3727 			/* XXX: should we brought from SPD ? */
3728 		case SADB_EXT_SENSITIVITY:
3729 		default:
3730 			continue;
3731 		}
3732 
3733 		if (!m)
3734 			goto fail;
3735 		if (tres)
3736 			m_cat(m, tres);
3737 		tres = m;
3738 	}
3739 
3740 	m_cat(result, tres);
3741 	tres = NULL;
3742 	if (result->m_len < sizeof(struct sadb_msg)) {
3743 		result = m_pullup(result, sizeof(struct sadb_msg));
3744 		if (result == NULL)
3745 			goto fail;
3746 	}
3747 
3748 	result->m_pkthdr.len = 0;
3749 	for (m = result; m; m = m->m_next)
3750 		result->m_pkthdr.len += m->m_len;
3751 
3752 	mtod(result, struct sadb_msg *)->sadb_msg_len =
3753 	    PFKEY_UNIT64(result->m_pkthdr.len);
3754 
3755 	return result;
3756 
3757 fail:
3758 	m_freem(result);
3759 	m_freem(tres);
3760 	return NULL;
3761 }
3762 
3763 /*
3764  * set data into sadb_msg.
3765  */
3766 static struct mbuf *
3767 key_setsadbmsg(u_int8_t type, u_int16_t tlen, u_int8_t satype, u_int32_t seq,
3768     pid_t pid, u_int16_t reserved)
3769 {
3770 	struct mbuf *m;
3771 	struct sadb_msg *p;
3772 	int len;
3773 
3774 	len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
3775 	if (len > MCLBYTES)
3776 		return NULL;
3777 	MGETHDR(m, M_NOWAIT, MT_DATA);
3778 	if (m && len > MHLEN) {
3779 		if (!(MCLGET(m, M_NOWAIT))) {
3780 			m_freem(m);
3781 			m = NULL;
3782 		}
3783 	}
3784 	if (!m)
3785 		return NULL;
3786 	m->m_pkthdr.len = m->m_len = len;
3787 	m->m_next = NULL;
3788 
3789 	p = mtod(m, struct sadb_msg *);
3790 
3791 	bzero(p, len);
3792 	p->sadb_msg_version = PF_KEY_V2;
3793 	p->sadb_msg_type = type;
3794 	p->sadb_msg_errno = 0;
3795 	p->sadb_msg_satype = satype;
3796 	p->sadb_msg_len = PFKEY_UNIT64(tlen);
3797 	p->sadb_msg_reserved = reserved;
3798 	p->sadb_msg_seq = seq;
3799 	p->sadb_msg_pid = (u_int32_t)pid;
3800 
3801 	return m;
3802 }
3803 
3804 /*
3805  * copy secasvar data into sadb_address.
3806  */
3807 static struct mbuf *
3808 key_setsadbsa(struct secasvar *sav)
3809 {
3810 	struct mbuf *m;
3811 	struct sadb_sa *p;
3812 	int len;
3813 
3814 	len = PFKEY_ALIGN8(sizeof(struct sadb_sa));
3815 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3816 	if (m == NULL)
3817 		return (NULL);
3818 	m_align(m, len);
3819 	m->m_len = len;
3820 	p = mtod(m, struct sadb_sa *);
3821 	bzero(p, len);
3822 	p->sadb_sa_len = PFKEY_UNIT64(len);
3823 	p->sadb_sa_exttype = SADB_EXT_SA;
3824 	p->sadb_sa_spi = sav->spi;
3825 	p->sadb_sa_replay = sav->replay ?
3826 	    (sav->replay->wsize > UINT8_MAX ? UINT8_MAX :
3827 		sav->replay->wsize): 0;
3828 	p->sadb_sa_state = sav->state;
3829 	p->sadb_sa_auth = sav->alg_auth;
3830 	p->sadb_sa_encrypt = sav->alg_enc;
3831 	p->sadb_sa_flags = sav->flags & SADB_KEY_FLAGS_MAX;
3832 	return (m);
3833 }
3834 
3835 /*
3836  * set data into sadb_address.
3837  */
3838 static struct mbuf *
3839 key_setsadbaddr(u_int16_t exttype, const struct sockaddr *saddr,
3840     u_int8_t prefixlen, u_int16_t ul_proto)
3841 {
3842 	struct mbuf *m;
3843 	struct sadb_address *p;
3844 	size_t len;
3845 
3846 	len = PFKEY_ALIGN8(sizeof(struct sadb_address)) +
3847 	    PFKEY_ALIGN8(saddr->sa_len);
3848 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3849 	if (m == NULL)
3850 		return (NULL);
3851 	m_align(m, len);
3852 	m->m_len = len;
3853 	p = mtod(m, struct sadb_address *);
3854 
3855 	bzero(p, len);
3856 	p->sadb_address_len = PFKEY_UNIT64(len);
3857 	p->sadb_address_exttype = exttype;
3858 	p->sadb_address_proto = ul_proto;
3859 	if (prefixlen == FULLMASK) {
3860 		switch (saddr->sa_family) {
3861 		case AF_INET:
3862 			prefixlen = sizeof(struct in_addr) << 3;
3863 			break;
3864 		case AF_INET6:
3865 			prefixlen = sizeof(struct in6_addr) << 3;
3866 			break;
3867 		default:
3868 			; /*XXX*/
3869 		}
3870 	}
3871 	p->sadb_address_prefixlen = prefixlen;
3872 	p->sadb_address_reserved = 0;
3873 
3874 	bcopy(saddr,
3875 	    mtod(m, caddr_t) + PFKEY_ALIGN8(sizeof(struct sadb_address)),
3876 	    saddr->sa_len);
3877 
3878 	return m;
3879 }
3880 
3881 /*
3882  * set data into sadb_x_sa2.
3883  */
3884 static struct mbuf *
3885 key_setsadbxsa2(u_int8_t mode, u_int32_t seq, u_int32_t reqid)
3886 {
3887 	struct mbuf *m;
3888 	struct sadb_x_sa2 *p;
3889 	size_t len;
3890 
3891 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa2));
3892 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3893 	if (m == NULL)
3894 		return (NULL);
3895 	m_align(m, len);
3896 	m->m_len = len;
3897 	p = mtod(m, struct sadb_x_sa2 *);
3898 
3899 	bzero(p, len);
3900 	p->sadb_x_sa2_len = PFKEY_UNIT64(len);
3901 	p->sadb_x_sa2_exttype = SADB_X_EXT_SA2;
3902 	p->sadb_x_sa2_mode = mode;
3903 	p->sadb_x_sa2_reserved1 = 0;
3904 	p->sadb_x_sa2_reserved2 = 0;
3905 	p->sadb_x_sa2_sequence = seq;
3906 	p->sadb_x_sa2_reqid = reqid;
3907 
3908 	return m;
3909 }
3910 
3911 /*
3912  * Set data into sadb_x_sa_replay.
3913  */
3914 static struct mbuf *
3915 key_setsadbxsareplay(u_int32_t replay)
3916 {
3917 	struct mbuf *m;
3918 	struct sadb_x_sa_replay *p;
3919 	size_t len;
3920 
3921 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa_replay));
3922 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3923 	if (m == NULL)
3924 		return (NULL);
3925 	m_align(m, len);
3926 	m->m_len = len;
3927 	p = mtod(m, struct sadb_x_sa_replay *);
3928 
3929 	bzero(p, len);
3930 	p->sadb_x_sa_replay_len = PFKEY_UNIT64(len);
3931 	p->sadb_x_sa_replay_exttype = SADB_X_EXT_SA_REPLAY;
3932 	p->sadb_x_sa_replay_replay = (replay << 3);
3933 
3934 	return m;
3935 }
3936 
3937 /*
3938  * Set a type in sadb_x_nat_t_type.
3939  */
3940 static struct mbuf *
3941 key_setsadbxtype(u_int16_t type)
3942 {
3943 	struct mbuf *m;
3944 	size_t len;
3945 	struct sadb_x_nat_t_type *p;
3946 
3947 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_type));
3948 
3949 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3950 	if (m == NULL)
3951 		return (NULL);
3952 	m_align(m, len);
3953 	m->m_len = len;
3954 	p = mtod(m, struct sadb_x_nat_t_type *);
3955 
3956 	bzero(p, len);
3957 	p->sadb_x_nat_t_type_len = PFKEY_UNIT64(len);
3958 	p->sadb_x_nat_t_type_exttype = SADB_X_EXT_NAT_T_TYPE;
3959 	p->sadb_x_nat_t_type_type = type;
3960 
3961 	return (m);
3962 }
3963 /*
3964  * Set a port in sadb_x_nat_t_port.
3965  * In contrast to default RFC 2367 behaviour, port is in network byte order.
3966  */
3967 static struct mbuf *
3968 key_setsadbxport(u_int16_t port, u_int16_t type)
3969 {
3970 	struct mbuf *m;
3971 	size_t len;
3972 	struct sadb_x_nat_t_port *p;
3973 
3974 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_port));
3975 
3976 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3977 	if (m == NULL)
3978 		return (NULL);
3979 	m_align(m, len);
3980 	m->m_len = len;
3981 	p = mtod(m, struct sadb_x_nat_t_port *);
3982 
3983 	bzero(p, len);
3984 	p->sadb_x_nat_t_port_len = PFKEY_UNIT64(len);
3985 	p->sadb_x_nat_t_port_exttype = type;
3986 	p->sadb_x_nat_t_port_port = port;
3987 
3988 	return (m);
3989 }
3990 
3991 /*
3992  * Get port from sockaddr. Port is in network byte order.
3993  */
3994 uint16_t
3995 key_portfromsaddr(struct sockaddr *sa)
3996 {
3997 
3998 	switch (sa->sa_family) {
3999 #ifdef INET
4000 	case AF_INET:
4001 		return ((struct sockaddr_in *)sa)->sin_port;
4002 #endif
4003 #ifdef INET6
4004 	case AF_INET6:
4005 		return ((struct sockaddr_in6 *)sa)->sin6_port;
4006 #endif
4007 	}
4008 	return (0);
4009 }
4010 
4011 /*
4012  * Set port in struct sockaddr. Port is in network byte order.
4013  */
4014 void
4015 key_porttosaddr(struct sockaddr *sa, uint16_t port)
4016 {
4017 
4018 	switch (sa->sa_family) {
4019 #ifdef INET
4020 	case AF_INET:
4021 		((struct sockaddr_in *)sa)->sin_port = port;
4022 		break;
4023 #endif
4024 #ifdef INET6
4025 	case AF_INET6:
4026 		((struct sockaddr_in6 *)sa)->sin6_port = port;
4027 		break;
4028 #endif
4029 	default:
4030 		ipseclog((LOG_DEBUG, "%s: unexpected address family %d.\n",
4031 			__func__, sa->sa_family));
4032 		break;
4033 	}
4034 }
4035 
4036 /*
4037  * set data into sadb_x_policy
4038  */
4039 static struct mbuf *
4040 key_setsadbxpolicy(u_int16_t type, u_int8_t dir, u_int32_t id, u_int32_t priority)
4041 {
4042 	struct mbuf *m;
4043 	struct sadb_x_policy *p;
4044 	size_t len;
4045 
4046 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_policy));
4047 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
4048 	if (m == NULL)
4049 		return (NULL);
4050 	m_align(m, len);
4051 	m->m_len = len;
4052 	p = mtod(m, struct sadb_x_policy *);
4053 
4054 	bzero(p, len);
4055 	p->sadb_x_policy_len = PFKEY_UNIT64(len);
4056 	p->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
4057 	p->sadb_x_policy_type = type;
4058 	p->sadb_x_policy_dir = dir;
4059 	p->sadb_x_policy_id = id;
4060 	p->sadb_x_policy_priority = priority;
4061 
4062 	return m;
4063 }
4064 
4065 /* %%% utilities */
4066 /* Take a key message (sadb_key) from the socket and turn it into one
4067  * of the kernel's key structures (seckey).
4068  *
4069  * IN: pointer to the src
4070  * OUT: NULL no more memory
4071  */
4072 struct seckey *
4073 key_dup_keymsg(const struct sadb_key *src, size_t len,
4074     struct malloc_type *type)
4075 {
4076 	struct seckey *dst;
4077 
4078 	dst = malloc(sizeof(*dst), type, M_NOWAIT);
4079 	if (dst != NULL) {
4080 		dst->bits = src->sadb_key_bits;
4081 		dst->key_data = malloc(len, type, M_NOWAIT);
4082 		if (dst->key_data != NULL) {
4083 			bcopy((const char *)(src + 1), dst->key_data, len);
4084 		} else {
4085 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
4086 			    __func__));
4087 			free(dst, type);
4088 			dst = NULL;
4089 		}
4090 	} else {
4091 		ipseclog((LOG_DEBUG, "%s: No more memory.\n",
4092 		    __func__));
4093 	}
4094 	return (dst);
4095 }
4096 
4097 /* Take a lifetime message (sadb_lifetime) passed in on a socket and
4098  * turn it into one of the kernel's lifetime structures (seclifetime).
4099  *
4100  * IN: pointer to the destination, source and malloc type
4101  * OUT: NULL, no more memory
4102  */
4103 
4104 static struct seclifetime *
4105 key_dup_lifemsg(const struct sadb_lifetime *src, struct malloc_type *type)
4106 {
4107 	struct seclifetime *dst;
4108 
4109 	dst = malloc(sizeof(*dst), type, M_NOWAIT);
4110 	if (dst == NULL) {
4111 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
4112 		return (NULL);
4113 	}
4114 	dst->allocations = src->sadb_lifetime_allocations;
4115 	dst->bytes = src->sadb_lifetime_bytes;
4116 	dst->addtime = src->sadb_lifetime_addtime;
4117 	dst->usetime = src->sadb_lifetime_usetime;
4118 	return (dst);
4119 }
4120 
4121 /*
4122  * compare two secasindex structure.
4123  * flag can specify to compare 2 saidxes.
4124  * compare two secasindex structure without both mode and reqid.
4125  * don't compare port.
4126  * IN:
4127  *      saidx0: source, it can be in SAD.
4128  *      saidx1: object.
4129  * OUT:
4130  *      1 : equal
4131  *      0 : not equal
4132  */
4133 static int
4134 key_cmpsaidx(const struct secasindex *saidx0, const struct secasindex *saidx1,
4135     int flag)
4136 {
4137 
4138 	/* sanity */
4139 	if (saidx0 == NULL && saidx1 == NULL)
4140 		return 1;
4141 
4142 	if (saidx0 == NULL || saidx1 == NULL)
4143 		return 0;
4144 
4145 	if (saidx0->proto != saidx1->proto)
4146 		return 0;
4147 
4148 	if (flag == CMP_EXACTLY) {
4149 		if (saidx0->mode != saidx1->mode)
4150 			return 0;
4151 		if (saidx0->reqid != saidx1->reqid)
4152 			return 0;
4153 		if (bcmp(&saidx0->src, &saidx1->src,
4154 		    saidx0->src.sa.sa_len) != 0 ||
4155 		    bcmp(&saidx0->dst, &saidx1->dst,
4156 		    saidx0->dst.sa.sa_len) != 0)
4157 			return 0;
4158 	} else {
4159 		/* CMP_MODE_REQID, CMP_REQID, CMP_HEAD */
4160 		if (flag == CMP_MODE_REQID || flag == CMP_REQID) {
4161 			/*
4162 			 * If reqid of SPD is non-zero, unique SA is required.
4163 			 * The result must be of same reqid in this case.
4164 			 */
4165 			if (saidx1->reqid != 0 &&
4166 			    saidx0->reqid != saidx1->reqid)
4167 				return 0;
4168 		}
4169 
4170 		if (flag == CMP_MODE_REQID) {
4171 			if (saidx0->mode != IPSEC_MODE_ANY
4172 			 && saidx0->mode != saidx1->mode)
4173 				return 0;
4174 		}
4175 
4176 		if (key_sockaddrcmp(&saidx0->src.sa, &saidx1->src.sa, 0) != 0)
4177 			return 0;
4178 		if (key_sockaddrcmp(&saidx0->dst.sa, &saidx1->dst.sa, 0) != 0)
4179 			return 0;
4180 	}
4181 
4182 	return 1;
4183 }
4184 
4185 /*
4186  * compare two secindex structure exactly.
4187  * IN:
4188  *	spidx0: source, it is often in SPD.
4189  *	spidx1: object, it is often from PFKEY message.
4190  * OUT:
4191  *	1 : equal
4192  *	0 : not equal
4193  */
4194 static int
4195 key_cmpspidx_exactly(struct secpolicyindex *spidx0,
4196     struct secpolicyindex *spidx1)
4197 {
4198 	/* sanity */
4199 	if (spidx0 == NULL && spidx1 == NULL)
4200 		return 1;
4201 
4202 	if (spidx0 == NULL || spidx1 == NULL)
4203 		return 0;
4204 
4205 	if (spidx0->prefs != spidx1->prefs
4206 	 || spidx0->prefd != spidx1->prefd
4207 	 || spidx0->ul_proto != spidx1->ul_proto
4208 	 || spidx0->dir != spidx1->dir)
4209 		return 0;
4210 
4211 	return key_sockaddrcmp(&spidx0->src.sa, &spidx1->src.sa, 1) == 0 &&
4212 	       key_sockaddrcmp(&spidx0->dst.sa, &spidx1->dst.sa, 1) == 0;
4213 }
4214 
4215 /*
4216  * compare two secindex structure with mask.
4217  * IN:
4218  *	spidx0: source, it is often in SPD.
4219  *	spidx1: object, it is often from IP header.
4220  * OUT:
4221  *	1 : equal
4222  *	0 : not equal
4223  */
4224 static int
4225 key_cmpspidx_withmask(struct secpolicyindex *spidx0,
4226     struct secpolicyindex *spidx1)
4227 {
4228 	/* sanity */
4229 	if (spidx0 == NULL && spidx1 == NULL)
4230 		return 1;
4231 
4232 	if (spidx0 == NULL || spidx1 == NULL)
4233 		return 0;
4234 
4235 	if (spidx0->src.sa.sa_family != spidx1->src.sa.sa_family ||
4236 	    spidx0->dst.sa.sa_family != spidx1->dst.sa.sa_family ||
4237 	    spidx0->src.sa.sa_len != spidx1->src.sa.sa_len ||
4238 	    spidx0->dst.sa.sa_len != spidx1->dst.sa.sa_len)
4239 		return 0;
4240 
4241 	/* if spidx.ul_proto == IPSEC_ULPROTO_ANY, ignore. */
4242 	if (spidx0->ul_proto != (u_int16_t)IPSEC_ULPROTO_ANY
4243 	 && spidx0->ul_proto != spidx1->ul_proto)
4244 		return 0;
4245 
4246 	switch (spidx0->src.sa.sa_family) {
4247 	case AF_INET:
4248 		if (spidx0->src.sin.sin_port != IPSEC_PORT_ANY
4249 		 && spidx0->src.sin.sin_port != spidx1->src.sin.sin_port)
4250 			return 0;
4251 		if (!key_bbcmp(&spidx0->src.sin.sin_addr,
4252 		    &spidx1->src.sin.sin_addr, spidx0->prefs))
4253 			return 0;
4254 		break;
4255 	case AF_INET6:
4256 		if (spidx0->src.sin6.sin6_port != IPSEC_PORT_ANY
4257 		 && spidx0->src.sin6.sin6_port != spidx1->src.sin6.sin6_port)
4258 			return 0;
4259 		/*
4260 		 * scope_id check. if sin6_scope_id is 0, we regard it
4261 		 * as a wildcard scope, which matches any scope zone ID.
4262 		 */
4263 		if (spidx0->src.sin6.sin6_scope_id &&
4264 		    spidx1->src.sin6.sin6_scope_id &&
4265 		    spidx0->src.sin6.sin6_scope_id != spidx1->src.sin6.sin6_scope_id)
4266 			return 0;
4267 		if (!key_bbcmp(&spidx0->src.sin6.sin6_addr,
4268 		    &spidx1->src.sin6.sin6_addr, spidx0->prefs))
4269 			return 0;
4270 		break;
4271 	default:
4272 		/* XXX */
4273 		if (bcmp(&spidx0->src, &spidx1->src, spidx0->src.sa.sa_len) != 0)
4274 			return 0;
4275 		break;
4276 	}
4277 
4278 	switch (spidx0->dst.sa.sa_family) {
4279 	case AF_INET:
4280 		if (spidx0->dst.sin.sin_port != IPSEC_PORT_ANY
4281 		 && spidx0->dst.sin.sin_port != spidx1->dst.sin.sin_port)
4282 			return 0;
4283 		if (!key_bbcmp(&spidx0->dst.sin.sin_addr,
4284 		    &spidx1->dst.sin.sin_addr, spidx0->prefd))
4285 			return 0;
4286 		break;
4287 	case AF_INET6:
4288 		if (spidx0->dst.sin6.sin6_port != IPSEC_PORT_ANY
4289 		 && spidx0->dst.sin6.sin6_port != spidx1->dst.sin6.sin6_port)
4290 			return 0;
4291 		/*
4292 		 * scope_id check. if sin6_scope_id is 0, we regard it
4293 		 * as a wildcard scope, which matches any scope zone ID.
4294 		 */
4295 		if (spidx0->dst.sin6.sin6_scope_id &&
4296 		    spidx1->dst.sin6.sin6_scope_id &&
4297 		    spidx0->dst.sin6.sin6_scope_id != spidx1->dst.sin6.sin6_scope_id)
4298 			return 0;
4299 		if (!key_bbcmp(&spidx0->dst.sin6.sin6_addr,
4300 		    &spidx1->dst.sin6.sin6_addr, spidx0->prefd))
4301 			return 0;
4302 		break;
4303 	default:
4304 		/* XXX */
4305 		if (bcmp(&spidx0->dst, &spidx1->dst, spidx0->dst.sa.sa_len) != 0)
4306 			return 0;
4307 		break;
4308 	}
4309 
4310 	/* XXX Do we check other field ?  e.g. flowinfo */
4311 
4312 	return 1;
4313 }
4314 
4315 #ifdef satosin
4316 #undef satosin
4317 #endif
4318 #define satosin(s) ((const struct sockaddr_in *)s)
4319 #ifdef satosin6
4320 #undef satosin6
4321 #endif
4322 #define satosin6(s) ((const struct sockaddr_in6 *)s)
4323 /* returns 0 on match */
4324 int
4325 key_sockaddrcmp(const struct sockaddr *sa1, const struct sockaddr *sa2,
4326     int port)
4327 {
4328 	if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
4329 		return 1;
4330 
4331 	switch (sa1->sa_family) {
4332 #ifdef INET
4333 	case AF_INET:
4334 		if (sa1->sa_len != sizeof(struct sockaddr_in))
4335 			return 1;
4336 		if (satosin(sa1)->sin_addr.s_addr !=
4337 		    satosin(sa2)->sin_addr.s_addr) {
4338 			return 1;
4339 		}
4340 		if (port && satosin(sa1)->sin_port != satosin(sa2)->sin_port)
4341 			return 1;
4342 		break;
4343 #endif
4344 #ifdef INET6
4345 	case AF_INET6:
4346 		if (sa1->sa_len != sizeof(struct sockaddr_in6))
4347 			return 1;	/*EINVAL*/
4348 		if (satosin6(sa1)->sin6_scope_id !=
4349 		    satosin6(sa2)->sin6_scope_id) {
4350 			return 1;
4351 		}
4352 		if (!IN6_ARE_ADDR_EQUAL(&satosin6(sa1)->sin6_addr,
4353 		    &satosin6(sa2)->sin6_addr)) {
4354 			return 1;
4355 		}
4356 		if (port &&
4357 		    satosin6(sa1)->sin6_port != satosin6(sa2)->sin6_port) {
4358 			return 1;
4359 		}
4360 		break;
4361 #endif
4362 	default:
4363 		if (bcmp(sa1, sa2, sa1->sa_len) != 0)
4364 			return 1;
4365 		break;
4366 	}
4367 
4368 	return 0;
4369 }
4370 
4371 /* returns 0 on match */
4372 int
4373 key_sockaddrcmp_withmask(const struct sockaddr *sa1,
4374     const struct sockaddr *sa2, size_t mask)
4375 {
4376 	if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
4377 		return (1);
4378 
4379 	switch (sa1->sa_family) {
4380 #ifdef INET
4381 	case AF_INET:
4382 		return (!key_bbcmp(&satosin(sa1)->sin_addr,
4383 		    &satosin(sa2)->sin_addr, mask));
4384 #endif
4385 #ifdef INET6
4386 	case AF_INET6:
4387 		if (satosin6(sa1)->sin6_scope_id !=
4388 		    satosin6(sa2)->sin6_scope_id)
4389 			return (1);
4390 		return (!key_bbcmp(&satosin6(sa1)->sin6_addr,
4391 		    &satosin6(sa2)->sin6_addr, mask));
4392 #endif
4393 	}
4394 	return (1);
4395 }
4396 #undef satosin
4397 #undef satosin6
4398 
4399 /*
4400  * compare two buffers with mask.
4401  * IN:
4402  *	addr1: source
4403  *	addr2: object
4404  *	bits:  Number of bits to compare
4405  * OUT:
4406  *	1 : equal
4407  *	0 : not equal
4408  */
4409 static int
4410 key_bbcmp(const void *a1, const void *a2, u_int bits)
4411 {
4412 	const unsigned char *p1 = a1;
4413 	const unsigned char *p2 = a2;
4414 
4415 	/* XXX: This could be considerably faster if we compare a word
4416 	 * at a time, but it is complicated on LSB Endian machines */
4417 
4418 	/* Handle null pointers */
4419 	if (p1 == NULL || p2 == NULL)
4420 		return (p1 == p2);
4421 
4422 	while (bits >= 8) {
4423 		if (*p1++ != *p2++)
4424 			return 0;
4425 		bits -= 8;
4426 	}
4427 
4428 	if (bits > 0) {
4429 		u_int8_t mask = ~((1<<(8-bits))-1);
4430 		if ((*p1 & mask) != (*p2 & mask))
4431 			return 0;
4432 	}
4433 	return 1;	/* Match! */
4434 }
4435 
4436 static void
4437 key_flush_spd(time_t now)
4438 {
4439 	SPTREE_RLOCK_TRACKER;
4440 	struct secpolicy_list drainq;
4441 	struct secpolicy *sp, *nextsp;
4442 	u_int dir;
4443 
4444 	LIST_INIT(&drainq);
4445 	SPTREE_RLOCK();
4446 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
4447 		TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
4448 			if (sp->lifetime == 0 && sp->validtime == 0)
4449 				continue;
4450 			if ((sp->lifetime &&
4451 			    now - sp->created > sp->lifetime) ||
4452 			    (sp->validtime &&
4453 			    now - sp->lastused > sp->validtime)) {
4454 				/* Hold extra reference to send SPDEXPIRE */
4455 				SP_ADDREF(sp);
4456 				LIST_INSERT_HEAD(&drainq, sp, drainq);
4457 			}
4458 		}
4459 	}
4460 	SPTREE_RUNLOCK();
4461 	if (LIST_EMPTY(&drainq))
4462 		return;
4463 
4464 	SPTREE_WLOCK();
4465 	sp = LIST_FIRST(&drainq);
4466 	while (sp != NULL) {
4467 		nextsp = LIST_NEXT(sp, drainq);
4468 		/* Check that SP is still linked */
4469 		if (sp->state != IPSEC_SPSTATE_ALIVE) {
4470 			LIST_REMOVE(sp, drainq);
4471 			key_freesp(&sp); /* release extra reference */
4472 			sp = nextsp;
4473 			continue;
4474 		}
4475 		TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain);
4476 		V_spd_size--;
4477 		LIST_REMOVE(sp, idhash);
4478 		sp->state = IPSEC_SPSTATE_DEAD;
4479 		sp = nextsp;
4480 	}
4481 	V_sp_genid++;
4482 	SPTREE_WUNLOCK();
4483 	if (SPDCACHE_ENABLED())
4484 		spdcache_clear();
4485 
4486 	sp = LIST_FIRST(&drainq);
4487 	while (sp != NULL) {
4488 		nextsp = LIST_NEXT(sp, drainq);
4489 		key_spdexpire(sp);
4490 		key_freesp(&sp); /* release extra reference */
4491 		key_freesp(&sp); /* release last reference */
4492 		sp = nextsp;
4493 	}
4494 }
4495 
4496 static void
4497 key_flush_sad(time_t now)
4498 {
4499 	SAHTREE_RLOCK_TRACKER;
4500 	struct secashead_list emptyq;
4501 	struct secasvar_list drainq, hexpireq, sexpireq, freeq;
4502 	struct secashead *sah, *nextsah;
4503 	struct secasvar *sav, *nextsav;
4504 
4505 	LIST_INIT(&drainq);
4506 	LIST_INIT(&hexpireq);
4507 	LIST_INIT(&sexpireq);
4508 	LIST_INIT(&emptyq);
4509 
4510 	SAHTREE_RLOCK();
4511 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
4512 		/* Check for empty SAH */
4513 		if (TAILQ_EMPTY(&sah->savtree_larval) &&
4514 		    TAILQ_EMPTY(&sah->savtree_alive)) {
4515 			SAH_ADDREF(sah);
4516 			LIST_INSERT_HEAD(&emptyq, sah, drainq);
4517 			continue;
4518 		}
4519 		/* Add all stale LARVAL SAs into drainq */
4520 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
4521 			if (now - sav->created < V_key_larval_lifetime)
4522 				continue;
4523 			SAV_ADDREF(sav);
4524 			LIST_INSERT_HEAD(&drainq, sav, drainq);
4525 		}
4526 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
4527 			/* lifetimes aren't specified */
4528 			if (sav->lft_h == NULL)
4529 				continue;
4530 			SECASVAR_LOCK(sav);
4531 			/*
4532 			 * Check again with lock held, because it may
4533 			 * be updated by SADB_UPDATE.
4534 			 */
4535 			if (sav->lft_h == NULL) {
4536 				SECASVAR_UNLOCK(sav);
4537 				continue;
4538 			}
4539 			/*
4540 			 * RFC 2367:
4541 			 * HARD lifetimes MUST take precedence over SOFT
4542 			 * lifetimes, meaning if the HARD and SOFT lifetimes
4543 			 * are the same, the HARD lifetime will appear on the
4544 			 * EXPIRE message.
4545 			 */
4546 			/* check HARD lifetime */
4547 			if ((sav->lft_h->addtime != 0 &&
4548 			    now - sav->created > sav->lft_h->addtime) ||
4549 			    (sav->lft_h->usetime != 0 && sav->firstused &&
4550 			    now - sav->firstused > sav->lft_h->usetime) ||
4551 			    (sav->lft_h->bytes != 0 && counter_u64_fetch(
4552 			        sav->lft_c_bytes) > sav->lft_h->bytes)) {
4553 				SECASVAR_UNLOCK(sav);
4554 				SAV_ADDREF(sav);
4555 				LIST_INSERT_HEAD(&hexpireq, sav, drainq);
4556 				continue;
4557 			}
4558 			/* check SOFT lifetime (only for MATURE SAs) */
4559 			if (sav->state == SADB_SASTATE_MATURE && (
4560 			    (sav->lft_s->addtime != 0 &&
4561 			    now - sav->created > sav->lft_s->addtime) ||
4562 			    (sav->lft_s->usetime != 0 && sav->firstused &&
4563 			    now - sav->firstused > sav->lft_s->usetime) ||
4564 			    (sav->lft_s->bytes != 0 && counter_u64_fetch(
4565 				sav->lft_c_bytes) > sav->lft_s->bytes) ||
4566 			    (!(sav->flags & SADB_X_SAFLAGS_ESN) &&
4567 			    (sav->replay != NULL) && (
4568 			    (sav->replay->count > UINT32_80PCT) ||
4569 			    (sav->replay->last > UINT32_80PCT))))) {
4570 				SECASVAR_UNLOCK(sav);
4571 				SAV_ADDREF(sav);
4572 				LIST_INSERT_HEAD(&sexpireq, sav, drainq);
4573 				continue;
4574 			}
4575 			SECASVAR_UNLOCK(sav);
4576 		}
4577 	}
4578 	SAHTREE_RUNLOCK();
4579 
4580 	if (LIST_EMPTY(&emptyq) && LIST_EMPTY(&drainq) &&
4581 	    LIST_EMPTY(&hexpireq) && LIST_EMPTY(&sexpireq))
4582 		return;
4583 
4584 	LIST_INIT(&freeq);
4585 	SAHTREE_WLOCK();
4586 	/* Unlink stale LARVAL SAs */
4587 	sav = LIST_FIRST(&drainq);
4588 	while (sav != NULL) {
4589 		nextsav = LIST_NEXT(sav, drainq);
4590 		/* Check that SA is still LARVAL */
4591 		if (sav->state != SADB_SASTATE_LARVAL) {
4592 			LIST_REMOVE(sav, drainq);
4593 			LIST_INSERT_HEAD(&freeq, sav, drainq);
4594 			sav = nextsav;
4595 			continue;
4596 		}
4597 		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
4598 		LIST_REMOVE(sav, spihash);
4599 		sav->state = SADB_SASTATE_DEAD;
4600 		sav = nextsav;
4601 	}
4602 	/* Unlink all SAs with expired HARD lifetime */
4603 	sav = LIST_FIRST(&hexpireq);
4604 	while (sav != NULL) {
4605 		nextsav = LIST_NEXT(sav, drainq);
4606 		/* Check that SA is not unlinked */
4607 		if (sav->state == SADB_SASTATE_DEAD) {
4608 			LIST_REMOVE(sav, drainq);
4609 			LIST_INSERT_HEAD(&freeq, sav, drainq);
4610 			sav = nextsav;
4611 			continue;
4612 		}
4613 		TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
4614 		LIST_REMOVE(sav, spihash);
4615 		sav->state = SADB_SASTATE_DEAD;
4616 		sav = nextsav;
4617 	}
4618 	/* Mark all SAs with expired SOFT lifetime as DYING */
4619 	sav = LIST_FIRST(&sexpireq);
4620 	while (sav != NULL) {
4621 		nextsav = LIST_NEXT(sav, drainq);
4622 		/* Check that SA is not unlinked */
4623 		if (sav->state == SADB_SASTATE_DEAD) {
4624 			LIST_REMOVE(sav, drainq);
4625 			LIST_INSERT_HEAD(&freeq, sav, drainq);
4626 			sav = nextsav;
4627 			continue;
4628 		}
4629 		/*
4630 		 * NOTE: this doesn't change SA order in the chain.
4631 		 */
4632 		sav->state = SADB_SASTATE_DYING;
4633 		sav = nextsav;
4634 	}
4635 	/* Unlink empty SAHs */
4636 	sah = LIST_FIRST(&emptyq);
4637 	while (sah != NULL) {
4638 		nextsah = LIST_NEXT(sah, drainq);
4639 		/* Check that SAH is still empty and not unlinked */
4640 		if (sah->state == SADB_SASTATE_DEAD ||
4641 		    !TAILQ_EMPTY(&sah->savtree_larval) ||
4642 		    !TAILQ_EMPTY(&sah->savtree_alive)) {
4643 			LIST_REMOVE(sah, drainq);
4644 			key_freesah(&sah); /* release extra reference */
4645 			sah = nextsah;
4646 			continue;
4647 		}
4648 		TAILQ_REMOVE(&V_sahtree, sah, chain);
4649 		LIST_REMOVE(sah, addrhash);
4650 		sah->state = SADB_SASTATE_DEAD;
4651 		sah = nextsah;
4652 	}
4653 	SAHTREE_WUNLOCK();
4654 
4655 	/* Send SPDEXPIRE messages */
4656 	sav = LIST_FIRST(&hexpireq);
4657 	while (sav != NULL) {
4658 		nextsav = LIST_NEXT(sav, drainq);
4659 		key_expire(sav, 1);
4660 		key_freesah(&sav->sah); /* release reference from SAV */
4661 		key_freesav(&sav); /* release extra reference */
4662 		key_freesav(&sav); /* release last reference */
4663 		sav = nextsav;
4664 	}
4665 	sav = LIST_FIRST(&sexpireq);
4666 	while (sav != NULL) {
4667 		nextsav = LIST_NEXT(sav, drainq);
4668 		key_expire(sav, 0);
4669 		key_freesav(&sav); /* release extra reference */
4670 		sav = nextsav;
4671 	}
4672 	/* Free stale LARVAL SAs */
4673 	sav = LIST_FIRST(&drainq);
4674 	while (sav != NULL) {
4675 		nextsav = LIST_NEXT(sav, drainq);
4676 		key_freesah(&sav->sah); /* release reference from SAV */
4677 		key_freesav(&sav); /* release extra reference */
4678 		key_freesav(&sav); /* release last reference */
4679 		sav = nextsav;
4680 	}
4681 	/* Free SAs that were unlinked/changed by someone else */
4682 	sav = LIST_FIRST(&freeq);
4683 	while (sav != NULL) {
4684 		nextsav = LIST_NEXT(sav, drainq);
4685 		key_freesav(&sav); /* release extra reference */
4686 		sav = nextsav;
4687 	}
4688 	/* Free empty SAH */
4689 	sah = LIST_FIRST(&emptyq);
4690 	while (sah != NULL) {
4691 		nextsah = LIST_NEXT(sah, drainq);
4692 		key_freesah(&sah); /* release extra reference */
4693 		key_freesah(&sah); /* release last reference */
4694 		sah = nextsah;
4695 	}
4696 }
4697 
4698 static void
4699 key_flush_acq(time_t now)
4700 {
4701 	struct secacq *acq, *nextacq;
4702 
4703 	/* ACQ tree */
4704 	ACQ_LOCK();
4705 	acq = LIST_FIRST(&V_acqtree);
4706 	while (acq != NULL) {
4707 		nextacq = LIST_NEXT(acq, chain);
4708 		if (now - acq->created > V_key_blockacq_lifetime) {
4709 			LIST_REMOVE(acq, chain);
4710 			LIST_REMOVE(acq, addrhash);
4711 			LIST_REMOVE(acq, seqhash);
4712 			free(acq, M_IPSEC_SAQ);
4713 		}
4714 		acq = nextacq;
4715 	}
4716 	ACQ_UNLOCK();
4717 }
4718 
4719 static void
4720 key_flush_spacq(time_t now)
4721 {
4722 	struct secspacq *acq, *nextacq;
4723 
4724 	/* SP ACQ tree */
4725 	SPACQ_LOCK();
4726 	for (acq = LIST_FIRST(&V_spacqtree); acq != NULL; acq = nextacq) {
4727 		nextacq = LIST_NEXT(acq, chain);
4728 		if (now - acq->created > V_key_blockacq_lifetime
4729 		 && __LIST_CHAINED(acq)) {
4730 			LIST_REMOVE(acq, chain);
4731 			free(acq, M_IPSEC_SAQ);
4732 		}
4733 	}
4734 	SPACQ_UNLOCK();
4735 }
4736 
4737 /*
4738  * time handler.
4739  * scanning SPD and SAD to check status for each entries,
4740  * and do to remove or to expire.
4741  * XXX: year 2038 problem may remain.
4742  */
4743 static void
4744 key_timehandler(void *arg)
4745 {
4746 	VNET_ITERATOR_DECL(vnet_iter);
4747 	time_t now = time_second;
4748 
4749 	VNET_LIST_RLOCK_NOSLEEP();
4750 	VNET_FOREACH(vnet_iter) {
4751 		CURVNET_SET(vnet_iter);
4752 		key_flush_spd(now);
4753 		key_flush_sad(now);
4754 		key_flush_acq(now);
4755 		key_flush_spacq(now);
4756 		CURVNET_RESTORE();
4757 	}
4758 	VNET_LIST_RUNLOCK_NOSLEEP();
4759 
4760 #ifndef IPSEC_DEBUG2
4761 	/* do exchange to tick time !! */
4762 	callout_schedule(&key_timer, hz);
4763 #endif /* IPSEC_DEBUG2 */
4764 }
4765 
4766 u_long
4767 key_random(void)
4768 {
4769 	u_long value;
4770 
4771 	arc4random_buf(&value, sizeof(value));
4772 	return value;
4773 }
4774 
4775 /*
4776  * map SADB_SATYPE_* to IPPROTO_*.
4777  * if satype == SADB_SATYPE then satype is mapped to ~0.
4778  * OUT:
4779  *	0: invalid satype.
4780  */
4781 static uint8_t
4782 key_satype2proto(uint8_t satype)
4783 {
4784 	switch (satype) {
4785 	case SADB_SATYPE_UNSPEC:
4786 		return IPSEC_PROTO_ANY;
4787 	case SADB_SATYPE_AH:
4788 		return IPPROTO_AH;
4789 	case SADB_SATYPE_ESP:
4790 		return IPPROTO_ESP;
4791 	case SADB_X_SATYPE_IPCOMP:
4792 		return IPPROTO_IPCOMP;
4793 	case SADB_X_SATYPE_TCPSIGNATURE:
4794 		return IPPROTO_TCP;
4795 	default:
4796 		return 0;
4797 	}
4798 	/* NOTREACHED */
4799 }
4800 
4801 /*
4802  * map IPPROTO_* to SADB_SATYPE_*
4803  * OUT:
4804  *	0: invalid protocol type.
4805  */
4806 static uint8_t
4807 key_proto2satype(uint8_t proto)
4808 {
4809 	switch (proto) {
4810 	case IPPROTO_AH:
4811 		return SADB_SATYPE_AH;
4812 	case IPPROTO_ESP:
4813 		return SADB_SATYPE_ESP;
4814 	case IPPROTO_IPCOMP:
4815 		return SADB_X_SATYPE_IPCOMP;
4816 	case IPPROTO_TCP:
4817 		return SADB_X_SATYPE_TCPSIGNATURE;
4818 	default:
4819 		return 0;
4820 	}
4821 	/* NOTREACHED */
4822 }
4823 
4824 /* %%% PF_KEY */
4825 /*
4826  * SADB_GETSPI processing is to receive
4827  *	<base, (SA2), src address, dst address, (SPI range)>
4828  * from the IKMPd, to assign a unique spi value, to hang on the INBOUND
4829  * tree with the status of LARVAL, and send
4830  *	<base, SA(*), address(SD)>
4831  * to the IKMPd.
4832  *
4833  * IN:	mhp: pointer to the pointer to each header.
4834  * OUT:	NULL if fail.
4835  *	other if success, return pointer to the message to send.
4836  */
4837 static int
4838 key_getspi(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
4839 {
4840 	struct secasindex saidx;
4841 	struct sadb_address *src0, *dst0;
4842 	struct secasvar *sav;
4843 	uint32_t reqid, spi;
4844 	int error;
4845 	uint8_t mode, proto;
4846 
4847 	IPSEC_ASSERT(so != NULL, ("null socket"));
4848 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
4849 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
4850 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
4851 
4852 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
4853 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST)
4854 #ifdef PFKEY_STRICT_CHECKS
4855 	    || SADB_CHECKHDR(mhp, SADB_EXT_SPIRANGE)
4856 #endif
4857 	    ) {
4858 		ipseclog((LOG_DEBUG,
4859 		    "%s: invalid message: missing required header.\n",
4860 		    __func__));
4861 		error = EINVAL;
4862 		goto fail;
4863 	}
4864 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
4865 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)
4866 #ifdef PFKEY_STRICT_CHECKS
4867 	    || SADB_CHECKLEN(mhp, SADB_EXT_SPIRANGE)
4868 #endif
4869 	    ) {
4870 		ipseclog((LOG_DEBUG,
4871 		    "%s: invalid message: wrong header size.\n", __func__));
4872 		error = EINVAL;
4873 		goto fail;
4874 	}
4875 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
4876 		mode = IPSEC_MODE_ANY;
4877 		reqid = 0;
4878 	} else {
4879 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
4880 			ipseclog((LOG_DEBUG,
4881 			    "%s: invalid message: wrong header size.\n",
4882 			    __func__));
4883 			error = EINVAL;
4884 			goto fail;
4885 		}
4886 		mode = ((struct sadb_x_sa2 *)
4887 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
4888 		reqid = ((struct sadb_x_sa2 *)
4889 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
4890 	}
4891 
4892 	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
4893 	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
4894 
4895 	/* map satype to proto */
4896 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
4897 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
4898 			__func__));
4899 		error = EINVAL;
4900 		goto fail;
4901 	}
4902 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
4903 	    (struct sockaddr *)(dst0 + 1));
4904 	if (error != 0) {
4905 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
4906 		error = EINVAL;
4907 		goto fail;
4908 	}
4909 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
4910 
4911 	/* SPI allocation */
4912 	SPI_ALLOC_LOCK();
4913 	spi = key_do_getnewspi(
4914 	    (struct sadb_spirange *)mhp->ext[SADB_EXT_SPIRANGE], &saidx);
4915 	if (spi == 0) {
4916 		/*
4917 		 * Requested SPI or SPI range is not available or
4918 		 * already used.
4919 		 */
4920 		SPI_ALLOC_UNLOCK();
4921 		error = EEXIST;
4922 		goto fail;
4923 	}
4924 	sav = key_newsav(mhp, &saidx, spi, &error);
4925 	SPI_ALLOC_UNLOCK();
4926 	if (sav == NULL)
4927 		goto fail;
4928 
4929 	if (sav->seq != 0) {
4930 		/*
4931 		 * RFC2367:
4932 		 * If the SADB_GETSPI message is in response to a
4933 		 * kernel-generated SADB_ACQUIRE, the sadb_msg_seq
4934 		 * MUST be the same as the SADB_ACQUIRE message.
4935 		 *
4936 		 * XXXAE: However it doesn't definethe behaviour how to
4937 		 * check this and what to do if it doesn't match.
4938 		 * Also what we should do if it matches?
4939 		 *
4940 		 * We can compare saidx used in SADB_ACQUIRE with saidx
4941 		 * used in SADB_GETSPI, but this probably can break
4942 		 * existing software. For now just warn if it doesn't match.
4943 		 *
4944 		 * XXXAE: anyway it looks useless.
4945 		 */
4946 		key_acqdone(&saidx, sav->seq);
4947 	}
4948 	KEYDBG(KEY_STAMP,
4949 	    printf("%s: SA(%p)\n", __func__, sav));
4950 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
4951 
4952     {
4953 	struct mbuf *n, *nn;
4954 	struct sadb_sa *m_sa;
4955 	struct sadb_msg *newmsg;
4956 	int off, len;
4957 
4958 	/* create new sadb_msg to reply. */
4959 	len = PFKEY_ALIGN8(sizeof(struct sadb_msg)) +
4960 	    PFKEY_ALIGN8(sizeof(struct sadb_sa));
4961 
4962 	MGETHDR(n, M_NOWAIT, MT_DATA);
4963 	if (len > MHLEN) {
4964 		if (!(MCLGET(n, M_NOWAIT))) {
4965 			m_freem(n);
4966 			n = NULL;
4967 		}
4968 	}
4969 	if (!n) {
4970 		error = ENOBUFS;
4971 		goto fail;
4972 	}
4973 
4974 	n->m_len = len;
4975 	n->m_next = NULL;
4976 	off = 0;
4977 
4978 	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
4979 	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
4980 
4981 	m_sa = (struct sadb_sa *)(mtod(n, caddr_t) + off);
4982 	m_sa->sadb_sa_len = PFKEY_UNIT64(sizeof(struct sadb_sa));
4983 	m_sa->sadb_sa_exttype = SADB_EXT_SA;
4984 	m_sa->sadb_sa_spi = spi; /* SPI is already in network byte order */
4985 	off += PFKEY_ALIGN8(sizeof(struct sadb_sa));
4986 
4987 	IPSEC_ASSERT(off == len,
4988 		("length inconsistency (off %u len %u)", off, len));
4989 
4990 	n->m_next = key_gather_mbuf(m, mhp, 0, 2, SADB_EXT_ADDRESS_SRC,
4991 	    SADB_EXT_ADDRESS_DST);
4992 	if (!n->m_next) {
4993 		m_freem(n);
4994 		error = ENOBUFS;
4995 		goto fail;
4996 	}
4997 
4998 	if (n->m_len < sizeof(struct sadb_msg)) {
4999 		n = m_pullup(n, sizeof(struct sadb_msg));
5000 		if (n == NULL)
5001 			return key_sendup_mbuf(so, m, KEY_SENDUP_ONE);
5002 	}
5003 
5004 	n->m_pkthdr.len = 0;
5005 	for (nn = n; nn; nn = nn->m_next)
5006 		n->m_pkthdr.len += nn->m_len;
5007 
5008 	newmsg = mtod(n, struct sadb_msg *);
5009 	newmsg->sadb_msg_seq = sav->seq;
5010 	newmsg->sadb_msg_errno = 0;
5011 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
5012 
5013 	m_freem(m);
5014 	return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
5015     }
5016 
5017 fail:
5018 	return (key_senderror(so, m, error));
5019 }
5020 
5021 /*
5022  * allocating new SPI
5023  * called by key_getspi().
5024  * OUT:
5025  *	0:	failure.
5026  *	others: success, SPI in network byte order.
5027  */
5028 static uint32_t
5029 key_do_getnewspi(struct sadb_spirange *spirange, struct secasindex *saidx)
5030 {
5031 	uint32_t min, max, newspi, t;
5032 	int tries, limit;
5033 
5034 	SPI_ALLOC_LOCK_ASSERT();
5035 
5036 	/* set spi range to allocate */
5037 	if (spirange != NULL) {
5038 		min = spirange->sadb_spirange_min;
5039 		max = spirange->sadb_spirange_max;
5040 	} else {
5041 		min = V_key_spi_minval;
5042 		max = V_key_spi_maxval;
5043 	}
5044 	/* IPCOMP needs 2-byte SPI */
5045 	if (saidx->proto == IPPROTO_IPCOMP) {
5046 		if (min >= 0x10000)
5047 			min = 0xffff;
5048 		if (max >= 0x10000)
5049 			max = 0xffff;
5050 		if (min > max) {
5051 			t = min; min = max; max = t;
5052 		}
5053 	}
5054 
5055 	if (min == max) {
5056 		if (!key_checkspidup(htonl(min))) {
5057 			ipseclog((LOG_DEBUG, "%s: SPI %u exists already.\n",
5058 			    __func__, min));
5059 			return 0;
5060 		}
5061 
5062 		tries = 1;
5063 		newspi = min;
5064 	} else {
5065 		/* init SPI */
5066 		newspi = 0;
5067 
5068 		limit = atomic_load_int(&V_key_spi_trycnt);
5069 		/* when requesting to allocate spi ranged */
5070 		for (tries = 0; tries < limit; tries++) {
5071 			/* generate pseudo-random SPI value ranged. */
5072 			newspi = min + (key_random() % (max - min + 1));
5073 			if (!key_checkspidup(htonl(newspi)))
5074 				break;
5075 		}
5076 
5077 		if (tries == limit || newspi == 0) {
5078 			ipseclog((LOG_DEBUG,
5079 			    "%s: failed to allocate SPI.\n", __func__));
5080 			return 0;
5081 		}
5082 	}
5083 
5084 	/* statistics */
5085 	keystat.getspi_count =
5086 	    (keystat.getspi_count + tries) / 2;
5087 
5088 	return (htonl(newspi));
5089 }
5090 
5091 /*
5092  * Find TCP-MD5 SA with corresponding secasindex.
5093  * If not found, return NULL and fill SPI with usable value if needed.
5094  */
5095 static struct secasvar *
5096 key_getsav_tcpmd5(struct secasindex *saidx, uint32_t *spi)
5097 {
5098 	SAHTREE_RLOCK_TRACKER;
5099 	struct secashead *sah;
5100 	struct secasvar *sav;
5101 
5102 	IPSEC_ASSERT(saidx->proto == IPPROTO_TCP, ("wrong proto"));
5103 	SAHTREE_RLOCK();
5104 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
5105 		if (sah->saidx.proto != IPPROTO_TCP)
5106 			continue;
5107 		if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
5108 		    !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
5109 			break;
5110 	}
5111 	if (sah != NULL) {
5112 		if (V_key_preferred_oldsa)
5113 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
5114 		else
5115 			sav = TAILQ_FIRST(&sah->savtree_alive);
5116 		if (sav != NULL) {
5117 			SAV_ADDREF(sav);
5118 			SAHTREE_RUNLOCK();
5119 			return (sav);
5120 		}
5121 	}
5122 	if (spi == NULL) {
5123 		/* No SPI required */
5124 		SAHTREE_RUNLOCK();
5125 		return (NULL);
5126 	}
5127 	/* Check that SPI is unique */
5128 	LIST_FOREACH(sav, SAVHASH_HASH(*spi), spihash) {
5129 		if (sav->spi == *spi)
5130 			break;
5131 	}
5132 	if (sav == NULL) {
5133 		SAHTREE_RUNLOCK();
5134 		/* SPI is already unique */
5135 		return (NULL);
5136 	}
5137 	SAHTREE_RUNLOCK();
5138 	/* XXX: not optimal */
5139 	*spi = key_do_getnewspi(NULL, saidx);
5140 	return (NULL);
5141 }
5142 
5143 static int
5144 key_updateaddresses(struct socket *so, struct mbuf *m,
5145     const struct sadb_msghdr *mhp, struct secasvar *sav,
5146     struct secasindex *saidx)
5147 {
5148 	struct sockaddr *newaddr;
5149 	struct secashead *sah;
5150 	struct secasvar *newsav, *tmp;
5151 	struct mbuf *n;
5152 	int error, isnew;
5153 
5154 	/* Check that we need to change SAH */
5155 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC)) {
5156 		newaddr = (struct sockaddr *)(
5157 		    ((struct sadb_address *)
5158 		    mhp->ext[SADB_X_EXT_NEW_ADDRESS_SRC]) + 1);
5159 		bcopy(newaddr, &saidx->src, newaddr->sa_len);
5160 		key_porttosaddr(&saidx->src.sa, 0);
5161 	}
5162 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST)) {
5163 		newaddr = (struct sockaddr *)(
5164 		    ((struct sadb_address *)
5165 		    mhp->ext[SADB_X_EXT_NEW_ADDRESS_DST]) + 1);
5166 		bcopy(newaddr, &saidx->dst, newaddr->sa_len);
5167 		key_porttosaddr(&saidx->dst.sa, 0);
5168 	}
5169 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC) ||
5170 	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST)) {
5171 		error = key_checksockaddrs(&saidx->src.sa, &saidx->dst.sa);
5172 		if (error != 0) {
5173 			ipseclog((LOG_DEBUG, "%s: invalid new sockaddr.\n",
5174 			    __func__));
5175 			return (error);
5176 		}
5177 
5178 		sah = key_getsah(saidx);
5179 		if (sah == NULL) {
5180 			/* create a new SA index */
5181 			sah = key_newsah(saidx);
5182 			if (sah == NULL) {
5183 				ipseclog((LOG_DEBUG,
5184 				    "%s: No more memory.\n", __func__));
5185 				return (ENOBUFS);
5186 			}
5187 			isnew = 2; /* SAH is new */
5188 		} else
5189 			isnew = 1; /* existing SAH is referenced */
5190 	} else {
5191 		/*
5192 		 * src and dst addresses are still the same.
5193 		 * Do we want to change NAT-T config?
5194 		 */
5195 		if (sav->sah->saidx.proto != IPPROTO_ESP ||
5196 		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5197 		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_SPORT) ||
5198 		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5199 			ipseclog((LOG_DEBUG,
5200 			    "%s: invalid message: missing required header.\n",
5201 			    __func__));
5202 			return (EINVAL);
5203 		}
5204 		/* We hold reference to SA, thus SAH will be referenced too. */
5205 		sah = sav->sah;
5206 		isnew = 0;
5207 	}
5208 
5209 	newsav = malloc(sizeof(struct secasvar), M_IPSEC_SA,
5210 	    M_NOWAIT | M_ZERO);
5211 	if (newsav == NULL) {
5212 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5213 		error = ENOBUFS;
5214 		goto fail;
5215 	}
5216 
5217 	/* Clone SA's content into newsav */
5218 	SAV_INITREF(newsav);
5219 	bcopy(sav, newsav, offsetof(struct secasvar, chain));
5220 	/*
5221 	 * We create new NAT-T config if it is needed.
5222 	 * Old NAT-T config will be freed by key_cleansav() when
5223 	 * last reference to SA will be released.
5224 	 */
5225 	newsav->natt = NULL;
5226 	newsav->sah = sah;
5227 	newsav->state = SADB_SASTATE_MATURE;
5228 	error = key_setnatt(newsav, mhp);
5229 	if (error != 0)
5230 		goto fail;
5231 
5232 	SAHTREE_WLOCK();
5233 	/* Check that SA is still alive */
5234 	if (sav->state == SADB_SASTATE_DEAD) {
5235 		/* SA was unlinked */
5236 		SAHTREE_WUNLOCK();
5237 		error = ESRCH;
5238 		goto fail;
5239 	}
5240 
5241 	/* Unlink SA from SAH and SPI hash */
5242 	IPSEC_ASSERT((sav->flags & SADB_X_EXT_F_CLONED) == 0,
5243 	    ("SA is already cloned"));
5244 	IPSEC_ASSERT(sav->state == SADB_SASTATE_MATURE ||
5245 	    sav->state == SADB_SASTATE_DYING,
5246 	    ("Wrong SA state %u\n", sav->state));
5247 	TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
5248 	LIST_REMOVE(sav, spihash);
5249 	sav->state = SADB_SASTATE_DEAD;
5250 
5251 	/*
5252 	 * Link new SA with SAH. Keep SAs ordered by
5253 	 * create time (newer are first).
5254 	 */
5255 	TAILQ_FOREACH(tmp, &sah->savtree_alive, chain) {
5256 		if (newsav->created > tmp->created) {
5257 			TAILQ_INSERT_BEFORE(tmp, newsav, chain);
5258 			break;
5259 		}
5260 	}
5261 	if (tmp == NULL)
5262 		TAILQ_INSERT_TAIL(&sah->savtree_alive, newsav, chain);
5263 
5264 	/* Add new SA into SPI hash. */
5265 	LIST_INSERT_HEAD(SAVHASH_HASH(newsav->spi), newsav, spihash);
5266 
5267 	/* Add new SAH into SADB. */
5268 	if (isnew == 2) {
5269 		TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
5270 		LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
5271 		sah->state = SADB_SASTATE_MATURE;
5272 		SAH_ADDREF(sah); /* newsav references new SAH */
5273 	}
5274 	/*
5275 	 * isnew == 1 -> @sah was referenced by key_getsah().
5276 	 * isnew == 0 -> we use the same @sah, that was used by @sav,
5277 	 *	and we use its reference for @newsav.
5278 	 */
5279 	SECASVAR_LOCK(sav);
5280 	/* XXX: replace cntr with pointer? */
5281 	newsav->cntr = sav->cntr;
5282 	sav->flags |= SADB_X_EXT_F_CLONED;
5283 	SECASVAR_UNLOCK(sav);
5284 
5285 	SAHTREE_WUNLOCK();
5286 
5287 	KEYDBG(KEY_STAMP,
5288 	    printf("%s: SA(%p) cloned into SA(%p)\n",
5289 	    __func__, sav, newsav));
5290 	KEYDBG(KEY_DATA, kdebug_secasv(newsav));
5291 
5292 	key_freesav(&sav); /* release last reference */
5293 
5294 	/* set msg buf from mhp */
5295 	n = key_getmsgbuf_x1(m, mhp);
5296 	if (n == NULL) {
5297 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5298 		return (ENOBUFS);
5299 	}
5300 	m_freem(m);
5301 	key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5302 	return (0);
5303 fail:
5304 	if (isnew != 0)
5305 		key_freesah(&sah);
5306 	if (newsav != NULL) {
5307 		if (newsav->natt != NULL)
5308 			free(newsav->natt, M_IPSEC_MISC);
5309 		free(newsav, M_IPSEC_SA);
5310 	}
5311 	return (error);
5312 }
5313 
5314 /*
5315  * SADB_UPDATE processing
5316  * receive
5317  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5318  *       key(AE), (identity(SD),) (sensitivity)>
5319  * from the ikmpd, and update a secasvar entry whose status is SADB_SASTATE_LARVAL.
5320  * and send
5321  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5322  *       (identity(SD),) (sensitivity)>
5323  * to the ikmpd.
5324  *
5325  * m will always be freed.
5326  */
5327 static int
5328 key_update(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5329 {
5330 	struct secasindex saidx;
5331 	struct sadb_address *src0, *dst0;
5332 	struct sadb_sa *sa0;
5333 	struct secasvar *sav;
5334 	uint32_t reqid;
5335 	int error;
5336 	uint8_t mode, proto;
5337 
5338 	IPSEC_ASSERT(so != NULL, ("null socket"));
5339 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5340 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5341 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5342 
5343 	/* map satype to proto */
5344 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5345 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5346 		    __func__));
5347 		return key_senderror(so, m, EINVAL);
5348 	}
5349 
5350 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
5351 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5352 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5353 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
5354 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
5355 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
5356 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
5357 		ipseclog((LOG_DEBUG,
5358 		    "%s: invalid message: missing required header.\n",
5359 		    __func__));
5360 		return key_senderror(so, m, EINVAL);
5361 	}
5362 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
5363 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5364 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5365 		ipseclog((LOG_DEBUG,
5366 		    "%s: invalid message: wrong header size.\n", __func__));
5367 		return key_senderror(so, m, EINVAL);
5368 	}
5369 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
5370 		mode = IPSEC_MODE_ANY;
5371 		reqid = 0;
5372 	} else {
5373 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
5374 			ipseclog((LOG_DEBUG,
5375 			    "%s: invalid message: wrong header size.\n",
5376 			    __func__));
5377 			return key_senderror(so, m, EINVAL);
5378 		}
5379 		mode = ((struct sadb_x_sa2 *)
5380 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
5381 		reqid = ((struct sadb_x_sa2 *)
5382 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
5383 	}
5384 
5385 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5386 	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
5387 	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
5388 
5389 	/*
5390 	 * Only SADB_SASTATE_MATURE SAs may be submitted in an
5391 	 * SADB_UPDATE message.
5392 	 */
5393 	if (sa0->sadb_sa_state != SADB_SASTATE_MATURE) {
5394 		ipseclog((LOG_DEBUG, "%s: invalid state.\n", __func__));
5395 #ifdef PFKEY_STRICT_CHECKS
5396 		return key_senderror(so, m, EINVAL);
5397 #endif
5398 	}
5399 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
5400 	    (struct sockaddr *)(dst0 + 1));
5401 	if (error != 0) {
5402 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5403 		return key_senderror(so, m, error);
5404 	}
5405 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
5406 	sav = key_getsavbyspi(sa0->sadb_sa_spi);
5407 	if (sav == NULL) {
5408 		ipseclog((LOG_DEBUG, "%s: no SA found for SPI %u\n",
5409 		    __func__, ntohl(sa0->sadb_sa_spi)));
5410 		return key_senderror(so, m, EINVAL);
5411 	}
5412 	/*
5413 	 * Check that SADB_UPDATE issued by the same process that did
5414 	 * SADB_GETSPI or SADB_ADD.
5415 	 */
5416 	if (sav->pid != mhp->msg->sadb_msg_pid) {
5417 		ipseclog((LOG_DEBUG,
5418 		    "%s: pid mismatched (SPI %u, pid %u vs. %u)\n", __func__,
5419 		    ntohl(sav->spi), sav->pid, mhp->msg->sadb_msg_pid));
5420 		key_freesav(&sav);
5421 		return key_senderror(so, m, EINVAL);
5422 	}
5423 	/* saidx should match with SA. */
5424 	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_MODE_REQID) == 0) {
5425 		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u\n",
5426 		    __func__, ntohl(sav->spi)));
5427 		key_freesav(&sav);
5428 		return key_senderror(so, m, ESRCH);
5429 	}
5430 
5431 	if (sav->state == SADB_SASTATE_LARVAL) {
5432 		if ((mhp->msg->sadb_msg_satype == SADB_SATYPE_ESP &&
5433 		    SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT)) ||
5434 		    (mhp->msg->sadb_msg_satype == SADB_SATYPE_AH &&
5435 		    SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH))) {
5436 			ipseclog((LOG_DEBUG,
5437 			    "%s: invalid message: missing required header.\n",
5438 			    __func__));
5439 			key_freesav(&sav);
5440 			return key_senderror(so, m, EINVAL);
5441 		}
5442 		/*
5443 		 * We can set any values except src, dst and SPI.
5444 		 */
5445 		error = key_setsaval(sav, mhp);
5446 		if (error != 0) {
5447 			key_freesav(&sav);
5448 			return (key_senderror(so, m, error));
5449 		}
5450 		/* Change SA state to MATURE */
5451 		SAHTREE_WLOCK();
5452 		if (sav->state != SADB_SASTATE_LARVAL) {
5453 			/* SA was deleted or another thread made it MATURE. */
5454 			SAHTREE_WUNLOCK();
5455 			key_freesav(&sav);
5456 			return (key_senderror(so, m, ESRCH));
5457 		}
5458 		/*
5459 		 * NOTE: we keep SAs in savtree_alive ordered by created
5460 		 * time. When SA's state changed from LARVAL to MATURE,
5461 		 * we update its created time in key_setsaval() and move
5462 		 * it into head of savtree_alive.
5463 		 */
5464 		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
5465 		TAILQ_INSERT_HEAD(&sav->sah->savtree_alive, sav, chain);
5466 		sav->state = SADB_SASTATE_MATURE;
5467 		SAHTREE_WUNLOCK();
5468 	} else {
5469 		/*
5470 		 * For DYING and MATURE SA we can change only state
5471 		 * and lifetimes. Report EINVAL if something else attempted
5472 		 * to change.
5473 		 */
5474 		if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT) ||
5475 		    !SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH)) {
5476 			key_freesav(&sav);
5477 			return (key_senderror(so, m, EINVAL));
5478 		}
5479 		error = key_updatelifetimes(sav, mhp);
5480 		if (error != 0) {
5481 			key_freesav(&sav);
5482 			return (key_senderror(so, m, error));
5483 		}
5484 		/*
5485 		 * This is FreeBSD extension to RFC2367.
5486 		 * IKEd can specify SADB_X_EXT_NEW_ADDRESS_SRC and/or
5487 		 * SADB_X_EXT_NEW_ADDRESS_DST when it wants to change
5488 		 * SA addresses (for example to implement MOBIKE protocol
5489 		 * as described in RFC4555). Also we allow to change
5490 		 * NAT-T config.
5491 		 */
5492 		if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC) ||
5493 		    !SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST) ||
5494 		    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5495 		    sav->natt != NULL) {
5496 			error = key_updateaddresses(so, m, mhp, sav, &saidx);
5497 			key_freesav(&sav);
5498 			if (error != 0)
5499 				return (key_senderror(so, m, error));
5500 			return (0);
5501 		}
5502 		/* Check that SA is still alive */
5503 		SAHTREE_WLOCK();
5504 		if (sav->state == SADB_SASTATE_DEAD) {
5505 			/* SA was unlinked */
5506 			SAHTREE_WUNLOCK();
5507 			key_freesav(&sav);
5508 			return (key_senderror(so, m, ESRCH));
5509 		}
5510 		/*
5511 		 * NOTE: there is possible state moving from DYING to MATURE,
5512 		 * but this doesn't change created time, so we won't reorder
5513 		 * this SA.
5514 		 */
5515 		sav->state = SADB_SASTATE_MATURE;
5516 		SAHTREE_WUNLOCK();
5517 	}
5518 	KEYDBG(KEY_STAMP,
5519 	    printf("%s: SA(%p)\n", __func__, sav));
5520 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5521 	key_freesav(&sav);
5522 
5523     {
5524 	struct mbuf *n;
5525 
5526 	/* set msg buf from mhp */
5527 	n = key_getmsgbuf_x1(m, mhp);
5528 	if (n == NULL) {
5529 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5530 		return key_senderror(so, m, ENOBUFS);
5531 	}
5532 
5533 	m_freem(m);
5534 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5535     }
5536 }
5537 
5538 /*
5539  * SADB_ADD processing
5540  * add an entry to SA database, when received
5541  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5542  *       key(AE), (identity(SD),) (sensitivity)>
5543  * from the ikmpd,
5544  * and send
5545  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5546  *       (identity(SD),) (sensitivity)>
5547  * to the ikmpd.
5548  *
5549  * IGNORE identity and sensitivity messages.
5550  *
5551  * m will always be freed.
5552  */
5553 static int
5554 key_add(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5555 {
5556 	struct secasindex saidx;
5557 	struct sadb_address *src0, *dst0;
5558 	struct sadb_sa *sa0;
5559 	struct secasvar *sav;
5560 	uint32_t reqid, spi;
5561 	uint8_t mode, proto;
5562 	int error;
5563 
5564 	IPSEC_ASSERT(so != NULL, ("null socket"));
5565 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5566 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5567 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5568 
5569 	/* map satype to proto */
5570 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5571 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5572 		    __func__));
5573 		return key_senderror(so, m, EINVAL);
5574 	}
5575 
5576 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
5577 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5578 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5579 	    (mhp->msg->sadb_msg_satype == SADB_SATYPE_ESP && (
5580 		SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT) ||
5581 		SADB_CHECKLEN(mhp, SADB_EXT_KEY_ENCRYPT))) ||
5582 	    (mhp->msg->sadb_msg_satype == SADB_SATYPE_AH && (
5583 		SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH) ||
5584 		SADB_CHECKLEN(mhp, SADB_EXT_KEY_AUTH))) ||
5585 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
5586 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
5587 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
5588 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
5589 		ipseclog((LOG_DEBUG,
5590 		    "%s: invalid message: missing required header.\n",
5591 		    __func__));
5592 		return key_senderror(so, m, EINVAL);
5593 	}
5594 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
5595 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5596 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5597 		ipseclog((LOG_DEBUG,
5598 		    "%s: invalid message: wrong header size.\n", __func__));
5599 		return key_senderror(so, m, EINVAL);
5600 	}
5601 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
5602 		mode = IPSEC_MODE_ANY;
5603 		reqid = 0;
5604 	} else {
5605 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
5606 			ipseclog((LOG_DEBUG,
5607 			    "%s: invalid message: wrong header size.\n",
5608 			    __func__));
5609 			return key_senderror(so, m, EINVAL);
5610 		}
5611 		mode = ((struct sadb_x_sa2 *)
5612 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
5613 		reqid = ((struct sadb_x_sa2 *)
5614 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
5615 	}
5616 
5617 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5618 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
5619 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
5620 
5621 	/*
5622 	 * Only SADB_SASTATE_MATURE SAs may be submitted in an
5623 	 * SADB_ADD message.
5624 	 */
5625 	if (sa0->sadb_sa_state != SADB_SASTATE_MATURE) {
5626 		ipseclog((LOG_DEBUG, "%s: invalid state.\n", __func__));
5627 #ifdef PFKEY_STRICT_CHECKS
5628 		return key_senderror(so, m, EINVAL);
5629 #endif
5630 	}
5631 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
5632 	    (struct sockaddr *)(dst0 + 1));
5633 	if (error != 0) {
5634 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5635 		return key_senderror(so, m, error);
5636 	}
5637 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
5638 	spi = sa0->sadb_sa_spi;
5639 	/*
5640 	 * For TCP-MD5 SAs we don't use SPI. Check the uniqueness using
5641 	 * secasindex.
5642 	 * XXXAE: IPComp seems also doesn't use SPI.
5643 	 */
5644 	SPI_ALLOC_LOCK();
5645 	if (proto == IPPROTO_TCP) {
5646 		sav = key_getsav_tcpmd5(&saidx, &spi);
5647 		if (sav == NULL && spi == 0) {
5648 			SPI_ALLOC_UNLOCK();
5649 			/* Failed to allocate SPI */
5650 			ipseclog((LOG_DEBUG, "%s: SA already exists.\n",
5651 			    __func__));
5652 			return key_senderror(so, m, EEXIST);
5653 		}
5654 		/* XXX: SPI that we report back can have another value */
5655 	} else {
5656 		/* We can create new SA only if SPI is different. */
5657 		sav = key_getsavbyspi(spi);
5658 	}
5659 	if (sav != NULL) {
5660 		SPI_ALLOC_UNLOCK();
5661 		key_freesav(&sav);
5662 		ipseclog((LOG_DEBUG, "%s: SA already exists.\n", __func__));
5663 		return key_senderror(so, m, EEXIST);
5664 	}
5665 
5666 	sav = key_newsav(mhp, &saidx, spi, &error);
5667 	SPI_ALLOC_UNLOCK();
5668 	if (sav == NULL)
5669 		return key_senderror(so, m, error);
5670 	KEYDBG(KEY_STAMP,
5671 	    printf("%s: return SA(%p)\n", __func__, sav));
5672 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5673 	/*
5674 	 * If SADB_ADD was in response to SADB_ACQUIRE, we need to schedule
5675 	 * ACQ for deletion.
5676 	 */
5677 	if (sav->seq != 0)
5678 		key_acqdone(&saidx, sav->seq);
5679 
5680     {
5681 	/*
5682 	 * Don't call key_freesav() on error here, as we would like to
5683 	 * keep the SA in the database.
5684 	 */
5685 	struct mbuf *n;
5686 
5687 	/* set msg buf from mhp */
5688 	n = key_getmsgbuf_x1(m, mhp);
5689 	if (n == NULL) {
5690 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5691 		return key_senderror(so, m, ENOBUFS);
5692 	}
5693 
5694 	m_freem(m);
5695 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5696     }
5697 }
5698 
5699 /*
5700  * NAT-T support.
5701  * IKEd may request the use ESP in UDP encapsulation when it detects the
5702  * presence of NAT. It uses NAT-T extension headers for such SAs to specify
5703  * parameters needed for encapsulation and decapsulation. These PF_KEY
5704  * extension headers are not standardized, so this comment addresses our
5705  * implementation.
5706  * SADB_X_EXT_NAT_T_TYPE specifies type of encapsulation, we support only
5707  * UDP_ENCAP_ESPINUDP as described in RFC3948.
5708  * SADB_X_EXT_NAT_T_SPORT/DPORT specifies source and destination ports for
5709  * UDP header. We use these ports in UDP encapsulation procedure, also we
5710  * can check them in UDP decapsulation procedure.
5711  * SADB_X_EXT_NAT_T_OA[IR] specifies original address of initiator or
5712  * responder. These addresses can be used for transport mode to adjust
5713  * checksum after decapsulation and decryption. Since original IP addresses
5714  * used by peer usually different (we detected presence of NAT), TCP/UDP
5715  * pseudo header checksum and IP header checksum was calculated using original
5716  * addresses. After decapsulation and decryption we need to adjust checksum
5717  * to have correct datagram.
5718  *
5719  * We expect presence of NAT-T extension headers only in SADB_ADD and
5720  * SADB_UPDATE messages. We report NAT-T extension headers in replies
5721  * to SADB_ADD, SADB_UPDATE, SADB_GET, and SADB_DUMP messages.
5722  */
5723 static int
5724 key_setnatt(struct secasvar *sav, const struct sadb_msghdr *mhp)
5725 {
5726 	struct sadb_x_nat_t_port *port;
5727 	struct sadb_x_nat_t_type *type;
5728 	struct sadb_address *oai, *oar;
5729 	struct sockaddr *sa;
5730 	uint32_t addr;
5731 	uint16_t cksum;
5732 
5733 	IPSEC_ASSERT(sav->natt == NULL, ("natt is already initialized"));
5734 	/*
5735 	 * Ignore NAT-T headers if sproto isn't ESP.
5736 	 */
5737 	if (sav->sah->saidx.proto != IPPROTO_ESP)
5738 		return (0);
5739 
5740 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) &&
5741 	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_SPORT) &&
5742 	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5743 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5744 		    SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_SPORT) ||
5745 		    SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5746 			ipseclog((LOG_DEBUG,
5747 			    "%s: invalid message: wrong header size.\n",
5748 			    __func__));
5749 			return (EINVAL);
5750 		}
5751 	} else
5752 		return (0);
5753 
5754 	type = (struct sadb_x_nat_t_type *)mhp->ext[SADB_X_EXT_NAT_T_TYPE];
5755 	if (type->sadb_x_nat_t_type_type != UDP_ENCAP_ESPINUDP) {
5756 		ipseclog((LOG_DEBUG, "%s: unsupported NAT-T type %u.\n",
5757 		    __func__, type->sadb_x_nat_t_type_type));
5758 		return (EINVAL);
5759 	}
5760 	/*
5761 	 * Allocate storage for NAT-T config.
5762 	 * On error it will be released by key_cleansav().
5763 	 */
5764 	sav->natt = malloc(sizeof(struct secnatt), M_IPSEC_MISC,
5765 	    M_NOWAIT | M_ZERO);
5766 	if (sav->natt == NULL) {
5767 		PFKEYSTAT_INC(in_nomem);
5768 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5769 		return (ENOBUFS);
5770 	}
5771 	port = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_SPORT];
5772 	if (port->sadb_x_nat_t_port_port == 0) {
5773 		ipseclog((LOG_DEBUG, "%s: invalid NAT-T sport specified.\n",
5774 		    __func__));
5775 		return (EINVAL);
5776 	}
5777 	sav->natt->sport = port->sadb_x_nat_t_port_port;
5778 	port = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_DPORT];
5779 	if (port->sadb_x_nat_t_port_port == 0) {
5780 		ipseclog((LOG_DEBUG, "%s: invalid NAT-T dport specified.\n",
5781 		    __func__));
5782 		return (EINVAL);
5783 	}
5784 	sav->natt->dport = port->sadb_x_nat_t_port_port;
5785 
5786 	/*
5787 	 * SADB_X_EXT_NAT_T_OAI and SADB_X_EXT_NAT_T_OAR are optional
5788 	 * and needed only for transport mode IPsec.
5789 	 * Usually NAT translates only one address, but it is possible,
5790 	 * that both addresses could be translated.
5791 	 * NOTE: Value of SADB_X_EXT_NAT_T_OAI is equal to SADB_X_EXT_NAT_T_OA.
5792 	 */
5793 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_OAI)) {
5794 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_OAI)) {
5795 			ipseclog((LOG_DEBUG,
5796 			    "%s: invalid message: wrong header size.\n",
5797 			    __func__));
5798 			return (EINVAL);
5799 		}
5800 		oai = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAI];
5801 	} else
5802 		oai = NULL;
5803 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_OAR)) {
5804 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_OAR)) {
5805 			ipseclog((LOG_DEBUG,
5806 			    "%s: invalid message: wrong header size.\n",
5807 			    __func__));
5808 			return (EINVAL);
5809 		}
5810 		oar = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAR];
5811 	} else
5812 		oar = NULL;
5813 
5814 	/* Initialize addresses only for transport mode */
5815 	if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL) {
5816 		cksum = 0;
5817 		if (oai != NULL) {
5818 			/* Currently we support only AF_INET */
5819 			sa = (struct sockaddr *)(oai + 1);
5820 			if (sa->sa_family != AF_INET ||
5821 			    sa->sa_len != sizeof(struct sockaddr_in)) {
5822 				ipseclog((LOG_DEBUG,
5823 				    "%s: wrong NAT-OAi header.\n",
5824 				    __func__));
5825 				return (EINVAL);
5826 			}
5827 			/* Ignore address if it the same */
5828 			if (((struct sockaddr_in *)sa)->sin_addr.s_addr !=
5829 			    sav->sah->saidx.src.sin.sin_addr.s_addr) {
5830 				bcopy(sa, &sav->natt->oai.sa, sa->sa_len);
5831 				sav->natt->flags |= IPSEC_NATT_F_OAI;
5832 				/* Calculate checksum delta */
5833 				addr = sav->sah->saidx.src.sin.sin_addr.s_addr;
5834 				cksum = in_addword(cksum, ~addr >> 16);
5835 				cksum = in_addword(cksum, ~addr & 0xffff);
5836 				addr = sav->natt->oai.sin.sin_addr.s_addr;
5837 				cksum = in_addword(cksum, addr >> 16);
5838 				cksum = in_addword(cksum, addr & 0xffff);
5839 			}
5840 		}
5841 		if (oar != NULL) {
5842 			/* Currently we support only AF_INET */
5843 			sa = (struct sockaddr *)(oar + 1);
5844 			if (sa->sa_family != AF_INET ||
5845 			    sa->sa_len != sizeof(struct sockaddr_in)) {
5846 				ipseclog((LOG_DEBUG,
5847 				    "%s: wrong NAT-OAr header.\n",
5848 				    __func__));
5849 				return (EINVAL);
5850 			}
5851 			/* Ignore address if it the same */
5852 			if (((struct sockaddr_in *)sa)->sin_addr.s_addr !=
5853 			    sav->sah->saidx.dst.sin.sin_addr.s_addr) {
5854 				bcopy(sa, &sav->natt->oar.sa, sa->sa_len);
5855 				sav->natt->flags |= IPSEC_NATT_F_OAR;
5856 				/* Calculate checksum delta */
5857 				addr = sav->sah->saidx.dst.sin.sin_addr.s_addr;
5858 				cksum = in_addword(cksum, ~addr >> 16);
5859 				cksum = in_addword(cksum, ~addr & 0xffff);
5860 				addr = sav->natt->oar.sin.sin_addr.s_addr;
5861 				cksum = in_addword(cksum, addr >> 16);
5862 				cksum = in_addword(cksum, addr & 0xffff);
5863 			}
5864 		}
5865 		sav->natt->cksum = cksum;
5866 	}
5867 	return (0);
5868 }
5869 
5870 static int
5871 key_setident(struct secashead *sah, const struct sadb_msghdr *mhp)
5872 {
5873 	const struct sadb_ident *idsrc, *iddst;
5874 
5875 	IPSEC_ASSERT(sah != NULL, ("null secashead"));
5876 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5877 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5878 
5879 	/* don't make buffer if not there */
5880 	if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) &&
5881 	    SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) {
5882 		sah->idents = NULL;
5883 		sah->identd = NULL;
5884 		return (0);
5885 	}
5886 
5887 	if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) ||
5888 	    SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) {
5889 		ipseclog((LOG_DEBUG, "%s: invalid identity.\n", __func__));
5890 		return (EINVAL);
5891 	}
5892 
5893 	idsrc = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_SRC];
5894 	iddst = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_DST];
5895 
5896 	/* validity check */
5897 	if (idsrc->sadb_ident_type != iddst->sadb_ident_type) {
5898 		ipseclog((LOG_DEBUG, "%s: ident type mismatch.\n", __func__));
5899 		return EINVAL;
5900 	}
5901 
5902 	switch (idsrc->sadb_ident_type) {
5903 	case SADB_IDENTTYPE_PREFIX:
5904 	case SADB_IDENTTYPE_FQDN:
5905 	case SADB_IDENTTYPE_USERFQDN:
5906 	default:
5907 		/* XXX do nothing */
5908 		sah->idents = NULL;
5909 		sah->identd = NULL;
5910 	 	return 0;
5911 	}
5912 
5913 	/* make structure */
5914 	sah->idents = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5915 	if (sah->idents == NULL) {
5916 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5917 		return ENOBUFS;
5918 	}
5919 	sah->identd = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5920 	if (sah->identd == NULL) {
5921 		free(sah->idents, M_IPSEC_MISC);
5922 		sah->idents = NULL;
5923 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5924 		return ENOBUFS;
5925 	}
5926 	sah->idents->type = idsrc->sadb_ident_type;
5927 	sah->idents->id = idsrc->sadb_ident_id;
5928 
5929 	sah->identd->type = iddst->sadb_ident_type;
5930 	sah->identd->id = iddst->sadb_ident_id;
5931 
5932 	return 0;
5933 }
5934 
5935 /*
5936  * m will not be freed on return.
5937  * it is caller's responsibility to free the result.
5938  *
5939  * Called from SADB_ADD and SADB_UPDATE. Reply will contain headers
5940  * from the request in defined order.
5941  */
5942 static struct mbuf *
5943 key_getmsgbuf_x1(struct mbuf *m, const struct sadb_msghdr *mhp)
5944 {
5945 	struct mbuf *n;
5946 
5947 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5948 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5949 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5950 
5951 	/* create new sadb_msg to reply. */
5952 	n = key_gather_mbuf(m, mhp, 1, 16, SADB_EXT_RESERVED,
5953 	    SADB_EXT_SA, SADB_X_EXT_SA2,
5954 	    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST,
5955 	    SADB_EXT_LIFETIME_HARD, SADB_EXT_LIFETIME_SOFT,
5956 	    SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST,
5957 	    SADB_X_EXT_NAT_T_TYPE, SADB_X_EXT_NAT_T_SPORT,
5958 	    SADB_X_EXT_NAT_T_DPORT, SADB_X_EXT_NAT_T_OAI,
5959 	    SADB_X_EXT_NAT_T_OAR, SADB_X_EXT_NEW_ADDRESS_SRC,
5960 	    SADB_X_EXT_NEW_ADDRESS_DST);
5961 	if (!n)
5962 		return NULL;
5963 
5964 	if (n->m_len < sizeof(struct sadb_msg)) {
5965 		n = m_pullup(n, sizeof(struct sadb_msg));
5966 		if (n == NULL)
5967 			return NULL;
5968 	}
5969 	mtod(n, struct sadb_msg *)->sadb_msg_errno = 0;
5970 	mtod(n, struct sadb_msg *)->sadb_msg_len =
5971 	    PFKEY_UNIT64(n->m_pkthdr.len);
5972 
5973 	return n;
5974 }
5975 
5976 /*
5977  * SADB_DELETE processing
5978  * receive
5979  *   <base, SA(*), address(SD)>
5980  * from the ikmpd, and set SADB_SASTATE_DEAD,
5981  * and send,
5982  *   <base, SA(*), address(SD)>
5983  * to the ikmpd.
5984  *
5985  * m will always be freed.
5986  */
5987 static int
5988 key_delete(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5989 {
5990 	struct secasindex saidx;
5991 	struct sadb_address *src0, *dst0;
5992 	struct secasvar *sav;
5993 	struct sadb_sa *sa0;
5994 	uint8_t proto;
5995 
5996 	IPSEC_ASSERT(so != NULL, ("null socket"));
5997 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5998 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5999 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
6000 
6001 	/* map satype to proto */
6002 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
6003 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
6004 		    __func__));
6005 		return key_senderror(so, m, EINVAL);
6006 	}
6007 
6008 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
6009 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
6010 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
6011 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
6012 		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
6013 		    __func__));
6014 		return key_senderror(so, m, EINVAL);
6015 	}
6016 
6017 	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
6018 	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
6019 
6020 	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
6021 	    (struct sockaddr *)(dst0 + 1)) != 0) {
6022 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
6023 		return (key_senderror(so, m, EINVAL));
6024 	}
6025 	KEY_SETSECASIDX(proto, IPSEC_MODE_ANY, 0, src0 + 1, dst0 + 1, &saidx);
6026 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA)) {
6027 		/*
6028 		 * Caller wants us to delete all non-LARVAL SAs
6029 		 * that match the src/dst.  This is used during
6030 		 * IKE INITIAL-CONTACT.
6031 		 * XXXAE: this looks like some extension to RFC2367.
6032 		 */
6033 		ipseclog((LOG_DEBUG, "%s: doing delete all.\n", __func__));
6034 		return (key_delete_all(so, m, mhp, &saidx));
6035 	}
6036 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA)) {
6037 		ipseclog((LOG_DEBUG,
6038 		    "%s: invalid message: wrong header size.\n", __func__));
6039 		return (key_senderror(so, m, EINVAL));
6040 	}
6041 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
6042 	SPI_ALLOC_LOCK();
6043 	if (proto == IPPROTO_TCP)
6044 		sav = key_getsav_tcpmd5(&saidx, NULL);
6045 	else
6046 		sav = key_getsavbyspi(sa0->sadb_sa_spi);
6047 	SPI_ALLOC_UNLOCK();
6048 	if (sav == NULL) {
6049 		ipseclog((LOG_DEBUG, "%s: no SA found for SPI %u.\n",
6050 		    __func__, ntohl(sa0->sadb_sa_spi)));
6051 		return (key_senderror(so, m, ESRCH));
6052 	}
6053 	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) {
6054 		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u.\n",
6055 		    __func__, ntohl(sav->spi)));
6056 		key_freesav(&sav);
6057 		return (key_senderror(so, m, ESRCH));
6058 	}
6059 	KEYDBG(KEY_STAMP,
6060 	    printf("%s: SA(%p)\n", __func__, sav));
6061 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
6062 	key_unlinksav(sav);
6063 	key_freesav(&sav);
6064 
6065     {
6066 	struct mbuf *n;
6067 	struct sadb_msg *newmsg;
6068 
6069 	/* create new sadb_msg to reply. */
6070 	n = key_gather_mbuf(m, mhp, 1, 4, SADB_EXT_RESERVED,
6071 	    SADB_EXT_SA, SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
6072 	if (!n)
6073 		return key_senderror(so, m, ENOBUFS);
6074 
6075 	if (n->m_len < sizeof(struct sadb_msg)) {
6076 		n = m_pullup(n, sizeof(struct sadb_msg));
6077 		if (n == NULL)
6078 			return key_senderror(so, m, ENOBUFS);
6079 	}
6080 	newmsg = mtod(n, struct sadb_msg *);
6081 	newmsg->sadb_msg_errno = 0;
6082 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
6083 
6084 	m_freem(m);
6085 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
6086     }
6087 }
6088 
6089 /*
6090  * delete all SAs for src/dst.  Called from key_delete().
6091  */
6092 static int
6093 key_delete_all(struct socket *so, struct mbuf *m,
6094     const struct sadb_msghdr *mhp, struct secasindex *saidx)
6095 {
6096 	struct secasvar_queue drainq;
6097 	struct secashead *sah;
6098 	struct secasvar *sav, *nextsav;
6099 
6100 	TAILQ_INIT(&drainq);
6101 	SAHTREE_WLOCK();
6102 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
6103 		if (key_cmpsaidx(&sah->saidx, saidx, CMP_HEAD) == 0)
6104 			continue;
6105 		/* Move all ALIVE SAs into drainq */
6106 		TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain);
6107 	}
6108 	/* Unlink all queued SAs from SPI hash */
6109 	TAILQ_FOREACH(sav, &drainq, chain) {
6110 		sav->state = SADB_SASTATE_DEAD;
6111 		LIST_REMOVE(sav, spihash);
6112 	}
6113 	SAHTREE_WUNLOCK();
6114 	/* Now we can release reference for all SAs in drainq */
6115 	sav = TAILQ_FIRST(&drainq);
6116 	while (sav != NULL) {
6117 		KEYDBG(KEY_STAMP,
6118 		    printf("%s: SA(%p)\n", __func__, sav));
6119 		KEYDBG(KEY_DATA, kdebug_secasv(sav));
6120 		nextsav = TAILQ_NEXT(sav, chain);
6121 		key_freesah(&sav->sah); /* release reference from SAV */
6122 		key_freesav(&sav); /* release last reference */
6123 		sav = nextsav;
6124 	}
6125 
6126     {
6127 	struct mbuf *n;
6128 	struct sadb_msg *newmsg;
6129 
6130 	/* create new sadb_msg to reply. */
6131 	n = key_gather_mbuf(m, mhp, 1, 3, SADB_EXT_RESERVED,
6132 	    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
6133 	if (!n)
6134 		return key_senderror(so, m, ENOBUFS);
6135 
6136 	if (n->m_len < sizeof(struct sadb_msg)) {
6137 		n = m_pullup(n, sizeof(struct sadb_msg));
6138 		if (n == NULL)
6139 			return key_senderror(so, m, ENOBUFS);
6140 	}
6141 	newmsg = mtod(n, struct sadb_msg *);
6142 	newmsg->sadb_msg_errno = 0;
6143 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
6144 
6145 	m_freem(m);
6146 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
6147     }
6148 }
6149 
6150 /*
6151  * Delete all alive SAs for corresponding xform.
6152  * Larval SAs have not initialized tdb_xform, so it is safe to leave them
6153  * here when xform disappears.
6154  */
6155 void
6156 key_delete_xform(const struct xformsw *xsp)
6157 {
6158 	struct secasvar_queue drainq;
6159 	struct secashead *sah;
6160 	struct secasvar *sav, *nextsav;
6161 
6162 	TAILQ_INIT(&drainq);
6163 	SAHTREE_WLOCK();
6164 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
6165 		sav = TAILQ_FIRST(&sah->savtree_alive);
6166 		if (sav == NULL)
6167 			continue;
6168 		if (sav->tdb_xform != xsp)
6169 			continue;
6170 		/*
6171 		 * It is supposed that all SAs in the chain are related to
6172 		 * one xform.
6173 		 */
6174 		TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain);
6175 	}
6176 	/* Unlink all queued SAs from SPI hash */
6177 	TAILQ_FOREACH(sav, &drainq, chain) {
6178 		sav->state = SADB_SASTATE_DEAD;
6179 		LIST_REMOVE(sav, spihash);
6180 	}
6181 	SAHTREE_WUNLOCK();
6182 
6183 	/* Now we can release reference for all SAs in drainq */
6184 	sav = TAILQ_FIRST(&drainq);
6185 	while (sav != NULL) {
6186 		KEYDBG(KEY_STAMP,
6187 		    printf("%s: SA(%p)\n", __func__, sav));
6188 		KEYDBG(KEY_DATA, kdebug_secasv(sav));
6189 		nextsav = TAILQ_NEXT(sav, chain);
6190 		key_freesah(&sav->sah); /* release reference from SAV */
6191 		key_freesav(&sav); /* release last reference */
6192 		sav = nextsav;
6193 	}
6194 }
6195 
6196 /*
6197  * SADB_GET processing
6198  * receive
6199  *   <base, SA(*), address(SD)>
6200  * from the ikmpd, and get a SP and a SA to respond,
6201  * and send,
6202  *   <base, SA, (lifetime(HSC),) address(SD), (address(P),) key(AE),
6203  *       (identity(SD),) (sensitivity)>
6204  * to the ikmpd.
6205  *
6206  * m will always be freed.
6207  */
6208 static int
6209 key_get(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
6210 {
6211 	struct secasindex saidx;
6212 	struct sadb_address *src0, *dst0;
6213 	struct sadb_sa *sa0;
6214 	struct secasvar *sav;
6215 	uint8_t proto;
6216 
6217 	IPSEC_ASSERT(so != NULL, ("null socket"));
6218 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
6219 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
6220 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
6221 
6222 	/* map satype to proto */
6223 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
6224 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
6225 			__func__));
6226 		return key_senderror(so, m, EINVAL);
6227 	}
6228 
6229 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
6230 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
6231 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST)) {
6232 		ipseclog((LOG_DEBUG,
6233 		    "%s: invalid message: missing required header.\n",
6234 		    __func__));
6235 		return key_senderror(so, m, EINVAL);
6236 	}
6237 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
6238 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
6239 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
6240 		ipseclog((LOG_DEBUG,
6241 		    "%s: invalid message: wrong header size.\n", __func__));
6242 		return key_senderror(so, m, EINVAL);
6243 	}
6244 
6245 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
6246 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
6247 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
6248 
6249 	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
6250 	    (struct sockaddr *)(dst0 + 1)) != 0) {
6251 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
6252 		return key_senderror(so, m, EINVAL);
6253 	}
6254 	KEY_SETSECASIDX(proto, IPSEC_MODE_ANY, 0, src0 + 1, dst0 + 1, &saidx);
6255 
6256 	SPI_ALLOC_LOCK();
6257 	if (proto == IPPROTO_TCP)
6258 		sav = key_getsav_tcpmd5(&saidx, NULL);
6259 	else
6260 		sav = key_getsavbyspi(sa0->sadb_sa_spi);
6261 	SPI_ALLOC_UNLOCK();
6262 	if (sav == NULL) {
6263 		ipseclog((LOG_DEBUG, "%s: no SA found.\n", __func__));
6264 		return key_senderror(so, m, ESRCH);
6265 	}
6266 	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) {
6267 		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u.\n",
6268 		    __func__, ntohl(sa0->sadb_sa_spi)));
6269 		key_freesav(&sav);
6270 		return (key_senderror(so, m, ESRCH));
6271 	}
6272 
6273     {
6274 	struct mbuf *n;
6275 	uint8_t satype;
6276 
6277 	/* map proto to satype */
6278 	if ((satype = key_proto2satype(sav->sah->saidx.proto)) == 0) {
6279 		ipseclog((LOG_DEBUG, "%s: there was invalid proto in SAD.\n",
6280 		    __func__));
6281 		key_freesav(&sav);
6282 		return key_senderror(so, m, EINVAL);
6283 	}
6284 
6285 	/* create new sadb_msg to reply. */
6286 	n = key_setdumpsa(sav, SADB_GET, satype, mhp->msg->sadb_msg_seq,
6287 	    mhp->msg->sadb_msg_pid);
6288 
6289 	key_freesav(&sav);
6290 	if (!n)
6291 		return key_senderror(so, m, ENOBUFS);
6292 
6293 	m_freem(m);
6294 	return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
6295     }
6296 }
6297 
6298 /* XXX make it sysctl-configurable? */
6299 static void
6300 key_getcomb_setlifetime(struct sadb_comb *comb)
6301 {
6302 
6303 	comb->sadb_comb_soft_allocations = 1;
6304 	comb->sadb_comb_hard_allocations = 1;
6305 	comb->sadb_comb_soft_bytes = 0;
6306 	comb->sadb_comb_hard_bytes = 0;
6307 	comb->sadb_comb_hard_addtime = 86400;	/* 1 day */
6308 	comb->sadb_comb_soft_addtime = comb->sadb_comb_soft_addtime * 80 / 100;
6309 	comb->sadb_comb_soft_usetime = 28800;	/* 8 hours */
6310 	comb->sadb_comb_hard_usetime = comb->sadb_comb_hard_usetime * 80 / 100;
6311 }
6312 
6313 /*
6314  * XXX reorder combinations by preference
6315  * XXX no idea if the user wants ESP authentication or not
6316  */
6317 static struct mbuf *
6318 key_getcomb_ealg(void)
6319 {
6320 	struct sadb_comb *comb;
6321 	const struct enc_xform *algo;
6322 	struct mbuf *result = NULL, *m, *n;
6323 	int encmin;
6324 	int i, off, o;
6325 	int totlen;
6326 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb));
6327 
6328 	m = NULL;
6329 	for (i = 1; i <= SADB_EALG_MAX; i++) {
6330 		algo = enc_algorithm_lookup(i);
6331 		if (algo == NULL)
6332 			continue;
6333 
6334 		/* discard algorithms with key size smaller than system min */
6335 		if (_BITS(algo->maxkey) < V_ipsec_esp_keymin)
6336 			continue;
6337 		if (_BITS(algo->minkey) < V_ipsec_esp_keymin)
6338 			encmin = V_ipsec_esp_keymin;
6339 		else
6340 			encmin = _BITS(algo->minkey);
6341 
6342 		if (V_ipsec_esp_auth)
6343 			m = key_getcomb_ah();
6344 		else {
6345 			IPSEC_ASSERT(l <= MLEN,
6346 				("l=%u > MLEN=%lu", l, (u_long) MLEN));
6347 			MGET(m, M_NOWAIT, MT_DATA);
6348 			if (m) {
6349 				M_ALIGN(m, l);
6350 				m->m_len = l;
6351 				m->m_next = NULL;
6352 				bzero(mtod(m, caddr_t), m->m_len);
6353 			}
6354 		}
6355 		if (!m)
6356 			goto fail;
6357 
6358 		totlen = 0;
6359 		for (n = m; n; n = n->m_next)
6360 			totlen += n->m_len;
6361 		IPSEC_ASSERT((totlen % l) == 0, ("totlen=%u, l=%u", totlen, l));
6362 
6363 		for (off = 0; off < totlen; off += l) {
6364 			n = m_pulldown(m, off, l, &o);
6365 			if (!n) {
6366 				/* m is already freed */
6367 				goto fail;
6368 			}
6369 			comb = (struct sadb_comb *)(mtod(n, caddr_t) + o);
6370 			bzero(comb, sizeof(*comb));
6371 			key_getcomb_setlifetime(comb);
6372 			comb->sadb_comb_encrypt = i;
6373 			comb->sadb_comb_encrypt_minbits = encmin;
6374 			comb->sadb_comb_encrypt_maxbits = _BITS(algo->maxkey);
6375 		}
6376 
6377 		if (!result)
6378 			result = m;
6379 		else
6380 			m_cat(result, m);
6381 	}
6382 
6383 	return result;
6384 
6385  fail:
6386 	if (result)
6387 		m_freem(result);
6388 	return NULL;
6389 }
6390 
6391 static void
6392 key_getsizes_ah(const struct auth_hash *ah, int alg, u_int16_t* min,
6393     u_int16_t* max)
6394 {
6395 
6396 	*min = *max = ah->hashsize;
6397 	if (ah->keysize == 0) {
6398 		/*
6399 		 * Transform takes arbitrary key size but algorithm
6400 		 * key size is restricted.  Enforce this here.
6401 		 */
6402 		switch (alg) {
6403 		case SADB_X_AALG_NULL:	*min = 1; *max = 256; break;
6404 		case SADB_X_AALG_SHA2_256: *min = *max = 32; break;
6405 		case SADB_X_AALG_SHA2_384: *min = *max = 48; break;
6406 		case SADB_X_AALG_SHA2_512: *min = *max = 64; break;
6407 		default:
6408 			DPRINTF(("%s: unknown AH algorithm %u\n",
6409 				__func__, alg));
6410 			break;
6411 		}
6412 	}
6413 }
6414 
6415 /*
6416  * XXX reorder combinations by preference
6417  */
6418 static struct mbuf *
6419 key_getcomb_ah()
6420 {
6421 	const struct auth_hash *algo;
6422 	struct sadb_comb *comb;
6423 	struct mbuf *m;
6424 	u_int16_t minkeysize, maxkeysize;
6425 	int i;
6426 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb));
6427 
6428 	m = NULL;
6429 	for (i = 1; i <= SADB_AALG_MAX; i++) {
6430 #if 1
6431 		/* we prefer HMAC algorithms, not old algorithms */
6432 		if (i != SADB_AALG_SHA1HMAC &&
6433 		    i != SADB_X_AALG_SHA2_256 &&
6434 		    i != SADB_X_AALG_SHA2_384 &&
6435 		    i != SADB_X_AALG_SHA2_512)
6436 			continue;
6437 #endif
6438 		algo = auth_algorithm_lookup(i);
6439 		if (!algo)
6440 			continue;
6441 		key_getsizes_ah(algo, i, &minkeysize, &maxkeysize);
6442 		/* discard algorithms with key size smaller than system min */
6443 		if (_BITS(minkeysize) < V_ipsec_ah_keymin)
6444 			continue;
6445 
6446 		if (!m) {
6447 			IPSEC_ASSERT(l <= MLEN,
6448 				("l=%u > MLEN=%lu", l, (u_long) MLEN));
6449 			MGET(m, M_NOWAIT, MT_DATA);
6450 			if (m) {
6451 				M_ALIGN(m, l);
6452 				m->m_len = l;
6453 				m->m_next = NULL;
6454 			}
6455 		} else
6456 			M_PREPEND(m, l, M_NOWAIT);
6457 		if (!m)
6458 			return NULL;
6459 
6460 		comb = mtod(m, struct sadb_comb *);
6461 		bzero(comb, sizeof(*comb));
6462 		key_getcomb_setlifetime(comb);
6463 		comb->sadb_comb_auth = i;
6464 		comb->sadb_comb_auth_minbits = _BITS(minkeysize);
6465 		comb->sadb_comb_auth_maxbits = _BITS(maxkeysize);
6466 	}
6467 
6468 	return m;
6469 }
6470 
6471 /*
6472  * not really an official behavior.  discussed in pf_key@inner.net in Sep2000.
6473  * XXX reorder combinations by preference
6474  */
6475 static struct mbuf *
6476 key_getcomb_ipcomp()
6477 {
6478 	const struct comp_algo *algo;
6479 	struct sadb_comb *comb;
6480 	struct mbuf *m;
6481 	int i;
6482 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb));
6483 
6484 	m = NULL;
6485 	for (i = 1; i <= SADB_X_CALG_MAX; i++) {
6486 		algo = comp_algorithm_lookup(i);
6487 		if (!algo)
6488 			continue;
6489 
6490 		if (!m) {
6491 			IPSEC_ASSERT(l <= MLEN,
6492 				("l=%u > MLEN=%lu", l, (u_long) MLEN));
6493 			MGET(m, M_NOWAIT, MT_DATA);
6494 			if (m) {
6495 				M_ALIGN(m, l);
6496 				m->m_len = l;
6497 				m->m_next = NULL;
6498 			}
6499 		} else
6500 			M_PREPEND(m, l, M_NOWAIT);
6501 		if (!m)
6502 			return NULL;
6503 
6504 		comb = mtod(m, struct sadb_comb *);
6505 		bzero(comb, sizeof(*comb));
6506 		key_getcomb_setlifetime(comb);
6507 		comb->sadb_comb_encrypt = i;
6508 		/* what should we set into sadb_comb_*_{min,max}bits? */
6509 	}
6510 
6511 	return m;
6512 }
6513 
6514 /*
6515  * XXX no way to pass mode (transport/tunnel) to userland
6516  * XXX replay checking?
6517  * XXX sysctl interface to ipsec_{ah,esp}_keymin
6518  */
6519 static struct mbuf *
6520 key_getprop(const struct secasindex *saidx)
6521 {
6522 	struct sadb_prop *prop;
6523 	struct mbuf *m, *n;
6524 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_prop));
6525 	int totlen;
6526 
6527 	switch (saidx->proto)  {
6528 	case IPPROTO_ESP:
6529 		m = key_getcomb_ealg();
6530 		break;
6531 	case IPPROTO_AH:
6532 		m = key_getcomb_ah();
6533 		break;
6534 	case IPPROTO_IPCOMP:
6535 		m = key_getcomb_ipcomp();
6536 		break;
6537 	default:
6538 		return NULL;
6539 	}
6540 
6541 	if (!m)
6542 		return NULL;
6543 	M_PREPEND(m, l, M_NOWAIT);
6544 	if (!m)
6545 		return NULL;
6546 
6547 	totlen = 0;
6548 	for (n = m; n; n = n->m_next)
6549 		totlen += n->m_len;
6550 
6551 	prop = mtod(m, struct sadb_prop *);
6552 	bzero(prop, sizeof(*prop));
6553 	prop->sadb_prop_len = PFKEY_UNIT64(totlen);
6554 	prop->sadb_prop_exttype = SADB_EXT_PROPOSAL;
6555 	prop->sadb_prop_replay = 32;	/* XXX */
6556 
6557 	return m;
6558 }
6559 
6560 /*
6561  * SADB_ACQUIRE processing called by key_checkrequest() and key_acquire2().
6562  * send
6563  *   <base, SA, address(SD), (address(P)), x_policy,
6564  *       (identity(SD),) (sensitivity,) proposal>
6565  * to KMD, and expect to receive
6566  *   <base> with SADB_ACQUIRE if error occurred,
6567  * or
6568  *   <base, src address, dst address, (SPI range)> with SADB_GETSPI
6569  * from KMD by PF_KEY.
6570  *
6571  * XXX x_policy is outside of RFC2367 (KAME extension).
6572  * XXX sensitivity is not supported.
6573  * XXX for ipcomp, RFC2367 does not define how to fill in proposal.
6574  * see comment for key_getcomb_ipcomp().
6575  *
6576  * OUT:
6577  *    0     : succeed
6578  *    others: error number
6579  */
6580 static int
6581 key_acquire(const struct secasindex *saidx, struct secpolicy *sp)
6582 {
6583 	union sockaddr_union addr;
6584 	struct mbuf *result, *m;
6585 	uint32_t seq;
6586 	int error;
6587 	uint16_t ul_proto;
6588 	uint8_t mask, satype;
6589 
6590 	IPSEC_ASSERT(saidx != NULL, ("null saidx"));
6591 	satype = key_proto2satype(saidx->proto);
6592 	IPSEC_ASSERT(satype != 0, ("null satype, protocol %u", saidx->proto));
6593 
6594 	error = -1;
6595 	result = NULL;
6596 	ul_proto = IPSEC_ULPROTO_ANY;
6597 
6598 	/* Get seq number to check whether sending message or not. */
6599 	seq = key_getacq(saidx, &error);
6600 	if (seq == 0)
6601 		return (error);
6602 
6603 	m = key_setsadbmsg(SADB_ACQUIRE, 0, satype, seq, 0, 0);
6604 	if (!m) {
6605 		error = ENOBUFS;
6606 		goto fail;
6607 	}
6608 	result = m;
6609 
6610 	/*
6611 	 * set sadb_address for saidx's.
6612 	 *
6613 	 * Note that if sp is supplied, then we're being called from
6614 	 * key_allocsa_policy() and should supply port and protocol
6615 	 * information.
6616 	 * XXXAE: why only TCP and UDP? ICMP and SCTP looks applicable too.
6617 	 * XXXAE: probably we can handle this in the ipsec[46]_allocsa().
6618 	 * XXXAE: it looks like we should save this info in the ACQ entry.
6619 	 */
6620 	if (sp != NULL && (sp->spidx.ul_proto == IPPROTO_TCP ||
6621 	    sp->spidx.ul_proto == IPPROTO_UDP))
6622 		ul_proto = sp->spidx.ul_proto;
6623 
6624 	addr = saidx->src;
6625 	mask = FULLMASK;
6626 	if (ul_proto != IPSEC_ULPROTO_ANY) {
6627 		switch (sp->spidx.src.sa.sa_family) {
6628 		case AF_INET:
6629 			if (sp->spidx.src.sin.sin_port != IPSEC_PORT_ANY) {
6630 				addr.sin.sin_port = sp->spidx.src.sin.sin_port;
6631 				mask = sp->spidx.prefs;
6632 			}
6633 			break;
6634 		case AF_INET6:
6635 			if (sp->spidx.src.sin6.sin6_port != IPSEC_PORT_ANY) {
6636 				addr.sin6.sin6_port =
6637 				    sp->spidx.src.sin6.sin6_port;
6638 				mask = sp->spidx.prefs;
6639 			}
6640 			break;
6641 		default:
6642 			break;
6643 		}
6644 	}
6645 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, &addr.sa, mask, ul_proto);
6646 	if (!m) {
6647 		error = ENOBUFS;
6648 		goto fail;
6649 	}
6650 	m_cat(result, m);
6651 
6652 	addr = saidx->dst;
6653 	mask = FULLMASK;
6654 	if (ul_proto != IPSEC_ULPROTO_ANY) {
6655 		switch (sp->spidx.dst.sa.sa_family) {
6656 		case AF_INET:
6657 			if (sp->spidx.dst.sin.sin_port != IPSEC_PORT_ANY) {
6658 				addr.sin.sin_port = sp->spidx.dst.sin.sin_port;
6659 				mask = sp->spidx.prefd;
6660 			}
6661 			break;
6662 		case AF_INET6:
6663 			if (sp->spidx.dst.sin6.sin6_port != IPSEC_PORT_ANY) {
6664 				addr.sin6.sin6_port =
6665 				    sp->spidx.dst.sin6.sin6_port;
6666 				mask = sp->spidx.prefd;
6667 			}
6668 			break;
6669 		default:
6670 			break;
6671 		}
6672 	}
6673 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, &addr.sa, mask, ul_proto);
6674 	if (!m) {
6675 		error = ENOBUFS;
6676 		goto fail;
6677 	}
6678 	m_cat(result, m);
6679 
6680 	/* XXX proxy address (optional) */
6681 
6682 	/*
6683 	 * Set sadb_x_policy. This is KAME extension to RFC2367.
6684 	 */
6685 	if (sp != NULL) {
6686 		m = key_setsadbxpolicy(sp->policy, sp->spidx.dir, sp->id,
6687 		    sp->priority);
6688 		if (!m) {
6689 			error = ENOBUFS;
6690 			goto fail;
6691 		}
6692 		m_cat(result, m);
6693 	}
6694 
6695 	/*
6696 	 * Set sadb_x_sa2 extension if saidx->reqid is not zero.
6697 	 * This is FreeBSD extension to RFC2367.
6698 	 */
6699 	if (saidx->reqid != 0) {
6700 		m = key_setsadbxsa2(saidx->mode, 0, saidx->reqid);
6701 		if (m == NULL) {
6702 			error = ENOBUFS;
6703 			goto fail;
6704 		}
6705 		m_cat(result, m);
6706 	}
6707 	/* XXX identity (optional) */
6708 #if 0
6709 	if (idexttype && fqdn) {
6710 		/* create identity extension (FQDN) */
6711 		struct sadb_ident *id;
6712 		int fqdnlen;
6713 
6714 		fqdnlen = strlen(fqdn) + 1;	/* +1 for terminating-NUL */
6715 		id = (struct sadb_ident *)p;
6716 		bzero(id, sizeof(*id) + PFKEY_ALIGN8(fqdnlen));
6717 		id->sadb_ident_len = PFKEY_UNIT64(sizeof(*id) + PFKEY_ALIGN8(fqdnlen));
6718 		id->sadb_ident_exttype = idexttype;
6719 		id->sadb_ident_type = SADB_IDENTTYPE_FQDN;
6720 		bcopy(fqdn, id + 1, fqdnlen);
6721 		p += sizeof(struct sadb_ident) + PFKEY_ALIGN8(fqdnlen);
6722 	}
6723 
6724 	if (idexttype) {
6725 		/* create identity extension (USERFQDN) */
6726 		struct sadb_ident *id;
6727 		int userfqdnlen;
6728 
6729 		if (userfqdn) {
6730 			/* +1 for terminating-NUL */
6731 			userfqdnlen = strlen(userfqdn) + 1;
6732 		} else
6733 			userfqdnlen = 0;
6734 		id = (struct sadb_ident *)p;
6735 		bzero(id, sizeof(*id) + PFKEY_ALIGN8(userfqdnlen));
6736 		id->sadb_ident_len = PFKEY_UNIT64(sizeof(*id) + PFKEY_ALIGN8(userfqdnlen));
6737 		id->sadb_ident_exttype = idexttype;
6738 		id->sadb_ident_type = SADB_IDENTTYPE_USERFQDN;
6739 		/* XXX is it correct? */
6740 		if (curproc && curproc->p_cred)
6741 			id->sadb_ident_id = curproc->p_cred->p_ruid;
6742 		if (userfqdn && userfqdnlen)
6743 			bcopy(userfqdn, id + 1, userfqdnlen);
6744 		p += sizeof(struct sadb_ident) + PFKEY_ALIGN8(userfqdnlen);
6745 	}
6746 #endif
6747 
6748 	/* XXX sensitivity (optional) */
6749 
6750 	/* create proposal/combination extension */
6751 	m = key_getprop(saidx);
6752 #if 0
6753 	/*
6754 	 * spec conformant: always attach proposal/combination extension,
6755 	 * the problem is that we have no way to attach it for ipcomp,
6756 	 * due to the way sadb_comb is declared in RFC2367.
6757 	 */
6758 	if (!m) {
6759 		error = ENOBUFS;
6760 		goto fail;
6761 	}
6762 	m_cat(result, m);
6763 #else
6764 	/*
6765 	 * outside of spec; make proposal/combination extension optional.
6766 	 */
6767 	if (m)
6768 		m_cat(result, m);
6769 #endif
6770 
6771 	if ((result->m_flags & M_PKTHDR) == 0) {
6772 		error = EINVAL;
6773 		goto fail;
6774 	}
6775 
6776 	if (result->m_len < sizeof(struct sadb_msg)) {
6777 		result = m_pullup(result, sizeof(struct sadb_msg));
6778 		if (result == NULL) {
6779 			error = ENOBUFS;
6780 			goto fail;
6781 		}
6782 	}
6783 
6784 	result->m_pkthdr.len = 0;
6785 	for (m = result; m; m = m->m_next)
6786 		result->m_pkthdr.len += m->m_len;
6787 
6788 	mtod(result, struct sadb_msg *)->sadb_msg_len =
6789 	    PFKEY_UNIT64(result->m_pkthdr.len);
6790 
6791 	KEYDBG(KEY_STAMP,
6792 	    printf("%s: SP(%p)\n", __func__, sp));
6793 	KEYDBG(KEY_DATA, kdebug_secasindex(saidx, NULL));
6794 
6795 	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
6796 
6797  fail:
6798 	if (result)
6799 		m_freem(result);
6800 	return error;
6801 }
6802 
6803 static uint32_t
6804 key_newacq(const struct secasindex *saidx, int *perror)
6805 {
6806 	struct secacq *acq;
6807 	uint32_t seq;
6808 
6809 	acq = malloc(sizeof(*acq), M_IPSEC_SAQ, M_NOWAIT | M_ZERO);
6810 	if (acq == NULL) {
6811 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
6812 		*perror = ENOBUFS;
6813 		return (0);
6814 	}
6815 
6816 	/* copy secindex */
6817 	bcopy(saidx, &acq->saidx, sizeof(acq->saidx));
6818 	acq->created = time_second;
6819 	acq->count = 0;
6820 
6821 	/* add to acqtree */
6822 	ACQ_LOCK();
6823 	seq = acq->seq = (V_acq_seq == ~0 ? 1 : ++V_acq_seq);
6824 	LIST_INSERT_HEAD(&V_acqtree, acq, chain);
6825 	LIST_INSERT_HEAD(ACQADDRHASH_HASH(saidx), acq, addrhash);
6826 	LIST_INSERT_HEAD(ACQSEQHASH_HASH(seq), acq, seqhash);
6827 	ACQ_UNLOCK();
6828 	*perror = 0;
6829 	return (seq);
6830 }
6831 
6832 static uint32_t
6833 key_getacq(const struct secasindex *saidx, int *perror)
6834 {
6835 	struct secacq *acq;
6836 	uint32_t seq;
6837 
6838 	ACQ_LOCK();
6839 	LIST_FOREACH(acq, ACQADDRHASH_HASH(saidx), addrhash) {
6840 		if (key_cmpsaidx(&acq->saidx, saidx, CMP_EXACTLY)) {
6841 			if (acq->count > V_key_blockacq_count) {
6842 				/*
6843 				 * Reset counter and send message.
6844 				 * Also reset created time to keep ACQ for
6845 				 * this saidx.
6846 				 */
6847 				acq->created = time_second;
6848 				acq->count = 0;
6849 				seq = acq->seq;
6850 			} else {
6851 				/*
6852 				 * Increment counter and do nothing.
6853 				 * We send SADB_ACQUIRE message only
6854 				 * for each V_key_blockacq_count packet.
6855 				 */
6856 				acq->count++;
6857 				seq = 0;
6858 			}
6859 			break;
6860 		}
6861 	}
6862 	ACQ_UNLOCK();
6863 	if (acq != NULL) {
6864 		*perror = 0;
6865 		return (seq);
6866 	}
6867 	/* allocate new  entry */
6868 	return (key_newacq(saidx, perror));
6869 }
6870 
6871 static int
6872 key_acqreset(uint32_t seq)
6873 {
6874 	struct secacq *acq;
6875 
6876 	ACQ_LOCK();
6877 	LIST_FOREACH(acq, ACQSEQHASH_HASH(seq), seqhash) {
6878 		if (acq->seq == seq) {
6879 			acq->count = 0;
6880 			acq->created = time_second;
6881 			break;
6882 		}
6883 	}
6884 	ACQ_UNLOCK();
6885 	if (acq == NULL)
6886 		return (ESRCH);
6887 	return (0);
6888 }
6889 /*
6890  * Mark ACQ entry as stale to remove it in key_flush_acq().
6891  * Called after successful SADB_GETSPI message.
6892  */
6893 static int
6894 key_acqdone(const struct secasindex *saidx, uint32_t seq)
6895 {
6896 	struct secacq *acq;
6897 
6898 	ACQ_LOCK();
6899 	LIST_FOREACH(acq, ACQSEQHASH_HASH(seq), seqhash) {
6900 		if (acq->seq == seq)
6901 			break;
6902 	}
6903 	if (acq != NULL) {
6904 		if (key_cmpsaidx(&acq->saidx, saidx, CMP_EXACTLY) == 0) {
6905 			ipseclog((LOG_DEBUG,
6906 			    "%s: Mismatched saidx for ACQ %u\n", __func__, seq));
6907 			acq = NULL;
6908 		} else {
6909 			acq->created = 0;
6910 		}
6911 	} else {
6912 		ipseclog((LOG_DEBUG,
6913 		    "%s: ACQ %u is not found.\n", __func__, seq));
6914 	}
6915 	ACQ_UNLOCK();
6916 	if (acq == NULL)
6917 		return (ESRCH);
6918 	return (0);
6919 }
6920 
6921 static struct secspacq *
6922 key_newspacq(struct secpolicyindex *spidx)
6923 {
6924 	struct secspacq *acq;
6925 
6926 	/* get new entry */
6927 	acq = malloc(sizeof(struct secspacq), M_IPSEC_SAQ, M_NOWAIT|M_ZERO);
6928 	if (acq == NULL) {
6929 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
6930 		return NULL;
6931 	}
6932 
6933 	/* copy secindex */
6934 	bcopy(spidx, &acq->spidx, sizeof(acq->spidx));
6935 	acq->created = time_second;
6936 	acq->count = 0;
6937 
6938 	/* add to spacqtree */
6939 	SPACQ_LOCK();
6940 	LIST_INSERT_HEAD(&V_spacqtree, acq, chain);
6941 	SPACQ_UNLOCK();
6942 
6943 	return acq;
6944 }
6945 
6946 static struct secspacq *
6947 key_getspacq(struct secpolicyindex *spidx)
6948 {
6949 	struct secspacq *acq;
6950 
6951 	SPACQ_LOCK();
6952 	LIST_FOREACH(acq, &V_spacqtree, chain) {
6953 		if (key_cmpspidx_exactly(spidx, &acq->spidx)) {
6954 			/* NB: return holding spacq_lock */
6955 			return acq;
6956 		}
6957 	}
6958 	SPACQ_UNLOCK();
6959 
6960 	return NULL;
6961 }
6962 
6963 /*
6964  * SADB_ACQUIRE processing,
6965  * in first situation, is receiving
6966  *   <base>
6967  * from the ikmpd, and clear sequence of its secasvar entry.
6968  *
6969  * In second situation, is receiving
6970  *   <base, address(SD), (address(P),) (identity(SD),) (sensitivity,) proposal>
6971  * from a user land process, and return
6972  *   <base, address(SD), (address(P),) (identity(SD),) (sensitivity,) proposal>
6973  * to the socket.
6974  *
6975  * m will always be freed.
6976  */
6977 static int
6978 key_acquire2(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
6979 {
6980 	SAHTREE_RLOCK_TRACKER;
6981 	struct sadb_address *src0, *dst0;
6982 	struct secasindex saidx;
6983 	struct secashead *sah;
6984 	uint32_t reqid;
6985 	int error;
6986 	uint8_t mode, proto;
6987 
6988 	IPSEC_ASSERT(so != NULL, ("null socket"));
6989 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
6990 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
6991 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
6992 
6993 	/*
6994 	 * Error message from KMd.
6995 	 * We assume that if error was occurred in IKEd, the length of PFKEY
6996 	 * message is equal to the size of sadb_msg structure.
6997 	 * We do not raise error even if error occurred in this function.
6998 	 */
6999 	if (mhp->msg->sadb_msg_len == PFKEY_UNIT64(sizeof(struct sadb_msg))) {
7000 		/* check sequence number */
7001 		if (mhp->msg->sadb_msg_seq == 0 ||
7002 		    mhp->msg->sadb_msg_errno == 0) {
7003 			ipseclog((LOG_DEBUG, "%s: must specify sequence "
7004 				"number and errno.\n", __func__));
7005 		} else {
7006 			/*
7007 			 * IKEd reported that error occurred.
7008 			 * XXXAE: what it expects from the kernel?
7009 			 * Probably we should send SADB_ACQUIRE again?
7010 			 * If so, reset ACQ's state.
7011 			 * XXXAE: it looks useless.
7012 			 */
7013 			key_acqreset(mhp->msg->sadb_msg_seq);
7014 		}
7015 		m_freem(m);
7016 		return (0);
7017 	}
7018 
7019 	/*
7020 	 * This message is from user land.
7021 	 */
7022 
7023 	/* map satype to proto */
7024 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
7025 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
7026 		    __func__));
7027 		return key_senderror(so, m, EINVAL);
7028 	}
7029 
7030 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
7031 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
7032 	    SADB_CHECKHDR(mhp, SADB_EXT_PROPOSAL)) {
7033 		ipseclog((LOG_DEBUG,
7034 		    "%s: invalid message: missing required header.\n",
7035 		    __func__));
7036 		return key_senderror(so, m, EINVAL);
7037 	}
7038 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
7039 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
7040 	    SADB_CHECKLEN(mhp, SADB_EXT_PROPOSAL)) {
7041 		ipseclog((LOG_DEBUG,
7042 		    "%s: invalid message: wrong header size.\n", __func__));
7043 		return key_senderror(so, m, EINVAL);
7044 	}
7045 
7046 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
7047 		mode = IPSEC_MODE_ANY;
7048 		reqid = 0;
7049 	} else {
7050 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
7051 			ipseclog((LOG_DEBUG,
7052 			    "%s: invalid message: wrong header size.\n",
7053 			    __func__));
7054 			return key_senderror(so, m, EINVAL);
7055 		}
7056 		mode = ((struct sadb_x_sa2 *)
7057 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
7058 		reqid = ((struct sadb_x_sa2 *)
7059 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
7060 	}
7061 
7062 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
7063 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
7064 
7065 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
7066 	    (struct sockaddr *)(dst0 + 1));
7067 	if (error != 0) {
7068 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
7069 		return key_senderror(so, m, EINVAL);
7070 	}
7071 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
7072 
7073 	/* get a SA index */
7074 	SAHTREE_RLOCK();
7075 	LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
7076 		if (key_cmpsaidx(&sah->saidx, &saidx, CMP_MODE_REQID))
7077 			break;
7078 	}
7079 	SAHTREE_RUNLOCK();
7080 	if (sah != NULL) {
7081 		ipseclog((LOG_DEBUG, "%s: a SA exists already.\n", __func__));
7082 		return key_senderror(so, m, EEXIST);
7083 	}
7084 
7085 	error = key_acquire(&saidx, NULL);
7086 	if (error != 0) {
7087 		ipseclog((LOG_DEBUG,
7088 		    "%s: error %d returned from key_acquire()\n",
7089 			__func__, error));
7090 		return key_senderror(so, m, error);
7091 	}
7092 	m_freem(m);
7093 	return (0);
7094 }
7095 
7096 /*
7097  * SADB_REGISTER processing.
7098  * If SATYPE_UNSPEC has been passed as satype, only return sabd_supported.
7099  * receive
7100  *   <base>
7101  * from the ikmpd, and register a socket to send PF_KEY messages,
7102  * and send
7103  *   <base, supported>
7104  * to KMD by PF_KEY.
7105  * If socket is detached, must free from regnode.
7106  *
7107  * m will always be freed.
7108  */
7109 static int
7110 key_register(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7111 {
7112 	struct secreg *reg, *newreg = NULL;
7113 
7114 	IPSEC_ASSERT(so != NULL, ("null socket"));
7115 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7116 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7117 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7118 
7119 	/* check for invalid register message */
7120 	if (mhp->msg->sadb_msg_satype >= sizeof(V_regtree)/sizeof(V_regtree[0]))
7121 		return key_senderror(so, m, EINVAL);
7122 
7123 	/* When SATYPE_UNSPEC is specified, only return sabd_supported. */
7124 	if (mhp->msg->sadb_msg_satype == SADB_SATYPE_UNSPEC)
7125 		goto setmsg;
7126 
7127 	/* check whether existing or not */
7128 	REGTREE_LOCK();
7129 	LIST_FOREACH(reg, &V_regtree[mhp->msg->sadb_msg_satype], chain) {
7130 		if (reg->so == so) {
7131 			REGTREE_UNLOCK();
7132 			ipseclog((LOG_DEBUG, "%s: socket exists already.\n",
7133 				__func__));
7134 			return key_senderror(so, m, EEXIST);
7135 		}
7136 	}
7137 
7138 	/* create regnode */
7139 	newreg =  malloc(sizeof(struct secreg), M_IPSEC_SAR, M_NOWAIT|M_ZERO);
7140 	if (newreg == NULL) {
7141 		REGTREE_UNLOCK();
7142 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
7143 		return key_senderror(so, m, ENOBUFS);
7144 	}
7145 
7146 	newreg->so = so;
7147 	((struct keycb *)sotorawcb(so))->kp_registered++;
7148 
7149 	/* add regnode to regtree. */
7150 	LIST_INSERT_HEAD(&V_regtree[mhp->msg->sadb_msg_satype], newreg, chain);
7151 	REGTREE_UNLOCK();
7152 
7153   setmsg:
7154     {
7155 	struct mbuf *n;
7156 	struct sadb_msg *newmsg;
7157 	struct sadb_supported *sup;
7158 	u_int len, alen, elen;
7159 	int off;
7160 	int i;
7161 	struct sadb_alg *alg;
7162 
7163 	/* create new sadb_msg to reply. */
7164 	alen = 0;
7165 	for (i = 1; i <= SADB_AALG_MAX; i++) {
7166 		if (auth_algorithm_lookup(i))
7167 			alen += sizeof(struct sadb_alg);
7168 	}
7169 	if (alen)
7170 		alen += sizeof(struct sadb_supported);
7171 	elen = 0;
7172 	for (i = 1; i <= SADB_EALG_MAX; i++) {
7173 		if (enc_algorithm_lookup(i))
7174 			elen += sizeof(struct sadb_alg);
7175 	}
7176 	if (elen)
7177 		elen += sizeof(struct sadb_supported);
7178 
7179 	len = sizeof(struct sadb_msg) + alen + elen;
7180 
7181 	if (len > MCLBYTES)
7182 		return key_senderror(so, m, ENOBUFS);
7183 
7184 	MGETHDR(n, M_NOWAIT, MT_DATA);
7185 	if (n != NULL && len > MHLEN) {
7186 		if (!(MCLGET(n, M_NOWAIT))) {
7187 			m_freem(n);
7188 			n = NULL;
7189 		}
7190 	}
7191 	if (!n)
7192 		return key_senderror(so, m, ENOBUFS);
7193 
7194 	n->m_pkthdr.len = n->m_len = len;
7195 	n->m_next = NULL;
7196 	off = 0;
7197 
7198 	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
7199 	newmsg = mtod(n, struct sadb_msg *);
7200 	newmsg->sadb_msg_errno = 0;
7201 	newmsg->sadb_msg_len = PFKEY_UNIT64(len);
7202 	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
7203 
7204 	/* for authentication algorithm */
7205 	if (alen) {
7206 		sup = (struct sadb_supported *)(mtod(n, caddr_t) + off);
7207 		sup->sadb_supported_len = PFKEY_UNIT64(alen);
7208 		sup->sadb_supported_exttype = SADB_EXT_SUPPORTED_AUTH;
7209 		off += PFKEY_ALIGN8(sizeof(*sup));
7210 
7211 		for (i = 1; i <= SADB_AALG_MAX; i++) {
7212 			const struct auth_hash *aalgo;
7213 			u_int16_t minkeysize, maxkeysize;
7214 
7215 			aalgo = auth_algorithm_lookup(i);
7216 			if (!aalgo)
7217 				continue;
7218 			alg = (struct sadb_alg *)(mtod(n, caddr_t) + off);
7219 			alg->sadb_alg_id = i;
7220 			alg->sadb_alg_ivlen = 0;
7221 			key_getsizes_ah(aalgo, i, &minkeysize, &maxkeysize);
7222 			alg->sadb_alg_minbits = _BITS(minkeysize);
7223 			alg->sadb_alg_maxbits = _BITS(maxkeysize);
7224 			off += PFKEY_ALIGN8(sizeof(*alg));
7225 		}
7226 	}
7227 
7228 	/* for encryption algorithm */
7229 	if (elen) {
7230 		sup = (struct sadb_supported *)(mtod(n, caddr_t) + off);
7231 		sup->sadb_supported_len = PFKEY_UNIT64(elen);
7232 		sup->sadb_supported_exttype = SADB_EXT_SUPPORTED_ENCRYPT;
7233 		off += PFKEY_ALIGN8(sizeof(*sup));
7234 
7235 		for (i = 1; i <= SADB_EALG_MAX; i++) {
7236 			const struct enc_xform *ealgo;
7237 
7238 			ealgo = enc_algorithm_lookup(i);
7239 			if (!ealgo)
7240 				continue;
7241 			alg = (struct sadb_alg *)(mtod(n, caddr_t) + off);
7242 			alg->sadb_alg_id = i;
7243 			alg->sadb_alg_ivlen = ealgo->ivsize;
7244 			alg->sadb_alg_minbits = _BITS(ealgo->minkey);
7245 			alg->sadb_alg_maxbits = _BITS(ealgo->maxkey);
7246 			off += PFKEY_ALIGN8(sizeof(struct sadb_alg));
7247 		}
7248 	}
7249 
7250 	IPSEC_ASSERT(off == len,
7251 		("length assumption failed (off %u len %u)", off, len));
7252 
7253 	m_freem(m);
7254 	return key_sendup_mbuf(so, n, KEY_SENDUP_REGISTERED);
7255     }
7256 }
7257 
7258 /*
7259  * free secreg entry registered.
7260  * XXX: I want to do free a socket marked done SADB_RESIGER to socket.
7261  */
7262 void
7263 key_freereg(struct socket *so)
7264 {
7265 	struct secreg *reg;
7266 	int i;
7267 
7268 	IPSEC_ASSERT(so != NULL, ("NULL so"));
7269 
7270 	/*
7271 	 * check whether existing or not.
7272 	 * check all type of SA, because there is a potential that
7273 	 * one socket is registered to multiple type of SA.
7274 	 */
7275 	REGTREE_LOCK();
7276 	for (i = 0; i <= SADB_SATYPE_MAX; i++) {
7277 		LIST_FOREACH(reg, &V_regtree[i], chain) {
7278 			if (reg->so == so && __LIST_CHAINED(reg)) {
7279 				LIST_REMOVE(reg, chain);
7280 				free(reg, M_IPSEC_SAR);
7281 				break;
7282 			}
7283 		}
7284 	}
7285 	REGTREE_UNLOCK();
7286 }
7287 
7288 /*
7289  * SADB_EXPIRE processing
7290  * send
7291  *   <base, SA, SA2, lifetime(C and one of HS), address(SD)>
7292  * to KMD by PF_KEY.
7293  * NOTE: We send only soft lifetime extension.
7294  *
7295  * OUT:	0	: succeed
7296  *	others	: error number
7297  */
7298 static int
7299 key_expire(struct secasvar *sav, int hard)
7300 {
7301 	struct mbuf *result = NULL, *m;
7302 	struct sadb_lifetime *lt;
7303 	uint32_t replay_count;
7304 	int error, len;
7305 	uint8_t satype;
7306 
7307 	IPSEC_ASSERT (sav != NULL, ("null sav"));
7308 	IPSEC_ASSERT (sav->sah != NULL, ("null sa header"));
7309 
7310 	KEYDBG(KEY_STAMP,
7311 	    printf("%s: SA(%p) expired %s lifetime\n", __func__,
7312 		sav, hard ? "hard": "soft"));
7313 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
7314 	/* set msg header */
7315 	satype = key_proto2satype(sav->sah->saidx.proto);
7316 	IPSEC_ASSERT(satype != 0, ("invalid proto, satype %u", satype));
7317 	m = key_setsadbmsg(SADB_EXPIRE, 0, satype, sav->seq, 0, sav->refcnt);
7318 	if (!m) {
7319 		error = ENOBUFS;
7320 		goto fail;
7321 	}
7322 	result = m;
7323 
7324 	/* create SA extension */
7325 	m = key_setsadbsa(sav);
7326 	if (!m) {
7327 		error = ENOBUFS;
7328 		goto fail;
7329 	}
7330 	m_cat(result, m);
7331 
7332 	/* create SA extension */
7333 	SECASVAR_LOCK(sav);
7334 	replay_count = sav->replay ? sav->replay->count : 0;
7335 	SECASVAR_UNLOCK(sav);
7336 
7337 	m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
7338 			sav->sah->saidx.reqid);
7339 	if (!m) {
7340 		error = ENOBUFS;
7341 		goto fail;
7342 	}
7343 	m_cat(result, m);
7344 
7345 	if (sav->replay && sav->replay->wsize > UINT8_MAX) {
7346 		m = key_setsadbxsareplay(sav->replay->wsize);
7347 		if (!m) {
7348 			error = ENOBUFS;
7349 			goto fail;
7350 		}
7351 		m_cat(result, m);
7352 	}
7353 
7354 	/* create lifetime extension (current and soft) */
7355 	len = PFKEY_ALIGN8(sizeof(*lt)) * 2;
7356 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
7357 	if (m == NULL) {
7358 		error = ENOBUFS;
7359 		goto fail;
7360 	}
7361 	m_align(m, len);
7362 	m->m_len = len;
7363 	bzero(mtod(m, caddr_t), len);
7364 	lt = mtod(m, struct sadb_lifetime *);
7365 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
7366 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
7367 	lt->sadb_lifetime_allocations =
7368 	    (uint32_t)counter_u64_fetch(sav->lft_c_allocations);
7369 	lt->sadb_lifetime_bytes =
7370 	    counter_u64_fetch(sav->lft_c_bytes);
7371 	lt->sadb_lifetime_addtime = sav->created;
7372 	lt->sadb_lifetime_usetime = sav->firstused;
7373 	lt = (struct sadb_lifetime *)(mtod(m, caddr_t) + len / 2);
7374 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
7375 	if (hard) {
7376 		lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
7377 		lt->sadb_lifetime_allocations = sav->lft_h->allocations;
7378 		lt->sadb_lifetime_bytes = sav->lft_h->bytes;
7379 		lt->sadb_lifetime_addtime = sav->lft_h->addtime;
7380 		lt->sadb_lifetime_usetime = sav->lft_h->usetime;
7381 	} else {
7382 		lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT;
7383 		lt->sadb_lifetime_allocations = sav->lft_s->allocations;
7384 		lt->sadb_lifetime_bytes = sav->lft_s->bytes;
7385 		lt->sadb_lifetime_addtime = sav->lft_s->addtime;
7386 		lt->sadb_lifetime_usetime = sav->lft_s->usetime;
7387 	}
7388 	m_cat(result, m);
7389 
7390 	/* set sadb_address for source */
7391 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
7392 	    &sav->sah->saidx.src.sa,
7393 	    FULLMASK, IPSEC_ULPROTO_ANY);
7394 	if (!m) {
7395 		error = ENOBUFS;
7396 		goto fail;
7397 	}
7398 	m_cat(result, m);
7399 
7400 	/* set sadb_address for destination */
7401 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
7402 	    &sav->sah->saidx.dst.sa,
7403 	    FULLMASK, IPSEC_ULPROTO_ANY);
7404 	if (!m) {
7405 		error = ENOBUFS;
7406 		goto fail;
7407 	}
7408 	m_cat(result, m);
7409 
7410 	/*
7411 	 * XXX-BZ Handle NAT-T extensions here.
7412 	 * XXXAE: it doesn't seem quite useful. IKEs should not depend on
7413 	 * this information, we report only significant SA fields.
7414 	 */
7415 
7416 	if ((result->m_flags & M_PKTHDR) == 0) {
7417 		error = EINVAL;
7418 		goto fail;
7419 	}
7420 
7421 	if (result->m_len < sizeof(struct sadb_msg)) {
7422 		result = m_pullup(result, sizeof(struct sadb_msg));
7423 		if (result == NULL) {
7424 			error = ENOBUFS;
7425 			goto fail;
7426 		}
7427 	}
7428 
7429 	result->m_pkthdr.len = 0;
7430 	for (m = result; m; m = m->m_next)
7431 		result->m_pkthdr.len += m->m_len;
7432 
7433 	mtod(result, struct sadb_msg *)->sadb_msg_len =
7434 	    PFKEY_UNIT64(result->m_pkthdr.len);
7435 
7436 	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
7437 
7438  fail:
7439 	if (result)
7440 		m_freem(result);
7441 	return error;
7442 }
7443 
7444 static void
7445 key_freesah_flushed(struct secashead_queue *flushq)
7446 {
7447 	struct secashead *sah, *nextsah;
7448 	struct secasvar *sav, *nextsav;
7449 
7450 	sah = TAILQ_FIRST(flushq);
7451 	while (sah != NULL) {
7452 		sav = TAILQ_FIRST(&sah->savtree_larval);
7453 		while (sav != NULL) {
7454 			nextsav = TAILQ_NEXT(sav, chain);
7455 			TAILQ_REMOVE(&sah->savtree_larval, sav, chain);
7456 			key_freesav(&sav); /* release last reference */
7457 			key_freesah(&sah); /* release reference from SAV */
7458 			sav = nextsav;
7459 		}
7460 		sav = TAILQ_FIRST(&sah->savtree_alive);
7461 		while (sav != NULL) {
7462 			nextsav = TAILQ_NEXT(sav, chain);
7463 			TAILQ_REMOVE(&sah->savtree_alive, sav, chain);
7464 			key_freesav(&sav); /* release last reference */
7465 			key_freesah(&sah); /* release reference from SAV */
7466 			sav = nextsav;
7467 		}
7468 		nextsah = TAILQ_NEXT(sah, chain);
7469 		key_freesah(&sah);	/* release last reference */
7470 		sah = nextsah;
7471 	}
7472 }
7473 
7474 /*
7475  * SADB_FLUSH processing
7476  * receive
7477  *   <base>
7478  * from the ikmpd, and free all entries in secastree.
7479  * and send,
7480  *   <base>
7481  * to the ikmpd.
7482  * NOTE: to do is only marking SADB_SASTATE_DEAD.
7483  *
7484  * m will always be freed.
7485  */
7486 static int
7487 key_flush(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7488 {
7489 	struct secashead_queue flushq;
7490 	struct sadb_msg *newmsg;
7491 	struct secashead *sah, *nextsah;
7492 	struct secasvar *sav;
7493 	uint8_t proto;
7494 	int i;
7495 
7496 	IPSEC_ASSERT(so != NULL, ("null socket"));
7497 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7498 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7499 
7500 	/* map satype to proto */
7501 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
7502 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
7503 			__func__));
7504 		return key_senderror(so, m, EINVAL);
7505 	}
7506 	KEYDBG(KEY_STAMP,
7507 	    printf("%s: proto %u\n", __func__, proto));
7508 
7509 	TAILQ_INIT(&flushq);
7510 	if (proto == IPSEC_PROTO_ANY) {
7511 		/* no SATYPE specified, i.e. flushing all SA. */
7512 		SAHTREE_WLOCK();
7513 		/* Move all SAHs into flushq */
7514 		TAILQ_CONCAT(&flushq, &V_sahtree, chain);
7515 		/* Flush all buckets in SPI hash */
7516 		for (i = 0; i < V_savhash_mask + 1; i++)
7517 			LIST_INIT(&V_savhashtbl[i]);
7518 		/* Flush all buckets in SAHADDRHASH */
7519 		for (i = 0; i < V_sahaddrhash_mask + 1; i++)
7520 			LIST_INIT(&V_sahaddrhashtbl[i]);
7521 		/* Mark all SAHs as unlinked */
7522 		TAILQ_FOREACH(sah, &flushq, chain) {
7523 			sah->state = SADB_SASTATE_DEAD;
7524 			/*
7525 			 * Callout handler makes its job using
7526 			 * RLOCK and drain queues. In case, when this
7527 			 * function will be called just before it
7528 			 * acquires WLOCK, we need to mark SAs as
7529 			 * unlinked to prevent second unlink.
7530 			 */
7531 			TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7532 				sav->state = SADB_SASTATE_DEAD;
7533 			}
7534 			TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7535 				sav->state = SADB_SASTATE_DEAD;
7536 			}
7537 		}
7538 		SAHTREE_WUNLOCK();
7539 	} else {
7540 		SAHTREE_WLOCK();
7541 		sah = TAILQ_FIRST(&V_sahtree);
7542 		while (sah != NULL) {
7543 			IPSEC_ASSERT(sah->state != SADB_SASTATE_DEAD,
7544 			    ("DEAD SAH %p in SADB_FLUSH", sah));
7545 			nextsah = TAILQ_NEXT(sah, chain);
7546 			if (sah->saidx.proto != proto) {
7547 				sah = nextsah;
7548 				continue;
7549 			}
7550 			sah->state = SADB_SASTATE_DEAD;
7551 			TAILQ_REMOVE(&V_sahtree, sah, chain);
7552 			LIST_REMOVE(sah, addrhash);
7553 			/* Unlink all SAs from SPI hash */
7554 			TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7555 				LIST_REMOVE(sav, spihash);
7556 				sav->state = SADB_SASTATE_DEAD;
7557 			}
7558 			TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7559 				LIST_REMOVE(sav, spihash);
7560 				sav->state = SADB_SASTATE_DEAD;
7561 			}
7562 			/* Add SAH into flushq */
7563 			TAILQ_INSERT_HEAD(&flushq, sah, chain);
7564 			sah = nextsah;
7565 		}
7566 		SAHTREE_WUNLOCK();
7567 	}
7568 
7569 	key_freesah_flushed(&flushq);
7570 	/* Free all queued SAs and SAHs */
7571 	if (m->m_len < sizeof(struct sadb_msg) ||
7572 	    sizeof(struct sadb_msg) > m->m_len + M_TRAILINGSPACE(m)) {
7573 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
7574 		return key_senderror(so, m, ENOBUFS);
7575 	}
7576 
7577 	if (m->m_next)
7578 		m_freem(m->m_next);
7579 	m->m_next = NULL;
7580 	m->m_pkthdr.len = m->m_len = sizeof(struct sadb_msg);
7581 	newmsg = mtod(m, struct sadb_msg *);
7582 	newmsg->sadb_msg_errno = 0;
7583 	newmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
7584 
7585 	return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
7586 }
7587 
7588 /*
7589  * SADB_DUMP processing
7590  * dump all entries including status of DEAD in SAD.
7591  * receive
7592  *   <base>
7593  * from the ikmpd, and dump all secasvar leaves
7594  * and send,
7595  *   <base> .....
7596  * to the ikmpd.
7597  *
7598  * m will always be freed.
7599  */
7600 static int
7601 key_dump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7602 {
7603 	SAHTREE_RLOCK_TRACKER;
7604 	struct secashead *sah;
7605 	struct secasvar *sav;
7606 	struct mbuf *n;
7607 	uint32_t cnt;
7608 	uint8_t proto, satype;
7609 
7610 	IPSEC_ASSERT(so != NULL, ("null socket"));
7611 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7612 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7613 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7614 
7615 	/* map satype to proto */
7616 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
7617 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
7618 		    __func__));
7619 		return key_senderror(so, m, EINVAL);
7620 	}
7621 
7622 	/* count sav entries to be sent to the userland. */
7623 	cnt = 0;
7624 	SAHTREE_RLOCK();
7625 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
7626 		if (mhp->msg->sadb_msg_satype != SADB_SATYPE_UNSPEC &&
7627 		    proto != sah->saidx.proto)
7628 			continue;
7629 
7630 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain)
7631 			cnt++;
7632 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain)
7633 			cnt++;
7634 	}
7635 
7636 	if (cnt == 0) {
7637 		SAHTREE_RUNLOCK();
7638 		return key_senderror(so, m, ENOENT);
7639 	}
7640 
7641 	/* send this to the userland, one at a time. */
7642 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
7643 		if (mhp->msg->sadb_msg_satype != SADB_SATYPE_UNSPEC &&
7644 		    proto != sah->saidx.proto)
7645 			continue;
7646 
7647 		/* map proto to satype */
7648 		if ((satype = key_proto2satype(sah->saidx.proto)) == 0) {
7649 			SAHTREE_RUNLOCK();
7650 			ipseclog((LOG_DEBUG, "%s: there was invalid proto in "
7651 			    "SAD.\n", __func__));
7652 			return key_senderror(so, m, EINVAL);
7653 		}
7654 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7655 			n = key_setdumpsa(sav, SADB_DUMP, satype,
7656 			    --cnt, mhp->msg->sadb_msg_pid);
7657 			if (n == NULL) {
7658 				SAHTREE_RUNLOCK();
7659 				return key_senderror(so, m, ENOBUFS);
7660 			}
7661 			key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
7662 		}
7663 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7664 			n = key_setdumpsa(sav, SADB_DUMP, satype,
7665 			    --cnt, mhp->msg->sadb_msg_pid);
7666 			if (n == NULL) {
7667 				SAHTREE_RUNLOCK();
7668 				return key_senderror(so, m, ENOBUFS);
7669 			}
7670 			key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
7671 		}
7672 	}
7673 	SAHTREE_RUNLOCK();
7674 	m_freem(m);
7675 	return (0);
7676 }
7677 /*
7678  * SADB_X_PROMISC processing
7679  *
7680  * m will always be freed.
7681  */
7682 static int
7683 key_promisc(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7684 {
7685 	int olen;
7686 
7687 	IPSEC_ASSERT(so != NULL, ("null socket"));
7688 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7689 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7690 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7691 
7692 	olen = PFKEY_UNUNIT64(mhp->msg->sadb_msg_len);
7693 
7694 	if (olen < sizeof(struct sadb_msg)) {
7695 #if 1
7696 		return key_senderror(so, m, EINVAL);
7697 #else
7698 		m_freem(m);
7699 		return 0;
7700 #endif
7701 	} else if (olen == sizeof(struct sadb_msg)) {
7702 		/* enable/disable promisc mode */
7703 		struct keycb *kp;
7704 
7705 		if ((kp = (struct keycb *)sotorawcb(so)) == NULL)
7706 			return key_senderror(so, m, EINVAL);
7707 		mhp->msg->sadb_msg_errno = 0;
7708 		switch (mhp->msg->sadb_msg_satype) {
7709 		case 0:
7710 		case 1:
7711 			kp->kp_promisc = mhp->msg->sadb_msg_satype;
7712 			break;
7713 		default:
7714 			return key_senderror(so, m, EINVAL);
7715 		}
7716 
7717 		/* send the original message back to everyone */
7718 		mhp->msg->sadb_msg_errno = 0;
7719 		return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
7720 	} else {
7721 		/* send packet as is */
7722 
7723 		m_adj(m, PFKEY_ALIGN8(sizeof(struct sadb_msg)));
7724 
7725 		/* TODO: if sadb_msg_seq is specified, send to specific pid */
7726 		return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
7727 	}
7728 }
7729 
7730 static int (*key_typesw[])(struct socket *, struct mbuf *,
7731 		const struct sadb_msghdr *) = {
7732 	NULL,		/* SADB_RESERVED */
7733 	key_getspi,	/* SADB_GETSPI */
7734 	key_update,	/* SADB_UPDATE */
7735 	key_add,	/* SADB_ADD */
7736 	key_delete,	/* SADB_DELETE */
7737 	key_get,	/* SADB_GET */
7738 	key_acquire2,	/* SADB_ACQUIRE */
7739 	key_register,	/* SADB_REGISTER */
7740 	NULL,		/* SADB_EXPIRE */
7741 	key_flush,	/* SADB_FLUSH */
7742 	key_dump,	/* SADB_DUMP */
7743 	key_promisc,	/* SADB_X_PROMISC */
7744 	NULL,		/* SADB_X_PCHANGE */
7745 	key_spdadd,	/* SADB_X_SPDUPDATE */
7746 	key_spdadd,	/* SADB_X_SPDADD */
7747 	key_spddelete,	/* SADB_X_SPDDELETE */
7748 	key_spdget,	/* SADB_X_SPDGET */
7749 	NULL,		/* SADB_X_SPDACQUIRE */
7750 	key_spddump,	/* SADB_X_SPDDUMP */
7751 	key_spdflush,	/* SADB_X_SPDFLUSH */
7752 	key_spdadd,	/* SADB_X_SPDSETIDX */
7753 	NULL,		/* SADB_X_SPDEXPIRE */
7754 	key_spddelete2,	/* SADB_X_SPDDELETE2 */
7755 };
7756 
7757 /*
7758  * parse sadb_msg buffer to process PFKEYv2,
7759  * and create a data to response if needed.
7760  * I think to be dealed with mbuf directly.
7761  * IN:
7762  *     msgp  : pointer to pointer to a received buffer pulluped.
7763  *             This is rewrited to response.
7764  *     so    : pointer to socket.
7765  * OUT:
7766  *    length for buffer to send to user process.
7767  */
7768 int
7769 key_parse(struct mbuf *m, struct socket *so)
7770 {
7771 	struct sadb_msg *msg;
7772 	struct sadb_msghdr mh;
7773 	u_int orglen;
7774 	int error;
7775 	int target;
7776 
7777 	IPSEC_ASSERT(so != NULL, ("null socket"));
7778 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7779 
7780 	if (m->m_len < sizeof(struct sadb_msg)) {
7781 		m = m_pullup(m, sizeof(struct sadb_msg));
7782 		if (!m)
7783 			return ENOBUFS;
7784 	}
7785 	msg = mtod(m, struct sadb_msg *);
7786 	orglen = PFKEY_UNUNIT64(msg->sadb_msg_len);
7787 	target = KEY_SENDUP_ONE;
7788 
7789 	if ((m->m_flags & M_PKTHDR) == 0 || m->m_pkthdr.len != orglen) {
7790 		ipseclog((LOG_DEBUG, "%s: invalid message length.\n",__func__));
7791 		PFKEYSTAT_INC(out_invlen);
7792 		error = EINVAL;
7793 		goto senderror;
7794 	}
7795 
7796 	if (msg->sadb_msg_version != PF_KEY_V2) {
7797 		ipseclog((LOG_DEBUG, "%s: PF_KEY version %u is mismatched.\n",
7798 		    __func__, msg->sadb_msg_version));
7799 		PFKEYSTAT_INC(out_invver);
7800 		error = EINVAL;
7801 		goto senderror;
7802 	}
7803 
7804 	if (msg->sadb_msg_type > SADB_MAX) {
7805 		ipseclog((LOG_DEBUG, "%s: invalid type %u is passed.\n",
7806 		    __func__, msg->sadb_msg_type));
7807 		PFKEYSTAT_INC(out_invmsgtype);
7808 		error = EINVAL;
7809 		goto senderror;
7810 	}
7811 
7812 	/* for old-fashioned code - should be nuked */
7813 	if (m->m_pkthdr.len > MCLBYTES) {
7814 		m_freem(m);
7815 		return ENOBUFS;
7816 	}
7817 	if (m->m_next) {
7818 		struct mbuf *n;
7819 
7820 		MGETHDR(n, M_NOWAIT, MT_DATA);
7821 		if (n && m->m_pkthdr.len > MHLEN) {
7822 			if (!(MCLGET(n, M_NOWAIT))) {
7823 				m_free(n);
7824 				n = NULL;
7825 			}
7826 		}
7827 		if (!n) {
7828 			m_freem(m);
7829 			return ENOBUFS;
7830 		}
7831 		m_copydata(m, 0, m->m_pkthdr.len, mtod(n, caddr_t));
7832 		n->m_pkthdr.len = n->m_len = m->m_pkthdr.len;
7833 		n->m_next = NULL;
7834 		m_freem(m);
7835 		m = n;
7836 	}
7837 
7838 	/* align the mbuf chain so that extensions are in contiguous region. */
7839 	error = key_align(m, &mh);
7840 	if (error)
7841 		return error;
7842 
7843 	msg = mh.msg;
7844 
7845 	/* We use satype as scope mask for spddump */
7846 	if (msg->sadb_msg_type == SADB_X_SPDDUMP) {
7847 		switch (msg->sadb_msg_satype) {
7848 		case IPSEC_POLICYSCOPE_ANY:
7849 		case IPSEC_POLICYSCOPE_GLOBAL:
7850 		case IPSEC_POLICYSCOPE_IFNET:
7851 		case IPSEC_POLICYSCOPE_PCB:
7852 			break;
7853 		default:
7854 			ipseclog((LOG_DEBUG, "%s: illegal satype=%u\n",
7855 			    __func__, msg->sadb_msg_type));
7856 			PFKEYSTAT_INC(out_invsatype);
7857 			error = EINVAL;
7858 			goto senderror;
7859 		}
7860 	} else {
7861 		switch (msg->sadb_msg_satype) { /* check SA type */
7862 		case SADB_SATYPE_UNSPEC:
7863 			switch (msg->sadb_msg_type) {
7864 			case SADB_GETSPI:
7865 			case SADB_UPDATE:
7866 			case SADB_ADD:
7867 			case SADB_DELETE:
7868 			case SADB_GET:
7869 			case SADB_ACQUIRE:
7870 			case SADB_EXPIRE:
7871 				ipseclog((LOG_DEBUG, "%s: must specify satype "
7872 				    "when msg type=%u.\n", __func__,
7873 				    msg->sadb_msg_type));
7874 				PFKEYSTAT_INC(out_invsatype);
7875 				error = EINVAL;
7876 				goto senderror;
7877 			}
7878 			break;
7879 		case SADB_SATYPE_AH:
7880 		case SADB_SATYPE_ESP:
7881 		case SADB_X_SATYPE_IPCOMP:
7882 		case SADB_X_SATYPE_TCPSIGNATURE:
7883 			switch (msg->sadb_msg_type) {
7884 			case SADB_X_SPDADD:
7885 			case SADB_X_SPDDELETE:
7886 			case SADB_X_SPDGET:
7887 			case SADB_X_SPDFLUSH:
7888 			case SADB_X_SPDSETIDX:
7889 			case SADB_X_SPDUPDATE:
7890 			case SADB_X_SPDDELETE2:
7891 				ipseclog((LOG_DEBUG, "%s: illegal satype=%u\n",
7892 				    __func__, msg->sadb_msg_type));
7893 				PFKEYSTAT_INC(out_invsatype);
7894 				error = EINVAL;
7895 				goto senderror;
7896 			}
7897 			break;
7898 		case SADB_SATYPE_RSVP:
7899 		case SADB_SATYPE_OSPFV2:
7900 		case SADB_SATYPE_RIPV2:
7901 		case SADB_SATYPE_MIP:
7902 			ipseclog((LOG_DEBUG, "%s: type %u isn't supported.\n",
7903 			    __func__, msg->sadb_msg_satype));
7904 			PFKEYSTAT_INC(out_invsatype);
7905 			error = EOPNOTSUPP;
7906 			goto senderror;
7907 		case 1:	/* XXX: What does it do? */
7908 			if (msg->sadb_msg_type == SADB_X_PROMISC)
7909 				break;
7910 			/*FALLTHROUGH*/
7911 		default:
7912 			ipseclog((LOG_DEBUG, "%s: invalid type %u is passed.\n",
7913 			    __func__, msg->sadb_msg_satype));
7914 			PFKEYSTAT_INC(out_invsatype);
7915 			error = EINVAL;
7916 			goto senderror;
7917 		}
7918 	}
7919 
7920 	/* check field of upper layer protocol and address family */
7921 	if (mh.ext[SADB_EXT_ADDRESS_SRC] != NULL
7922 	 && mh.ext[SADB_EXT_ADDRESS_DST] != NULL) {
7923 		struct sadb_address *src0, *dst0;
7924 		u_int plen;
7925 
7926 		src0 = (struct sadb_address *)(mh.ext[SADB_EXT_ADDRESS_SRC]);
7927 		dst0 = (struct sadb_address *)(mh.ext[SADB_EXT_ADDRESS_DST]);
7928 
7929 		/* check upper layer protocol */
7930 		if (src0->sadb_address_proto != dst0->sadb_address_proto) {
7931 			ipseclog((LOG_DEBUG, "%s: upper layer protocol "
7932 				"mismatched.\n", __func__));
7933 			PFKEYSTAT_INC(out_invaddr);
7934 			error = EINVAL;
7935 			goto senderror;
7936 		}
7937 
7938 		/* check family */
7939 		if (PFKEY_ADDR_SADDR(src0)->sa_family !=
7940 		    PFKEY_ADDR_SADDR(dst0)->sa_family) {
7941 			ipseclog((LOG_DEBUG, "%s: address family mismatched.\n",
7942 				__func__));
7943 			PFKEYSTAT_INC(out_invaddr);
7944 			error = EINVAL;
7945 			goto senderror;
7946 		}
7947 		if (PFKEY_ADDR_SADDR(src0)->sa_len !=
7948 		    PFKEY_ADDR_SADDR(dst0)->sa_len) {
7949 			ipseclog((LOG_DEBUG, "%s: address struct size "
7950 				"mismatched.\n", __func__));
7951 			PFKEYSTAT_INC(out_invaddr);
7952 			error = EINVAL;
7953 			goto senderror;
7954 		}
7955 
7956 		switch (PFKEY_ADDR_SADDR(src0)->sa_family) {
7957 		case AF_INET:
7958 			if (PFKEY_ADDR_SADDR(src0)->sa_len !=
7959 			    sizeof(struct sockaddr_in)) {
7960 				PFKEYSTAT_INC(out_invaddr);
7961 				error = EINVAL;
7962 				goto senderror;
7963 			}
7964 			break;
7965 		case AF_INET6:
7966 			if (PFKEY_ADDR_SADDR(src0)->sa_len !=
7967 			    sizeof(struct sockaddr_in6)) {
7968 				PFKEYSTAT_INC(out_invaddr);
7969 				error = EINVAL;
7970 				goto senderror;
7971 			}
7972 			break;
7973 		default:
7974 			ipseclog((LOG_DEBUG, "%s: unsupported address family\n",
7975 				__func__));
7976 			PFKEYSTAT_INC(out_invaddr);
7977 			error = EAFNOSUPPORT;
7978 			goto senderror;
7979 		}
7980 
7981 		switch (PFKEY_ADDR_SADDR(src0)->sa_family) {
7982 		case AF_INET:
7983 			plen = sizeof(struct in_addr) << 3;
7984 			break;
7985 		case AF_INET6:
7986 			plen = sizeof(struct in6_addr) << 3;
7987 			break;
7988 		default:
7989 			plen = 0;	/*fool gcc*/
7990 			break;
7991 		}
7992 
7993 		/* check max prefix length */
7994 		if (src0->sadb_address_prefixlen > plen ||
7995 		    dst0->sadb_address_prefixlen > plen) {
7996 			ipseclog((LOG_DEBUG, "%s: illegal prefixlen.\n",
7997 				__func__));
7998 			PFKEYSTAT_INC(out_invaddr);
7999 			error = EINVAL;
8000 			goto senderror;
8001 		}
8002 
8003 		/*
8004 		 * prefixlen == 0 is valid because there can be a case when
8005 		 * all addresses are matched.
8006 		 */
8007 	}
8008 
8009 	if (msg->sadb_msg_type >= nitems(key_typesw) ||
8010 	    key_typesw[msg->sadb_msg_type] == NULL) {
8011 		PFKEYSTAT_INC(out_invmsgtype);
8012 		error = EINVAL;
8013 		goto senderror;
8014 	}
8015 
8016 	return (*key_typesw[msg->sadb_msg_type])(so, m, &mh);
8017 
8018 senderror:
8019 	msg->sadb_msg_errno = error;
8020 	return key_sendup_mbuf(so, m, target);
8021 }
8022 
8023 static int
8024 key_senderror(struct socket *so, struct mbuf *m, int code)
8025 {
8026 	struct sadb_msg *msg;
8027 
8028 	IPSEC_ASSERT(m->m_len >= sizeof(struct sadb_msg),
8029 		("mbuf too small, len %u", m->m_len));
8030 
8031 	msg = mtod(m, struct sadb_msg *);
8032 	msg->sadb_msg_errno = code;
8033 	return key_sendup_mbuf(so, m, KEY_SENDUP_ONE);
8034 }
8035 
8036 /*
8037  * set the pointer to each header into message buffer.
8038  * m will be freed on error.
8039  * XXX larger-than-MCLBYTES extension?
8040  */
8041 static int
8042 key_align(struct mbuf *m, struct sadb_msghdr *mhp)
8043 {
8044 	struct mbuf *n;
8045 	struct sadb_ext *ext;
8046 	size_t off, end;
8047 	int extlen;
8048 	int toff;
8049 
8050 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
8051 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
8052 	IPSEC_ASSERT(m->m_len >= sizeof(struct sadb_msg),
8053 		("mbuf too small, len %u", m->m_len));
8054 
8055 	/* initialize */
8056 	bzero(mhp, sizeof(*mhp));
8057 
8058 	mhp->msg = mtod(m, struct sadb_msg *);
8059 	mhp->ext[0] = (struct sadb_ext *)mhp->msg;	/*XXX backward compat */
8060 
8061 	end = PFKEY_UNUNIT64(mhp->msg->sadb_msg_len);
8062 	extlen = end;	/*just in case extlen is not updated*/
8063 	for (off = sizeof(struct sadb_msg); off < end; off += extlen) {
8064 		n = m_pulldown(m, off, sizeof(struct sadb_ext), &toff);
8065 		if (!n) {
8066 			/* m is already freed */
8067 			return ENOBUFS;
8068 		}
8069 		ext = (struct sadb_ext *)(mtod(n, caddr_t) + toff);
8070 
8071 		/* set pointer */
8072 		switch (ext->sadb_ext_type) {
8073 		case SADB_EXT_SA:
8074 		case SADB_EXT_ADDRESS_SRC:
8075 		case SADB_EXT_ADDRESS_DST:
8076 		case SADB_EXT_ADDRESS_PROXY:
8077 		case SADB_EXT_LIFETIME_CURRENT:
8078 		case SADB_EXT_LIFETIME_HARD:
8079 		case SADB_EXT_LIFETIME_SOFT:
8080 		case SADB_EXT_KEY_AUTH:
8081 		case SADB_EXT_KEY_ENCRYPT:
8082 		case SADB_EXT_IDENTITY_SRC:
8083 		case SADB_EXT_IDENTITY_DST:
8084 		case SADB_EXT_SENSITIVITY:
8085 		case SADB_EXT_PROPOSAL:
8086 		case SADB_EXT_SUPPORTED_AUTH:
8087 		case SADB_EXT_SUPPORTED_ENCRYPT:
8088 		case SADB_EXT_SPIRANGE:
8089 		case SADB_X_EXT_POLICY:
8090 		case SADB_X_EXT_SA2:
8091 		case SADB_X_EXT_NAT_T_TYPE:
8092 		case SADB_X_EXT_NAT_T_SPORT:
8093 		case SADB_X_EXT_NAT_T_DPORT:
8094 		case SADB_X_EXT_NAT_T_OAI:
8095 		case SADB_X_EXT_NAT_T_OAR:
8096 		case SADB_X_EXT_NAT_T_FRAG:
8097 		case SADB_X_EXT_SA_REPLAY:
8098 		case SADB_X_EXT_NEW_ADDRESS_SRC:
8099 		case SADB_X_EXT_NEW_ADDRESS_DST:
8100 			/* duplicate check */
8101 			/*
8102 			 * XXX Are there duplication payloads of either
8103 			 * KEY_AUTH or KEY_ENCRYPT ?
8104 			 */
8105 			if (mhp->ext[ext->sadb_ext_type] != NULL) {
8106 				ipseclog((LOG_DEBUG, "%s: duplicate ext_type "
8107 					"%u\n", __func__, ext->sadb_ext_type));
8108 				m_freem(m);
8109 				PFKEYSTAT_INC(out_dupext);
8110 				return EINVAL;
8111 			}
8112 			break;
8113 		default:
8114 			ipseclog((LOG_DEBUG, "%s: invalid ext_type %u\n",
8115 				__func__, ext->sadb_ext_type));
8116 			m_freem(m);
8117 			PFKEYSTAT_INC(out_invexttype);
8118 			return EINVAL;
8119 		}
8120 
8121 		extlen = PFKEY_UNUNIT64(ext->sadb_ext_len);
8122 
8123 		if (key_validate_ext(ext, extlen)) {
8124 			m_freem(m);
8125 			PFKEYSTAT_INC(out_invlen);
8126 			return EINVAL;
8127 		}
8128 
8129 		n = m_pulldown(m, off, extlen, &toff);
8130 		if (!n) {
8131 			/* m is already freed */
8132 			return ENOBUFS;
8133 		}
8134 		ext = (struct sadb_ext *)(mtod(n, caddr_t) + toff);
8135 
8136 		mhp->ext[ext->sadb_ext_type] = ext;
8137 		mhp->extoff[ext->sadb_ext_type] = off;
8138 		mhp->extlen[ext->sadb_ext_type] = extlen;
8139 	}
8140 
8141 	if (off != end) {
8142 		m_freem(m);
8143 		PFKEYSTAT_INC(out_invlen);
8144 		return EINVAL;
8145 	}
8146 
8147 	return 0;
8148 }
8149 
8150 static int
8151 key_validate_ext(const struct sadb_ext *ext, int len)
8152 {
8153 	const struct sockaddr *sa;
8154 	enum { NONE, ADDR } checktype = NONE;
8155 	int baselen = 0;
8156 	const int sal = offsetof(struct sockaddr, sa_len) + sizeof(sa->sa_len);
8157 
8158 	if (len != PFKEY_UNUNIT64(ext->sadb_ext_len))
8159 		return EINVAL;
8160 
8161 	/* if it does not match minimum/maximum length, bail */
8162 	if (ext->sadb_ext_type >= nitems(minsize) ||
8163 	    ext->sadb_ext_type >= nitems(maxsize))
8164 		return EINVAL;
8165 	if (!minsize[ext->sadb_ext_type] || len < minsize[ext->sadb_ext_type])
8166 		return EINVAL;
8167 	if (maxsize[ext->sadb_ext_type] && len > maxsize[ext->sadb_ext_type])
8168 		return EINVAL;
8169 
8170 	/* more checks based on sadb_ext_type XXX need more */
8171 	switch (ext->sadb_ext_type) {
8172 	case SADB_EXT_ADDRESS_SRC:
8173 	case SADB_EXT_ADDRESS_DST:
8174 	case SADB_EXT_ADDRESS_PROXY:
8175 	case SADB_X_EXT_NAT_T_OAI:
8176 	case SADB_X_EXT_NAT_T_OAR:
8177 	case SADB_X_EXT_NEW_ADDRESS_SRC:
8178 	case SADB_X_EXT_NEW_ADDRESS_DST:
8179 		baselen = PFKEY_ALIGN8(sizeof(struct sadb_address));
8180 		checktype = ADDR;
8181 		break;
8182 	case SADB_EXT_IDENTITY_SRC:
8183 	case SADB_EXT_IDENTITY_DST:
8184 		if (((const struct sadb_ident *)ext)->sadb_ident_type ==
8185 		    SADB_X_IDENTTYPE_ADDR) {
8186 			baselen = PFKEY_ALIGN8(sizeof(struct sadb_ident));
8187 			checktype = ADDR;
8188 		} else
8189 			checktype = NONE;
8190 		break;
8191 	default:
8192 		checktype = NONE;
8193 		break;
8194 	}
8195 
8196 	switch (checktype) {
8197 	case NONE:
8198 		break;
8199 	case ADDR:
8200 		sa = (const struct sockaddr *)(((const u_int8_t*)ext)+baselen);
8201 		if (len < baselen + sal)
8202 			return EINVAL;
8203 		if (baselen + PFKEY_ALIGN8(sa->sa_len) != len)
8204 			return EINVAL;
8205 		break;
8206 	}
8207 
8208 	return 0;
8209 }
8210 
8211 void
8212 spdcache_init(void)
8213 {
8214 	int i;
8215 
8216 	TUNABLE_INT_FETCH("net.key.spdcache.maxentries",
8217 	    &V_key_spdcache_maxentries);
8218 	TUNABLE_INT_FETCH("net.key.spdcache.threshold",
8219 	    &V_key_spdcache_threshold);
8220 
8221 	if (V_key_spdcache_maxentries) {
8222 		V_key_spdcache_maxentries = MAX(V_key_spdcache_maxentries,
8223 		    SPDCACHE_MAX_ENTRIES_PER_HASH);
8224 		V_spdcachehashtbl = hashinit(V_key_spdcache_maxentries /
8225 		    SPDCACHE_MAX_ENTRIES_PER_HASH,
8226 		    M_IPSEC_SPDCACHE, &V_spdcachehash_mask);
8227 		V_key_spdcache_maxentries = (V_spdcachehash_mask + 1)
8228 		    * SPDCACHE_MAX_ENTRIES_PER_HASH;
8229 
8230 		V_spdcache_lock = malloc(sizeof(struct mtx) *
8231 		    (V_spdcachehash_mask + 1),
8232 		    M_IPSEC_SPDCACHE, M_WAITOK|M_ZERO);
8233 
8234 		for (i = 0; i < V_spdcachehash_mask + 1; ++i)
8235 			SPDCACHE_LOCK_INIT(i);
8236 	}
8237 }
8238 
8239 struct spdcache_entry *
8240 spdcache_entry_alloc(const struct secpolicyindex *spidx, struct secpolicy *sp)
8241 {
8242 	struct spdcache_entry *entry;
8243 
8244 	entry = malloc(sizeof(struct spdcache_entry),
8245 		    M_IPSEC_SPDCACHE, M_NOWAIT|M_ZERO);
8246 	if (entry == NULL)
8247 		return NULL;
8248 
8249 	if (sp != NULL)
8250 		SP_ADDREF(sp);
8251 
8252 	entry->spidx = *spidx;
8253 	entry->sp = sp;
8254 
8255 	return (entry);
8256 }
8257 
8258 void
8259 spdcache_entry_free(struct spdcache_entry *entry)
8260 {
8261 
8262 	if (entry->sp != NULL)
8263 		key_freesp(&entry->sp);
8264 	free(entry, M_IPSEC_SPDCACHE);
8265 }
8266 
8267 void
8268 spdcache_clear(void)
8269 {
8270 	struct spdcache_entry *entry;
8271 	int i;
8272 
8273 	for (i = 0; i < V_spdcachehash_mask + 1; ++i) {
8274 		SPDCACHE_LOCK(i);
8275 		while (!LIST_EMPTY(&V_spdcachehashtbl[i])) {
8276 			entry = LIST_FIRST(&V_spdcachehashtbl[i]);
8277 			LIST_REMOVE(entry, chain);
8278 			spdcache_entry_free(entry);
8279 		}
8280 		SPDCACHE_UNLOCK(i);
8281 	}
8282 }
8283 
8284 #ifdef VIMAGE
8285 void
8286 spdcache_destroy(void)
8287 {
8288 	int i;
8289 
8290 	if (SPDCACHE_ENABLED()) {
8291 		spdcache_clear();
8292 		hashdestroy(V_spdcachehashtbl, M_IPSEC_SPDCACHE, V_spdcachehash_mask);
8293 
8294 		for (i = 0; i < V_spdcachehash_mask + 1; ++i)
8295 			SPDCACHE_LOCK_DESTROY(i);
8296 
8297 		free(V_spdcache_lock, M_IPSEC_SPDCACHE);
8298 	}
8299 }
8300 #endif
8301 void
8302 key_init(void)
8303 {
8304 	int i;
8305 
8306 	for (i = 0; i < IPSEC_DIR_MAX; i++) {
8307 		TAILQ_INIT(&V_sptree[i]);
8308 		TAILQ_INIT(&V_sptree_ifnet[i]);
8309 	}
8310 
8311 	TAILQ_INIT(&V_sahtree);
8312 	V_sphashtbl = hashinit(SPHASH_NHASH, M_IPSEC_SP, &V_sphash_mask);
8313 	V_savhashtbl = hashinit(SAVHASH_NHASH, M_IPSEC_SA, &V_savhash_mask);
8314 	V_sahaddrhashtbl = hashinit(SAHHASH_NHASH, M_IPSEC_SAH,
8315 	    &V_sahaddrhash_mask);
8316 	V_acqaddrhashtbl = hashinit(ACQHASH_NHASH, M_IPSEC_SAQ,
8317 	    &V_acqaddrhash_mask);
8318 	V_acqseqhashtbl = hashinit(ACQHASH_NHASH, M_IPSEC_SAQ,
8319 	    &V_acqseqhash_mask);
8320 
8321 	spdcache_init();
8322 
8323 	for (i = 0; i <= SADB_SATYPE_MAX; i++)
8324 		LIST_INIT(&V_regtree[i]);
8325 
8326 	LIST_INIT(&V_acqtree);
8327 	LIST_INIT(&V_spacqtree);
8328 
8329 	if (!IS_DEFAULT_VNET(curvnet))
8330 		return;
8331 
8332 	ipsec_key_lft_zone = uma_zcreate("IPsec SA lft_c",
8333 	    sizeof(uint64_t) * 2, NULL, NULL, NULL, NULL,
8334 	    UMA_ALIGN_PTR, UMA_ZONE_PCPU);
8335 
8336 	SPTREE_LOCK_INIT();
8337 	REGTREE_LOCK_INIT();
8338 	SAHTREE_LOCK_INIT();
8339 	ACQ_LOCK_INIT();
8340 	SPACQ_LOCK_INIT();
8341 	SPI_ALLOC_LOCK_INIT();
8342 
8343 #ifndef IPSEC_DEBUG2
8344 	callout_init(&key_timer, 1);
8345 	callout_reset(&key_timer, hz, key_timehandler, NULL);
8346 #endif /*IPSEC_DEBUG2*/
8347 
8348 	/* initialize key statistics */
8349 	keystat.getspi_count = 1;
8350 
8351 	if (bootverbose)
8352 		printf("IPsec: Initialized Security Association Processing.\n");
8353 }
8354 
8355 #ifdef VIMAGE
8356 void
8357 key_destroy(void)
8358 {
8359 	struct secashead_queue sahdrainq;
8360 	struct secpolicy_queue drainq;
8361 	struct secpolicy *sp, *nextsp;
8362 	struct secacq *acq, *nextacq;
8363 	struct secspacq *spacq, *nextspacq;
8364 	struct secashead *sah;
8365 	struct secasvar *sav;
8366 	struct secreg *reg;
8367 	int i;
8368 
8369 	/*
8370 	 * XXX: can we just call free() for each object without
8371 	 * walking through safe way with releasing references?
8372 	 */
8373 	TAILQ_INIT(&drainq);
8374 	SPTREE_WLOCK();
8375 	for (i = 0; i < IPSEC_DIR_MAX; i++) {
8376 		TAILQ_CONCAT(&drainq, &V_sptree[i], chain);
8377 		TAILQ_CONCAT(&drainq, &V_sptree_ifnet[i], chain);
8378 	}
8379 	for (i = 0; i < V_sphash_mask + 1; i++)
8380 		LIST_INIT(&V_sphashtbl[i]);
8381 	SPTREE_WUNLOCK();
8382 	spdcache_destroy();
8383 
8384 	sp = TAILQ_FIRST(&drainq);
8385 	while (sp != NULL) {
8386 		nextsp = TAILQ_NEXT(sp, chain);
8387 		key_freesp(&sp);
8388 		sp = nextsp;
8389 	}
8390 
8391 	TAILQ_INIT(&sahdrainq);
8392 	SAHTREE_WLOCK();
8393 	TAILQ_CONCAT(&sahdrainq, &V_sahtree, chain);
8394 	for (i = 0; i < V_savhash_mask + 1; i++)
8395 		LIST_INIT(&V_savhashtbl[i]);
8396 	for (i = 0; i < V_sahaddrhash_mask + 1; i++)
8397 		LIST_INIT(&V_sahaddrhashtbl[i]);
8398 	TAILQ_FOREACH(sah, &sahdrainq, chain) {
8399 		sah->state = SADB_SASTATE_DEAD;
8400 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
8401 			sav->state = SADB_SASTATE_DEAD;
8402 		}
8403 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
8404 			sav->state = SADB_SASTATE_DEAD;
8405 		}
8406 	}
8407 	SAHTREE_WUNLOCK();
8408 
8409 	key_freesah_flushed(&sahdrainq);
8410 	hashdestroy(V_sphashtbl, M_IPSEC_SP, V_sphash_mask);
8411 	hashdestroy(V_savhashtbl, M_IPSEC_SA, V_savhash_mask);
8412 	hashdestroy(V_sahaddrhashtbl, M_IPSEC_SAH, V_sahaddrhash_mask);
8413 
8414 	REGTREE_LOCK();
8415 	for (i = 0; i <= SADB_SATYPE_MAX; i++) {
8416 		LIST_FOREACH(reg, &V_regtree[i], chain) {
8417 			if (__LIST_CHAINED(reg)) {
8418 				LIST_REMOVE(reg, chain);
8419 				free(reg, M_IPSEC_SAR);
8420 				break;
8421 			}
8422 		}
8423 	}
8424 	REGTREE_UNLOCK();
8425 
8426 	ACQ_LOCK();
8427 	acq = LIST_FIRST(&V_acqtree);
8428 	while (acq != NULL) {
8429 		nextacq = LIST_NEXT(acq, chain);
8430 		LIST_REMOVE(acq, chain);
8431 		free(acq, M_IPSEC_SAQ);
8432 		acq = nextacq;
8433 	}
8434 	for (i = 0; i < V_acqaddrhash_mask + 1; i++)
8435 		LIST_INIT(&V_acqaddrhashtbl[i]);
8436 	for (i = 0; i < V_acqseqhash_mask + 1; i++)
8437 		LIST_INIT(&V_acqseqhashtbl[i]);
8438 	ACQ_UNLOCK();
8439 
8440 	SPACQ_LOCK();
8441 	for (spacq = LIST_FIRST(&V_spacqtree); spacq != NULL;
8442 	    spacq = nextspacq) {
8443 		nextspacq = LIST_NEXT(spacq, chain);
8444 		if (__LIST_CHAINED(spacq)) {
8445 			LIST_REMOVE(spacq, chain);
8446 			free(spacq, M_IPSEC_SAQ);
8447 		}
8448 	}
8449 	SPACQ_UNLOCK();
8450 	hashdestroy(V_acqaddrhashtbl, M_IPSEC_SAQ, V_acqaddrhash_mask);
8451 	hashdestroy(V_acqseqhashtbl, M_IPSEC_SAQ, V_acqseqhash_mask);
8452 
8453 	if (!IS_DEFAULT_VNET(curvnet))
8454 		return;
8455 
8456 	uma_zdestroy(ipsec_key_lft_zone);
8457 
8458 #ifndef IPSEC_DEBUG2
8459 	callout_drain(&key_timer);
8460 #endif
8461 	SPTREE_LOCK_DESTROY();
8462 	REGTREE_LOCK_DESTROY();
8463 	SAHTREE_LOCK_DESTROY();
8464 	ACQ_LOCK_DESTROY();
8465 	SPACQ_LOCK_DESTROY();
8466 	SPI_ALLOC_LOCK_DESTROY();
8467 }
8468 #endif
8469 
8470 /* record data transfer on SA, and update timestamps */
8471 void
8472 key_sa_recordxfer(struct secasvar *sav, struct mbuf *m)
8473 {
8474 	IPSEC_ASSERT(sav != NULL, ("Null secasvar"));
8475 	IPSEC_ASSERT(m != NULL, ("Null mbuf"));
8476 
8477 	/*
8478 	 * XXX Currently, there is a difference of bytes size
8479 	 * between inbound and outbound processing.
8480 	 */
8481 	counter_u64_add(sav->lft_c_bytes, m->m_pkthdr.len);
8482 
8483 	/*
8484 	 * We use the number of packets as the unit of
8485 	 * allocations.  We increment the variable
8486 	 * whenever {esp,ah}_{in,out}put is called.
8487 	 */
8488 	counter_u64_add(sav->lft_c_allocations, 1);
8489 
8490 	/*
8491 	 * NOTE: We record CURRENT usetime by using wall clock,
8492 	 * in seconds.  HARD and SOFT lifetime are measured by the time
8493 	 * difference (again in seconds) from usetime.
8494 	 *
8495 	 *	usetime
8496 	 *	v     expire   expire
8497 	 * -----+-----+--------+---> t
8498 	 *	<--------------> HARD
8499 	 *	<-----> SOFT
8500 	 */
8501 	if (sav->firstused == 0)
8502 		sav->firstused = time_second;
8503 }
8504 
8505 /*
8506  * Take one of the kernel's security keys and convert it into a PF_KEY
8507  * structure within an mbuf, suitable for sending up to a waiting
8508  * application in user land.
8509  *
8510  * IN:
8511  *    src: A pointer to a kernel security key.
8512  *    exttype: Which type of key this is. Refer to the PF_KEY data structures.
8513  * OUT:
8514  *    a valid mbuf or NULL indicating an error
8515  *
8516  */
8517 
8518 static struct mbuf *
8519 key_setkey(struct seckey *src, uint16_t exttype)
8520 {
8521 	struct mbuf *m;
8522 	struct sadb_key *p;
8523 	int len;
8524 
8525 	if (src == NULL)
8526 		return NULL;
8527 
8528 	len = PFKEY_ALIGN8(sizeof(struct sadb_key) + _KEYLEN(src));
8529 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
8530 	if (m == NULL)
8531 		return NULL;
8532 	m_align(m, len);
8533 	m->m_len = len;
8534 	p = mtod(m, struct sadb_key *);
8535 	bzero(p, len);
8536 	p->sadb_key_len = PFKEY_UNIT64(len);
8537 	p->sadb_key_exttype = exttype;
8538 	p->sadb_key_bits = src->bits;
8539 	bcopy(src->key_data, _KEYBUF(p), _KEYLEN(src));
8540 
8541 	return m;
8542 }
8543 
8544 /*
8545  * Take one of the kernel's lifetime data structures and convert it
8546  * into a PF_KEY structure within an mbuf, suitable for sending up to
8547  * a waiting application in user land.
8548  *
8549  * IN:
8550  *    src: A pointer to a kernel lifetime structure.
8551  *    exttype: Which type of lifetime this is. Refer to the PF_KEY
8552  *             data structures for more information.
8553  * OUT:
8554  *    a valid mbuf or NULL indicating an error
8555  *
8556  */
8557 
8558 static struct mbuf *
8559 key_setlifetime(struct seclifetime *src, uint16_t exttype)
8560 {
8561 	struct mbuf *m = NULL;
8562 	struct sadb_lifetime *p;
8563 	int len = PFKEY_ALIGN8(sizeof(struct sadb_lifetime));
8564 
8565 	if (src == NULL)
8566 		return NULL;
8567 
8568 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
8569 	if (m == NULL)
8570 		return m;
8571 	m_align(m, len);
8572 	m->m_len = len;
8573 	p = mtod(m, struct sadb_lifetime *);
8574 
8575 	bzero(p, len);
8576 	p->sadb_lifetime_len = PFKEY_UNIT64(len);
8577 	p->sadb_lifetime_exttype = exttype;
8578 	p->sadb_lifetime_allocations = src->allocations;
8579 	p->sadb_lifetime_bytes = src->bytes;
8580 	p->sadb_lifetime_addtime = src->addtime;
8581 	p->sadb_lifetime_usetime = src->usetime;
8582 
8583 	return m;
8584 
8585 }
8586 
8587 const struct enc_xform *
8588 enc_algorithm_lookup(int alg)
8589 {
8590 	int i;
8591 
8592 	for (i = 0; i < nitems(supported_ealgs); i++)
8593 		if (alg == supported_ealgs[i].sadb_alg)
8594 			return (supported_ealgs[i].xform);
8595 	return (NULL);
8596 }
8597 
8598 const struct auth_hash *
8599 auth_algorithm_lookup(int alg)
8600 {
8601 	int i;
8602 
8603 	for (i = 0; i < nitems(supported_aalgs); i++)
8604 		if (alg == supported_aalgs[i].sadb_alg)
8605 			return (supported_aalgs[i].xform);
8606 	return (NULL);
8607 }
8608 
8609 const struct comp_algo *
8610 comp_algorithm_lookup(int alg)
8611 {
8612 	int i;
8613 
8614 	for (i = 0; i < nitems(supported_calgs); i++)
8615 		if (alg == supported_calgs[i].sadb_alg)
8616 			return (supported_calgs[i].xform);
8617 	return (NULL);
8618 }
8619