xref: /freebsd/sys/netipsec/key.c (revision 396c556d77189a5c474d35cec6f44a762e310b7d)
1 /*	$FreeBSD$	*/
2 /*	$KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $	*/
3 
4 /*-
5  * SPDX-License-Identifier: BSD-3-Clause
6  *
7  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
8  * All rights reserved.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of the project nor the names of its contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  */
34 
35 /*
36  * This code is referd to RFC 2367
37  */
38 
39 #include "opt_inet.h"
40 #include "opt_inet6.h"
41 #include "opt_ipsec.h"
42 
43 #include <sys/types.h>
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/kernel.h>
47 #include <sys/fnv_hash.h>
48 #include <sys/lock.h>
49 #include <sys/mutex.h>
50 #include <sys/mbuf.h>
51 #include <sys/domain.h>
52 #include <sys/protosw.h>
53 #include <sys/malloc.h>
54 #include <sys/rmlock.h>
55 #include <sys/socket.h>
56 #include <sys/socketvar.h>
57 #include <sys/sysctl.h>
58 #include <sys/errno.h>
59 #include <sys/proc.h>
60 #include <sys/queue.h>
61 #include <sys/refcount.h>
62 #include <sys/syslog.h>
63 
64 #include <vm/uma.h>
65 
66 #include <net/if.h>
67 #include <net/if_var.h>
68 #include <net/vnet.h>
69 #include <net/raw_cb.h>
70 
71 #include <netinet/in.h>
72 #include <netinet/in_systm.h>
73 #include <netinet/ip.h>
74 #include <netinet/in_var.h>
75 #include <netinet/udp.h>
76 
77 #ifdef INET6
78 #include <netinet/ip6.h>
79 #include <netinet6/in6_var.h>
80 #include <netinet6/ip6_var.h>
81 #endif /* INET6 */
82 
83 #include <net/pfkeyv2.h>
84 #include <netipsec/keydb.h>
85 #include <netipsec/key.h>
86 #include <netipsec/keysock.h>
87 #include <netipsec/key_debug.h>
88 
89 #include <netipsec/ipsec.h>
90 #ifdef INET6
91 #include <netipsec/ipsec6.h>
92 #endif
93 
94 #include <netipsec/xform.h>
95 #include <machine/in_cksum.h>
96 #include <machine/stdarg.h>
97 
98 /* randomness */
99 #include <sys/random.h>
100 
101 #define FULLMASK	0xff
102 #define	_BITS(bytes)	((bytes) << 3)
103 
104 /*
105  * Note on SA reference counting:
106  * - SAs that are not in DEAD state will have (total external reference + 1)
107  *   following value in reference count field.  they cannot be freed and are
108  *   referenced from SA header.
109  * - SAs that are in DEAD state will have (total external reference)
110  *   in reference count field.  they are ready to be freed.  reference from
111  *   SA header will be removed in key_delsav(), when the reference count
112  *   field hits 0 (= no external reference other than from SA header.
113  */
114 
115 VNET_DEFINE(u_int32_t, key_debug_level) = 0;
116 static VNET_DEFINE(u_int, key_spi_trycnt) = 1000;
117 static VNET_DEFINE(u_int32_t, key_spi_minval) = 0x100;
118 static VNET_DEFINE(u_int32_t, key_spi_maxval) = 0x0fffffff;	/* XXX */
119 static VNET_DEFINE(u_int32_t, policy_id) = 0;
120 /*interval to initialize randseed,1(m)*/
121 static VNET_DEFINE(u_int, key_int_random) = 60;
122 /* interval to expire acquiring, 30(s)*/
123 static VNET_DEFINE(u_int, key_larval_lifetime) = 30;
124 /* counter for blocking SADB_ACQUIRE.*/
125 static VNET_DEFINE(int, key_blockacq_count) = 10;
126 /* lifetime for blocking SADB_ACQUIRE.*/
127 static VNET_DEFINE(int, key_blockacq_lifetime) = 20;
128 /* preferred old sa rather than new sa.*/
129 static VNET_DEFINE(int, key_preferred_oldsa) = 1;
130 #define	V_key_spi_trycnt	VNET(key_spi_trycnt)
131 #define	V_key_spi_minval	VNET(key_spi_minval)
132 #define	V_key_spi_maxval	VNET(key_spi_maxval)
133 #define	V_policy_id		VNET(policy_id)
134 #define	V_key_int_random	VNET(key_int_random)
135 #define	V_key_larval_lifetime	VNET(key_larval_lifetime)
136 #define	V_key_blockacq_count	VNET(key_blockacq_count)
137 #define	V_key_blockacq_lifetime	VNET(key_blockacq_lifetime)
138 #define	V_key_preferred_oldsa	VNET(key_preferred_oldsa)
139 
140 static VNET_DEFINE(u_int32_t, acq_seq) = 0;
141 #define	V_acq_seq		VNET(acq_seq)
142 
143 static VNET_DEFINE(uint32_t, sp_genid) = 0;
144 #define	V_sp_genid		VNET(sp_genid)
145 
146 /* SPD */
147 TAILQ_HEAD(secpolicy_queue, secpolicy);
148 LIST_HEAD(secpolicy_list, secpolicy);
149 static VNET_DEFINE(struct secpolicy_queue, sptree[IPSEC_DIR_MAX]);
150 static VNET_DEFINE(struct secpolicy_queue, sptree_ifnet[IPSEC_DIR_MAX]);
151 static struct rmlock sptree_lock;
152 #define	V_sptree		VNET(sptree)
153 #define	V_sptree_ifnet		VNET(sptree_ifnet)
154 #define	SPTREE_LOCK_INIT()      rm_init(&sptree_lock, "sptree")
155 #define	SPTREE_LOCK_DESTROY()   rm_destroy(&sptree_lock)
156 #define	SPTREE_RLOCK_TRACKER    struct rm_priotracker sptree_tracker
157 #define	SPTREE_RLOCK()          rm_rlock(&sptree_lock, &sptree_tracker)
158 #define	SPTREE_RUNLOCK()        rm_runlock(&sptree_lock, &sptree_tracker)
159 #define	SPTREE_RLOCK_ASSERT()   rm_assert(&sptree_lock, RA_RLOCKED)
160 #define	SPTREE_WLOCK()          rm_wlock(&sptree_lock)
161 #define	SPTREE_WUNLOCK()        rm_wunlock(&sptree_lock)
162 #define	SPTREE_WLOCK_ASSERT()   rm_assert(&sptree_lock, RA_WLOCKED)
163 #define	SPTREE_UNLOCK_ASSERT()  rm_assert(&sptree_lock, RA_UNLOCKED)
164 
165 /* Hash table for lookup SP using unique id */
166 static VNET_DEFINE(struct secpolicy_list *, sphashtbl);
167 static VNET_DEFINE(u_long, sphash_mask);
168 #define	V_sphashtbl		VNET(sphashtbl)
169 #define	V_sphash_mask		VNET(sphash_mask)
170 
171 #define	SPHASH_NHASH_LOG2	7
172 #define	SPHASH_NHASH		(1 << SPHASH_NHASH_LOG2)
173 #define	SPHASH_HASHVAL(id)	(key_u32hash(id) & V_sphash_mask)
174 #define	SPHASH_HASH(id)		&V_sphashtbl[SPHASH_HASHVAL(id)]
175 
176 /* SAD */
177 TAILQ_HEAD(secashead_queue, secashead);
178 LIST_HEAD(secashead_list, secashead);
179 static VNET_DEFINE(struct secashead_queue, sahtree);
180 static struct rmlock sahtree_lock;
181 #define	V_sahtree		VNET(sahtree)
182 #define	SAHTREE_LOCK_INIT()	rm_init(&sahtree_lock, "sahtree")
183 #define	SAHTREE_LOCK_DESTROY()	rm_destroy(&sahtree_lock)
184 #define	SAHTREE_RLOCK_TRACKER	struct rm_priotracker sahtree_tracker
185 #define	SAHTREE_RLOCK()		rm_rlock(&sahtree_lock, &sahtree_tracker)
186 #define	SAHTREE_RUNLOCK()	rm_runlock(&sahtree_lock, &sahtree_tracker)
187 #define	SAHTREE_RLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_RLOCKED)
188 #define	SAHTREE_WLOCK()		rm_wlock(&sahtree_lock)
189 #define	SAHTREE_WUNLOCK()	rm_wunlock(&sahtree_lock)
190 #define	SAHTREE_WLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_WLOCKED)
191 #define	SAHTREE_UNLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_UNLOCKED)
192 
193 /* Hash table for lookup in SAD using SA addresses */
194 static VNET_DEFINE(struct secashead_list *, sahaddrhashtbl);
195 static VNET_DEFINE(u_long, sahaddrhash_mask);
196 #define	V_sahaddrhashtbl	VNET(sahaddrhashtbl)
197 #define	V_sahaddrhash_mask	VNET(sahaddrhash_mask)
198 
199 #define	SAHHASH_NHASH_LOG2	7
200 #define	SAHHASH_NHASH		(1 << SAHHASH_NHASH_LOG2)
201 #define	SAHADDRHASH_HASHVAL(saidx)	\
202     (key_saidxhash(saidx) & V_sahaddrhash_mask)
203 #define	SAHADDRHASH_HASH(saidx)		\
204     &V_sahaddrhashtbl[SAHADDRHASH_HASHVAL(saidx)]
205 
206 /* Hash table for lookup in SAD using SPI */
207 LIST_HEAD(secasvar_list, secasvar);
208 static VNET_DEFINE(struct secasvar_list *, savhashtbl);
209 static VNET_DEFINE(u_long, savhash_mask);
210 #define	V_savhashtbl		VNET(savhashtbl)
211 #define	V_savhash_mask		VNET(savhash_mask)
212 #define	SAVHASH_NHASH_LOG2	7
213 #define	SAVHASH_NHASH		(1 << SAVHASH_NHASH_LOG2)
214 #define	SAVHASH_HASHVAL(spi)	(key_u32hash(spi) & V_savhash_mask)
215 #define	SAVHASH_HASH(spi)	&V_savhashtbl[SAVHASH_HASHVAL(spi)]
216 
217 static uint32_t
218 key_saidxhash(const struct secasindex *saidx)
219 {
220 	uint32_t hval;
221 
222 	hval = fnv_32_buf(&saidx->proto, sizeof(saidx->proto),
223 	    FNV1_32_INIT);
224 	switch (saidx->dst.sa.sa_family) {
225 #ifdef INET
226 	case AF_INET:
227 		hval = fnv_32_buf(&saidx->src.sin.sin_addr,
228 		    sizeof(in_addr_t), hval);
229 		hval = fnv_32_buf(&saidx->dst.sin.sin_addr,
230 		    sizeof(in_addr_t), hval);
231 		break;
232 #endif
233 #ifdef INET6
234 	case AF_INET6:
235 		hval = fnv_32_buf(&saidx->src.sin6.sin6_addr,
236 		    sizeof(struct in6_addr), hval);
237 		hval = fnv_32_buf(&saidx->dst.sin6.sin6_addr,
238 		    sizeof(struct in6_addr), hval);
239 		break;
240 #endif
241 	default:
242 		hval = 0;
243 		ipseclog((LOG_DEBUG, "%s: unknown address family %d",
244 		    __func__, saidx->dst.sa.sa_family));
245 	}
246 	return (hval);
247 }
248 
249 static uint32_t
250 key_u32hash(uint32_t val)
251 {
252 
253 	return (fnv_32_buf(&val, sizeof(val), FNV1_32_INIT));
254 }
255 
256 							/* registed list */
257 static VNET_DEFINE(LIST_HEAD(_regtree, secreg), regtree[SADB_SATYPE_MAX + 1]);
258 #define	V_regtree		VNET(regtree)
259 static struct mtx regtree_lock;
260 #define	REGTREE_LOCK_INIT() \
261 	mtx_init(&regtree_lock, "regtree", "fast ipsec regtree", MTX_DEF)
262 #define	REGTREE_LOCK_DESTROY()	mtx_destroy(&regtree_lock)
263 #define	REGTREE_LOCK()		mtx_lock(&regtree_lock)
264 #define	REGTREE_UNLOCK()	mtx_unlock(&regtree_lock)
265 #define	REGTREE_LOCK_ASSERT()	mtx_assert(&regtree_lock, MA_OWNED)
266 
267 /* Acquiring list */
268 LIST_HEAD(secacq_list, secacq);
269 static VNET_DEFINE(struct secacq_list, acqtree);
270 #define	V_acqtree		VNET(acqtree)
271 static struct mtx acq_lock;
272 #define	ACQ_LOCK_INIT() \
273     mtx_init(&acq_lock, "acqtree", "ipsec SA acquiring list", MTX_DEF)
274 #define	ACQ_LOCK_DESTROY()	mtx_destroy(&acq_lock)
275 #define	ACQ_LOCK()		mtx_lock(&acq_lock)
276 #define	ACQ_UNLOCK()		mtx_unlock(&acq_lock)
277 #define	ACQ_LOCK_ASSERT()	mtx_assert(&acq_lock, MA_OWNED)
278 
279 /* Hash table for lookup in ACQ list using SA addresses */
280 static VNET_DEFINE(struct secacq_list *, acqaddrhashtbl);
281 static VNET_DEFINE(u_long, acqaddrhash_mask);
282 #define	V_acqaddrhashtbl	VNET(acqaddrhashtbl)
283 #define	V_acqaddrhash_mask	VNET(acqaddrhash_mask)
284 
285 /* Hash table for lookup in ACQ list using SEQ number */
286 static VNET_DEFINE(struct secacq_list *, acqseqhashtbl);
287 static VNET_DEFINE(u_long, acqseqhash_mask);
288 #define	V_acqseqhashtbl		VNET(acqseqhashtbl)
289 #define	V_acqseqhash_mask	VNET(acqseqhash_mask)
290 
291 #define	ACQHASH_NHASH_LOG2	7
292 #define	ACQHASH_NHASH		(1 << ACQHASH_NHASH_LOG2)
293 #define	ACQADDRHASH_HASHVAL(saidx)	\
294     (key_saidxhash(saidx) & V_acqaddrhash_mask)
295 #define	ACQSEQHASH_HASHVAL(seq)		\
296     (key_u32hash(seq) & V_acqseqhash_mask)
297 #define	ACQADDRHASH_HASH(saidx)	\
298     &V_acqaddrhashtbl[ACQADDRHASH_HASHVAL(saidx)]
299 #define	ACQSEQHASH_HASH(seq)	\
300     &V_acqseqhashtbl[ACQSEQHASH_HASHVAL(seq)]
301 							/* SP acquiring list */
302 static VNET_DEFINE(LIST_HEAD(_spacqtree, secspacq), spacqtree);
303 #define	V_spacqtree		VNET(spacqtree)
304 static struct mtx spacq_lock;
305 #define	SPACQ_LOCK_INIT() \
306 	mtx_init(&spacq_lock, "spacqtree", \
307 		"fast ipsec security policy acquire list", MTX_DEF)
308 #define	SPACQ_LOCK_DESTROY()	mtx_destroy(&spacq_lock)
309 #define	SPACQ_LOCK()		mtx_lock(&spacq_lock)
310 #define	SPACQ_UNLOCK()		mtx_unlock(&spacq_lock)
311 #define	SPACQ_LOCK_ASSERT()	mtx_assert(&spacq_lock, MA_OWNED)
312 
313 static const int minsize[] = {
314 	sizeof(struct sadb_msg),	/* SADB_EXT_RESERVED */
315 	sizeof(struct sadb_sa),		/* SADB_EXT_SA */
316 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_CURRENT */
317 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_HARD */
318 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_SOFT */
319 	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_SRC */
320 	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_DST */
321 	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_PROXY */
322 	sizeof(struct sadb_key),	/* SADB_EXT_KEY_AUTH */
323 	sizeof(struct sadb_key),	/* SADB_EXT_KEY_ENCRYPT */
324 	sizeof(struct sadb_ident),	/* SADB_EXT_IDENTITY_SRC */
325 	sizeof(struct sadb_ident),	/* SADB_EXT_IDENTITY_DST */
326 	sizeof(struct sadb_sens),	/* SADB_EXT_SENSITIVITY */
327 	sizeof(struct sadb_prop),	/* SADB_EXT_PROPOSAL */
328 	sizeof(struct sadb_supported),	/* SADB_EXT_SUPPORTED_AUTH */
329 	sizeof(struct sadb_supported),	/* SADB_EXT_SUPPORTED_ENCRYPT */
330 	sizeof(struct sadb_spirange),	/* SADB_EXT_SPIRANGE */
331 	0,				/* SADB_X_EXT_KMPRIVATE */
332 	sizeof(struct sadb_x_policy),	/* SADB_X_EXT_POLICY */
333 	sizeof(struct sadb_x_sa2),	/* SADB_X_SA2 */
334 	sizeof(struct sadb_x_nat_t_type),/* SADB_X_EXT_NAT_T_TYPE */
335 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */
336 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */
337 	sizeof(struct sadb_address),	/* SADB_X_EXT_NAT_T_OAI */
338 	sizeof(struct sadb_address),	/* SADB_X_EXT_NAT_T_OAR */
339 	sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
340 	sizeof(struct sadb_x_sa_replay), /* SADB_X_EXT_SA_REPLAY */
341 	sizeof(struct sadb_address),	/* SADB_X_EXT_NEW_ADDRESS_SRC */
342 	sizeof(struct sadb_address),	/* SADB_X_EXT_NEW_ADDRESS_DST */
343 };
344 _Static_assert(sizeof(minsize)/sizeof(int) == SADB_EXT_MAX + 1, "minsize size mismatch");
345 
346 static const int maxsize[] = {
347 	sizeof(struct sadb_msg),	/* SADB_EXT_RESERVED */
348 	sizeof(struct sadb_sa),		/* SADB_EXT_SA */
349 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_CURRENT */
350 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_HARD */
351 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_SOFT */
352 	0,				/* SADB_EXT_ADDRESS_SRC */
353 	0,				/* SADB_EXT_ADDRESS_DST */
354 	0,				/* SADB_EXT_ADDRESS_PROXY */
355 	0,				/* SADB_EXT_KEY_AUTH */
356 	0,				/* SADB_EXT_KEY_ENCRYPT */
357 	0,				/* SADB_EXT_IDENTITY_SRC */
358 	0,				/* SADB_EXT_IDENTITY_DST */
359 	0,				/* SADB_EXT_SENSITIVITY */
360 	0,				/* SADB_EXT_PROPOSAL */
361 	0,				/* SADB_EXT_SUPPORTED_AUTH */
362 	0,				/* SADB_EXT_SUPPORTED_ENCRYPT */
363 	sizeof(struct sadb_spirange),	/* SADB_EXT_SPIRANGE */
364 	0,				/* SADB_X_EXT_KMPRIVATE */
365 	0,				/* SADB_X_EXT_POLICY */
366 	sizeof(struct sadb_x_sa2),	/* SADB_X_SA2 */
367 	sizeof(struct sadb_x_nat_t_type),/* SADB_X_EXT_NAT_T_TYPE */
368 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */
369 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */
370 	0,				/* SADB_X_EXT_NAT_T_OAI */
371 	0,				/* SADB_X_EXT_NAT_T_OAR */
372 	sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
373 	sizeof(struct sadb_x_sa_replay), /* SADB_X_EXT_SA_REPLAY */
374 	0,				/* SADB_X_EXT_NEW_ADDRESS_SRC */
375 	0,				/* SADB_X_EXT_NEW_ADDRESS_DST */
376 };
377 _Static_assert(sizeof(maxsize)/sizeof(int) == SADB_EXT_MAX + 1, "minsize size mismatch");
378 
379 /*
380  * Internal values for SA flags:
381  * SADB_X_EXT_F_CLONED means that SA was cloned by key_updateaddresses,
382  *	thus we will not free the most of SA content in key_delsav().
383  */
384 #define	SADB_X_EXT_F_CLONED	0x80000000
385 
386 #define	SADB_CHECKLEN(_mhp, _ext)			\
387     ((_mhp)->extlen[(_ext)] < minsize[(_ext)] || (maxsize[(_ext)] != 0 && \
388 	((_mhp)->extlen[(_ext)] > maxsize[(_ext)])))
389 #define	SADB_CHECKHDR(_mhp, _ext)	((_mhp)->ext[(_ext)] == NULL)
390 
391 static VNET_DEFINE(int, ipsec_esp_keymin) = 256;
392 static VNET_DEFINE(int, ipsec_esp_auth) = 0;
393 static VNET_DEFINE(int, ipsec_ah_keymin) = 128;
394 
395 #define	V_ipsec_esp_keymin	VNET(ipsec_esp_keymin)
396 #define	V_ipsec_esp_auth	VNET(ipsec_esp_auth)
397 #define	V_ipsec_ah_keymin	VNET(ipsec_ah_keymin)
398 
399 #ifdef IPSEC_DEBUG
400 VNET_DEFINE(int, ipsec_debug) = 1;
401 #else
402 VNET_DEFINE(int, ipsec_debug) = 0;
403 #endif
404 
405 #ifdef INET
406 SYSCTL_DECL(_net_inet_ipsec);
407 SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEBUG, debug,
408     CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0,
409     "Enable IPsec debugging output when set.");
410 #endif
411 #ifdef INET6
412 SYSCTL_DECL(_net_inet6_ipsec6);
413 SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_DEBUG, debug,
414     CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0,
415     "Enable IPsec debugging output when set.");
416 #endif
417 
418 SYSCTL_DECL(_net_key);
419 SYSCTL_INT(_net_key, KEYCTL_DEBUG_LEVEL,	debug,
420 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_debug_level), 0, "");
421 
422 /* max count of trial for the decision of spi value */
423 SYSCTL_INT(_net_key, KEYCTL_SPI_TRY, spi_trycnt,
424 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_trycnt), 0, "");
425 
426 /* minimum spi value to allocate automatically. */
427 SYSCTL_INT(_net_key, KEYCTL_SPI_MIN_VALUE, spi_minval,
428 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_minval), 0, "");
429 
430 /* maximun spi value to allocate automatically. */
431 SYSCTL_INT(_net_key, KEYCTL_SPI_MAX_VALUE, spi_maxval,
432 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_maxval), 0, "");
433 
434 /* interval to initialize randseed */
435 SYSCTL_INT(_net_key, KEYCTL_RANDOM_INT, int_random,
436 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_int_random), 0, "");
437 
438 /* lifetime for larval SA */
439 SYSCTL_INT(_net_key, KEYCTL_LARVAL_LIFETIME, larval_lifetime,
440 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_larval_lifetime), 0, "");
441 
442 /* counter for blocking to send SADB_ACQUIRE to IKEd */
443 SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_COUNT, blockacq_count,
444 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_count), 0, "");
445 
446 /* lifetime for blocking to send SADB_ACQUIRE to IKEd */
447 SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_LIFETIME, blockacq_lifetime,
448 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_lifetime), 0, "");
449 
450 /* ESP auth */
451 SYSCTL_INT(_net_key, KEYCTL_ESP_AUTH, esp_auth,
452 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_auth), 0, "");
453 
454 /* minimum ESP key length */
455 SYSCTL_INT(_net_key, KEYCTL_ESP_KEYMIN, esp_keymin,
456 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_keymin), 0, "");
457 
458 /* minimum AH key length */
459 SYSCTL_INT(_net_key, KEYCTL_AH_KEYMIN, ah_keymin,
460 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_ah_keymin), 0, "");
461 
462 /* perfered old SA rather than new SA */
463 SYSCTL_INT(_net_key, KEYCTL_PREFERED_OLDSA, preferred_oldsa,
464 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_preferred_oldsa), 0, "");
465 
466 #define __LIST_CHAINED(elm) \
467 	(!((elm)->chain.le_next == NULL && (elm)->chain.le_prev == NULL))
468 
469 MALLOC_DEFINE(M_IPSEC_SA, "secasvar", "ipsec security association");
470 MALLOC_DEFINE(M_IPSEC_SAH, "sahead", "ipsec sa head");
471 MALLOC_DEFINE(M_IPSEC_SP, "ipsecpolicy", "ipsec security policy");
472 MALLOC_DEFINE(M_IPSEC_SR, "ipsecrequest", "ipsec security request");
473 MALLOC_DEFINE(M_IPSEC_MISC, "ipsec-misc", "ipsec miscellaneous");
474 MALLOC_DEFINE(M_IPSEC_SAQ, "ipsec-saq", "ipsec sa acquire");
475 MALLOC_DEFINE(M_IPSEC_SAR, "ipsec-reg", "ipsec sa acquire");
476 
477 static VNET_DEFINE(uma_zone_t, key_lft_zone);
478 #define	V_key_lft_zone		VNET(key_lft_zone)
479 
480 static LIST_HEAD(xforms_list, xformsw) xforms = LIST_HEAD_INITIALIZER();
481 static struct mtx xforms_lock;
482 #define	XFORMS_LOCK_INIT()	\
483     mtx_init(&xforms_lock, "xforms_list", "IPsec transforms list", MTX_DEF)
484 #define	XFORMS_LOCK_DESTROY()	mtx_destroy(&xforms_lock)
485 #define	XFORMS_LOCK()		mtx_lock(&xforms_lock)
486 #define	XFORMS_UNLOCK()		mtx_unlock(&xforms_lock)
487 
488 /*
489  * set parameters into secpolicyindex buffer.
490  * Must allocate secpolicyindex buffer passed to this function.
491  */
492 #define KEY_SETSECSPIDX(_dir, s, d, ps, pd, ulp, idx) \
493 do { \
494 	bzero((idx), sizeof(struct secpolicyindex));                         \
495 	(idx)->dir = (_dir);                                                 \
496 	(idx)->prefs = (ps);                                                 \
497 	(idx)->prefd = (pd);                                                 \
498 	(idx)->ul_proto = (ulp);                                             \
499 	bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len);     \
500 	bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len);     \
501 } while (0)
502 
503 /*
504  * set parameters into secasindex buffer.
505  * Must allocate secasindex buffer before calling this function.
506  */
507 #define KEY_SETSECASIDX(p, m, r, s, d, idx) \
508 do { \
509 	bzero((idx), sizeof(struct secasindex));                             \
510 	(idx)->proto = (p);                                                  \
511 	(idx)->mode = (m);                                                   \
512 	(idx)->reqid = (r);                                                  \
513 	bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len);     \
514 	bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len);     \
515 	key_porttosaddr(&(idx)->src.sa, 0);				     \
516 	key_porttosaddr(&(idx)->dst.sa, 0);				     \
517 } while (0)
518 
519 /* key statistics */
520 struct _keystat {
521 	u_long getspi_count; /* the avarage of count to try to get new SPI */
522 } keystat;
523 
524 struct sadb_msghdr {
525 	struct sadb_msg *msg;
526 	struct sadb_ext *ext[SADB_EXT_MAX + 1];
527 	int extoff[SADB_EXT_MAX + 1];
528 	int extlen[SADB_EXT_MAX + 1];
529 };
530 
531 static struct supported_ealgs {
532 	int sadb_alg;
533 	const struct enc_xform *xform;
534 } supported_ealgs[] = {
535 	{ SADB_EALG_DESCBC,		&enc_xform_des },
536 	{ SADB_EALG_3DESCBC,		&enc_xform_3des },
537 	{ SADB_X_EALG_AES,		&enc_xform_rijndael128 },
538 	{ SADB_X_EALG_BLOWFISHCBC,	&enc_xform_blf },
539 	{ SADB_X_EALG_CAST128CBC,	&enc_xform_cast5 },
540 	{ SADB_EALG_NULL,		&enc_xform_null },
541 	{ SADB_X_EALG_CAMELLIACBC,	&enc_xform_camellia },
542 	{ SADB_X_EALG_AESCTR,		&enc_xform_aes_icm },
543 	{ SADB_X_EALG_AESGCM16,		&enc_xform_aes_nist_gcm },
544 	{ SADB_X_EALG_AESGMAC,		&enc_xform_aes_nist_gmac },
545 };
546 
547 static struct supported_aalgs {
548 	int sadb_alg;
549 	const struct auth_hash *xform;
550 } supported_aalgs[] = {
551 	{ SADB_X_AALG_NULL,		&auth_hash_null },
552 	{ SADB_AALG_MD5HMAC,		&auth_hash_hmac_md5 },
553 	{ SADB_AALG_SHA1HMAC,		&auth_hash_hmac_sha1 },
554 	{ SADB_X_AALG_RIPEMD160HMAC,	&auth_hash_hmac_ripemd_160 },
555 	{ SADB_X_AALG_MD5,		&auth_hash_key_md5 },
556 	{ SADB_X_AALG_SHA,		&auth_hash_key_sha1 },
557 	{ SADB_X_AALG_SHA2_256,		&auth_hash_hmac_sha2_256 },
558 	{ SADB_X_AALG_SHA2_384,		&auth_hash_hmac_sha2_384 },
559 	{ SADB_X_AALG_SHA2_512,		&auth_hash_hmac_sha2_512 },
560 	{ SADB_X_AALG_AES128GMAC,	&auth_hash_nist_gmac_aes_128 },
561 	{ SADB_X_AALG_AES192GMAC,	&auth_hash_nist_gmac_aes_192 },
562 	{ SADB_X_AALG_AES256GMAC,	&auth_hash_nist_gmac_aes_256 },
563 };
564 
565 static struct supported_calgs {
566 	int sadb_alg;
567 	const struct comp_algo *xform;
568 } supported_calgs[] = {
569 	{ SADB_X_CALG_DEFLATE,		&comp_algo_deflate },
570 };
571 
572 #ifndef IPSEC_DEBUG2
573 static struct callout key_timer;
574 #endif
575 
576 static void key_unlink(struct secpolicy *);
577 static struct secpolicy *key_getsp(struct secpolicyindex *);
578 static struct secpolicy *key_getspbyid(u_int32_t);
579 static struct mbuf *key_gather_mbuf(struct mbuf *,
580 	const struct sadb_msghdr *, int, int, ...);
581 static int key_spdadd(struct socket *, struct mbuf *,
582 	const struct sadb_msghdr *);
583 static uint32_t key_getnewspid(void);
584 static int key_spddelete(struct socket *, struct mbuf *,
585 	const struct sadb_msghdr *);
586 static int key_spddelete2(struct socket *, struct mbuf *,
587 	const struct sadb_msghdr *);
588 static int key_spdget(struct socket *, struct mbuf *,
589 	const struct sadb_msghdr *);
590 static int key_spdflush(struct socket *, struct mbuf *,
591 	const struct sadb_msghdr *);
592 static int key_spddump(struct socket *, struct mbuf *,
593 	const struct sadb_msghdr *);
594 static struct mbuf *key_setdumpsp(struct secpolicy *,
595 	u_int8_t, u_int32_t, u_int32_t);
596 static struct mbuf *key_sp2mbuf(struct secpolicy *);
597 static size_t key_getspreqmsglen(struct secpolicy *);
598 static int key_spdexpire(struct secpolicy *);
599 static struct secashead *key_newsah(struct secasindex *);
600 static void key_freesah(struct secashead **);
601 static void key_delsah(struct secashead *);
602 static struct secasvar *key_newsav(const struct sadb_msghdr *,
603     struct secasindex *, uint32_t, int *);
604 static void key_delsav(struct secasvar *);
605 static void key_unlinksav(struct secasvar *);
606 static struct secashead *key_getsah(struct secasindex *);
607 static int key_checkspidup(uint32_t);
608 static struct secasvar *key_getsavbyspi(uint32_t);
609 static int key_setnatt(struct secasvar *, const struct sadb_msghdr *);
610 static int key_setsaval(struct secasvar *, const struct sadb_msghdr *);
611 static int key_updatelifetimes(struct secasvar *, const struct sadb_msghdr *);
612 static int key_updateaddresses(struct socket *, struct mbuf *,
613     const struct sadb_msghdr *, struct secasvar *, struct secasindex *);
614 
615 static struct mbuf *key_setdumpsa(struct secasvar *, u_int8_t,
616 	u_int8_t, u_int32_t, u_int32_t);
617 static struct mbuf *key_setsadbmsg(u_int8_t, u_int16_t, u_int8_t,
618 	u_int32_t, pid_t, u_int16_t);
619 static struct mbuf *key_setsadbsa(struct secasvar *);
620 static struct mbuf *key_setsadbaddr(u_int16_t,
621 	const struct sockaddr *, u_int8_t, u_int16_t);
622 static struct mbuf *key_setsadbxport(u_int16_t, u_int16_t);
623 static struct mbuf *key_setsadbxtype(u_int16_t);
624 static struct mbuf *key_setsadbxsa2(u_int8_t, u_int32_t, u_int32_t);
625 static struct mbuf *key_setsadbxsareplay(u_int32_t);
626 static struct mbuf *key_setsadbxpolicy(u_int16_t, u_int8_t,
627 	u_int32_t, u_int32_t);
628 static struct seckey *key_dup_keymsg(const struct sadb_key *, size_t,
629     struct malloc_type *);
630 static struct seclifetime *key_dup_lifemsg(const struct sadb_lifetime *src,
631     struct malloc_type *);
632 
633 /* flags for key_cmpsaidx() */
634 #define CMP_HEAD	1	/* protocol, addresses. */
635 #define CMP_MODE_REQID	2	/* additionally HEAD, reqid, mode. */
636 #define CMP_REQID	3	/* additionally HEAD, reaid. */
637 #define CMP_EXACTLY	4	/* all elements. */
638 static int key_cmpsaidx(const struct secasindex *,
639     const struct secasindex *, int);
640 static int key_cmpspidx_exactly(struct secpolicyindex *,
641     struct secpolicyindex *);
642 static int key_cmpspidx_withmask(struct secpolicyindex *,
643     struct secpolicyindex *);
644 static int key_bbcmp(const void *, const void *, u_int);
645 static uint8_t key_satype2proto(uint8_t);
646 static uint8_t key_proto2satype(uint8_t);
647 
648 static int key_getspi(struct socket *, struct mbuf *,
649 	const struct sadb_msghdr *);
650 static uint32_t key_do_getnewspi(struct sadb_spirange *, struct secasindex *);
651 static int key_update(struct socket *, struct mbuf *,
652 	const struct sadb_msghdr *);
653 static int key_add(struct socket *, struct mbuf *,
654 	const struct sadb_msghdr *);
655 static int key_setident(struct secashead *, const struct sadb_msghdr *);
656 static struct mbuf *key_getmsgbuf_x1(struct mbuf *,
657 	const struct sadb_msghdr *);
658 static int key_delete(struct socket *, struct mbuf *,
659 	const struct sadb_msghdr *);
660 static int key_delete_all(struct socket *, struct mbuf *,
661 	const struct sadb_msghdr *, struct secasindex *);
662 static void key_delete_xform(const struct xformsw *);
663 static int key_get(struct socket *, struct mbuf *,
664 	const struct sadb_msghdr *);
665 
666 static void key_getcomb_setlifetime(struct sadb_comb *);
667 static struct mbuf *key_getcomb_ealg(void);
668 static struct mbuf *key_getcomb_ah(void);
669 static struct mbuf *key_getcomb_ipcomp(void);
670 static struct mbuf *key_getprop(const struct secasindex *);
671 
672 static int key_acquire(const struct secasindex *, struct secpolicy *);
673 static uint32_t key_newacq(const struct secasindex *, int *);
674 static uint32_t key_getacq(const struct secasindex *, int *);
675 static int key_acqdone(const struct secasindex *, uint32_t);
676 static int key_acqreset(uint32_t);
677 static struct secspacq *key_newspacq(struct secpolicyindex *);
678 static struct secspacq *key_getspacq(struct secpolicyindex *);
679 static int key_acquire2(struct socket *, struct mbuf *,
680 	const struct sadb_msghdr *);
681 static int key_register(struct socket *, struct mbuf *,
682 	const struct sadb_msghdr *);
683 static int key_expire(struct secasvar *, int);
684 static int key_flush(struct socket *, struct mbuf *,
685 	const struct sadb_msghdr *);
686 static int key_dump(struct socket *, struct mbuf *,
687 	const struct sadb_msghdr *);
688 static int key_promisc(struct socket *, struct mbuf *,
689 	const struct sadb_msghdr *);
690 static int key_senderror(struct socket *, struct mbuf *, int);
691 static int key_validate_ext(const struct sadb_ext *, int);
692 static int key_align(struct mbuf *, struct sadb_msghdr *);
693 static struct mbuf *key_setlifetime(struct seclifetime *, uint16_t);
694 static struct mbuf *key_setkey(struct seckey *, uint16_t);
695 static int xform_init(struct secasvar *, u_short);
696 
697 #define	DBG_IPSEC_INITREF(t, p)	do {				\
698 	refcount_init(&(p)->refcnt, 1);				\
699 	KEYDBG(KEY_STAMP,					\
700 	    printf("%s: Initialize refcnt %s(%p) = %u\n",	\
701 	    __func__, #t, (p), (p)->refcnt));			\
702 } while (0)
703 #define	DBG_IPSEC_ADDREF(t, p)	do {				\
704 	refcount_acquire(&(p)->refcnt);				\
705 	KEYDBG(KEY_STAMP,					\
706 	    printf("%s: Acquire refcnt %s(%p) -> %u\n",		\
707 	    __func__, #t, (p), (p)->refcnt));			\
708 } while (0)
709 #define	DBG_IPSEC_DELREF(t, p)	do {				\
710 	KEYDBG(KEY_STAMP,					\
711 	    printf("%s: Release refcnt %s(%p) -> %u\n",		\
712 	    __func__, #t, (p), (p)->refcnt - 1));		\
713 	refcount_release(&(p)->refcnt);				\
714 } while (0)
715 
716 #define	IPSEC_INITREF(t, p)	refcount_init(&(p)->refcnt, 1)
717 #define	IPSEC_ADDREF(t, p)	refcount_acquire(&(p)->refcnt)
718 #define	IPSEC_DELREF(t, p)	refcount_release(&(p)->refcnt)
719 
720 #define	SP_INITREF(p)	IPSEC_INITREF(SP, p)
721 #define	SP_ADDREF(p)	IPSEC_ADDREF(SP, p)
722 #define	SP_DELREF(p)	IPSEC_DELREF(SP, p)
723 
724 #define	SAH_INITREF(p)	IPSEC_INITREF(SAH, p)
725 #define	SAH_ADDREF(p)	IPSEC_ADDREF(SAH, p)
726 #define	SAH_DELREF(p)	IPSEC_DELREF(SAH, p)
727 
728 #define	SAV_INITREF(p)	IPSEC_INITREF(SAV, p)
729 #define	SAV_ADDREF(p)	IPSEC_ADDREF(SAV, p)
730 #define	SAV_DELREF(p)	IPSEC_DELREF(SAV, p)
731 
732 /*
733  * Update the refcnt while holding the SPTREE lock.
734  */
735 void
736 key_addref(struct secpolicy *sp)
737 {
738 
739 	SP_ADDREF(sp);
740 }
741 
742 /*
743  * Return 0 when there are known to be no SP's for the specified
744  * direction.  Otherwise return 1.  This is used by IPsec code
745  * to optimize performance.
746  */
747 int
748 key_havesp(u_int dir)
749 {
750 
751 	return (dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND ?
752 		TAILQ_FIRST(&V_sptree[dir]) != NULL : 1);
753 }
754 
755 /* %%% IPsec policy management */
756 /*
757  * Return current SPDB generation.
758  */
759 uint32_t
760 key_getspgen(void)
761 {
762 
763 	return (V_sp_genid);
764 }
765 
766 void
767 key_bumpspgen(void)
768 {
769 
770 	V_sp_genid++;
771 }
772 
773 static int
774 key_checksockaddrs(struct sockaddr *src, struct sockaddr *dst)
775 {
776 
777 	/* family match */
778 	if (src->sa_family != dst->sa_family)
779 		return (EINVAL);
780 	/* sa_len match */
781 	if (src->sa_len != dst->sa_len)
782 		return (EINVAL);
783 	switch (src->sa_family) {
784 #ifdef INET
785 	case AF_INET:
786 		if (src->sa_len != sizeof(struct sockaddr_in))
787 			return (EINVAL);
788 		break;
789 #endif
790 #ifdef INET6
791 	case AF_INET6:
792 		if (src->sa_len != sizeof(struct sockaddr_in6))
793 			return (EINVAL);
794 		break;
795 #endif
796 	default:
797 		return (EAFNOSUPPORT);
798 	}
799 	return (0);
800 }
801 
802 /*
803  * allocating a SP for OUTBOUND or INBOUND packet.
804  * Must call key_freesp() later.
805  * OUT:	NULL:	not found
806  *	others:	found and return the pointer.
807  */
808 struct secpolicy *
809 key_allocsp(struct secpolicyindex *spidx, u_int dir)
810 {
811 	SPTREE_RLOCK_TRACKER;
812 	struct secpolicy *sp;
813 
814 	IPSEC_ASSERT(spidx != NULL, ("null spidx"));
815 	IPSEC_ASSERT(dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND,
816 		("invalid direction %u", dir));
817 
818 	SPTREE_RLOCK();
819 	TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
820 		if (key_cmpspidx_withmask(&sp->spidx, spidx)) {
821 			SP_ADDREF(sp);
822 			break;
823 		}
824 	}
825 	SPTREE_RUNLOCK();
826 
827 	if (sp != NULL) {	/* found a SPD entry */
828 		sp->lastused = time_second;
829 		KEYDBG(IPSEC_STAMP,
830 		    printf("%s: return SP(%p)\n", __func__, sp));
831 		KEYDBG(IPSEC_DATA, kdebug_secpolicy(sp));
832 	} else {
833 		KEYDBG(IPSEC_DATA,
834 		    printf("%s: lookup failed for ", __func__);
835 		    kdebug_secpolicyindex(spidx, NULL));
836 	}
837 	return (sp);
838 }
839 
840 /*
841  * Allocating an SA entry for an *INBOUND* or *OUTBOUND* TCP packet, signed
842  * or should be signed by MD5 signature.
843  * We don't use key_allocsa() for such lookups, because we don't know SPI.
844  * Unlike ESP and AH protocols, SPI isn't transmitted in the TCP header with
845  * signed packet. We use SADB only as storage for password.
846  * OUT:	positive:	corresponding SA for given saidx found.
847  *	NULL:		SA not found
848  */
849 struct secasvar *
850 key_allocsa_tcpmd5(struct secasindex *saidx)
851 {
852 	SAHTREE_RLOCK_TRACKER;
853 	struct secashead *sah;
854 	struct secasvar *sav;
855 
856 	IPSEC_ASSERT(saidx->proto == IPPROTO_TCP,
857 	    ("unexpected security protocol %u", saidx->proto));
858 	IPSEC_ASSERT(saidx->mode == IPSEC_MODE_TCPMD5,
859 	    ("unexpected mode %u", saidx->mode));
860 
861 	SAHTREE_RLOCK();
862 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
863 		KEYDBG(IPSEC_DUMP,
864 		    printf("%s: checking SAH\n", __func__);
865 		    kdebug_secash(sah, "  "));
866 		if (sah->saidx.proto != IPPROTO_TCP)
867 			continue;
868 		if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
869 		    !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
870 			break;
871 	}
872 	if (sah != NULL) {
873 		if (V_key_preferred_oldsa)
874 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
875 		else
876 			sav = TAILQ_FIRST(&sah->savtree_alive);
877 		if (sav != NULL)
878 			SAV_ADDREF(sav);
879 	} else
880 		sav = NULL;
881 	SAHTREE_RUNLOCK();
882 
883 	if (sav != NULL) {
884 		KEYDBG(IPSEC_STAMP,
885 		    printf("%s: return SA(%p)\n", __func__, sav));
886 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
887 	} else {
888 		KEYDBG(IPSEC_STAMP,
889 		    printf("%s: SA not found\n", __func__));
890 		KEYDBG(IPSEC_DATA, kdebug_secasindex(saidx, NULL));
891 	}
892 	return (sav);
893 }
894 
895 /*
896  * Allocating an SA entry for an *OUTBOUND* packet.
897  * OUT:	positive:	corresponding SA for given saidx found.
898  *	NULL:		SA not found, but will be acquired, check *error
899  *			for acquiring status.
900  */
901 struct secasvar *
902 key_allocsa_policy(struct secpolicy *sp, const struct secasindex *saidx,
903     int *error)
904 {
905 	SAHTREE_RLOCK_TRACKER;
906 	struct secashead *sah;
907 	struct secasvar *sav;
908 
909 	IPSEC_ASSERT(saidx != NULL, ("null saidx"));
910 	IPSEC_ASSERT(saidx->mode == IPSEC_MODE_TRANSPORT ||
911 		saidx->mode == IPSEC_MODE_TUNNEL,
912 		("unexpected policy %u", saidx->mode));
913 
914 	/*
915 	 * We check new SA in the IPsec request because a different
916 	 * SA may be involved each time this request is checked, either
917 	 * because new SAs are being configured, or this request is
918 	 * associated with an unconnected datagram socket, or this request
919 	 * is associated with a system default policy.
920 	 */
921 	SAHTREE_RLOCK();
922 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
923 		KEYDBG(IPSEC_DUMP,
924 		    printf("%s: checking SAH\n", __func__);
925 		    kdebug_secash(sah, "  "));
926 		if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID))
927 			break;
928 
929 	}
930 	if (sah != NULL) {
931 		/*
932 		 * Allocate the oldest SA available according to
933 		 * draft-jenkins-ipsec-rekeying-03.
934 		 */
935 		if (V_key_preferred_oldsa)
936 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
937 		else
938 			sav = TAILQ_FIRST(&sah->savtree_alive);
939 		if (sav != NULL)
940 			SAV_ADDREF(sav);
941 	} else
942 		sav = NULL;
943 	SAHTREE_RUNLOCK();
944 
945 	if (sav != NULL) {
946 		*error = 0;
947 		KEYDBG(IPSEC_STAMP,
948 		    printf("%s: chosen SA(%p) for SP(%p)\n", __func__,
949 			sav, sp));
950 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
951 		return (sav); /* return referenced SA */
952 	}
953 
954 	/* there is no SA */
955 	*error = key_acquire(saidx, sp);
956 	if ((*error) != 0)
957 		ipseclog((LOG_DEBUG,
958 		    "%s: error %d returned from key_acquire()\n",
959 			__func__, *error));
960 	KEYDBG(IPSEC_STAMP,
961 	    printf("%s: acquire SA for SP(%p), error %d\n",
962 		__func__, sp, *error));
963 	KEYDBG(IPSEC_DATA, kdebug_secasindex(saidx, NULL));
964 	return (NULL);
965 }
966 
967 /*
968  * allocating a usable SA entry for a *INBOUND* packet.
969  * Must call key_freesav() later.
970  * OUT: positive:	pointer to a usable sav (i.e. MATURE or DYING state).
971  *	NULL:		not found, or error occurred.
972  *
973  * According to RFC 2401 SA is uniquely identified by a triple SPI,
974  * destination address, and security protocol. But according to RFC 4301,
975  * SPI by itself suffices to specify an SA.
976  *
977  * Note that, however, we do need to keep source address in IPsec SA.
978  * IKE specification and PF_KEY specification do assume that we
979  * keep source address in IPsec SA.  We see a tricky situation here.
980  */
981 struct secasvar *
982 key_allocsa(union sockaddr_union *dst, uint8_t proto, uint32_t spi)
983 {
984 	SAHTREE_RLOCK_TRACKER;
985 	struct secasvar *sav;
986 
987 	IPSEC_ASSERT(proto == IPPROTO_ESP || proto == IPPROTO_AH ||
988 	    proto == IPPROTO_IPCOMP, ("unexpected security protocol %u",
989 	    proto));
990 
991 	SAHTREE_RLOCK();
992 	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
993 		if (sav->spi == spi)
994 			break;
995 	}
996 	/*
997 	 * We use single SPI namespace for all protocols, so it is
998 	 * impossible to have SPI duplicates in the SAVHASH.
999 	 */
1000 	if (sav != NULL) {
1001 		if (sav->state != SADB_SASTATE_LARVAL &&
1002 		    sav->sah->saidx.proto == proto &&
1003 		    key_sockaddrcmp(&dst->sa,
1004 			&sav->sah->saidx.dst.sa, 0) == 0)
1005 			SAV_ADDREF(sav);
1006 		else
1007 			sav = NULL;
1008 	}
1009 	SAHTREE_RUNLOCK();
1010 
1011 	if (sav == NULL) {
1012 		KEYDBG(IPSEC_STAMP,
1013 		    char buf[IPSEC_ADDRSTRLEN];
1014 		    printf("%s: SA not found for spi %u proto %u dst %s\n",
1015 			__func__, ntohl(spi), proto, ipsec_address(dst, buf,
1016 			sizeof(buf))));
1017 	} else {
1018 		KEYDBG(IPSEC_STAMP,
1019 		    printf("%s: return SA(%p)\n", __func__, sav));
1020 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1021 	}
1022 	return (sav);
1023 }
1024 
1025 struct secasvar *
1026 key_allocsa_tunnel(union sockaddr_union *src, union sockaddr_union *dst,
1027     uint8_t proto)
1028 {
1029 	SAHTREE_RLOCK_TRACKER;
1030 	struct secasindex saidx;
1031 	struct secashead *sah;
1032 	struct secasvar *sav;
1033 
1034 	IPSEC_ASSERT(src != NULL, ("null src address"));
1035 	IPSEC_ASSERT(dst != NULL, ("null dst address"));
1036 
1037 	KEY_SETSECASIDX(proto, IPSEC_MODE_TUNNEL, 0, &src->sa,
1038 	    &dst->sa, &saidx);
1039 
1040 	sav = NULL;
1041 	SAHTREE_RLOCK();
1042 	LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
1043 		if (IPSEC_MODE_TUNNEL != sah->saidx.mode)
1044 			continue;
1045 		if (proto != sah->saidx.proto)
1046 			continue;
1047 		if (key_sockaddrcmp(&src->sa, &sah->saidx.src.sa, 0) != 0)
1048 			continue;
1049 		if (key_sockaddrcmp(&dst->sa, &sah->saidx.dst.sa, 0) != 0)
1050 			continue;
1051 		/* XXXAE: is key_preferred_oldsa reasonably?*/
1052 		if (V_key_preferred_oldsa)
1053 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1054 		else
1055 			sav = TAILQ_FIRST(&sah->savtree_alive);
1056 		if (sav != NULL) {
1057 			SAV_ADDREF(sav);
1058 			break;
1059 		}
1060 	}
1061 	SAHTREE_RUNLOCK();
1062 	KEYDBG(IPSEC_STAMP,
1063 	    printf("%s: return SA(%p)\n", __func__, sav));
1064 	if (sav != NULL)
1065 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1066 	return (sav);
1067 }
1068 
1069 /*
1070  * Must be called after calling key_allocsp().
1071  */
1072 void
1073 key_freesp(struct secpolicy **spp)
1074 {
1075 	struct secpolicy *sp = *spp;
1076 
1077 	IPSEC_ASSERT(sp != NULL, ("null sp"));
1078 	if (SP_DELREF(sp) == 0)
1079 		return;
1080 
1081 	KEYDBG(IPSEC_STAMP,
1082 	    printf("%s: last reference to SP(%p)\n", __func__, sp));
1083 	KEYDBG(IPSEC_DATA, kdebug_secpolicy(sp));
1084 
1085 	*spp = NULL;
1086 	while (sp->tcount > 0)
1087 		ipsec_delisr(sp->req[--sp->tcount]);
1088 	free(sp, M_IPSEC_SP);
1089 }
1090 
1091 static void
1092 key_unlink(struct secpolicy *sp)
1093 {
1094 
1095 	IPSEC_ASSERT(sp->spidx.dir == IPSEC_DIR_INBOUND ||
1096 	    sp->spidx.dir == IPSEC_DIR_OUTBOUND,
1097 	    ("invalid direction %u", sp->spidx.dir));
1098 	SPTREE_UNLOCK_ASSERT();
1099 
1100 	KEYDBG(KEY_STAMP,
1101 	    printf("%s: SP(%p)\n", __func__, sp));
1102 	SPTREE_WLOCK();
1103 	if (sp->state != IPSEC_SPSTATE_ALIVE) {
1104 		/* SP is already unlinked */
1105 		SPTREE_WUNLOCK();
1106 		return;
1107 	}
1108 	sp->state = IPSEC_SPSTATE_DEAD;
1109 	TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain);
1110 	LIST_REMOVE(sp, idhash);
1111 	V_sp_genid++;
1112 	SPTREE_WUNLOCK();
1113 	key_freesp(&sp);
1114 }
1115 
1116 /*
1117  * insert a secpolicy into the SP database. Lower priorities first
1118  */
1119 static void
1120 key_insertsp(struct secpolicy *newsp)
1121 {
1122 	struct secpolicy *sp;
1123 
1124 	SPTREE_WLOCK_ASSERT();
1125 	TAILQ_FOREACH(sp, &V_sptree[newsp->spidx.dir], chain) {
1126 		if (newsp->priority < sp->priority) {
1127 			TAILQ_INSERT_BEFORE(sp, newsp, chain);
1128 			goto done;
1129 		}
1130 	}
1131 	TAILQ_INSERT_TAIL(&V_sptree[newsp->spidx.dir], newsp, chain);
1132 done:
1133 	LIST_INSERT_HEAD(SPHASH_HASH(newsp->id), newsp, idhash);
1134 	newsp->state = IPSEC_SPSTATE_ALIVE;
1135 	V_sp_genid++;
1136 }
1137 
1138 /*
1139  * Insert a bunch of VTI secpolicies into the SPDB.
1140  * We keep VTI policies in the separate list due to following reasons:
1141  * 1) they should be immutable to user's or some deamon's attempts to
1142  *    delete. The only way delete such policies - destroy or unconfigure
1143  *    corresponding virtual inteface.
1144  * 2) such policies have traffic selector that matches all traffic per
1145  *    address family.
1146  * Since all VTI policies have the same priority, we don't care about
1147  * policies order.
1148  */
1149 int
1150 key_register_ifnet(struct secpolicy **spp, u_int count)
1151 {
1152 	struct mbuf *m;
1153 	u_int i;
1154 
1155 	SPTREE_WLOCK();
1156 	/*
1157 	 * First of try to acquire id for each SP.
1158 	 */
1159 	for (i = 0; i < count; i++) {
1160 		IPSEC_ASSERT(spp[i]->spidx.dir == IPSEC_DIR_INBOUND ||
1161 		    spp[i]->spidx.dir == IPSEC_DIR_OUTBOUND,
1162 		    ("invalid direction %u", spp[i]->spidx.dir));
1163 
1164 		if ((spp[i]->id = key_getnewspid()) == 0) {
1165 			SPTREE_WUNLOCK();
1166 			return (EAGAIN);
1167 		}
1168 	}
1169 	for (i = 0; i < count; i++) {
1170 		TAILQ_INSERT_TAIL(&V_sptree_ifnet[spp[i]->spidx.dir],
1171 		    spp[i], chain);
1172 		/*
1173 		 * NOTE: despite the fact that we keep VTI SP in the
1174 		 * separate list, SPHASH contains policies from both
1175 		 * sources. Thus SADB_X_SPDGET will correctly return
1176 		 * SP by id, because it uses SPHASH for lookups.
1177 		 */
1178 		LIST_INSERT_HEAD(SPHASH_HASH(spp[i]->id), spp[i], idhash);
1179 		spp[i]->state = IPSEC_SPSTATE_IFNET;
1180 	}
1181 	SPTREE_WUNLOCK();
1182 	/*
1183 	 * Notify user processes about new SP.
1184 	 */
1185 	for (i = 0; i < count; i++) {
1186 		m = key_setdumpsp(spp[i], SADB_X_SPDADD, 0, 0);
1187 		if (m != NULL)
1188 			key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL);
1189 	}
1190 	return (0);
1191 }
1192 
1193 void
1194 key_unregister_ifnet(struct secpolicy **spp, u_int count)
1195 {
1196 	struct mbuf *m;
1197 	u_int i;
1198 
1199 	SPTREE_WLOCK();
1200 	for (i = 0; i < count; i++) {
1201 		IPSEC_ASSERT(spp[i]->spidx.dir == IPSEC_DIR_INBOUND ||
1202 		    spp[i]->spidx.dir == IPSEC_DIR_OUTBOUND,
1203 		    ("invalid direction %u", spp[i]->spidx.dir));
1204 
1205 		if (spp[i]->state != IPSEC_SPSTATE_IFNET)
1206 			continue;
1207 		spp[i]->state = IPSEC_SPSTATE_DEAD;
1208 		TAILQ_REMOVE(&V_sptree_ifnet[spp[i]->spidx.dir],
1209 		    spp[i], chain);
1210 		LIST_REMOVE(spp[i], idhash);
1211 	}
1212 	SPTREE_WUNLOCK();
1213 
1214 	for (i = 0; i < count; i++) {
1215 		m = key_setdumpsp(spp[i], SADB_X_SPDDELETE, 0, 0);
1216 		if (m != NULL)
1217 			key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL);
1218 	}
1219 }
1220 
1221 /*
1222  * Must be called after calling key_allocsa().
1223  * This function is called by key_freesp() to free some SA allocated
1224  * for a policy.
1225  */
1226 void
1227 key_freesav(struct secasvar **psav)
1228 {
1229 	struct secasvar *sav = *psav;
1230 
1231 	IPSEC_ASSERT(sav != NULL, ("null sav"));
1232 	if (SAV_DELREF(sav) == 0)
1233 		return;
1234 
1235 	KEYDBG(IPSEC_STAMP,
1236 	    printf("%s: last reference to SA(%p)\n", __func__, sav));
1237 
1238 	*psav = NULL;
1239 	key_delsav(sav);
1240 }
1241 
1242 /*
1243  * Unlink SA from SAH and SPI hash under SAHTREE_WLOCK.
1244  * Expect that SA has extra reference due to lookup.
1245  * Release this references, also release SAH reference after unlink.
1246  */
1247 static void
1248 key_unlinksav(struct secasvar *sav)
1249 {
1250 	struct secashead *sah;
1251 
1252 	KEYDBG(KEY_STAMP,
1253 	    printf("%s: SA(%p)\n", __func__, sav));
1254 
1255 	SAHTREE_UNLOCK_ASSERT();
1256 	SAHTREE_WLOCK();
1257 	if (sav->state == SADB_SASTATE_DEAD) {
1258 		/* SA is already unlinked */
1259 		SAHTREE_WUNLOCK();
1260 		return;
1261 	}
1262 	/* Unlink from SAH */
1263 	if (sav->state == SADB_SASTATE_LARVAL)
1264 		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
1265 	else
1266 		TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
1267 	/* Unlink from SPI hash */
1268 	LIST_REMOVE(sav, spihash);
1269 	sav->state = SADB_SASTATE_DEAD;
1270 	sah = sav->sah;
1271 	SAHTREE_WUNLOCK();
1272 	key_freesav(&sav);
1273 	/* Since we are unlinked, release reference to SAH */
1274 	key_freesah(&sah);
1275 }
1276 
1277 /* %%% SPD management */
1278 /*
1279  * search SPD
1280  * OUT:	NULL	: not found
1281  *	others	: found, pointer to a SP.
1282  */
1283 static struct secpolicy *
1284 key_getsp(struct secpolicyindex *spidx)
1285 {
1286 	SPTREE_RLOCK_TRACKER;
1287 	struct secpolicy *sp;
1288 
1289 	IPSEC_ASSERT(spidx != NULL, ("null spidx"));
1290 
1291 	SPTREE_RLOCK();
1292 	TAILQ_FOREACH(sp, &V_sptree[spidx->dir], chain) {
1293 		if (key_cmpspidx_exactly(spidx, &sp->spidx)) {
1294 			SP_ADDREF(sp);
1295 			break;
1296 		}
1297 	}
1298 	SPTREE_RUNLOCK();
1299 
1300 	return sp;
1301 }
1302 
1303 /*
1304  * get SP by index.
1305  * OUT:	NULL	: not found
1306  *	others	: found, pointer to referenced SP.
1307  */
1308 static struct secpolicy *
1309 key_getspbyid(uint32_t id)
1310 {
1311 	SPTREE_RLOCK_TRACKER;
1312 	struct secpolicy *sp;
1313 
1314 	SPTREE_RLOCK();
1315 	LIST_FOREACH(sp, SPHASH_HASH(id), idhash) {
1316 		if (sp->id == id) {
1317 			SP_ADDREF(sp);
1318 			break;
1319 		}
1320 	}
1321 	SPTREE_RUNLOCK();
1322 	return (sp);
1323 }
1324 
1325 struct secpolicy *
1326 key_newsp(void)
1327 {
1328 	struct secpolicy *sp;
1329 
1330 	sp = malloc(sizeof(*sp), M_IPSEC_SP, M_NOWAIT | M_ZERO);
1331 	if (sp != NULL)
1332 		SP_INITREF(sp);
1333 	return (sp);
1334 }
1335 
1336 struct ipsecrequest *
1337 ipsec_newisr(void)
1338 {
1339 
1340 	return (malloc(sizeof(struct ipsecrequest), M_IPSEC_SR,
1341 	    M_NOWAIT | M_ZERO));
1342 }
1343 
1344 void
1345 ipsec_delisr(struct ipsecrequest *p)
1346 {
1347 
1348 	free(p, M_IPSEC_SR);
1349 }
1350 
1351 /*
1352  * create secpolicy structure from sadb_x_policy structure.
1353  * NOTE: `state', `secpolicyindex' and 'id' in secpolicy structure
1354  * are not set, so must be set properly later.
1355  */
1356 struct secpolicy *
1357 key_msg2sp(struct sadb_x_policy *xpl0, size_t len, int *error)
1358 {
1359 	struct secpolicy *newsp;
1360 
1361 	IPSEC_ASSERT(xpl0 != NULL, ("null xpl0"));
1362 	IPSEC_ASSERT(len >= sizeof(*xpl0), ("policy too short: %zu", len));
1363 
1364 	if (len != PFKEY_EXTLEN(xpl0)) {
1365 		ipseclog((LOG_DEBUG, "%s: Invalid msg length.\n", __func__));
1366 		*error = EINVAL;
1367 		return NULL;
1368 	}
1369 
1370 	if ((newsp = key_newsp()) == NULL) {
1371 		*error = ENOBUFS;
1372 		return NULL;
1373 	}
1374 
1375 	newsp->spidx.dir = xpl0->sadb_x_policy_dir;
1376 	newsp->policy = xpl0->sadb_x_policy_type;
1377 	newsp->priority = xpl0->sadb_x_policy_priority;
1378 	newsp->tcount = 0;
1379 
1380 	/* check policy */
1381 	switch (xpl0->sadb_x_policy_type) {
1382 	case IPSEC_POLICY_DISCARD:
1383 	case IPSEC_POLICY_NONE:
1384 	case IPSEC_POLICY_ENTRUST:
1385 	case IPSEC_POLICY_BYPASS:
1386 		break;
1387 
1388 	case IPSEC_POLICY_IPSEC:
1389 	    {
1390 		struct sadb_x_ipsecrequest *xisr;
1391 		struct ipsecrequest *isr;
1392 		int tlen;
1393 
1394 		/* validity check */
1395 		if (PFKEY_EXTLEN(xpl0) < sizeof(*xpl0)) {
1396 			ipseclog((LOG_DEBUG, "%s: Invalid msg length.\n",
1397 				__func__));
1398 			key_freesp(&newsp);
1399 			*error = EINVAL;
1400 			return NULL;
1401 		}
1402 
1403 		tlen = PFKEY_EXTLEN(xpl0) - sizeof(*xpl0);
1404 		xisr = (struct sadb_x_ipsecrequest *)(xpl0 + 1);
1405 
1406 		while (tlen > 0) {
1407 			/* length check */
1408 			if (xisr->sadb_x_ipsecrequest_len < sizeof(*xisr) ||
1409 			    xisr->sadb_x_ipsecrequest_len > tlen) {
1410 				ipseclog((LOG_DEBUG, "%s: invalid ipsecrequest "
1411 					"length.\n", __func__));
1412 				key_freesp(&newsp);
1413 				*error = EINVAL;
1414 				return NULL;
1415 			}
1416 
1417 			if (newsp->tcount >= IPSEC_MAXREQ) {
1418 				ipseclog((LOG_DEBUG,
1419 				    "%s: too many ipsecrequests.\n",
1420 				    __func__));
1421 				key_freesp(&newsp);
1422 				*error = EINVAL;
1423 				return (NULL);
1424 			}
1425 
1426 			/* allocate request buffer */
1427 			/* NB: data structure is zero'd */
1428 			isr = ipsec_newisr();
1429 			if (isr == NULL) {
1430 				ipseclog((LOG_DEBUG,
1431 				    "%s: No more memory.\n", __func__));
1432 				key_freesp(&newsp);
1433 				*error = ENOBUFS;
1434 				return NULL;
1435 			}
1436 
1437 			newsp->req[newsp->tcount++] = isr;
1438 
1439 			/* set values */
1440 			switch (xisr->sadb_x_ipsecrequest_proto) {
1441 			case IPPROTO_ESP:
1442 			case IPPROTO_AH:
1443 			case IPPROTO_IPCOMP:
1444 				break;
1445 			default:
1446 				ipseclog((LOG_DEBUG,
1447 				    "%s: invalid proto type=%u\n", __func__,
1448 				    xisr->sadb_x_ipsecrequest_proto));
1449 				key_freesp(&newsp);
1450 				*error = EPROTONOSUPPORT;
1451 				return NULL;
1452 			}
1453 			isr->saidx.proto =
1454 			    (uint8_t)xisr->sadb_x_ipsecrequest_proto;
1455 
1456 			switch (xisr->sadb_x_ipsecrequest_mode) {
1457 			case IPSEC_MODE_TRANSPORT:
1458 			case IPSEC_MODE_TUNNEL:
1459 				break;
1460 			case IPSEC_MODE_ANY:
1461 			default:
1462 				ipseclog((LOG_DEBUG,
1463 				    "%s: invalid mode=%u\n", __func__,
1464 				    xisr->sadb_x_ipsecrequest_mode));
1465 				key_freesp(&newsp);
1466 				*error = EINVAL;
1467 				return NULL;
1468 			}
1469 			isr->saidx.mode = xisr->sadb_x_ipsecrequest_mode;
1470 
1471 			switch (xisr->sadb_x_ipsecrequest_level) {
1472 			case IPSEC_LEVEL_DEFAULT:
1473 			case IPSEC_LEVEL_USE:
1474 			case IPSEC_LEVEL_REQUIRE:
1475 				break;
1476 			case IPSEC_LEVEL_UNIQUE:
1477 				/* validity check */
1478 				/*
1479 				 * If range violation of reqid, kernel will
1480 				 * update it, don't refuse it.
1481 				 */
1482 				if (xisr->sadb_x_ipsecrequest_reqid
1483 						> IPSEC_MANUAL_REQID_MAX) {
1484 					ipseclog((LOG_DEBUG,
1485 					    "%s: reqid=%d range "
1486 					    "violation, updated by kernel.\n",
1487 					    __func__,
1488 					    xisr->sadb_x_ipsecrequest_reqid));
1489 					xisr->sadb_x_ipsecrequest_reqid = 0;
1490 				}
1491 
1492 				/* allocate new reqid id if reqid is zero. */
1493 				if (xisr->sadb_x_ipsecrequest_reqid == 0) {
1494 					u_int32_t reqid;
1495 					if ((reqid = key_newreqid()) == 0) {
1496 						key_freesp(&newsp);
1497 						*error = ENOBUFS;
1498 						return NULL;
1499 					}
1500 					isr->saidx.reqid = reqid;
1501 					xisr->sadb_x_ipsecrequest_reqid = reqid;
1502 				} else {
1503 				/* set it for manual keying. */
1504 					isr->saidx.reqid =
1505 					    xisr->sadb_x_ipsecrequest_reqid;
1506 				}
1507 				break;
1508 
1509 			default:
1510 				ipseclog((LOG_DEBUG, "%s: invalid level=%u\n",
1511 					__func__,
1512 					xisr->sadb_x_ipsecrequest_level));
1513 				key_freesp(&newsp);
1514 				*error = EINVAL;
1515 				return NULL;
1516 			}
1517 			isr->level = xisr->sadb_x_ipsecrequest_level;
1518 
1519 			/* set IP addresses if there */
1520 			if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
1521 				struct sockaddr *paddr;
1522 
1523 				len = tlen - sizeof(*xisr);
1524 				paddr = (struct sockaddr *)(xisr + 1);
1525 				/* validity check */
1526 				if (len < sizeof(struct sockaddr) ||
1527 				    len < 2 * paddr->sa_len ||
1528 				    paddr->sa_len > sizeof(isr->saidx.src)) {
1529 					ipseclog((LOG_DEBUG, "%s: invalid "
1530 						"request address length.\n",
1531 						__func__));
1532 					key_freesp(&newsp);
1533 					*error = EINVAL;
1534 					return NULL;
1535 				}
1536 				/*
1537 				 * Request length should be enough to keep
1538 				 * source and destination addresses.
1539 				 */
1540 				if (xisr->sadb_x_ipsecrequest_len <
1541 				    sizeof(*xisr) + 2 * paddr->sa_len) {
1542 					ipseclog((LOG_DEBUG, "%s: invalid "
1543 					    "ipsecrequest length.\n",
1544 					    __func__));
1545 					key_freesp(&newsp);
1546 					*error = EINVAL;
1547 					return (NULL);
1548 				}
1549 				bcopy(paddr, &isr->saidx.src, paddr->sa_len);
1550 				paddr = (struct sockaddr *)((caddr_t)paddr +
1551 				    paddr->sa_len);
1552 
1553 				/* validity check */
1554 				if (paddr->sa_len !=
1555 				    isr->saidx.src.sa.sa_len) {
1556 					ipseclog((LOG_DEBUG, "%s: invalid "
1557 						"request address length.\n",
1558 						__func__));
1559 					key_freesp(&newsp);
1560 					*error = EINVAL;
1561 					return NULL;
1562 				}
1563 				/* AF family should match */
1564 				if (paddr->sa_family !=
1565 				    isr->saidx.src.sa.sa_family) {
1566 					ipseclog((LOG_DEBUG, "%s: address "
1567 					    "family doesn't match.\n",
1568 						__func__));
1569 					key_freesp(&newsp);
1570 					*error = EINVAL;
1571 					return (NULL);
1572 				}
1573 				bcopy(paddr, &isr->saidx.dst, paddr->sa_len);
1574 			} else {
1575 				/*
1576 				 * Addresses for TUNNEL mode requests are
1577 				 * mandatory.
1578 				 */
1579 				if (isr->saidx.mode == IPSEC_MODE_TUNNEL) {
1580 					ipseclog((LOG_DEBUG, "%s: missing "
1581 					    "request addresses.\n", __func__));
1582 					key_freesp(&newsp);
1583 					*error = EINVAL;
1584 					return (NULL);
1585 				}
1586 			}
1587 			tlen -= xisr->sadb_x_ipsecrequest_len;
1588 
1589 			/* validity check */
1590 			if (tlen < 0) {
1591 				ipseclog((LOG_DEBUG, "%s: becoming tlen < 0.\n",
1592 					__func__));
1593 				key_freesp(&newsp);
1594 				*error = EINVAL;
1595 				return NULL;
1596 			}
1597 
1598 			xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr
1599 			                 + xisr->sadb_x_ipsecrequest_len);
1600 		}
1601 		/* XXXAE: LARVAL SP */
1602 		if (newsp->tcount < 1) {
1603 			ipseclog((LOG_DEBUG, "%s: valid IPSEC transforms "
1604 			    "not found.\n", __func__));
1605 			key_freesp(&newsp);
1606 			*error = EINVAL;
1607 			return (NULL);
1608 		}
1609 	    }
1610 		break;
1611 	default:
1612 		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
1613 		key_freesp(&newsp);
1614 		*error = EINVAL;
1615 		return NULL;
1616 	}
1617 
1618 	*error = 0;
1619 	return (newsp);
1620 }
1621 
1622 uint32_t
1623 key_newreqid(void)
1624 {
1625 	static uint32_t auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1626 
1627 	if (auto_reqid == ~0)
1628 		auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1629 	else
1630 		auto_reqid++;
1631 
1632 	/* XXX should be unique check */
1633 	return (auto_reqid);
1634 }
1635 
1636 /*
1637  * copy secpolicy struct to sadb_x_policy structure indicated.
1638  */
1639 static struct mbuf *
1640 key_sp2mbuf(struct secpolicy *sp)
1641 {
1642 	struct mbuf *m;
1643 	size_t tlen;
1644 
1645 	tlen = key_getspreqmsglen(sp);
1646 	m = m_get2(tlen, M_NOWAIT, MT_DATA, 0);
1647 	if (m == NULL)
1648 		return (NULL);
1649 	m_align(m, tlen);
1650 	m->m_len = tlen;
1651 	if (key_sp2msg(sp, m->m_data, &tlen) != 0) {
1652 		m_freem(m);
1653 		return (NULL);
1654 	}
1655 	return (m);
1656 }
1657 
1658 int
1659 key_sp2msg(struct secpolicy *sp, void *request, size_t *len)
1660 {
1661 	struct sadb_x_ipsecrequest *xisr;
1662 	struct sadb_x_policy *xpl;
1663 	struct ipsecrequest *isr;
1664 	size_t xlen, ilen;
1665 	caddr_t p;
1666 	int error, i;
1667 
1668 	IPSEC_ASSERT(sp != NULL, ("null policy"));
1669 
1670 	xlen = sizeof(*xpl);
1671 	if (*len < xlen)
1672 		return (EINVAL);
1673 
1674 	error = 0;
1675 	bzero(request, *len);
1676 	xpl = (struct sadb_x_policy *)request;
1677 	xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
1678 	xpl->sadb_x_policy_type = sp->policy;
1679 	xpl->sadb_x_policy_dir = sp->spidx.dir;
1680 	xpl->sadb_x_policy_id = sp->id;
1681 	xpl->sadb_x_policy_priority = sp->priority;
1682 	switch (sp->state) {
1683 	case IPSEC_SPSTATE_IFNET:
1684 		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_IFNET;
1685 		break;
1686 	case IPSEC_SPSTATE_PCB:
1687 		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_PCB;
1688 		break;
1689 	default:
1690 		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_GLOBAL;
1691 	}
1692 
1693 	/* if is the policy for ipsec ? */
1694 	if (sp->policy == IPSEC_POLICY_IPSEC) {
1695 		p = (caddr_t)xpl + sizeof(*xpl);
1696 		for (i = 0; i < sp->tcount; i++) {
1697 			isr = sp->req[i];
1698 			ilen = PFKEY_ALIGN8(sizeof(*xisr) +
1699 			    isr->saidx.src.sa.sa_len +
1700 			    isr->saidx.dst.sa.sa_len);
1701 			xlen += ilen;
1702 			if (xlen > *len) {
1703 				error = ENOBUFS;
1704 				/* Calculate needed size */
1705 				continue;
1706 			}
1707 			xisr = (struct sadb_x_ipsecrequest *)p;
1708 			xisr->sadb_x_ipsecrequest_len = ilen;
1709 			xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto;
1710 			xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode;
1711 			xisr->sadb_x_ipsecrequest_level = isr->level;
1712 			xisr->sadb_x_ipsecrequest_reqid = isr->saidx.reqid;
1713 
1714 			p += sizeof(*xisr);
1715 			bcopy(&isr->saidx.src, p, isr->saidx.src.sa.sa_len);
1716 			p += isr->saidx.src.sa.sa_len;
1717 			bcopy(&isr->saidx.dst, p, isr->saidx.dst.sa.sa_len);
1718 			p += isr->saidx.dst.sa.sa_len;
1719 		}
1720 	}
1721 	xpl->sadb_x_policy_len = PFKEY_UNIT64(xlen);
1722 	if (error == 0)
1723 		*len = xlen;
1724 	else
1725 		*len = sizeof(*xpl);
1726 	return (error);
1727 }
1728 
1729 /* m will not be freed nor modified */
1730 static struct mbuf *
1731 key_gather_mbuf(struct mbuf *m, const struct sadb_msghdr *mhp,
1732     int ndeep, int nitem, ...)
1733 {
1734 	va_list ap;
1735 	int idx;
1736 	int i;
1737 	struct mbuf *result = NULL, *n;
1738 	int len;
1739 
1740 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
1741 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
1742 
1743 	va_start(ap, nitem);
1744 	for (i = 0; i < nitem; i++) {
1745 		idx = va_arg(ap, int);
1746 		if (idx < 0 || idx > SADB_EXT_MAX)
1747 			goto fail;
1748 		/* don't attempt to pull empty extension */
1749 		if (idx == SADB_EXT_RESERVED && mhp->msg == NULL)
1750 			continue;
1751 		if (idx != SADB_EXT_RESERVED  &&
1752 		    (mhp->ext[idx] == NULL || mhp->extlen[idx] == 0))
1753 			continue;
1754 
1755 		if (idx == SADB_EXT_RESERVED) {
1756 			len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
1757 
1758 			IPSEC_ASSERT(len <= MHLEN, ("header too big %u", len));
1759 
1760 			MGETHDR(n, M_NOWAIT, MT_DATA);
1761 			if (!n)
1762 				goto fail;
1763 			n->m_len = len;
1764 			n->m_next = NULL;
1765 			m_copydata(m, 0, sizeof(struct sadb_msg),
1766 			    mtod(n, caddr_t));
1767 		} else if (i < ndeep) {
1768 			len = mhp->extlen[idx];
1769 			n = m_get2(len, M_NOWAIT, MT_DATA, 0);
1770 			if (n == NULL)
1771 				goto fail;
1772 			m_align(n, len);
1773 			n->m_len = len;
1774 			m_copydata(m, mhp->extoff[idx], mhp->extlen[idx],
1775 			    mtod(n, caddr_t));
1776 		} else {
1777 			n = m_copym(m, mhp->extoff[idx], mhp->extlen[idx],
1778 			    M_NOWAIT);
1779 		}
1780 		if (n == NULL)
1781 			goto fail;
1782 
1783 		if (result)
1784 			m_cat(result, n);
1785 		else
1786 			result = n;
1787 	}
1788 	va_end(ap);
1789 
1790 	if ((result->m_flags & M_PKTHDR) != 0) {
1791 		result->m_pkthdr.len = 0;
1792 		for (n = result; n; n = n->m_next)
1793 			result->m_pkthdr.len += n->m_len;
1794 	}
1795 
1796 	return result;
1797 
1798 fail:
1799 	m_freem(result);
1800 	va_end(ap);
1801 	return NULL;
1802 }
1803 
1804 /*
1805  * SADB_X_SPDADD, SADB_X_SPDSETIDX or SADB_X_SPDUPDATE processing
1806  * add an entry to SP database, when received
1807  *   <base, address(SD), (lifetime(H),) policy>
1808  * from the user(?).
1809  * Adding to SP database,
1810  * and send
1811  *   <base, address(SD), (lifetime(H),) policy>
1812  * to the socket which was send.
1813  *
1814  * SPDADD set a unique policy entry.
1815  * SPDSETIDX like SPDADD without a part of policy requests.
1816  * SPDUPDATE replace a unique policy entry.
1817  *
1818  * XXXAE: serialize this in PF_KEY to avoid races.
1819  * m will always be freed.
1820  */
1821 static int
1822 key_spdadd(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
1823 {
1824 	struct secpolicyindex spidx;
1825 	struct sadb_address *src0, *dst0;
1826 	struct sadb_x_policy *xpl0, *xpl;
1827 	struct sadb_lifetime *lft = NULL;
1828 	struct secpolicy *newsp;
1829 	int error;
1830 
1831 	IPSEC_ASSERT(so != NULL, ("null socket"));
1832 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
1833 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
1834 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
1835 
1836 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
1837 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
1838 	    SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY)) {
1839 		ipseclog((LOG_DEBUG,
1840 		    "%s: invalid message: missing required header.\n",
1841 		    __func__));
1842 		return key_senderror(so, m, EINVAL);
1843 	}
1844 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
1845 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
1846 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
1847 		ipseclog((LOG_DEBUG,
1848 		    "%s: invalid message: wrong header size.\n", __func__));
1849 		return key_senderror(so, m, EINVAL);
1850 	}
1851 	if (!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD)) {
1852 		if (SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_HARD)) {
1853 			ipseclog((LOG_DEBUG,
1854 			    "%s: invalid message: wrong header size.\n",
1855 			    __func__));
1856 			return key_senderror(so, m, EINVAL);
1857 		}
1858 		lft = (struct sadb_lifetime *)mhp->ext[SADB_EXT_LIFETIME_HARD];
1859 	}
1860 
1861 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
1862 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
1863 	xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
1864 
1865 	/* check the direciton */
1866 	switch (xpl0->sadb_x_policy_dir) {
1867 	case IPSEC_DIR_INBOUND:
1868 	case IPSEC_DIR_OUTBOUND:
1869 		break;
1870 	default:
1871 		ipseclog((LOG_DEBUG, "%s: invalid SP direction.\n", __func__));
1872 		return key_senderror(so, m, EINVAL);
1873 	}
1874 	/* key_spdadd() accepts DISCARD, NONE and IPSEC. */
1875 	if (xpl0->sadb_x_policy_type != IPSEC_POLICY_DISCARD &&
1876 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_NONE &&
1877 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
1878 		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
1879 		return key_senderror(so, m, EINVAL);
1880 	}
1881 
1882 	/* policy requests are mandatory when action is ipsec. */
1883 	if (xpl0->sadb_x_policy_type == IPSEC_POLICY_IPSEC &&
1884 	    mhp->extlen[SADB_X_EXT_POLICY] <= sizeof(*xpl0)) {
1885 		ipseclog((LOG_DEBUG,
1886 		    "%s: policy requests required.\n", __func__));
1887 		return key_senderror(so, m, EINVAL);
1888 	}
1889 
1890 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
1891 	    (struct sockaddr *)(dst0 + 1));
1892 	if (error != 0 ||
1893 	    src0->sadb_address_proto != dst0->sadb_address_proto) {
1894 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
1895 		return key_senderror(so, m, error);
1896 	}
1897 	/* make secindex */
1898 	KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
1899 	                src0 + 1,
1900 	                dst0 + 1,
1901 	                src0->sadb_address_prefixlen,
1902 	                dst0->sadb_address_prefixlen,
1903 	                src0->sadb_address_proto,
1904 	                &spidx);
1905 	/* Checking there is SP already or not. */
1906 	newsp = key_getsp(&spidx);
1907 	if (newsp != NULL) {
1908 		if (mhp->msg->sadb_msg_type == SADB_X_SPDUPDATE) {
1909 			KEYDBG(KEY_STAMP,
1910 			    printf("%s: unlink SP(%p) for SPDUPDATE\n",
1911 				__func__, newsp));
1912 			KEYDBG(KEY_DATA, kdebug_secpolicy(newsp));
1913 			key_unlink(newsp);
1914 			key_freesp(&newsp);
1915 		} else {
1916 			key_freesp(&newsp);
1917 			ipseclog((LOG_DEBUG, "%s: a SP entry exists already.",
1918 			    __func__));
1919 			return (key_senderror(so, m, EEXIST));
1920 		}
1921 	}
1922 
1923 	/* allocate new SP entry */
1924 	if ((newsp = key_msg2sp(xpl0, PFKEY_EXTLEN(xpl0), &error)) == NULL) {
1925 		return key_senderror(so, m, error);
1926 	}
1927 
1928 	newsp->lastused = newsp->created = time_second;
1929 	newsp->lifetime = lft ? lft->sadb_lifetime_addtime : 0;
1930 	newsp->validtime = lft ? lft->sadb_lifetime_usetime : 0;
1931 	bcopy(&spidx, &newsp->spidx, sizeof(spidx));
1932 
1933 	/* XXXAE: there is race between key_getsp() and key_insertsp() */
1934 	SPTREE_WLOCK();
1935 	if ((newsp->id = key_getnewspid()) == 0) {
1936 		SPTREE_WUNLOCK();
1937 		key_freesp(&newsp);
1938 		return key_senderror(so, m, ENOBUFS);
1939 	}
1940 	key_insertsp(newsp);
1941 	SPTREE_WUNLOCK();
1942 
1943 	KEYDBG(KEY_STAMP,
1944 	    printf("%s: SP(%p)\n", __func__, newsp));
1945 	KEYDBG(KEY_DATA, kdebug_secpolicy(newsp));
1946 
1947     {
1948 	struct mbuf *n, *mpolicy;
1949 	struct sadb_msg *newmsg;
1950 	int off;
1951 
1952 	/* create new sadb_msg to reply. */
1953 	if (lft) {
1954 		n = key_gather_mbuf(m, mhp, 2, 5, SADB_EXT_RESERVED,
1955 		    SADB_X_EXT_POLICY, SADB_EXT_LIFETIME_HARD,
1956 		    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
1957 	} else {
1958 		n = key_gather_mbuf(m, mhp, 2, 4, SADB_EXT_RESERVED,
1959 		    SADB_X_EXT_POLICY,
1960 		    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
1961 	}
1962 	if (!n)
1963 		return key_senderror(so, m, ENOBUFS);
1964 
1965 	if (n->m_len < sizeof(*newmsg)) {
1966 		n = m_pullup(n, sizeof(*newmsg));
1967 		if (!n)
1968 			return key_senderror(so, m, ENOBUFS);
1969 	}
1970 	newmsg = mtod(n, struct sadb_msg *);
1971 	newmsg->sadb_msg_errno = 0;
1972 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
1973 
1974 	off = 0;
1975 	mpolicy = m_pulldown(n, PFKEY_ALIGN8(sizeof(struct sadb_msg)),
1976 	    sizeof(*xpl), &off);
1977 	if (mpolicy == NULL) {
1978 		/* n is already freed */
1979 		return key_senderror(so, m, ENOBUFS);
1980 	}
1981 	xpl = (struct sadb_x_policy *)(mtod(mpolicy, caddr_t) + off);
1982 	if (xpl->sadb_x_policy_exttype != SADB_X_EXT_POLICY) {
1983 		m_freem(n);
1984 		return key_senderror(so, m, EINVAL);
1985 	}
1986 	xpl->sadb_x_policy_id = newsp->id;
1987 
1988 	m_freem(m);
1989 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
1990     }
1991 }
1992 
1993 /*
1994  * get new policy id.
1995  * OUT:
1996  *	0:	failure.
1997  *	others: success.
1998  */
1999 static uint32_t
2000 key_getnewspid(void)
2001 {
2002 	struct secpolicy *sp;
2003 	uint32_t newid = 0;
2004 	int count = V_key_spi_trycnt;	/* XXX */
2005 
2006 	SPTREE_WLOCK_ASSERT();
2007 	while (count--) {
2008 		if (V_policy_id == ~0) /* overflowed */
2009 			newid = V_policy_id = 1;
2010 		else
2011 			newid = ++V_policy_id;
2012 		LIST_FOREACH(sp, SPHASH_HASH(newid), idhash) {
2013 			if (sp->id == newid)
2014 				break;
2015 		}
2016 		if (sp == NULL)
2017 			break;
2018 	}
2019 	if (count == 0 || newid == 0) {
2020 		ipseclog((LOG_DEBUG, "%s: failed to allocate policy id.\n",
2021 		    __func__));
2022 		return (0);
2023 	}
2024 	return (newid);
2025 }
2026 
2027 /*
2028  * SADB_SPDDELETE processing
2029  * receive
2030  *   <base, address(SD), policy(*)>
2031  * from the user(?), and set SADB_SASTATE_DEAD,
2032  * and send,
2033  *   <base, address(SD), policy(*)>
2034  * to the ikmpd.
2035  * policy(*) including direction of policy.
2036  *
2037  * m will always be freed.
2038  */
2039 static int
2040 key_spddelete(struct socket *so, struct mbuf *m,
2041     const struct sadb_msghdr *mhp)
2042 {
2043 	struct secpolicyindex spidx;
2044 	struct sadb_address *src0, *dst0;
2045 	struct sadb_x_policy *xpl0;
2046 	struct secpolicy *sp;
2047 
2048 	IPSEC_ASSERT(so != NULL, ("null so"));
2049 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2050 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2051 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2052 
2053 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
2054 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
2055 	    SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY)) {
2056 		ipseclog((LOG_DEBUG,
2057 		    "%s: invalid message: missing required header.\n",
2058 		    __func__));
2059 		return key_senderror(so, m, EINVAL);
2060 	}
2061 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
2062 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
2063 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2064 		ipseclog((LOG_DEBUG,
2065 		    "%s: invalid message: wrong header size.\n", __func__));
2066 		return key_senderror(so, m, EINVAL);
2067 	}
2068 
2069 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
2070 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
2071 	xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
2072 
2073 	/* check the direciton */
2074 	switch (xpl0->sadb_x_policy_dir) {
2075 	case IPSEC_DIR_INBOUND:
2076 	case IPSEC_DIR_OUTBOUND:
2077 		break;
2078 	default:
2079 		ipseclog((LOG_DEBUG, "%s: invalid SP direction.\n", __func__));
2080 		return key_senderror(so, m, EINVAL);
2081 	}
2082 	/* Only DISCARD, NONE and IPSEC are allowed */
2083 	if (xpl0->sadb_x_policy_type != IPSEC_POLICY_DISCARD &&
2084 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_NONE &&
2085 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
2086 		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
2087 		return key_senderror(so, m, EINVAL);
2088 	}
2089 	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
2090 	    (struct sockaddr *)(dst0 + 1)) != 0 ||
2091 	    src0->sadb_address_proto != dst0->sadb_address_proto) {
2092 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
2093 		return key_senderror(so, m, EINVAL);
2094 	}
2095 	/* make secindex */
2096 	KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
2097 	                src0 + 1,
2098 	                dst0 + 1,
2099 	                src0->sadb_address_prefixlen,
2100 	                dst0->sadb_address_prefixlen,
2101 	                src0->sadb_address_proto,
2102 	                &spidx);
2103 
2104 	/* Is there SP in SPD ? */
2105 	if ((sp = key_getsp(&spidx)) == NULL) {
2106 		ipseclog((LOG_DEBUG, "%s: no SP found.\n", __func__));
2107 		return key_senderror(so, m, EINVAL);
2108 	}
2109 
2110 	/* save policy id to buffer to be returned. */
2111 	xpl0->sadb_x_policy_id = sp->id;
2112 
2113 	KEYDBG(KEY_STAMP,
2114 	    printf("%s: SP(%p)\n", __func__, sp));
2115 	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2116 	key_unlink(sp);
2117 	key_freesp(&sp);
2118 
2119     {
2120 	struct mbuf *n;
2121 	struct sadb_msg *newmsg;
2122 
2123 	/* create new sadb_msg to reply. */
2124 	n = key_gather_mbuf(m, mhp, 1, 4, SADB_EXT_RESERVED,
2125 	    SADB_X_EXT_POLICY, SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2126 	if (!n)
2127 		return key_senderror(so, m, ENOBUFS);
2128 
2129 	newmsg = mtod(n, struct sadb_msg *);
2130 	newmsg->sadb_msg_errno = 0;
2131 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2132 
2133 	m_freem(m);
2134 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2135     }
2136 }
2137 
2138 /*
2139  * SADB_SPDDELETE2 processing
2140  * receive
2141  *   <base, policy(*)>
2142  * from the user(?), and set SADB_SASTATE_DEAD,
2143  * and send,
2144  *   <base, policy(*)>
2145  * to the ikmpd.
2146  * policy(*) including direction of policy.
2147  *
2148  * m will always be freed.
2149  */
2150 static int
2151 key_spddelete2(struct socket *so, struct mbuf *m,
2152     const struct sadb_msghdr *mhp)
2153 {
2154 	struct secpolicy *sp;
2155 	uint32_t id;
2156 
2157 	IPSEC_ASSERT(so != NULL, ("null socket"));
2158 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2159 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2160 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2161 
2162 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY) ||
2163 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2164 		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
2165 		    __func__));
2166 		return key_senderror(so, m, EINVAL);
2167 	}
2168 
2169 	id = ((struct sadb_x_policy *)
2170 	    mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
2171 
2172 	/* Is there SP in SPD ? */
2173 	if ((sp = key_getspbyid(id)) == NULL) {
2174 		ipseclog((LOG_DEBUG, "%s: no SP found for id %u.\n",
2175 		    __func__, id));
2176 		return key_senderror(so, m, EINVAL);
2177 	}
2178 
2179 	KEYDBG(KEY_STAMP,
2180 	    printf("%s: SP(%p)\n", __func__, sp));
2181 	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2182 	key_unlink(sp);
2183 	if (sp->state != IPSEC_SPSTATE_DEAD) {
2184 		ipseclog((LOG_DEBUG, "%s: failed to delete SP with id %u.\n",
2185 		    __func__, id));
2186 		key_freesp(&sp);
2187 		return (key_senderror(so, m, EACCES));
2188 	}
2189 	key_freesp(&sp);
2190 
2191     {
2192 	struct mbuf *n, *nn;
2193 	struct sadb_msg *newmsg;
2194 	int off, len;
2195 
2196 	/* create new sadb_msg to reply. */
2197 	len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
2198 
2199 	MGETHDR(n, M_NOWAIT, MT_DATA);
2200 	if (n && len > MHLEN) {
2201 		if (!(MCLGET(n, M_NOWAIT))) {
2202 			m_freem(n);
2203 			n = NULL;
2204 		}
2205 	}
2206 	if (!n)
2207 		return key_senderror(so, m, ENOBUFS);
2208 
2209 	n->m_len = len;
2210 	n->m_next = NULL;
2211 	off = 0;
2212 
2213 	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
2214 	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
2215 
2216 	IPSEC_ASSERT(off == len, ("length inconsistency (off %u len %u)",
2217 		off, len));
2218 
2219 	n->m_next = m_copym(m, mhp->extoff[SADB_X_EXT_POLICY],
2220 	    mhp->extlen[SADB_X_EXT_POLICY], M_NOWAIT);
2221 	if (!n->m_next) {
2222 		m_freem(n);
2223 		return key_senderror(so, m, ENOBUFS);
2224 	}
2225 
2226 	n->m_pkthdr.len = 0;
2227 	for (nn = n; nn; nn = nn->m_next)
2228 		n->m_pkthdr.len += nn->m_len;
2229 
2230 	newmsg = mtod(n, struct sadb_msg *);
2231 	newmsg->sadb_msg_errno = 0;
2232 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2233 
2234 	m_freem(m);
2235 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2236     }
2237 }
2238 
2239 /*
2240  * SADB_X_SPDGET processing
2241  * receive
2242  *   <base, policy(*)>
2243  * from the user(?),
2244  * and send,
2245  *   <base, address(SD), policy>
2246  * to the ikmpd.
2247  * policy(*) including direction of policy.
2248  *
2249  * m will always be freed.
2250  */
2251 static int
2252 key_spdget(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2253 {
2254 	struct secpolicy *sp;
2255 	struct mbuf *n;
2256 	uint32_t id;
2257 
2258 	IPSEC_ASSERT(so != NULL, ("null socket"));
2259 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2260 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2261 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2262 
2263 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY) ||
2264 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2265 		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
2266 		    __func__));
2267 		return key_senderror(so, m, EINVAL);
2268 	}
2269 
2270 	id = ((struct sadb_x_policy *)
2271 	    mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
2272 
2273 	/* Is there SP in SPD ? */
2274 	if ((sp = key_getspbyid(id)) == NULL) {
2275 		ipseclog((LOG_DEBUG, "%s: no SP found for id %u.\n",
2276 		    __func__, id));
2277 		return key_senderror(so, m, ENOENT);
2278 	}
2279 
2280 	n = key_setdumpsp(sp, SADB_X_SPDGET, mhp->msg->sadb_msg_seq,
2281 	    mhp->msg->sadb_msg_pid);
2282 	key_freesp(&sp);
2283 	if (n != NULL) {
2284 		m_freem(m);
2285 		return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2286 	} else
2287 		return key_senderror(so, m, ENOBUFS);
2288 }
2289 
2290 /*
2291  * SADB_X_SPDACQUIRE processing.
2292  * Acquire policy and SA(s) for a *OUTBOUND* packet.
2293  * send
2294  *   <base, policy(*)>
2295  * to KMD, and expect to receive
2296  *   <base> with SADB_X_SPDACQUIRE if error occurred,
2297  * or
2298  *   <base, policy>
2299  * with SADB_X_SPDUPDATE from KMD by PF_KEY.
2300  * policy(*) is without policy requests.
2301  *
2302  *    0     : succeed
2303  *    others: error number
2304  */
2305 int
2306 key_spdacquire(struct secpolicy *sp)
2307 {
2308 	struct mbuf *result = NULL, *m;
2309 	struct secspacq *newspacq;
2310 
2311 	IPSEC_ASSERT(sp != NULL, ("null secpolicy"));
2312 	IPSEC_ASSERT(sp->req == NULL, ("policy exists"));
2313 	IPSEC_ASSERT(sp->policy == IPSEC_POLICY_IPSEC,
2314 		("policy not IPSEC %u", sp->policy));
2315 
2316 	/* Get an entry to check whether sent message or not. */
2317 	newspacq = key_getspacq(&sp->spidx);
2318 	if (newspacq != NULL) {
2319 		if (V_key_blockacq_count < newspacq->count) {
2320 			/* reset counter and do send message. */
2321 			newspacq->count = 0;
2322 		} else {
2323 			/* increment counter and do nothing. */
2324 			newspacq->count++;
2325 			SPACQ_UNLOCK();
2326 			return (0);
2327 		}
2328 		SPACQ_UNLOCK();
2329 	} else {
2330 		/* make new entry for blocking to send SADB_ACQUIRE. */
2331 		newspacq = key_newspacq(&sp->spidx);
2332 		if (newspacq == NULL)
2333 			return ENOBUFS;
2334 	}
2335 
2336 	/* create new sadb_msg to reply. */
2337 	m = key_setsadbmsg(SADB_X_SPDACQUIRE, 0, 0, 0, 0, 0);
2338 	if (!m)
2339 		return ENOBUFS;
2340 
2341 	result = m;
2342 
2343 	result->m_pkthdr.len = 0;
2344 	for (m = result; m; m = m->m_next)
2345 		result->m_pkthdr.len += m->m_len;
2346 
2347 	mtod(result, struct sadb_msg *)->sadb_msg_len =
2348 	    PFKEY_UNIT64(result->m_pkthdr.len);
2349 
2350 	return key_sendup_mbuf(NULL, m, KEY_SENDUP_REGISTERED);
2351 }
2352 
2353 /*
2354  * SADB_SPDFLUSH processing
2355  * receive
2356  *   <base>
2357  * from the user, and free all entries in secpctree.
2358  * and send,
2359  *   <base>
2360  * to the user.
2361  * NOTE: what to do is only marking SADB_SASTATE_DEAD.
2362  *
2363  * m will always be freed.
2364  */
2365 static int
2366 key_spdflush(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2367 {
2368 	struct secpolicy_queue drainq;
2369 	struct sadb_msg *newmsg;
2370 	struct secpolicy *sp, *nextsp;
2371 	u_int dir;
2372 
2373 	IPSEC_ASSERT(so != NULL, ("null socket"));
2374 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2375 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2376 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2377 
2378 	if (m->m_len != PFKEY_ALIGN8(sizeof(struct sadb_msg)))
2379 		return key_senderror(so, m, EINVAL);
2380 
2381 	TAILQ_INIT(&drainq);
2382 	SPTREE_WLOCK();
2383 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2384 		TAILQ_CONCAT(&drainq, &V_sptree[dir], chain);
2385 	}
2386 	/*
2387 	 * We need to set state to DEAD for each policy to be sure,
2388 	 * that another thread won't try to unlink it.
2389 	 * Also remove SP from sphash.
2390 	 */
2391 	TAILQ_FOREACH(sp, &drainq, chain) {
2392 		sp->state = IPSEC_SPSTATE_DEAD;
2393 		LIST_REMOVE(sp, idhash);
2394 	}
2395 	V_sp_genid++;
2396 	SPTREE_WUNLOCK();
2397 	sp = TAILQ_FIRST(&drainq);
2398 	while (sp != NULL) {
2399 		nextsp = TAILQ_NEXT(sp, chain);
2400 		key_freesp(&sp);
2401 		sp = nextsp;
2402 	}
2403 
2404 	if (sizeof(struct sadb_msg) > m->m_len + M_TRAILINGSPACE(m)) {
2405 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
2406 		return key_senderror(so, m, ENOBUFS);
2407 	}
2408 
2409 	if (m->m_next)
2410 		m_freem(m->m_next);
2411 	m->m_next = NULL;
2412 	m->m_pkthdr.len = m->m_len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
2413 	newmsg = mtod(m, struct sadb_msg *);
2414 	newmsg->sadb_msg_errno = 0;
2415 	newmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
2416 
2417 	return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
2418 }
2419 
2420 static uint8_t
2421 key_satype2scopemask(uint8_t satype)
2422 {
2423 
2424 	if (satype == IPSEC_POLICYSCOPE_ANY)
2425 		return (0xff);
2426 	return (satype);
2427 }
2428 /*
2429  * SADB_SPDDUMP processing
2430  * receive
2431  *   <base>
2432  * from the user, and dump all SP leaves and send,
2433  *   <base> .....
2434  * to the ikmpd.
2435  *
2436  * NOTE:
2437  *   sadb_msg_satype is considered as mask of policy scopes.
2438  *   m will always be freed.
2439  */
2440 static int
2441 key_spddump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2442 {
2443 	SPTREE_RLOCK_TRACKER;
2444 	struct secpolicy *sp;
2445 	struct mbuf *n;
2446 	int cnt;
2447 	u_int dir, scope;
2448 
2449 	IPSEC_ASSERT(so != NULL, ("null socket"));
2450 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2451 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2452 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2453 
2454 	/* search SPD entry and get buffer size. */
2455 	cnt = 0;
2456 	scope = key_satype2scopemask(mhp->msg->sadb_msg_satype);
2457 	SPTREE_RLOCK();
2458 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2459 		if (scope & IPSEC_POLICYSCOPE_GLOBAL) {
2460 			TAILQ_FOREACH(sp, &V_sptree[dir], chain)
2461 				cnt++;
2462 		}
2463 		if (scope & IPSEC_POLICYSCOPE_IFNET) {
2464 			TAILQ_FOREACH(sp, &V_sptree_ifnet[dir], chain)
2465 				cnt++;
2466 		}
2467 	}
2468 
2469 	if (cnt == 0) {
2470 		SPTREE_RUNLOCK();
2471 		return key_senderror(so, m, ENOENT);
2472 	}
2473 
2474 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2475 		if (scope & IPSEC_POLICYSCOPE_GLOBAL) {
2476 			TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
2477 				--cnt;
2478 				n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt,
2479 				    mhp->msg->sadb_msg_pid);
2480 
2481 				if (n != NULL)
2482 					key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2483 			}
2484 		}
2485 		if (scope & IPSEC_POLICYSCOPE_IFNET) {
2486 			TAILQ_FOREACH(sp, &V_sptree_ifnet[dir], chain) {
2487 				--cnt;
2488 				n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt,
2489 				    mhp->msg->sadb_msg_pid);
2490 
2491 				if (n != NULL)
2492 					key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2493 			}
2494 		}
2495 	}
2496 
2497 	SPTREE_RUNLOCK();
2498 	m_freem(m);
2499 	return (0);
2500 }
2501 
2502 static struct mbuf *
2503 key_setdumpsp(struct secpolicy *sp, u_int8_t type, u_int32_t seq,
2504     u_int32_t pid)
2505 {
2506 	struct mbuf *result = NULL, *m;
2507 	struct seclifetime lt;
2508 
2509 	m = key_setsadbmsg(type, 0, SADB_SATYPE_UNSPEC, seq, pid, sp->refcnt);
2510 	if (!m)
2511 		goto fail;
2512 	result = m;
2513 
2514 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
2515 	    &sp->spidx.src.sa, sp->spidx.prefs,
2516 	    sp->spidx.ul_proto);
2517 	if (!m)
2518 		goto fail;
2519 	m_cat(result, m);
2520 
2521 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
2522 	    &sp->spidx.dst.sa, sp->spidx.prefd,
2523 	    sp->spidx.ul_proto);
2524 	if (!m)
2525 		goto fail;
2526 	m_cat(result, m);
2527 
2528 	m = key_sp2mbuf(sp);
2529 	if (!m)
2530 		goto fail;
2531 	m_cat(result, m);
2532 
2533 	if(sp->lifetime){
2534 		lt.addtime=sp->created;
2535 		lt.usetime= sp->lastused;
2536 		m = key_setlifetime(&lt, SADB_EXT_LIFETIME_CURRENT);
2537 		if (!m)
2538 			goto fail;
2539 		m_cat(result, m);
2540 
2541 		lt.addtime=sp->lifetime;
2542 		lt.usetime= sp->validtime;
2543 		m = key_setlifetime(&lt, SADB_EXT_LIFETIME_HARD);
2544 		if (!m)
2545 			goto fail;
2546 		m_cat(result, m);
2547 	}
2548 
2549 	if ((result->m_flags & M_PKTHDR) == 0)
2550 		goto fail;
2551 
2552 	if (result->m_len < sizeof(struct sadb_msg)) {
2553 		result = m_pullup(result, sizeof(struct sadb_msg));
2554 		if (result == NULL)
2555 			goto fail;
2556 	}
2557 
2558 	result->m_pkthdr.len = 0;
2559 	for (m = result; m; m = m->m_next)
2560 		result->m_pkthdr.len += m->m_len;
2561 
2562 	mtod(result, struct sadb_msg *)->sadb_msg_len =
2563 	    PFKEY_UNIT64(result->m_pkthdr.len);
2564 
2565 	return result;
2566 
2567 fail:
2568 	m_freem(result);
2569 	return NULL;
2570 }
2571 /*
2572  * get PFKEY message length for security policy and request.
2573  */
2574 static size_t
2575 key_getspreqmsglen(struct secpolicy *sp)
2576 {
2577 	size_t tlen, len;
2578 	int i;
2579 
2580 	tlen = sizeof(struct sadb_x_policy);
2581 	/* if is the policy for ipsec ? */
2582 	if (sp->policy != IPSEC_POLICY_IPSEC)
2583 		return (tlen);
2584 
2585 	/* get length of ipsec requests */
2586 	for (i = 0; i < sp->tcount; i++) {
2587 		len = sizeof(struct sadb_x_ipsecrequest)
2588 			+ sp->req[i]->saidx.src.sa.sa_len
2589 			+ sp->req[i]->saidx.dst.sa.sa_len;
2590 
2591 		tlen += PFKEY_ALIGN8(len);
2592 	}
2593 	return (tlen);
2594 }
2595 
2596 /*
2597  * SADB_SPDEXPIRE processing
2598  * send
2599  *   <base, address(SD), lifetime(CH), policy>
2600  * to KMD by PF_KEY.
2601  *
2602  * OUT:	0	: succeed
2603  *	others	: error number
2604  */
2605 static int
2606 key_spdexpire(struct secpolicy *sp)
2607 {
2608 	struct sadb_lifetime *lt;
2609 	struct mbuf *result = NULL, *m;
2610 	int len, error = -1;
2611 
2612 	IPSEC_ASSERT(sp != NULL, ("null secpolicy"));
2613 
2614 	KEYDBG(KEY_STAMP,
2615 	    printf("%s: SP(%p)\n", __func__, sp));
2616 	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2617 
2618 	/* set msg header */
2619 	m = key_setsadbmsg(SADB_X_SPDEXPIRE, 0, 0, 0, 0, 0);
2620 	if (!m) {
2621 		error = ENOBUFS;
2622 		goto fail;
2623 	}
2624 	result = m;
2625 
2626 	/* create lifetime extension (current and hard) */
2627 	len = PFKEY_ALIGN8(sizeof(*lt)) * 2;
2628 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
2629 	if (m == NULL) {
2630 		error = ENOBUFS;
2631 		goto fail;
2632 	}
2633 	m_align(m, len);
2634 	m->m_len = len;
2635 	bzero(mtod(m, caddr_t), len);
2636 	lt = mtod(m, struct sadb_lifetime *);
2637 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2638 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
2639 	lt->sadb_lifetime_allocations = 0;
2640 	lt->sadb_lifetime_bytes = 0;
2641 	lt->sadb_lifetime_addtime = sp->created;
2642 	lt->sadb_lifetime_usetime = sp->lastused;
2643 	lt = (struct sadb_lifetime *)(mtod(m, caddr_t) + len / 2);
2644 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2645 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
2646 	lt->sadb_lifetime_allocations = 0;
2647 	lt->sadb_lifetime_bytes = 0;
2648 	lt->sadb_lifetime_addtime = sp->lifetime;
2649 	lt->sadb_lifetime_usetime = sp->validtime;
2650 	m_cat(result, m);
2651 
2652 	/* set sadb_address for source */
2653 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
2654 	    &sp->spidx.src.sa,
2655 	    sp->spidx.prefs, sp->spidx.ul_proto);
2656 	if (!m) {
2657 		error = ENOBUFS;
2658 		goto fail;
2659 	}
2660 	m_cat(result, m);
2661 
2662 	/* set sadb_address for destination */
2663 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
2664 	    &sp->spidx.dst.sa,
2665 	    sp->spidx.prefd, sp->spidx.ul_proto);
2666 	if (!m) {
2667 		error = ENOBUFS;
2668 		goto fail;
2669 	}
2670 	m_cat(result, m);
2671 
2672 	/* set secpolicy */
2673 	m = key_sp2mbuf(sp);
2674 	if (!m) {
2675 		error = ENOBUFS;
2676 		goto fail;
2677 	}
2678 	m_cat(result, m);
2679 
2680 	if ((result->m_flags & M_PKTHDR) == 0) {
2681 		error = EINVAL;
2682 		goto fail;
2683 	}
2684 
2685 	if (result->m_len < sizeof(struct sadb_msg)) {
2686 		result = m_pullup(result, sizeof(struct sadb_msg));
2687 		if (result == NULL) {
2688 			error = ENOBUFS;
2689 			goto fail;
2690 		}
2691 	}
2692 
2693 	result->m_pkthdr.len = 0;
2694 	for (m = result; m; m = m->m_next)
2695 		result->m_pkthdr.len += m->m_len;
2696 
2697 	mtod(result, struct sadb_msg *)->sadb_msg_len =
2698 	    PFKEY_UNIT64(result->m_pkthdr.len);
2699 
2700 	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
2701 
2702  fail:
2703 	if (result)
2704 		m_freem(result);
2705 	return error;
2706 }
2707 
2708 /* %%% SAD management */
2709 /*
2710  * allocating and initialize new SA head.
2711  * OUT:	NULL	: failure due to the lack of memory.
2712  *	others	: pointer to new SA head.
2713  */
2714 static struct secashead *
2715 key_newsah(struct secasindex *saidx)
2716 {
2717 	struct secashead *sah;
2718 
2719 	sah = malloc(sizeof(struct secashead), M_IPSEC_SAH,
2720 	    M_NOWAIT | M_ZERO);
2721 	if (sah == NULL) {
2722 		PFKEYSTAT_INC(in_nomem);
2723 		return (NULL);
2724 	}
2725 	TAILQ_INIT(&sah->savtree_larval);
2726 	TAILQ_INIT(&sah->savtree_alive);
2727 	sah->saidx = *saidx;
2728 	sah->state = SADB_SASTATE_DEAD;
2729 	SAH_INITREF(sah);
2730 
2731 	KEYDBG(KEY_STAMP,
2732 	    printf("%s: SAH(%p)\n", __func__, sah));
2733 	KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2734 	return (sah);
2735 }
2736 
2737 static void
2738 key_freesah(struct secashead **psah)
2739 {
2740 	struct secashead *sah = *psah;
2741 
2742 	if (SAH_DELREF(sah) == 0)
2743 		return;
2744 
2745 	KEYDBG(KEY_STAMP,
2746 	    printf("%s: last reference to SAH(%p)\n", __func__, sah));
2747 	KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2748 
2749 	*psah = NULL;
2750 	key_delsah(sah);
2751 }
2752 
2753 static void
2754 key_delsah(struct secashead *sah)
2755 {
2756 	IPSEC_ASSERT(sah != NULL, ("NULL sah"));
2757 	IPSEC_ASSERT(sah->state == SADB_SASTATE_DEAD,
2758 	    ("Attempt to free non DEAD SAH %p", sah));
2759 	IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_larval),
2760 	    ("Attempt to free SAH %p with LARVAL SA", sah));
2761 	IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_alive),
2762 	    ("Attempt to free SAH %p with ALIVE SA", sah));
2763 
2764 	free(sah, M_IPSEC_SAH);
2765 }
2766 
2767 /*
2768  * allocating a new SA for key_add() and key_getspi() call,
2769  * and copy the values of mhp into new buffer.
2770  * When SAD message type is SADB_GETSPI set SA state to LARVAL.
2771  * For SADB_ADD create and initialize SA with MATURE state.
2772  * OUT:	NULL	: fail
2773  *	others	: pointer to new secasvar.
2774  */
2775 static struct secasvar *
2776 key_newsav(const struct sadb_msghdr *mhp, struct secasindex *saidx,
2777     uint32_t spi, int *errp)
2778 {
2779 	struct secashead *sah;
2780 	struct secasvar *sav;
2781 	int isnew;
2782 
2783 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2784 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2785 	IPSEC_ASSERT(mhp->msg->sadb_msg_type == SADB_GETSPI ||
2786 	    mhp->msg->sadb_msg_type == SADB_ADD, ("wrong message type"));
2787 
2788 	sav = NULL;
2789 	sah = NULL;
2790 	/* check SPI value */
2791 	switch (saidx->proto) {
2792 	case IPPROTO_ESP:
2793 	case IPPROTO_AH:
2794 		/*
2795 		 * RFC 4302, 2.4. Security Parameters Index (SPI), SPI values
2796 		 * 1-255 reserved by IANA for future use,
2797 		 * 0 for implementation specific, local use.
2798 		 */
2799 		if (ntohl(spi) <= 255) {
2800 			ipseclog((LOG_DEBUG, "%s: illegal range of SPI %u.\n",
2801 			    __func__, ntohl(spi)));
2802 			*errp = EINVAL;
2803 			goto done;
2804 		}
2805 		break;
2806 	}
2807 
2808 	sav = malloc(sizeof(struct secasvar), M_IPSEC_SA, M_NOWAIT | M_ZERO);
2809 	if (sav == NULL) {
2810 		*errp = ENOBUFS;
2811 		goto done;
2812 	}
2813 	sav->lock = malloc(sizeof(struct mtx), M_IPSEC_MISC,
2814 	    M_NOWAIT | M_ZERO);
2815 	if (sav->lock == NULL) {
2816 		*errp = ENOBUFS;
2817 		goto done;
2818 	}
2819 	mtx_init(sav->lock, "ipsec association", NULL, MTX_DEF);
2820 	sav->lft_c = uma_zalloc(V_key_lft_zone, M_NOWAIT);
2821 	if (sav->lft_c == NULL) {
2822 		*errp = ENOBUFS;
2823 		goto done;
2824 	}
2825 	counter_u64_zero(sav->lft_c_allocations);
2826 	counter_u64_zero(sav->lft_c_bytes);
2827 
2828 	sav->spi = spi;
2829 	sav->seq = mhp->msg->sadb_msg_seq;
2830 	sav->state = SADB_SASTATE_LARVAL;
2831 	sav->pid = (pid_t)mhp->msg->sadb_msg_pid;
2832 	SAV_INITREF(sav);
2833 again:
2834 	sah = key_getsah(saidx);
2835 	if (sah == NULL) {
2836 		/* create a new SA index */
2837 		sah = key_newsah(saidx);
2838 		if (sah == NULL) {
2839 			ipseclog((LOG_DEBUG,
2840 			    "%s: No more memory.\n", __func__));
2841 			*errp = ENOBUFS;
2842 			goto done;
2843 		}
2844 		isnew = 1;
2845 	} else
2846 		isnew = 0;
2847 
2848 	sav->sah = sah;
2849 	if (mhp->msg->sadb_msg_type == SADB_GETSPI) {
2850 		sav->created = time_second;
2851 	} else if (sav->state == SADB_SASTATE_LARVAL) {
2852 		/*
2853 		 * Do not call key_setsaval() second time in case
2854 		 * of `goto again`. We will have MATURE state.
2855 		 */
2856 		*errp = key_setsaval(sav, mhp);
2857 		if (*errp != 0)
2858 			goto done;
2859 		sav->state = SADB_SASTATE_MATURE;
2860 	}
2861 
2862 	SAHTREE_WLOCK();
2863 	/*
2864 	 * Check that existing SAH wasn't unlinked.
2865 	 * Since we didn't hold the SAHTREE lock, it is possible,
2866 	 * that callout handler or key_flush() or key_delete() could
2867 	 * unlink this SAH.
2868 	 */
2869 	if (isnew == 0 && sah->state == SADB_SASTATE_DEAD) {
2870 		SAHTREE_WUNLOCK();
2871 		key_freesah(&sah);	/* reference from key_getsah() */
2872 		goto again;
2873 	}
2874 	if (isnew != 0) {
2875 		/*
2876 		 * Add new SAH into SADB.
2877 		 *
2878 		 * XXXAE: we can serialize key_add and key_getspi calls, so
2879 		 * several threads will not fight in the race.
2880 		 * Otherwise we should check under SAHTREE lock, that this
2881 		 * SAH would not added twice.
2882 		 */
2883 		TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
2884 		/* Add new SAH into hash by addresses */
2885 		LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
2886 		/* Now we are linked in the chain */
2887 		sah->state = SADB_SASTATE_MATURE;
2888 		/*
2889 		 * SAV references this new SAH.
2890 		 * In case of existing SAH we reuse reference
2891 		 * from key_getsah().
2892 		 */
2893 		SAH_ADDREF(sah);
2894 	}
2895 	/* Link SAV with SAH */
2896 	if (sav->state == SADB_SASTATE_MATURE)
2897 		TAILQ_INSERT_HEAD(&sah->savtree_alive, sav, chain);
2898 	else
2899 		TAILQ_INSERT_HEAD(&sah->savtree_larval, sav, chain);
2900 	/* Add SAV into SPI hash */
2901 	LIST_INSERT_HEAD(SAVHASH_HASH(sav->spi), sav, spihash);
2902 	SAHTREE_WUNLOCK();
2903 	*errp = 0;	/* success */
2904 done:
2905 	if (*errp != 0) {
2906 		if (sav != NULL) {
2907 			if (sav->lock != NULL) {
2908 				mtx_destroy(sav->lock);
2909 				free(sav->lock, M_IPSEC_MISC);
2910 			}
2911 			if (sav->lft_c != NULL)
2912 				uma_zfree(V_key_lft_zone, sav->lft_c);
2913 			free(sav, M_IPSEC_SA), sav = NULL;
2914 		}
2915 		if (sah != NULL)
2916 			key_freesah(&sah);
2917 		if (*errp == ENOBUFS) {
2918 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
2919 			    __func__));
2920 			PFKEYSTAT_INC(in_nomem);
2921 		}
2922 	}
2923 	return (sav);
2924 }
2925 
2926 /*
2927  * free() SA variable entry.
2928  */
2929 static void
2930 key_cleansav(struct secasvar *sav)
2931 {
2932 
2933 	if (sav->natt != NULL) {
2934 		free(sav->natt, M_IPSEC_MISC);
2935 		sav->natt = NULL;
2936 	}
2937 	if (sav->flags & SADB_X_EXT_F_CLONED)
2938 		return;
2939 	/*
2940 	 * Cleanup xform state.  Note that zeroize'ing causes the
2941 	 * keys to be cleared; otherwise we must do it ourself.
2942 	 */
2943 	if (sav->tdb_xform != NULL) {
2944 		sav->tdb_xform->xf_zeroize(sav);
2945 		sav->tdb_xform = NULL;
2946 	} else {
2947 		if (sav->key_auth != NULL)
2948 			bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth));
2949 		if (sav->key_enc != NULL)
2950 			bzero(sav->key_enc->key_data, _KEYLEN(sav->key_enc));
2951 	}
2952 	if (sav->key_auth != NULL) {
2953 		if (sav->key_auth->key_data != NULL)
2954 			free(sav->key_auth->key_data, M_IPSEC_MISC);
2955 		free(sav->key_auth, M_IPSEC_MISC);
2956 		sav->key_auth = NULL;
2957 	}
2958 	if (sav->key_enc != NULL) {
2959 		if (sav->key_enc->key_data != NULL)
2960 			free(sav->key_enc->key_data, M_IPSEC_MISC);
2961 		free(sav->key_enc, M_IPSEC_MISC);
2962 		sav->key_enc = NULL;
2963 	}
2964 	if (sav->replay != NULL) {
2965 		if (sav->replay->bitmap != NULL)
2966 			free(sav->replay->bitmap, M_IPSEC_MISC);
2967 		free(sav->replay, M_IPSEC_MISC);
2968 		sav->replay = NULL;
2969 	}
2970 	if (sav->lft_h != NULL) {
2971 		free(sav->lft_h, M_IPSEC_MISC);
2972 		sav->lft_h = NULL;
2973 	}
2974 	if (sav->lft_s != NULL) {
2975 		free(sav->lft_s, M_IPSEC_MISC);
2976 		sav->lft_s = NULL;
2977 	}
2978 }
2979 
2980 /*
2981  * free() SA variable entry.
2982  */
2983 static void
2984 key_delsav(struct secasvar *sav)
2985 {
2986 	IPSEC_ASSERT(sav != NULL, ("null sav"));
2987 	IPSEC_ASSERT(sav->state == SADB_SASTATE_DEAD,
2988 	    ("attempt to free non DEAD SA %p", sav));
2989 	IPSEC_ASSERT(sav->refcnt == 0, ("reference count %u > 0",
2990 	    sav->refcnt));
2991 
2992 	/*
2993 	 * SA must be unlinked from the chain and hashtbl.
2994 	 * If SA was cloned, we leave all fields untouched,
2995 	 * except NAT-T config.
2996 	 */
2997 	key_cleansav(sav);
2998 	if ((sav->flags & SADB_X_EXT_F_CLONED) == 0) {
2999 		mtx_destroy(sav->lock);
3000 		free(sav->lock, M_IPSEC_MISC);
3001 		uma_zfree(V_key_lft_zone, sav->lft_c);
3002 	}
3003 	free(sav, M_IPSEC_SA);
3004 }
3005 
3006 /*
3007  * search SAH.
3008  * OUT:
3009  *	NULL	: not found
3010  *	others	: found, referenced pointer to a SAH.
3011  */
3012 static struct secashead *
3013 key_getsah(struct secasindex *saidx)
3014 {
3015 	SAHTREE_RLOCK_TRACKER;
3016 	struct secashead *sah;
3017 
3018 	SAHTREE_RLOCK();
3019 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
3020 	    if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID) != 0) {
3021 		    SAH_ADDREF(sah);
3022 		    break;
3023 	    }
3024 	}
3025 	SAHTREE_RUNLOCK();
3026 	return (sah);
3027 }
3028 
3029 /*
3030  * Check not to be duplicated SPI.
3031  * OUT:
3032  *	0	: not found
3033  *	1	: found SA with given SPI.
3034  */
3035 static int
3036 key_checkspidup(uint32_t spi)
3037 {
3038 	SAHTREE_RLOCK_TRACKER;
3039 	struct secasvar *sav;
3040 
3041 	/* Assume SPI is in network byte order */
3042 	SAHTREE_RLOCK();
3043 	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
3044 		if (sav->spi == spi)
3045 			break;
3046 	}
3047 	SAHTREE_RUNLOCK();
3048 	return (sav != NULL);
3049 }
3050 
3051 /*
3052  * Search SA by SPI.
3053  * OUT:
3054  *	NULL	: not found
3055  *	others	: found, referenced pointer to a SA.
3056  */
3057 static struct secasvar *
3058 key_getsavbyspi(uint32_t spi)
3059 {
3060 	SAHTREE_RLOCK_TRACKER;
3061 	struct secasvar *sav;
3062 
3063 	/* Assume SPI is in network byte order */
3064 	SAHTREE_RLOCK();
3065 	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
3066 		if (sav->spi != spi)
3067 			continue;
3068 		SAV_ADDREF(sav);
3069 		break;
3070 	}
3071 	SAHTREE_RUNLOCK();
3072 	return (sav);
3073 }
3074 
3075 static int
3076 key_updatelifetimes(struct secasvar *sav, const struct sadb_msghdr *mhp)
3077 {
3078 	struct seclifetime *lft_h, *lft_s, *tmp;
3079 
3080 	/* Lifetime extension is optional, check that it is present. */
3081 	if (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
3082 	    SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) {
3083 		/*
3084 		 * In case of SADB_UPDATE we may need to change
3085 		 * existing lifetimes.
3086 		 */
3087 		if (sav->state == SADB_SASTATE_MATURE) {
3088 			lft_h = lft_s = NULL;
3089 			goto reset;
3090 		}
3091 		return (0);
3092 	}
3093 	/* Both HARD and SOFT extensions must present */
3094 	if ((SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
3095 	    !SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
3096 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
3097 	    !SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
3098 		ipseclog((LOG_DEBUG,
3099 		    "%s: invalid message: missing required header.\n",
3100 		    __func__));
3101 		return (EINVAL);
3102 	}
3103 	if (SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_HARD) ||
3104 	    SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_SOFT)) {
3105 		ipseclog((LOG_DEBUG,
3106 		    "%s: invalid message: wrong header size.\n", __func__));
3107 		return (EINVAL);
3108 	}
3109 	lft_h = key_dup_lifemsg((const struct sadb_lifetime *)
3110 	    mhp->ext[SADB_EXT_LIFETIME_HARD], M_IPSEC_MISC);
3111 	if (lft_h == NULL) {
3112 		PFKEYSTAT_INC(in_nomem);
3113 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3114 		return (ENOBUFS);
3115 	}
3116 	lft_s = key_dup_lifemsg((const struct sadb_lifetime *)
3117 	    mhp->ext[SADB_EXT_LIFETIME_SOFT], M_IPSEC_MISC);
3118 	if (lft_s == NULL) {
3119 		PFKEYSTAT_INC(in_nomem);
3120 		free(lft_h, M_IPSEC_MISC);
3121 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3122 		return (ENOBUFS);
3123 	}
3124 reset:
3125 	if (sav->state != SADB_SASTATE_LARVAL) {
3126 		/*
3127 		 * key_update() holds reference to this SA,
3128 		 * so it won't be deleted in meanwhile.
3129 		 */
3130 		SECASVAR_LOCK(sav);
3131 		tmp = sav->lft_h;
3132 		sav->lft_h = lft_h;
3133 		lft_h = tmp;
3134 
3135 		tmp = sav->lft_s;
3136 		sav->lft_s = lft_s;
3137 		lft_s = tmp;
3138 		SECASVAR_UNLOCK(sav);
3139 		if (lft_h != NULL)
3140 			free(lft_h, M_IPSEC_MISC);
3141 		if (lft_s != NULL)
3142 			free(lft_s, M_IPSEC_MISC);
3143 		return (0);
3144 	}
3145 	/* We can update lifetime without holding a lock */
3146 	IPSEC_ASSERT(sav->lft_h == NULL, ("lft_h is already initialized\n"));
3147 	IPSEC_ASSERT(sav->lft_s == NULL, ("lft_s is already initialized\n"));
3148 	sav->lft_h = lft_h;
3149 	sav->lft_s = lft_s;
3150 	return (0);
3151 }
3152 
3153 /*
3154  * copy SA values from PF_KEY message except *SPI, SEQ, PID and TYPE*.
3155  * You must update these if need. Expects only LARVAL SAs.
3156  * OUT:	0:	success.
3157  *	!0:	failure.
3158  */
3159 static int
3160 key_setsaval(struct secasvar *sav, const struct sadb_msghdr *mhp)
3161 {
3162 	const struct sadb_sa *sa0;
3163 	const struct sadb_key *key0;
3164 	uint32_t replay;
3165 	size_t len;
3166 	int error;
3167 
3168 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
3169 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
3170 	IPSEC_ASSERT(sav->state == SADB_SASTATE_LARVAL,
3171 	    ("Attempt to update non LARVAL SA"));
3172 
3173 	/* XXX rewrite */
3174 	error = key_setident(sav->sah, mhp);
3175 	if (error != 0)
3176 		goto fail;
3177 
3178 	/* SA */
3179 	if (!SADB_CHECKHDR(mhp, SADB_EXT_SA)) {
3180 		if (SADB_CHECKLEN(mhp, SADB_EXT_SA)) {
3181 			error = EINVAL;
3182 			goto fail;
3183 		}
3184 		sa0 = (const struct sadb_sa *)mhp->ext[SADB_EXT_SA];
3185 		sav->alg_auth = sa0->sadb_sa_auth;
3186 		sav->alg_enc = sa0->sadb_sa_encrypt;
3187 		sav->flags = sa0->sadb_sa_flags;
3188 		if ((sav->flags & SADB_KEY_FLAGS_MAX) != sav->flags) {
3189 			ipseclog((LOG_DEBUG,
3190 			    "%s: invalid sa_flags 0x%08x.\n", __func__,
3191 			    sav->flags));
3192 			error = EINVAL;
3193 			goto fail;
3194 		}
3195 
3196 		/* Optional replay window */
3197 		replay = 0;
3198 		if ((sa0->sadb_sa_flags & SADB_X_EXT_OLD) == 0)
3199 			replay = sa0->sadb_sa_replay;
3200 		if (!SADB_CHECKHDR(mhp, SADB_X_EXT_SA_REPLAY)) {
3201 			if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA_REPLAY)) {
3202 				error = EINVAL;
3203 				goto fail;
3204 			}
3205 			replay = ((const struct sadb_x_sa_replay *)
3206 			    mhp->ext[SADB_X_EXT_SA_REPLAY])->sadb_x_sa_replay_replay;
3207 
3208 			if (replay > UINT32_MAX - 32) {
3209 				ipseclog((LOG_DEBUG,
3210 				    "%s: replay window too big.\n", __func__));
3211 				error = EINVAL;
3212 				goto fail;
3213 			}
3214 
3215 			replay = (replay + 7) >> 3;
3216 		}
3217 
3218 		sav->replay = malloc(sizeof(struct secreplay), M_IPSEC_MISC,
3219 		    M_NOWAIT | M_ZERO);
3220 		if (sav->replay == NULL) {
3221 			PFKEYSTAT_INC(in_nomem);
3222 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3223 			    __func__));
3224 			error = ENOBUFS;
3225 			goto fail;
3226 		}
3227 
3228 		if (replay != 0) {
3229 			/* number of 32b blocks to be allocated */
3230 			uint32_t bitmap_size;
3231 
3232 			/* RFC 6479:
3233 			 * - the allocated replay window size must be
3234 			 *   a power of two.
3235 			 * - use an extra 32b block as a redundant window.
3236 			 */
3237 			bitmap_size = 1;
3238 			while (replay + 4 > bitmap_size)
3239 				bitmap_size <<= 1;
3240 			bitmap_size = bitmap_size / 4;
3241 
3242 			sav->replay->bitmap = malloc(
3243 			    bitmap_size * sizeof(uint32_t), M_IPSEC_MISC,
3244 			    M_NOWAIT | M_ZERO);
3245 			if (sav->replay->bitmap == NULL) {
3246 				PFKEYSTAT_INC(in_nomem);
3247 				ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3248 					__func__));
3249 				error = ENOBUFS;
3250 				goto fail;
3251 			}
3252 			sav->replay->bitmap_size = bitmap_size;
3253 			sav->replay->wsize = replay;
3254 		}
3255 	}
3256 
3257 	/* Authentication keys */
3258 	if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH)) {
3259 		if (SADB_CHECKLEN(mhp, SADB_EXT_KEY_AUTH)) {
3260 			error = EINVAL;
3261 			goto fail;
3262 		}
3263 		error = 0;
3264 		key0 = (const struct sadb_key *)mhp->ext[SADB_EXT_KEY_AUTH];
3265 		len = mhp->extlen[SADB_EXT_KEY_AUTH];
3266 		switch (mhp->msg->sadb_msg_satype) {
3267 		case SADB_SATYPE_AH:
3268 		case SADB_SATYPE_ESP:
3269 		case SADB_X_SATYPE_TCPSIGNATURE:
3270 			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
3271 			    sav->alg_auth != SADB_X_AALG_NULL)
3272 				error = EINVAL;
3273 			break;
3274 		case SADB_X_SATYPE_IPCOMP:
3275 		default:
3276 			error = EINVAL;
3277 			break;
3278 		}
3279 		if (error) {
3280 			ipseclog((LOG_DEBUG, "%s: invalid key_auth values.\n",
3281 				__func__));
3282 			goto fail;
3283 		}
3284 
3285 		sav->key_auth = key_dup_keymsg(key0, len, M_IPSEC_MISC);
3286 		if (sav->key_auth == NULL ) {
3287 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3288 				  __func__));
3289 			PFKEYSTAT_INC(in_nomem);
3290 			error = ENOBUFS;
3291 			goto fail;
3292 		}
3293 	}
3294 
3295 	/* Encryption key */
3296 	if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT)) {
3297 		if (SADB_CHECKLEN(mhp, SADB_EXT_KEY_ENCRYPT)) {
3298 			error = EINVAL;
3299 			goto fail;
3300 		}
3301 		error = 0;
3302 		key0 = (const struct sadb_key *)mhp->ext[SADB_EXT_KEY_ENCRYPT];
3303 		len = mhp->extlen[SADB_EXT_KEY_ENCRYPT];
3304 		switch (mhp->msg->sadb_msg_satype) {
3305 		case SADB_SATYPE_ESP:
3306 			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
3307 			    sav->alg_enc != SADB_EALG_NULL) {
3308 				error = EINVAL;
3309 				break;
3310 			}
3311 			sav->key_enc = key_dup_keymsg(key0, len, M_IPSEC_MISC);
3312 			if (sav->key_enc == NULL) {
3313 				ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3314 					__func__));
3315 				PFKEYSTAT_INC(in_nomem);
3316 				error = ENOBUFS;
3317 				goto fail;
3318 			}
3319 			break;
3320 		case SADB_X_SATYPE_IPCOMP:
3321 			if (len != PFKEY_ALIGN8(sizeof(struct sadb_key)))
3322 				error = EINVAL;
3323 			sav->key_enc = NULL;	/*just in case*/
3324 			break;
3325 		case SADB_SATYPE_AH:
3326 		case SADB_X_SATYPE_TCPSIGNATURE:
3327 		default:
3328 			error = EINVAL;
3329 			break;
3330 		}
3331 		if (error) {
3332 			ipseclog((LOG_DEBUG, "%s: invalid key_enc value.\n",
3333 				__func__));
3334 			goto fail;
3335 		}
3336 	}
3337 
3338 	/* set iv */
3339 	sav->ivlen = 0;
3340 	switch (mhp->msg->sadb_msg_satype) {
3341 	case SADB_SATYPE_AH:
3342 		if (sav->flags & SADB_X_EXT_DERIV) {
3343 			ipseclog((LOG_DEBUG, "%s: invalid flag (derived) "
3344 			    "given to AH SA.\n", __func__));
3345 			error = EINVAL;
3346 			goto fail;
3347 		}
3348 		if (sav->alg_enc != SADB_EALG_NONE) {
3349 			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3350 			    "mismated.\n", __func__));
3351 			error = EINVAL;
3352 			goto fail;
3353 		}
3354 		error = xform_init(sav, XF_AH);
3355 		break;
3356 	case SADB_SATYPE_ESP:
3357 		if ((sav->flags & (SADB_X_EXT_OLD | SADB_X_EXT_DERIV)) ==
3358 		    (SADB_X_EXT_OLD | SADB_X_EXT_DERIV)) {
3359 			ipseclog((LOG_DEBUG, "%s: invalid flag (derived) "
3360 			    "given to old-esp.\n", __func__));
3361 			error = EINVAL;
3362 			goto fail;
3363 		}
3364 		error = xform_init(sav, XF_ESP);
3365 		break;
3366 	case SADB_X_SATYPE_IPCOMP:
3367 		if (sav->alg_auth != SADB_AALG_NONE) {
3368 			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3369 			    "mismated.\n", __func__));
3370 			error = EINVAL;
3371 			goto fail;
3372 		}
3373 		if ((sav->flags & SADB_X_EXT_RAWCPI) == 0 &&
3374 		    ntohl(sav->spi) >= 0x10000) {
3375 			ipseclog((LOG_DEBUG, "%s: invalid cpi for IPComp.\n",
3376 			    __func__));
3377 			error = EINVAL;
3378 			goto fail;
3379 		}
3380 		error = xform_init(sav, XF_IPCOMP);
3381 		break;
3382 	case SADB_X_SATYPE_TCPSIGNATURE:
3383 		if (sav->alg_enc != SADB_EALG_NONE) {
3384 			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3385 			    "mismated.\n", __func__));
3386 			error = EINVAL;
3387 			goto fail;
3388 		}
3389 		error = xform_init(sav, XF_TCPSIGNATURE);
3390 		break;
3391 	default:
3392 		ipseclog((LOG_DEBUG, "%s: Invalid satype.\n", __func__));
3393 		error = EPROTONOSUPPORT;
3394 		goto fail;
3395 	}
3396 	if (error) {
3397 		ipseclog((LOG_DEBUG, "%s: unable to initialize SA type %u.\n",
3398 		    __func__, mhp->msg->sadb_msg_satype));
3399 		goto fail;
3400 	}
3401 
3402 	/* Handle NAT-T headers */
3403 	error = key_setnatt(sav, mhp);
3404 	if (error != 0)
3405 		goto fail;
3406 
3407 	/* Initialize lifetime for CURRENT */
3408 	sav->firstused = 0;
3409 	sav->created = time_second;
3410 
3411 	/* lifetimes for HARD and SOFT */
3412 	error = key_updatelifetimes(sav, mhp);
3413 	if (error == 0)
3414 		return (0);
3415 fail:
3416 	key_cleansav(sav);
3417 	return (error);
3418 }
3419 
3420 /*
3421  * subroutine for SADB_GET and SADB_DUMP.
3422  */
3423 static struct mbuf *
3424 key_setdumpsa(struct secasvar *sav, uint8_t type, uint8_t satype,
3425     uint32_t seq, uint32_t pid)
3426 {
3427 	struct seclifetime lft_c;
3428 	struct mbuf *result = NULL, *tres = NULL, *m;
3429 	int i, dumporder[] = {
3430 		SADB_EXT_SA, SADB_X_EXT_SA2, SADB_X_EXT_SA_REPLAY,
3431 		SADB_EXT_LIFETIME_HARD, SADB_EXT_LIFETIME_SOFT,
3432 		SADB_EXT_LIFETIME_CURRENT, SADB_EXT_ADDRESS_SRC,
3433 		SADB_EXT_ADDRESS_DST, SADB_EXT_ADDRESS_PROXY,
3434 		SADB_EXT_KEY_AUTH, SADB_EXT_KEY_ENCRYPT,
3435 		SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST,
3436 		SADB_EXT_SENSITIVITY,
3437 		SADB_X_EXT_NAT_T_TYPE,
3438 		SADB_X_EXT_NAT_T_SPORT, SADB_X_EXT_NAT_T_DPORT,
3439 		SADB_X_EXT_NAT_T_OAI, SADB_X_EXT_NAT_T_OAR,
3440 		SADB_X_EXT_NAT_T_FRAG,
3441 	};
3442 	uint32_t replay_count;
3443 
3444 	m = key_setsadbmsg(type, 0, satype, seq, pid, sav->refcnt);
3445 	if (m == NULL)
3446 		goto fail;
3447 	result = m;
3448 
3449 	for (i = nitems(dumporder) - 1; i >= 0; i--) {
3450 		m = NULL;
3451 		switch (dumporder[i]) {
3452 		case SADB_EXT_SA:
3453 			m = key_setsadbsa(sav);
3454 			if (!m)
3455 				goto fail;
3456 			break;
3457 
3458 		case SADB_X_EXT_SA2:
3459 			SECASVAR_LOCK(sav);
3460 			replay_count = sav->replay ? sav->replay->count : 0;
3461 			SECASVAR_UNLOCK(sav);
3462 			m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
3463 					sav->sah->saidx.reqid);
3464 			if (!m)
3465 				goto fail;
3466 			break;
3467 
3468 		case SADB_X_EXT_SA_REPLAY:
3469 			if (sav->replay == NULL ||
3470 			    sav->replay->wsize <= UINT8_MAX)
3471 				continue;
3472 
3473 			m = key_setsadbxsareplay(sav->replay->wsize);
3474 			if (!m)
3475 				goto fail;
3476 			break;
3477 
3478 		case SADB_EXT_ADDRESS_SRC:
3479 			m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
3480 			    &sav->sah->saidx.src.sa,
3481 			    FULLMASK, IPSEC_ULPROTO_ANY);
3482 			if (!m)
3483 				goto fail;
3484 			break;
3485 
3486 		case SADB_EXT_ADDRESS_DST:
3487 			m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
3488 			    &sav->sah->saidx.dst.sa,
3489 			    FULLMASK, IPSEC_ULPROTO_ANY);
3490 			if (!m)
3491 				goto fail;
3492 			break;
3493 
3494 		case SADB_EXT_KEY_AUTH:
3495 			if (!sav->key_auth)
3496 				continue;
3497 			m = key_setkey(sav->key_auth, SADB_EXT_KEY_AUTH);
3498 			if (!m)
3499 				goto fail;
3500 			break;
3501 
3502 		case SADB_EXT_KEY_ENCRYPT:
3503 			if (!sav->key_enc)
3504 				continue;
3505 			m = key_setkey(sav->key_enc, SADB_EXT_KEY_ENCRYPT);
3506 			if (!m)
3507 				goto fail;
3508 			break;
3509 
3510 		case SADB_EXT_LIFETIME_CURRENT:
3511 			lft_c.addtime = sav->created;
3512 			lft_c.allocations = (uint32_t)counter_u64_fetch(
3513 			    sav->lft_c_allocations);
3514 			lft_c.bytes = counter_u64_fetch(sav->lft_c_bytes);
3515 			lft_c.usetime = sav->firstused;
3516 			m = key_setlifetime(&lft_c, SADB_EXT_LIFETIME_CURRENT);
3517 			if (!m)
3518 				goto fail;
3519 			break;
3520 
3521 		case SADB_EXT_LIFETIME_HARD:
3522 			if (!sav->lft_h)
3523 				continue;
3524 			m = key_setlifetime(sav->lft_h,
3525 					    SADB_EXT_LIFETIME_HARD);
3526 			if (!m)
3527 				goto fail;
3528 			break;
3529 
3530 		case SADB_EXT_LIFETIME_SOFT:
3531 			if (!sav->lft_s)
3532 				continue;
3533 			m = key_setlifetime(sav->lft_s,
3534 					    SADB_EXT_LIFETIME_SOFT);
3535 
3536 			if (!m)
3537 				goto fail;
3538 			break;
3539 
3540 		case SADB_X_EXT_NAT_T_TYPE:
3541 			if (sav->natt == NULL)
3542 				continue;
3543 			m = key_setsadbxtype(UDP_ENCAP_ESPINUDP);
3544 			if (!m)
3545 				goto fail;
3546 			break;
3547 
3548 		case SADB_X_EXT_NAT_T_DPORT:
3549 			if (sav->natt == NULL)
3550 				continue;
3551 			m = key_setsadbxport(sav->natt->dport,
3552 			    SADB_X_EXT_NAT_T_DPORT);
3553 			if (!m)
3554 				goto fail;
3555 			break;
3556 
3557 		case SADB_X_EXT_NAT_T_SPORT:
3558 			if (sav->natt == NULL)
3559 				continue;
3560 			m = key_setsadbxport(sav->natt->sport,
3561 			    SADB_X_EXT_NAT_T_SPORT);
3562 			if (!m)
3563 				goto fail;
3564 			break;
3565 
3566 		case SADB_X_EXT_NAT_T_OAI:
3567 			if (sav->natt == NULL ||
3568 			    (sav->natt->flags & IPSEC_NATT_F_OAI) == 0)
3569 				continue;
3570 			m = key_setsadbaddr(SADB_X_EXT_NAT_T_OAI,
3571 			    &sav->natt->oai.sa, FULLMASK, IPSEC_ULPROTO_ANY);
3572 			if (!m)
3573 				goto fail;
3574 			break;
3575 		case SADB_X_EXT_NAT_T_OAR:
3576 			if (sav->natt == NULL ||
3577 			    (sav->natt->flags & IPSEC_NATT_F_OAR) == 0)
3578 				continue;
3579 			m = key_setsadbaddr(SADB_X_EXT_NAT_T_OAR,
3580 			    &sav->natt->oar.sa, FULLMASK, IPSEC_ULPROTO_ANY);
3581 			if (!m)
3582 				goto fail;
3583 			break;
3584 		case SADB_X_EXT_NAT_T_FRAG:
3585 			/* We do not (yet) support those. */
3586 			continue;
3587 
3588 		case SADB_EXT_ADDRESS_PROXY:
3589 		case SADB_EXT_IDENTITY_SRC:
3590 		case SADB_EXT_IDENTITY_DST:
3591 			/* XXX: should we brought from SPD ? */
3592 		case SADB_EXT_SENSITIVITY:
3593 		default:
3594 			continue;
3595 		}
3596 
3597 		if (!m)
3598 			goto fail;
3599 		if (tres)
3600 			m_cat(m, tres);
3601 		tres = m;
3602 	}
3603 
3604 	m_cat(result, tres);
3605 	tres = NULL;
3606 	if (result->m_len < sizeof(struct sadb_msg)) {
3607 		result = m_pullup(result, sizeof(struct sadb_msg));
3608 		if (result == NULL)
3609 			goto fail;
3610 	}
3611 
3612 	result->m_pkthdr.len = 0;
3613 	for (m = result; m; m = m->m_next)
3614 		result->m_pkthdr.len += m->m_len;
3615 
3616 	mtod(result, struct sadb_msg *)->sadb_msg_len =
3617 	    PFKEY_UNIT64(result->m_pkthdr.len);
3618 
3619 	return result;
3620 
3621 fail:
3622 	m_freem(result);
3623 	m_freem(tres);
3624 	return NULL;
3625 }
3626 
3627 /*
3628  * set data into sadb_msg.
3629  */
3630 static struct mbuf *
3631 key_setsadbmsg(u_int8_t type, u_int16_t tlen, u_int8_t satype, u_int32_t seq,
3632     pid_t pid, u_int16_t reserved)
3633 {
3634 	struct mbuf *m;
3635 	struct sadb_msg *p;
3636 	int len;
3637 
3638 	len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
3639 	if (len > MCLBYTES)
3640 		return NULL;
3641 	MGETHDR(m, M_NOWAIT, MT_DATA);
3642 	if (m && len > MHLEN) {
3643 		if (!(MCLGET(m, M_NOWAIT))) {
3644 			m_freem(m);
3645 			m = NULL;
3646 		}
3647 	}
3648 	if (!m)
3649 		return NULL;
3650 	m->m_pkthdr.len = m->m_len = len;
3651 	m->m_next = NULL;
3652 
3653 	p = mtod(m, struct sadb_msg *);
3654 
3655 	bzero(p, len);
3656 	p->sadb_msg_version = PF_KEY_V2;
3657 	p->sadb_msg_type = type;
3658 	p->sadb_msg_errno = 0;
3659 	p->sadb_msg_satype = satype;
3660 	p->sadb_msg_len = PFKEY_UNIT64(tlen);
3661 	p->sadb_msg_reserved = reserved;
3662 	p->sadb_msg_seq = seq;
3663 	p->sadb_msg_pid = (u_int32_t)pid;
3664 
3665 	return m;
3666 }
3667 
3668 /*
3669  * copy secasvar data into sadb_address.
3670  */
3671 static struct mbuf *
3672 key_setsadbsa(struct secasvar *sav)
3673 {
3674 	struct mbuf *m;
3675 	struct sadb_sa *p;
3676 	int len;
3677 
3678 	len = PFKEY_ALIGN8(sizeof(struct sadb_sa));
3679 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3680 	if (m == NULL)
3681 		return (NULL);
3682 	m_align(m, len);
3683 	m->m_len = len;
3684 	p = mtod(m, struct sadb_sa *);
3685 	bzero(p, len);
3686 	p->sadb_sa_len = PFKEY_UNIT64(len);
3687 	p->sadb_sa_exttype = SADB_EXT_SA;
3688 	p->sadb_sa_spi = sav->spi;
3689 	p->sadb_sa_replay = sav->replay ?
3690 	    (sav->replay->wsize > UINT8_MAX ? UINT8_MAX :
3691 		sav->replay->wsize): 0;
3692 	p->sadb_sa_state = sav->state;
3693 	p->sadb_sa_auth = sav->alg_auth;
3694 	p->sadb_sa_encrypt = sav->alg_enc;
3695 	p->sadb_sa_flags = sav->flags & SADB_KEY_FLAGS_MAX;
3696 	return (m);
3697 }
3698 
3699 /*
3700  * set data into sadb_address.
3701  */
3702 static struct mbuf *
3703 key_setsadbaddr(u_int16_t exttype, const struct sockaddr *saddr,
3704     u_int8_t prefixlen, u_int16_t ul_proto)
3705 {
3706 	struct mbuf *m;
3707 	struct sadb_address *p;
3708 	size_t len;
3709 
3710 	len = PFKEY_ALIGN8(sizeof(struct sadb_address)) +
3711 	    PFKEY_ALIGN8(saddr->sa_len);
3712 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3713 	if (m == NULL)
3714 		return (NULL);
3715 	m_align(m, len);
3716 	m->m_len = len;
3717 	p = mtod(m, struct sadb_address *);
3718 
3719 	bzero(p, len);
3720 	p->sadb_address_len = PFKEY_UNIT64(len);
3721 	p->sadb_address_exttype = exttype;
3722 	p->sadb_address_proto = ul_proto;
3723 	if (prefixlen == FULLMASK) {
3724 		switch (saddr->sa_family) {
3725 		case AF_INET:
3726 			prefixlen = sizeof(struct in_addr) << 3;
3727 			break;
3728 		case AF_INET6:
3729 			prefixlen = sizeof(struct in6_addr) << 3;
3730 			break;
3731 		default:
3732 			; /*XXX*/
3733 		}
3734 	}
3735 	p->sadb_address_prefixlen = prefixlen;
3736 	p->sadb_address_reserved = 0;
3737 
3738 	bcopy(saddr,
3739 	    mtod(m, caddr_t) + PFKEY_ALIGN8(sizeof(struct sadb_address)),
3740 	    saddr->sa_len);
3741 
3742 	return m;
3743 }
3744 
3745 /*
3746  * set data into sadb_x_sa2.
3747  */
3748 static struct mbuf *
3749 key_setsadbxsa2(u_int8_t mode, u_int32_t seq, u_int32_t reqid)
3750 {
3751 	struct mbuf *m;
3752 	struct sadb_x_sa2 *p;
3753 	size_t len;
3754 
3755 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa2));
3756 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3757 	if (m == NULL)
3758 		return (NULL);
3759 	m_align(m, len);
3760 	m->m_len = len;
3761 	p = mtod(m, struct sadb_x_sa2 *);
3762 
3763 	bzero(p, len);
3764 	p->sadb_x_sa2_len = PFKEY_UNIT64(len);
3765 	p->sadb_x_sa2_exttype = SADB_X_EXT_SA2;
3766 	p->sadb_x_sa2_mode = mode;
3767 	p->sadb_x_sa2_reserved1 = 0;
3768 	p->sadb_x_sa2_reserved2 = 0;
3769 	p->sadb_x_sa2_sequence = seq;
3770 	p->sadb_x_sa2_reqid = reqid;
3771 
3772 	return m;
3773 }
3774 
3775 /*
3776  * Set data into sadb_x_sa_replay.
3777  */
3778 static struct mbuf *
3779 key_setsadbxsareplay(u_int32_t replay)
3780 {
3781 	struct mbuf *m;
3782 	struct sadb_x_sa_replay *p;
3783 	size_t len;
3784 
3785 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa_replay));
3786 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3787 	if (m == NULL)
3788 		return (NULL);
3789 	m_align(m, len);
3790 	m->m_len = len;
3791 	p = mtod(m, struct sadb_x_sa_replay *);
3792 
3793 	bzero(p, len);
3794 	p->sadb_x_sa_replay_len = PFKEY_UNIT64(len);
3795 	p->sadb_x_sa_replay_exttype = SADB_X_EXT_SA_REPLAY;
3796 	p->sadb_x_sa_replay_replay = (replay << 3);
3797 
3798 	return m;
3799 }
3800 
3801 /*
3802  * Set a type in sadb_x_nat_t_type.
3803  */
3804 static struct mbuf *
3805 key_setsadbxtype(u_int16_t type)
3806 {
3807 	struct mbuf *m;
3808 	size_t len;
3809 	struct sadb_x_nat_t_type *p;
3810 
3811 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_type));
3812 
3813 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3814 	if (m == NULL)
3815 		return (NULL);
3816 	m_align(m, len);
3817 	m->m_len = len;
3818 	p = mtod(m, struct sadb_x_nat_t_type *);
3819 
3820 	bzero(p, len);
3821 	p->sadb_x_nat_t_type_len = PFKEY_UNIT64(len);
3822 	p->sadb_x_nat_t_type_exttype = SADB_X_EXT_NAT_T_TYPE;
3823 	p->sadb_x_nat_t_type_type = type;
3824 
3825 	return (m);
3826 }
3827 /*
3828  * Set a port in sadb_x_nat_t_port.
3829  * In contrast to default RFC 2367 behaviour, port is in network byte order.
3830  */
3831 static struct mbuf *
3832 key_setsadbxport(u_int16_t port, u_int16_t type)
3833 {
3834 	struct mbuf *m;
3835 	size_t len;
3836 	struct sadb_x_nat_t_port *p;
3837 
3838 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_port));
3839 
3840 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3841 	if (m == NULL)
3842 		return (NULL);
3843 	m_align(m, len);
3844 	m->m_len = len;
3845 	p = mtod(m, struct sadb_x_nat_t_port *);
3846 
3847 	bzero(p, len);
3848 	p->sadb_x_nat_t_port_len = PFKEY_UNIT64(len);
3849 	p->sadb_x_nat_t_port_exttype = type;
3850 	p->sadb_x_nat_t_port_port = port;
3851 
3852 	return (m);
3853 }
3854 
3855 /*
3856  * Get port from sockaddr. Port is in network byte order.
3857  */
3858 uint16_t
3859 key_portfromsaddr(struct sockaddr *sa)
3860 {
3861 
3862 	switch (sa->sa_family) {
3863 #ifdef INET
3864 	case AF_INET:
3865 		return ((struct sockaddr_in *)sa)->sin_port;
3866 #endif
3867 #ifdef INET6
3868 	case AF_INET6:
3869 		return ((struct sockaddr_in6 *)sa)->sin6_port;
3870 #endif
3871 	}
3872 	return (0);
3873 }
3874 
3875 /*
3876  * Set port in struct sockaddr. Port is in network byte order.
3877  */
3878 void
3879 key_porttosaddr(struct sockaddr *sa, uint16_t port)
3880 {
3881 
3882 	switch (sa->sa_family) {
3883 #ifdef INET
3884 	case AF_INET:
3885 		((struct sockaddr_in *)sa)->sin_port = port;
3886 		break;
3887 #endif
3888 #ifdef INET6
3889 	case AF_INET6:
3890 		((struct sockaddr_in6 *)sa)->sin6_port = port;
3891 		break;
3892 #endif
3893 	default:
3894 		ipseclog((LOG_DEBUG, "%s: unexpected address family %d.\n",
3895 			__func__, sa->sa_family));
3896 		break;
3897 	}
3898 }
3899 
3900 /*
3901  * set data into sadb_x_policy
3902  */
3903 static struct mbuf *
3904 key_setsadbxpolicy(u_int16_t type, u_int8_t dir, u_int32_t id, u_int32_t priority)
3905 {
3906 	struct mbuf *m;
3907 	struct sadb_x_policy *p;
3908 	size_t len;
3909 
3910 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_policy));
3911 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3912 	if (m == NULL)
3913 		return (NULL);
3914 	m_align(m, len);
3915 	m->m_len = len;
3916 	p = mtod(m, struct sadb_x_policy *);
3917 
3918 	bzero(p, len);
3919 	p->sadb_x_policy_len = PFKEY_UNIT64(len);
3920 	p->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
3921 	p->sadb_x_policy_type = type;
3922 	p->sadb_x_policy_dir = dir;
3923 	p->sadb_x_policy_id = id;
3924 	p->sadb_x_policy_priority = priority;
3925 
3926 	return m;
3927 }
3928 
3929 /* %%% utilities */
3930 /* Take a key message (sadb_key) from the socket and turn it into one
3931  * of the kernel's key structures (seckey).
3932  *
3933  * IN: pointer to the src
3934  * OUT: NULL no more memory
3935  */
3936 struct seckey *
3937 key_dup_keymsg(const struct sadb_key *src, size_t len,
3938     struct malloc_type *type)
3939 {
3940 	struct seckey *dst;
3941 
3942 	dst = malloc(sizeof(*dst), type, M_NOWAIT);
3943 	if (dst != NULL) {
3944 		dst->bits = src->sadb_key_bits;
3945 		dst->key_data = malloc(len, type, M_NOWAIT);
3946 		if (dst->key_data != NULL) {
3947 			bcopy((const char *)(src + 1), dst->key_data, len);
3948 		} else {
3949 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3950 			    __func__));
3951 			free(dst, type);
3952 			dst = NULL;
3953 		}
3954 	} else {
3955 		ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3956 		    __func__));
3957 
3958 	}
3959 	return (dst);
3960 }
3961 
3962 /* Take a lifetime message (sadb_lifetime) passed in on a socket and
3963  * turn it into one of the kernel's lifetime structures (seclifetime).
3964  *
3965  * IN: pointer to the destination, source and malloc type
3966  * OUT: NULL, no more memory
3967  */
3968 
3969 static struct seclifetime *
3970 key_dup_lifemsg(const struct sadb_lifetime *src, struct malloc_type *type)
3971 {
3972 	struct seclifetime *dst;
3973 
3974 	dst = malloc(sizeof(*dst), type, M_NOWAIT);
3975 	if (dst == NULL) {
3976 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3977 		return (NULL);
3978 	}
3979 	dst->allocations = src->sadb_lifetime_allocations;
3980 	dst->bytes = src->sadb_lifetime_bytes;
3981 	dst->addtime = src->sadb_lifetime_addtime;
3982 	dst->usetime = src->sadb_lifetime_usetime;
3983 	return (dst);
3984 }
3985 
3986 /*
3987  * compare two secasindex structure.
3988  * flag can specify to compare 2 saidxes.
3989  * compare two secasindex structure without both mode and reqid.
3990  * don't compare port.
3991  * IN:
3992  *      saidx0: source, it can be in SAD.
3993  *      saidx1: object.
3994  * OUT:
3995  *      1 : equal
3996  *      0 : not equal
3997  */
3998 static int
3999 key_cmpsaidx(const struct secasindex *saidx0, const struct secasindex *saidx1,
4000     int flag)
4001 {
4002 
4003 	/* sanity */
4004 	if (saidx0 == NULL && saidx1 == NULL)
4005 		return 1;
4006 
4007 	if (saidx0 == NULL || saidx1 == NULL)
4008 		return 0;
4009 
4010 	if (saidx0->proto != saidx1->proto)
4011 		return 0;
4012 
4013 	if (flag == CMP_EXACTLY) {
4014 		if (saidx0->mode != saidx1->mode)
4015 			return 0;
4016 		if (saidx0->reqid != saidx1->reqid)
4017 			return 0;
4018 		if (bcmp(&saidx0->src, &saidx1->src,
4019 		    saidx0->src.sa.sa_len) != 0 ||
4020 		    bcmp(&saidx0->dst, &saidx1->dst,
4021 		    saidx0->dst.sa.sa_len) != 0)
4022 			return 0;
4023 	} else {
4024 
4025 		/* CMP_MODE_REQID, CMP_REQID, CMP_HEAD */
4026 		if (flag == CMP_MODE_REQID || flag == CMP_REQID) {
4027 			/*
4028 			 * If reqid of SPD is non-zero, unique SA is required.
4029 			 * The result must be of same reqid in this case.
4030 			 */
4031 			if (saidx1->reqid != 0 &&
4032 			    saidx0->reqid != saidx1->reqid)
4033 				return 0;
4034 		}
4035 
4036 		if (flag == CMP_MODE_REQID) {
4037 			if (saidx0->mode != IPSEC_MODE_ANY
4038 			 && saidx0->mode != saidx1->mode)
4039 				return 0;
4040 		}
4041 
4042 		if (key_sockaddrcmp(&saidx0->src.sa, &saidx1->src.sa, 0) != 0)
4043 			return 0;
4044 		if (key_sockaddrcmp(&saidx0->dst.sa, &saidx1->dst.sa, 0) != 0)
4045 			return 0;
4046 	}
4047 
4048 	return 1;
4049 }
4050 
4051 /*
4052  * compare two secindex structure exactly.
4053  * IN:
4054  *	spidx0: source, it is often in SPD.
4055  *	spidx1: object, it is often from PFKEY message.
4056  * OUT:
4057  *	1 : equal
4058  *	0 : not equal
4059  */
4060 static int
4061 key_cmpspidx_exactly(struct secpolicyindex *spidx0,
4062     struct secpolicyindex *spidx1)
4063 {
4064 	/* sanity */
4065 	if (spidx0 == NULL && spidx1 == NULL)
4066 		return 1;
4067 
4068 	if (spidx0 == NULL || spidx1 == NULL)
4069 		return 0;
4070 
4071 	if (spidx0->prefs != spidx1->prefs
4072 	 || spidx0->prefd != spidx1->prefd
4073 	 || spidx0->ul_proto != spidx1->ul_proto)
4074 		return 0;
4075 
4076 	return key_sockaddrcmp(&spidx0->src.sa, &spidx1->src.sa, 1) == 0 &&
4077 	       key_sockaddrcmp(&spidx0->dst.sa, &spidx1->dst.sa, 1) == 0;
4078 }
4079 
4080 /*
4081  * compare two secindex structure with mask.
4082  * IN:
4083  *	spidx0: source, it is often in SPD.
4084  *	spidx1: object, it is often from IP header.
4085  * OUT:
4086  *	1 : equal
4087  *	0 : not equal
4088  */
4089 static int
4090 key_cmpspidx_withmask(struct secpolicyindex *spidx0,
4091     struct secpolicyindex *spidx1)
4092 {
4093 	/* sanity */
4094 	if (spidx0 == NULL && spidx1 == NULL)
4095 		return 1;
4096 
4097 	if (spidx0 == NULL || spidx1 == NULL)
4098 		return 0;
4099 
4100 	if (spidx0->src.sa.sa_family != spidx1->src.sa.sa_family ||
4101 	    spidx0->dst.sa.sa_family != spidx1->dst.sa.sa_family ||
4102 	    spidx0->src.sa.sa_len != spidx1->src.sa.sa_len ||
4103 	    spidx0->dst.sa.sa_len != spidx1->dst.sa.sa_len)
4104 		return 0;
4105 
4106 	/* if spidx.ul_proto == IPSEC_ULPROTO_ANY, ignore. */
4107 	if (spidx0->ul_proto != (u_int16_t)IPSEC_ULPROTO_ANY
4108 	 && spidx0->ul_proto != spidx1->ul_proto)
4109 		return 0;
4110 
4111 	switch (spidx0->src.sa.sa_family) {
4112 	case AF_INET:
4113 		if (spidx0->src.sin.sin_port != IPSEC_PORT_ANY
4114 		 && spidx0->src.sin.sin_port != spidx1->src.sin.sin_port)
4115 			return 0;
4116 		if (!key_bbcmp(&spidx0->src.sin.sin_addr,
4117 		    &spidx1->src.sin.sin_addr, spidx0->prefs))
4118 			return 0;
4119 		break;
4120 	case AF_INET6:
4121 		if (spidx0->src.sin6.sin6_port != IPSEC_PORT_ANY
4122 		 && spidx0->src.sin6.sin6_port != spidx1->src.sin6.sin6_port)
4123 			return 0;
4124 		/*
4125 		 * scope_id check. if sin6_scope_id is 0, we regard it
4126 		 * as a wildcard scope, which matches any scope zone ID.
4127 		 */
4128 		if (spidx0->src.sin6.sin6_scope_id &&
4129 		    spidx1->src.sin6.sin6_scope_id &&
4130 		    spidx0->src.sin6.sin6_scope_id != spidx1->src.sin6.sin6_scope_id)
4131 			return 0;
4132 		if (!key_bbcmp(&spidx0->src.sin6.sin6_addr,
4133 		    &spidx1->src.sin6.sin6_addr, spidx0->prefs))
4134 			return 0;
4135 		break;
4136 	default:
4137 		/* XXX */
4138 		if (bcmp(&spidx0->src, &spidx1->src, spidx0->src.sa.sa_len) != 0)
4139 			return 0;
4140 		break;
4141 	}
4142 
4143 	switch (spidx0->dst.sa.sa_family) {
4144 	case AF_INET:
4145 		if (spidx0->dst.sin.sin_port != IPSEC_PORT_ANY
4146 		 && spidx0->dst.sin.sin_port != spidx1->dst.sin.sin_port)
4147 			return 0;
4148 		if (!key_bbcmp(&spidx0->dst.sin.sin_addr,
4149 		    &spidx1->dst.sin.sin_addr, spidx0->prefd))
4150 			return 0;
4151 		break;
4152 	case AF_INET6:
4153 		if (spidx0->dst.sin6.sin6_port != IPSEC_PORT_ANY
4154 		 && spidx0->dst.sin6.sin6_port != spidx1->dst.sin6.sin6_port)
4155 			return 0;
4156 		/*
4157 		 * scope_id check. if sin6_scope_id is 0, we regard it
4158 		 * as a wildcard scope, which matches any scope zone ID.
4159 		 */
4160 		if (spidx0->dst.sin6.sin6_scope_id &&
4161 		    spidx1->dst.sin6.sin6_scope_id &&
4162 		    spidx0->dst.sin6.sin6_scope_id != spidx1->dst.sin6.sin6_scope_id)
4163 			return 0;
4164 		if (!key_bbcmp(&spidx0->dst.sin6.sin6_addr,
4165 		    &spidx1->dst.sin6.sin6_addr, spidx0->prefd))
4166 			return 0;
4167 		break;
4168 	default:
4169 		/* XXX */
4170 		if (bcmp(&spidx0->dst, &spidx1->dst, spidx0->dst.sa.sa_len) != 0)
4171 			return 0;
4172 		break;
4173 	}
4174 
4175 	/* XXX Do we check other field ?  e.g. flowinfo */
4176 
4177 	return 1;
4178 }
4179 
4180 #ifdef satosin
4181 #undef satosin
4182 #endif
4183 #define satosin(s) ((const struct sockaddr_in *)s)
4184 #ifdef satosin6
4185 #undef satosin6
4186 #endif
4187 #define satosin6(s) ((const struct sockaddr_in6 *)s)
4188 /* returns 0 on match */
4189 int
4190 key_sockaddrcmp(const struct sockaddr *sa1, const struct sockaddr *sa2,
4191     int port)
4192 {
4193 	if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
4194 		return 1;
4195 
4196 	switch (sa1->sa_family) {
4197 #ifdef INET
4198 	case AF_INET:
4199 		if (sa1->sa_len != sizeof(struct sockaddr_in))
4200 			return 1;
4201 		if (satosin(sa1)->sin_addr.s_addr !=
4202 		    satosin(sa2)->sin_addr.s_addr) {
4203 			return 1;
4204 		}
4205 		if (port && satosin(sa1)->sin_port != satosin(sa2)->sin_port)
4206 			return 1;
4207 		break;
4208 #endif
4209 #ifdef INET6
4210 	case AF_INET6:
4211 		if (sa1->sa_len != sizeof(struct sockaddr_in6))
4212 			return 1;	/*EINVAL*/
4213 		if (satosin6(sa1)->sin6_scope_id !=
4214 		    satosin6(sa2)->sin6_scope_id) {
4215 			return 1;
4216 		}
4217 		if (!IN6_ARE_ADDR_EQUAL(&satosin6(sa1)->sin6_addr,
4218 		    &satosin6(sa2)->sin6_addr)) {
4219 			return 1;
4220 		}
4221 		if (port &&
4222 		    satosin6(sa1)->sin6_port != satosin6(sa2)->sin6_port) {
4223 			return 1;
4224 		}
4225 		break;
4226 #endif
4227 	default:
4228 		if (bcmp(sa1, sa2, sa1->sa_len) != 0)
4229 			return 1;
4230 		break;
4231 	}
4232 
4233 	return 0;
4234 }
4235 
4236 /* returns 0 on match */
4237 int
4238 key_sockaddrcmp_withmask(const struct sockaddr *sa1,
4239     const struct sockaddr *sa2, size_t mask)
4240 {
4241 	if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
4242 		return (1);
4243 
4244 	switch (sa1->sa_family) {
4245 #ifdef INET
4246 	case AF_INET:
4247 		return (!key_bbcmp(&satosin(sa1)->sin_addr,
4248 		    &satosin(sa2)->sin_addr, mask));
4249 #endif
4250 #ifdef INET6
4251 	case AF_INET6:
4252 		if (satosin6(sa1)->sin6_scope_id !=
4253 		    satosin6(sa2)->sin6_scope_id)
4254 			return (1);
4255 		return (!key_bbcmp(&satosin6(sa1)->sin6_addr,
4256 		    &satosin6(sa2)->sin6_addr, mask));
4257 #endif
4258 	}
4259 	return (1);
4260 }
4261 #undef satosin
4262 #undef satosin6
4263 
4264 /*
4265  * compare two buffers with mask.
4266  * IN:
4267  *	addr1: source
4268  *	addr2: object
4269  *	bits:  Number of bits to compare
4270  * OUT:
4271  *	1 : equal
4272  *	0 : not equal
4273  */
4274 static int
4275 key_bbcmp(const void *a1, const void *a2, u_int bits)
4276 {
4277 	const unsigned char *p1 = a1;
4278 	const unsigned char *p2 = a2;
4279 
4280 	/* XXX: This could be considerably faster if we compare a word
4281 	 * at a time, but it is complicated on LSB Endian machines */
4282 
4283 	/* Handle null pointers */
4284 	if (p1 == NULL || p2 == NULL)
4285 		return (p1 == p2);
4286 
4287 	while (bits >= 8) {
4288 		if (*p1++ != *p2++)
4289 			return 0;
4290 		bits -= 8;
4291 	}
4292 
4293 	if (bits > 0) {
4294 		u_int8_t mask = ~((1<<(8-bits))-1);
4295 		if ((*p1 & mask) != (*p2 & mask))
4296 			return 0;
4297 	}
4298 	return 1;	/* Match! */
4299 }
4300 
4301 static void
4302 key_flush_spd(time_t now)
4303 {
4304 	SPTREE_RLOCK_TRACKER;
4305 	struct secpolicy_list drainq;
4306 	struct secpolicy *sp, *nextsp;
4307 	u_int dir;
4308 
4309 	LIST_INIT(&drainq);
4310 	SPTREE_RLOCK();
4311 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
4312 		TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
4313 			if (sp->lifetime == 0 && sp->validtime == 0)
4314 				continue;
4315 			if ((sp->lifetime &&
4316 			    now - sp->created > sp->lifetime) ||
4317 			    (sp->validtime &&
4318 			    now - sp->lastused > sp->validtime)) {
4319 				/* Hold extra reference to send SPDEXPIRE */
4320 				SP_ADDREF(sp);
4321 				LIST_INSERT_HEAD(&drainq, sp, drainq);
4322 			}
4323 		}
4324 	}
4325 	SPTREE_RUNLOCK();
4326 	if (LIST_EMPTY(&drainq))
4327 		return;
4328 
4329 	SPTREE_WLOCK();
4330 	sp = LIST_FIRST(&drainq);
4331 	while (sp != NULL) {
4332 		nextsp = LIST_NEXT(sp, drainq);
4333 		/* Check that SP is still linked */
4334 		if (sp->state != IPSEC_SPSTATE_ALIVE) {
4335 			LIST_REMOVE(sp, drainq);
4336 			key_freesp(&sp); /* release extra reference */
4337 			sp = nextsp;
4338 			continue;
4339 		}
4340 		TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain);
4341 		LIST_REMOVE(sp, idhash);
4342 		sp->state = IPSEC_SPSTATE_DEAD;
4343 		sp = nextsp;
4344 	}
4345 	V_sp_genid++;
4346 	SPTREE_WUNLOCK();
4347 
4348 	sp = LIST_FIRST(&drainq);
4349 	while (sp != NULL) {
4350 		nextsp = LIST_NEXT(sp, drainq);
4351 		key_spdexpire(sp);
4352 		key_freesp(&sp); /* release extra reference */
4353 		key_freesp(&sp); /* release last reference */
4354 		sp = nextsp;
4355 	}
4356 }
4357 
4358 static void
4359 key_flush_sad(time_t now)
4360 {
4361 	SAHTREE_RLOCK_TRACKER;
4362 	struct secashead_list emptyq;
4363 	struct secasvar_list drainq, hexpireq, sexpireq, freeq;
4364 	struct secashead *sah, *nextsah;
4365 	struct secasvar *sav, *nextsav;
4366 
4367 	LIST_INIT(&drainq);
4368 	LIST_INIT(&hexpireq);
4369 	LIST_INIT(&sexpireq);
4370 	LIST_INIT(&emptyq);
4371 
4372 	SAHTREE_RLOCK();
4373 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
4374 		/* Check for empty SAH */
4375 		if (TAILQ_EMPTY(&sah->savtree_larval) &&
4376 		    TAILQ_EMPTY(&sah->savtree_alive)) {
4377 			SAH_ADDREF(sah);
4378 			LIST_INSERT_HEAD(&emptyq, sah, drainq);
4379 			continue;
4380 		}
4381 		/* Add all stale LARVAL SAs into drainq */
4382 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
4383 			if (now - sav->created < V_key_larval_lifetime)
4384 				continue;
4385 			SAV_ADDREF(sav);
4386 			LIST_INSERT_HEAD(&drainq, sav, drainq);
4387 		}
4388 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
4389 			/* lifetimes aren't specified */
4390 			if (sav->lft_h == NULL)
4391 				continue;
4392 			SECASVAR_LOCK(sav);
4393 			/*
4394 			 * Check again with lock held, because it may
4395 			 * be updated by SADB_UPDATE.
4396 			 */
4397 			if (sav->lft_h == NULL) {
4398 				SECASVAR_UNLOCK(sav);
4399 				continue;
4400 			}
4401 			/*
4402 			 * RFC 2367:
4403 			 * HARD lifetimes MUST take precedence over SOFT
4404 			 * lifetimes, meaning if the HARD and SOFT lifetimes
4405 			 * are the same, the HARD lifetime will appear on the
4406 			 * EXPIRE message.
4407 			 */
4408 			/* check HARD lifetime */
4409 			if ((sav->lft_h->addtime != 0 &&
4410 			    now - sav->created > sav->lft_h->addtime) ||
4411 			    (sav->lft_h->usetime != 0 && sav->firstused &&
4412 			    now - sav->firstused > sav->lft_h->usetime) ||
4413 			    (sav->lft_h->bytes != 0 && counter_u64_fetch(
4414 			        sav->lft_c_bytes) > sav->lft_h->bytes)) {
4415 				SECASVAR_UNLOCK(sav);
4416 				SAV_ADDREF(sav);
4417 				LIST_INSERT_HEAD(&hexpireq, sav, drainq);
4418 				continue;
4419 			}
4420 			/* check SOFT lifetime (only for MATURE SAs) */
4421 			if (sav->state == SADB_SASTATE_MATURE && (
4422 			    (sav->lft_s->addtime != 0 &&
4423 			    now - sav->created > sav->lft_s->addtime) ||
4424 			    (sav->lft_s->usetime != 0 && sav->firstused &&
4425 			    now - sav->firstused > sav->lft_s->usetime) ||
4426 			    (sav->lft_s->bytes != 0 && counter_u64_fetch(
4427 				sav->lft_c_bytes) > sav->lft_s->bytes))) {
4428 				SECASVAR_UNLOCK(sav);
4429 				SAV_ADDREF(sav);
4430 				LIST_INSERT_HEAD(&sexpireq, sav, drainq);
4431 				continue;
4432 			}
4433 			SECASVAR_UNLOCK(sav);
4434 		}
4435 	}
4436 	SAHTREE_RUNLOCK();
4437 
4438 	if (LIST_EMPTY(&emptyq) && LIST_EMPTY(&drainq) &&
4439 	    LIST_EMPTY(&hexpireq) && LIST_EMPTY(&sexpireq))
4440 		return;
4441 
4442 	LIST_INIT(&freeq);
4443 	SAHTREE_WLOCK();
4444 	/* Unlink stale LARVAL SAs */
4445 	sav = LIST_FIRST(&drainq);
4446 	while (sav != NULL) {
4447 		nextsav = LIST_NEXT(sav, drainq);
4448 		/* Check that SA is still LARVAL */
4449 		if (sav->state != SADB_SASTATE_LARVAL) {
4450 			LIST_REMOVE(sav, drainq);
4451 			LIST_INSERT_HEAD(&freeq, sav, drainq);
4452 			sav = nextsav;
4453 			continue;
4454 		}
4455 		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
4456 		LIST_REMOVE(sav, spihash);
4457 		sav->state = SADB_SASTATE_DEAD;
4458 		sav = nextsav;
4459 	}
4460 	/* Unlink all SAs with expired HARD lifetime */
4461 	sav = LIST_FIRST(&hexpireq);
4462 	while (sav != NULL) {
4463 		nextsav = LIST_NEXT(sav, drainq);
4464 		/* Check that SA is not unlinked */
4465 		if (sav->state == SADB_SASTATE_DEAD) {
4466 			LIST_REMOVE(sav, drainq);
4467 			LIST_INSERT_HEAD(&freeq, sav, drainq);
4468 			sav = nextsav;
4469 			continue;
4470 		}
4471 		TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
4472 		LIST_REMOVE(sav, spihash);
4473 		sav->state = SADB_SASTATE_DEAD;
4474 		sav = nextsav;
4475 	}
4476 	/* Mark all SAs with expired SOFT lifetime as DYING */
4477 	sav = LIST_FIRST(&sexpireq);
4478 	while (sav != NULL) {
4479 		nextsav = LIST_NEXT(sav, drainq);
4480 		/* Check that SA is not unlinked */
4481 		if (sav->state == SADB_SASTATE_DEAD) {
4482 			LIST_REMOVE(sav, drainq);
4483 			LIST_INSERT_HEAD(&freeq, sav, drainq);
4484 			sav = nextsav;
4485 			continue;
4486 		}
4487 		/*
4488 		 * NOTE: this doesn't change SA order in the chain.
4489 		 */
4490 		sav->state = SADB_SASTATE_DYING;
4491 		sav = nextsav;
4492 	}
4493 	/* Unlink empty SAHs */
4494 	sah = LIST_FIRST(&emptyq);
4495 	while (sah != NULL) {
4496 		nextsah = LIST_NEXT(sah, drainq);
4497 		/* Check that SAH is still empty and not unlinked */
4498 		if (sah->state == SADB_SASTATE_DEAD ||
4499 		    !TAILQ_EMPTY(&sah->savtree_larval) ||
4500 		    !TAILQ_EMPTY(&sah->savtree_alive)) {
4501 			LIST_REMOVE(sah, drainq);
4502 			key_freesah(&sah); /* release extra reference */
4503 			sah = nextsah;
4504 			continue;
4505 		}
4506 		TAILQ_REMOVE(&V_sahtree, sah, chain);
4507 		LIST_REMOVE(sah, addrhash);
4508 		sah->state = SADB_SASTATE_DEAD;
4509 		sah = nextsah;
4510 	}
4511 	SAHTREE_WUNLOCK();
4512 
4513 	/* Send SPDEXPIRE messages */
4514 	sav = LIST_FIRST(&hexpireq);
4515 	while (sav != NULL) {
4516 		nextsav = LIST_NEXT(sav, drainq);
4517 		key_expire(sav, 1);
4518 		key_freesah(&sav->sah); /* release reference from SAV */
4519 		key_freesav(&sav); /* release extra reference */
4520 		key_freesav(&sav); /* release last reference */
4521 		sav = nextsav;
4522 	}
4523 	sav = LIST_FIRST(&sexpireq);
4524 	while (sav != NULL) {
4525 		nextsav = LIST_NEXT(sav, drainq);
4526 		key_expire(sav, 0);
4527 		key_freesav(&sav); /* release extra reference */
4528 		sav = nextsav;
4529 	}
4530 	/* Free stale LARVAL SAs */
4531 	sav = LIST_FIRST(&drainq);
4532 	while (sav != NULL) {
4533 		nextsav = LIST_NEXT(sav, drainq);
4534 		key_freesah(&sav->sah); /* release reference from SAV */
4535 		key_freesav(&sav); /* release extra reference */
4536 		key_freesav(&sav); /* release last reference */
4537 		sav = nextsav;
4538 	}
4539 	/* Free SAs that were unlinked/changed by someone else */
4540 	sav = LIST_FIRST(&freeq);
4541 	while (sav != NULL) {
4542 		nextsav = LIST_NEXT(sav, drainq);
4543 		key_freesav(&sav); /* release extra reference */
4544 		sav = nextsav;
4545 	}
4546 	/* Free empty SAH */
4547 	sah = LIST_FIRST(&emptyq);
4548 	while (sah != NULL) {
4549 		nextsah = LIST_NEXT(sah, drainq);
4550 		key_freesah(&sah); /* release extra reference */
4551 		key_freesah(&sah); /* release last reference */
4552 		sah = nextsah;
4553 	}
4554 }
4555 
4556 static void
4557 key_flush_acq(time_t now)
4558 {
4559 	struct secacq *acq, *nextacq;
4560 
4561 	/* ACQ tree */
4562 	ACQ_LOCK();
4563 	acq = LIST_FIRST(&V_acqtree);
4564 	while (acq != NULL) {
4565 		nextacq = LIST_NEXT(acq, chain);
4566 		if (now - acq->created > V_key_blockacq_lifetime) {
4567 			LIST_REMOVE(acq, chain);
4568 			LIST_REMOVE(acq, addrhash);
4569 			LIST_REMOVE(acq, seqhash);
4570 			free(acq, M_IPSEC_SAQ);
4571 		}
4572 		acq = nextacq;
4573 	}
4574 	ACQ_UNLOCK();
4575 }
4576 
4577 static void
4578 key_flush_spacq(time_t now)
4579 {
4580 	struct secspacq *acq, *nextacq;
4581 
4582 	/* SP ACQ tree */
4583 	SPACQ_LOCK();
4584 	for (acq = LIST_FIRST(&V_spacqtree); acq != NULL; acq = nextacq) {
4585 		nextacq = LIST_NEXT(acq, chain);
4586 		if (now - acq->created > V_key_blockacq_lifetime
4587 		 && __LIST_CHAINED(acq)) {
4588 			LIST_REMOVE(acq, chain);
4589 			free(acq, M_IPSEC_SAQ);
4590 		}
4591 	}
4592 	SPACQ_UNLOCK();
4593 }
4594 
4595 /*
4596  * time handler.
4597  * scanning SPD and SAD to check status for each entries,
4598  * and do to remove or to expire.
4599  * XXX: year 2038 problem may remain.
4600  */
4601 static void
4602 key_timehandler(void *arg)
4603 {
4604 	VNET_ITERATOR_DECL(vnet_iter);
4605 	time_t now = time_second;
4606 
4607 	VNET_LIST_RLOCK_NOSLEEP();
4608 	VNET_FOREACH(vnet_iter) {
4609 		CURVNET_SET(vnet_iter);
4610 		key_flush_spd(now);
4611 		key_flush_sad(now);
4612 		key_flush_acq(now);
4613 		key_flush_spacq(now);
4614 		CURVNET_RESTORE();
4615 	}
4616 	VNET_LIST_RUNLOCK_NOSLEEP();
4617 
4618 #ifndef IPSEC_DEBUG2
4619 	/* do exchange to tick time !! */
4620 	callout_schedule(&key_timer, hz);
4621 #endif /* IPSEC_DEBUG2 */
4622 }
4623 
4624 u_long
4625 key_random()
4626 {
4627 	u_long value;
4628 
4629 	key_randomfill(&value, sizeof(value));
4630 	return value;
4631 }
4632 
4633 void
4634 key_randomfill(void *p, size_t l)
4635 {
4636 	size_t n;
4637 	u_long v;
4638 	static int warn = 1;
4639 
4640 	n = 0;
4641 	n = (size_t)read_random(p, (u_int)l);
4642 	/* last resort */
4643 	while (n < l) {
4644 		v = random();
4645 		bcopy(&v, (u_int8_t *)p + n,
4646 		    l - n < sizeof(v) ? l - n : sizeof(v));
4647 		n += sizeof(v);
4648 
4649 		if (warn) {
4650 			printf("WARNING: pseudo-random number generator "
4651 			    "used for IPsec processing\n");
4652 			warn = 0;
4653 		}
4654 	}
4655 }
4656 
4657 /*
4658  * map SADB_SATYPE_* to IPPROTO_*.
4659  * if satype == SADB_SATYPE then satype is mapped to ~0.
4660  * OUT:
4661  *	0: invalid satype.
4662  */
4663 static uint8_t
4664 key_satype2proto(uint8_t satype)
4665 {
4666 	switch (satype) {
4667 	case SADB_SATYPE_UNSPEC:
4668 		return IPSEC_PROTO_ANY;
4669 	case SADB_SATYPE_AH:
4670 		return IPPROTO_AH;
4671 	case SADB_SATYPE_ESP:
4672 		return IPPROTO_ESP;
4673 	case SADB_X_SATYPE_IPCOMP:
4674 		return IPPROTO_IPCOMP;
4675 	case SADB_X_SATYPE_TCPSIGNATURE:
4676 		return IPPROTO_TCP;
4677 	default:
4678 		return 0;
4679 	}
4680 	/* NOTREACHED */
4681 }
4682 
4683 /*
4684  * map IPPROTO_* to SADB_SATYPE_*
4685  * OUT:
4686  *	0: invalid protocol type.
4687  */
4688 static uint8_t
4689 key_proto2satype(uint8_t proto)
4690 {
4691 	switch (proto) {
4692 	case IPPROTO_AH:
4693 		return SADB_SATYPE_AH;
4694 	case IPPROTO_ESP:
4695 		return SADB_SATYPE_ESP;
4696 	case IPPROTO_IPCOMP:
4697 		return SADB_X_SATYPE_IPCOMP;
4698 	case IPPROTO_TCP:
4699 		return SADB_X_SATYPE_TCPSIGNATURE;
4700 	default:
4701 		return 0;
4702 	}
4703 	/* NOTREACHED */
4704 }
4705 
4706 /* %%% PF_KEY */
4707 /*
4708  * SADB_GETSPI processing is to receive
4709  *	<base, (SA2), src address, dst address, (SPI range)>
4710  * from the IKMPd, to assign a unique spi value, to hang on the INBOUND
4711  * tree with the status of LARVAL, and send
4712  *	<base, SA(*), address(SD)>
4713  * to the IKMPd.
4714  *
4715  * IN:	mhp: pointer to the pointer to each header.
4716  * OUT:	NULL if fail.
4717  *	other if success, return pointer to the message to send.
4718  */
4719 static int
4720 key_getspi(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
4721 {
4722 	struct secasindex saidx;
4723 	struct sadb_address *src0, *dst0;
4724 	struct secasvar *sav;
4725 	uint32_t reqid, spi;
4726 	int error;
4727 	uint8_t mode, proto;
4728 
4729 	IPSEC_ASSERT(so != NULL, ("null socket"));
4730 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
4731 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
4732 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
4733 
4734 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
4735 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST)
4736 #ifdef PFKEY_STRICT_CHECKS
4737 	    || SADB_CHECKHDR(mhp, SADB_EXT_SPIRANGE)
4738 #endif
4739 	    ) {
4740 		ipseclog((LOG_DEBUG,
4741 		    "%s: invalid message: missing required header.\n",
4742 		    __func__));
4743 		error = EINVAL;
4744 		goto fail;
4745 	}
4746 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
4747 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)
4748 #ifdef PFKEY_STRICT_CHECKS
4749 	    || SADB_CHECKLEN(mhp, SADB_EXT_SPIRANGE)
4750 #endif
4751 	    ) {
4752 		ipseclog((LOG_DEBUG,
4753 		    "%s: invalid message: wrong header size.\n", __func__));
4754 		error = EINVAL;
4755 		goto fail;
4756 	}
4757 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
4758 		mode = IPSEC_MODE_ANY;
4759 		reqid = 0;
4760 	} else {
4761 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
4762 			ipseclog((LOG_DEBUG,
4763 			    "%s: invalid message: wrong header size.\n",
4764 			    __func__));
4765 			error = EINVAL;
4766 			goto fail;
4767 		}
4768 		mode = ((struct sadb_x_sa2 *)
4769 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
4770 		reqid = ((struct sadb_x_sa2 *)
4771 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
4772 	}
4773 
4774 	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
4775 	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
4776 
4777 	/* map satype to proto */
4778 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
4779 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
4780 			__func__));
4781 		error = EINVAL;
4782 		goto fail;
4783 	}
4784 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
4785 	    (struct sockaddr *)(dst0 + 1));
4786 	if (error != 0) {
4787 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
4788 		error = EINVAL;
4789 		goto fail;
4790 	}
4791 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
4792 
4793 	/* SPI allocation */
4794 	spi = key_do_getnewspi(
4795 	    (struct sadb_spirange *)mhp->ext[SADB_EXT_SPIRANGE], &saidx);
4796 	if (spi == 0) {
4797 		/*
4798 		 * Requested SPI or SPI range is not available or
4799 		 * already used.
4800 		 */
4801 		error = EEXIST;
4802 		goto fail;
4803 	}
4804 	sav = key_newsav(mhp, &saidx, spi, &error);
4805 	if (sav == NULL)
4806 		goto fail;
4807 
4808 	if (sav->seq != 0) {
4809 		/*
4810 		 * RFC2367:
4811 		 * If the SADB_GETSPI message is in response to a
4812 		 * kernel-generated SADB_ACQUIRE, the sadb_msg_seq
4813 		 * MUST be the same as the SADB_ACQUIRE message.
4814 		 *
4815 		 * XXXAE: However it doesn't definethe behaviour how to
4816 		 * check this and what to do if it doesn't match.
4817 		 * Also what we should do if it matches?
4818 		 *
4819 		 * We can compare saidx used in SADB_ACQUIRE with saidx
4820 		 * used in SADB_GETSPI, but this probably can break
4821 		 * existing software. For now just warn if it doesn't match.
4822 		 *
4823 		 * XXXAE: anyway it looks useless.
4824 		 */
4825 		key_acqdone(&saidx, sav->seq);
4826 	}
4827 	KEYDBG(KEY_STAMP,
4828 	    printf("%s: SA(%p)\n", __func__, sav));
4829 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
4830 
4831     {
4832 	struct mbuf *n, *nn;
4833 	struct sadb_sa *m_sa;
4834 	struct sadb_msg *newmsg;
4835 	int off, len;
4836 
4837 	/* create new sadb_msg to reply. */
4838 	len = PFKEY_ALIGN8(sizeof(struct sadb_msg)) +
4839 	    PFKEY_ALIGN8(sizeof(struct sadb_sa));
4840 
4841 	MGETHDR(n, M_NOWAIT, MT_DATA);
4842 	if (len > MHLEN) {
4843 		if (!(MCLGET(n, M_NOWAIT))) {
4844 			m_freem(n);
4845 			n = NULL;
4846 		}
4847 	}
4848 	if (!n) {
4849 		error = ENOBUFS;
4850 		goto fail;
4851 	}
4852 
4853 	n->m_len = len;
4854 	n->m_next = NULL;
4855 	off = 0;
4856 
4857 	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
4858 	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
4859 
4860 	m_sa = (struct sadb_sa *)(mtod(n, caddr_t) + off);
4861 	m_sa->sadb_sa_len = PFKEY_UNIT64(sizeof(struct sadb_sa));
4862 	m_sa->sadb_sa_exttype = SADB_EXT_SA;
4863 	m_sa->sadb_sa_spi = spi; /* SPI is already in network byte order */
4864 	off += PFKEY_ALIGN8(sizeof(struct sadb_sa));
4865 
4866 	IPSEC_ASSERT(off == len,
4867 		("length inconsistency (off %u len %u)", off, len));
4868 
4869 	n->m_next = key_gather_mbuf(m, mhp, 0, 2, SADB_EXT_ADDRESS_SRC,
4870 	    SADB_EXT_ADDRESS_DST);
4871 	if (!n->m_next) {
4872 		m_freem(n);
4873 		error = ENOBUFS;
4874 		goto fail;
4875 	}
4876 
4877 	if (n->m_len < sizeof(struct sadb_msg)) {
4878 		n = m_pullup(n, sizeof(struct sadb_msg));
4879 		if (n == NULL)
4880 			return key_sendup_mbuf(so, m, KEY_SENDUP_ONE);
4881 	}
4882 
4883 	n->m_pkthdr.len = 0;
4884 	for (nn = n; nn; nn = nn->m_next)
4885 		n->m_pkthdr.len += nn->m_len;
4886 
4887 	newmsg = mtod(n, struct sadb_msg *);
4888 	newmsg->sadb_msg_seq = sav->seq;
4889 	newmsg->sadb_msg_errno = 0;
4890 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
4891 
4892 	m_freem(m);
4893 	return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
4894     }
4895 
4896 fail:
4897 	return (key_senderror(so, m, error));
4898 }
4899 
4900 /*
4901  * allocating new SPI
4902  * called by key_getspi().
4903  * OUT:
4904  *	0:	failure.
4905  *	others: success, SPI in network byte order.
4906  */
4907 static uint32_t
4908 key_do_getnewspi(struct sadb_spirange *spirange, struct secasindex *saidx)
4909 {
4910 	uint32_t min, max, newspi, t;
4911 	int count = V_key_spi_trycnt;
4912 
4913 	/* set spi range to allocate */
4914 	if (spirange != NULL) {
4915 		min = spirange->sadb_spirange_min;
4916 		max = spirange->sadb_spirange_max;
4917 	} else {
4918 		min = V_key_spi_minval;
4919 		max = V_key_spi_maxval;
4920 	}
4921 	/* IPCOMP needs 2-byte SPI */
4922 	if (saidx->proto == IPPROTO_IPCOMP) {
4923 		if (min >= 0x10000)
4924 			min = 0xffff;
4925 		if (max >= 0x10000)
4926 			max = 0xffff;
4927 		if (min > max) {
4928 			t = min; min = max; max = t;
4929 		}
4930 	}
4931 
4932 	if (min == max) {
4933 		if (!key_checkspidup(htonl(min))) {
4934 			ipseclog((LOG_DEBUG, "%s: SPI %u exists already.\n",
4935 			    __func__, min));
4936 			return 0;
4937 		}
4938 
4939 		count--; /* taking one cost. */
4940 		newspi = min;
4941 	} else {
4942 
4943 		/* init SPI */
4944 		newspi = 0;
4945 
4946 		/* when requesting to allocate spi ranged */
4947 		while (count--) {
4948 			/* generate pseudo-random SPI value ranged. */
4949 			newspi = min + (key_random() % (max - min + 1));
4950 			if (!key_checkspidup(htonl(newspi)))
4951 				break;
4952 		}
4953 
4954 		if (count == 0 || newspi == 0) {
4955 			ipseclog((LOG_DEBUG,
4956 			    "%s: failed to allocate SPI.\n", __func__));
4957 			return 0;
4958 		}
4959 	}
4960 
4961 	/* statistics */
4962 	keystat.getspi_count =
4963 	    (keystat.getspi_count + V_key_spi_trycnt - count) / 2;
4964 
4965 	return (htonl(newspi));
4966 }
4967 
4968 /*
4969  * Find TCP-MD5 SA with corresponding secasindex.
4970  * If not found, return NULL and fill SPI with usable value if needed.
4971  */
4972 static struct secasvar *
4973 key_getsav_tcpmd5(struct secasindex *saidx, uint32_t *spi)
4974 {
4975 	SAHTREE_RLOCK_TRACKER;
4976 	struct secashead *sah;
4977 	struct secasvar *sav;
4978 
4979 	IPSEC_ASSERT(saidx->proto == IPPROTO_TCP, ("wrong proto"));
4980 	SAHTREE_RLOCK();
4981 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
4982 		if (sah->saidx.proto != IPPROTO_TCP)
4983 			continue;
4984 		if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
4985 		    !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
4986 			break;
4987 	}
4988 	if (sah != NULL) {
4989 		if (V_key_preferred_oldsa)
4990 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
4991 		else
4992 			sav = TAILQ_FIRST(&sah->savtree_alive);
4993 		if (sav != NULL) {
4994 			SAV_ADDREF(sav);
4995 			SAHTREE_RUNLOCK();
4996 			return (sav);
4997 		}
4998 	}
4999 	if (spi == NULL) {
5000 		/* No SPI required */
5001 		SAHTREE_RUNLOCK();
5002 		return (NULL);
5003 	}
5004 	/* Check that SPI is unique */
5005 	LIST_FOREACH(sav, SAVHASH_HASH(*spi), spihash) {
5006 		if (sav->spi == *spi)
5007 			break;
5008 	}
5009 	if (sav == NULL) {
5010 		SAHTREE_RUNLOCK();
5011 		/* SPI is already unique */
5012 		return (NULL);
5013 	}
5014 	SAHTREE_RUNLOCK();
5015 	/* XXX: not optimal */
5016 	*spi = key_do_getnewspi(NULL, saidx);
5017 	return (NULL);
5018 }
5019 
5020 static int
5021 key_updateaddresses(struct socket *so, struct mbuf *m,
5022     const struct sadb_msghdr *mhp, struct secasvar *sav,
5023     struct secasindex *saidx)
5024 {
5025 	struct sockaddr *newaddr;
5026 	struct secashead *sah;
5027 	struct secasvar *newsav, *tmp;
5028 	struct mbuf *n;
5029 	int error, isnew;
5030 
5031 	/* Check that we need to change SAH */
5032 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC)) {
5033 		newaddr = (struct sockaddr *)(
5034 		    ((struct sadb_address *)
5035 		    mhp->ext[SADB_X_EXT_NEW_ADDRESS_SRC]) + 1);
5036 		bcopy(newaddr, &saidx->src, newaddr->sa_len);
5037 		key_porttosaddr(&saidx->src.sa, 0);
5038 	}
5039 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST)) {
5040 		newaddr = (struct sockaddr *)(
5041 		    ((struct sadb_address *)
5042 		    mhp->ext[SADB_X_EXT_NEW_ADDRESS_DST]) + 1);
5043 		bcopy(newaddr, &saidx->dst, newaddr->sa_len);
5044 		key_porttosaddr(&saidx->dst.sa, 0);
5045 	}
5046 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC) ||
5047 	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST)) {
5048 		error = key_checksockaddrs(&saidx->src.sa, &saidx->dst.sa);
5049 		if (error != 0) {
5050 			ipseclog((LOG_DEBUG, "%s: invalid new sockaddr.\n",
5051 			    __func__));
5052 			return (error);
5053 		}
5054 
5055 		sah = key_getsah(saidx);
5056 		if (sah == NULL) {
5057 			/* create a new SA index */
5058 			sah = key_newsah(saidx);
5059 			if (sah == NULL) {
5060 				ipseclog((LOG_DEBUG,
5061 				    "%s: No more memory.\n", __func__));
5062 				return (ENOBUFS);
5063 			}
5064 			isnew = 2; /* SAH is new */
5065 		} else
5066 			isnew = 1; /* existing SAH is referenced */
5067 	} else {
5068 		/*
5069 		 * src and dst addresses are still the same.
5070 		 * Do we want to change NAT-T config?
5071 		 */
5072 		if (sav->sah->saidx.proto != IPPROTO_ESP ||
5073 		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5074 		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_SPORT) ||
5075 		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5076 			ipseclog((LOG_DEBUG,
5077 			    "%s: invalid message: missing required header.\n",
5078 			    __func__));
5079 			return (EINVAL);
5080 		}
5081 		/* We hold reference to SA, thus SAH will be referenced too. */
5082 		sah = sav->sah;
5083 		isnew = 0;
5084 	}
5085 
5086 	newsav = malloc(sizeof(struct secasvar), M_IPSEC_SA,
5087 	    M_NOWAIT | M_ZERO);
5088 	if (newsav == NULL) {
5089 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5090 		error = ENOBUFS;
5091 		goto fail;
5092 	}
5093 
5094 	/* Clone SA's content into newsav */
5095 	SAV_INITREF(newsav);
5096 	bcopy(sav, newsav, offsetof(struct secasvar, chain));
5097 	/*
5098 	 * We create new NAT-T config if it is needed.
5099 	 * Old NAT-T config will be freed by key_cleansav() when
5100 	 * last reference to SA will be released.
5101 	 */
5102 	newsav->natt = NULL;
5103 	newsav->sah = sah;
5104 	newsav->state = SADB_SASTATE_MATURE;
5105 	error = key_setnatt(newsav, mhp);
5106 	if (error != 0)
5107 		goto fail;
5108 
5109 	SAHTREE_WLOCK();
5110 	/* Check that SA is still alive */
5111 	if (sav->state == SADB_SASTATE_DEAD) {
5112 		/* SA was unlinked */
5113 		SAHTREE_WUNLOCK();
5114 		error = ESRCH;
5115 		goto fail;
5116 	}
5117 
5118 	/* Unlink SA from SAH and SPI hash */
5119 	IPSEC_ASSERT((sav->flags & SADB_X_EXT_F_CLONED) == 0,
5120 	    ("SA is already cloned"));
5121 	IPSEC_ASSERT(sav->state == SADB_SASTATE_MATURE ||
5122 	    sav->state == SADB_SASTATE_DYING,
5123 	    ("Wrong SA state %u\n", sav->state));
5124 	TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
5125 	LIST_REMOVE(sav, spihash);
5126 	sav->state = SADB_SASTATE_DEAD;
5127 
5128 	/*
5129 	 * Link new SA with SAH. Keep SAs ordered by
5130 	 * create time (newer are first).
5131 	 */
5132 	TAILQ_FOREACH(tmp, &sah->savtree_alive, chain) {
5133 		if (newsav->created > tmp->created) {
5134 			TAILQ_INSERT_BEFORE(tmp, newsav, chain);
5135 			break;
5136 		}
5137 	}
5138 	if (tmp == NULL)
5139 		TAILQ_INSERT_TAIL(&sah->savtree_alive, newsav, chain);
5140 
5141 	/* Add new SA into SPI hash. */
5142 	LIST_INSERT_HEAD(SAVHASH_HASH(newsav->spi), newsav, spihash);
5143 
5144 	/* Add new SAH into SADB. */
5145 	if (isnew == 2) {
5146 		TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
5147 		LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
5148 		sah->state = SADB_SASTATE_MATURE;
5149 		SAH_ADDREF(sah); /* newsav references new SAH */
5150 	}
5151 	/*
5152 	 * isnew == 1 -> @sah was referenced by key_getsah().
5153 	 * isnew == 0 -> we use the same @sah, that was used by @sav,
5154 	 *	and we use its reference for @newsav.
5155 	 */
5156 	SECASVAR_LOCK(sav);
5157 	/* XXX: replace cntr with pointer? */
5158 	newsav->cntr = sav->cntr;
5159 	sav->flags |= SADB_X_EXT_F_CLONED;
5160 	SECASVAR_UNLOCK(sav);
5161 
5162 	SAHTREE_WUNLOCK();
5163 
5164 	KEYDBG(KEY_STAMP,
5165 	    printf("%s: SA(%p) cloned into SA(%p)\n",
5166 	    __func__, sav, newsav));
5167 	KEYDBG(KEY_DATA, kdebug_secasv(newsav));
5168 
5169 	key_freesav(&sav); /* release last reference */
5170 
5171 	/* set msg buf from mhp */
5172 	n = key_getmsgbuf_x1(m, mhp);
5173 	if (n == NULL) {
5174 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5175 		return (ENOBUFS);
5176 	}
5177 	m_freem(m);
5178 	key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5179 	return (0);
5180 fail:
5181 	if (isnew != 0)
5182 		key_freesah(&sah);
5183 	if (newsav != NULL) {
5184 		if (newsav->natt != NULL)
5185 			free(newsav->natt, M_IPSEC_MISC);
5186 		free(newsav, M_IPSEC_SA);
5187 	}
5188 	return (error);
5189 }
5190 
5191 /*
5192  * SADB_UPDATE processing
5193  * receive
5194  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5195  *       key(AE), (identity(SD),) (sensitivity)>
5196  * from the ikmpd, and update a secasvar entry whose status is SADB_SASTATE_LARVAL.
5197  * and send
5198  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5199  *       (identity(SD),) (sensitivity)>
5200  * to the ikmpd.
5201  *
5202  * m will always be freed.
5203  */
5204 static int
5205 key_update(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5206 {
5207 	struct secasindex saidx;
5208 	struct sadb_address *src0, *dst0;
5209 	struct sadb_sa *sa0;
5210 	struct secasvar *sav;
5211 	uint32_t reqid;
5212 	int error;
5213 	uint8_t mode, proto;
5214 
5215 	IPSEC_ASSERT(so != NULL, ("null socket"));
5216 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5217 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5218 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5219 
5220 	/* map satype to proto */
5221 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5222 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5223 		    __func__));
5224 		return key_senderror(so, m, EINVAL);
5225 	}
5226 
5227 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
5228 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5229 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5230 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
5231 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
5232 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
5233 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
5234 		ipseclog((LOG_DEBUG,
5235 		    "%s: invalid message: missing required header.\n",
5236 		    __func__));
5237 		return key_senderror(so, m, EINVAL);
5238 	}
5239 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
5240 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5241 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5242 		ipseclog((LOG_DEBUG,
5243 		    "%s: invalid message: wrong header size.\n", __func__));
5244 		return key_senderror(so, m, EINVAL);
5245 	}
5246 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
5247 		mode = IPSEC_MODE_ANY;
5248 		reqid = 0;
5249 	} else {
5250 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
5251 			ipseclog((LOG_DEBUG,
5252 			    "%s: invalid message: wrong header size.\n",
5253 			    __func__));
5254 			return key_senderror(so, m, EINVAL);
5255 		}
5256 		mode = ((struct sadb_x_sa2 *)
5257 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
5258 		reqid = ((struct sadb_x_sa2 *)
5259 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
5260 	}
5261 
5262 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5263 	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
5264 	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
5265 
5266 	/*
5267 	 * Only SADB_SASTATE_MATURE SAs may be submitted in an
5268 	 * SADB_UPDATE message.
5269 	 */
5270 	if (sa0->sadb_sa_state != SADB_SASTATE_MATURE) {
5271 		ipseclog((LOG_DEBUG, "%s: invalid state.\n", __func__));
5272 #ifdef PFKEY_STRICT_CHECKS
5273 		return key_senderror(so, m, EINVAL);
5274 #endif
5275 	}
5276 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
5277 	    (struct sockaddr *)(dst0 + 1));
5278 	if (error != 0) {
5279 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5280 		return key_senderror(so, m, error);
5281 	}
5282 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
5283 	sav = key_getsavbyspi(sa0->sadb_sa_spi);
5284 	if (sav == NULL) {
5285 		ipseclog((LOG_DEBUG, "%s: no SA found for SPI %u\n",
5286 		    __func__, ntohl(sa0->sadb_sa_spi)));
5287 		return key_senderror(so, m, EINVAL);
5288 	}
5289 	/*
5290 	 * Check that SADB_UPDATE issued by the same process that did
5291 	 * SADB_GETSPI or SADB_ADD.
5292 	 */
5293 	if (sav->pid != mhp->msg->sadb_msg_pid) {
5294 		ipseclog((LOG_DEBUG,
5295 		    "%s: pid mismatched (SPI %u, pid %u vs. %u)\n", __func__,
5296 		    ntohl(sav->spi), sav->pid, mhp->msg->sadb_msg_pid));
5297 		key_freesav(&sav);
5298 		return key_senderror(so, m, EINVAL);
5299 	}
5300 	/* saidx should match with SA. */
5301 	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_MODE_REQID) == 0) {
5302 		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u",
5303 		    __func__, ntohl(sav->spi)));
5304 		key_freesav(&sav);
5305 		return key_senderror(so, m, ESRCH);
5306 	}
5307 
5308 	if (sav->state == SADB_SASTATE_LARVAL) {
5309 		if ((mhp->msg->sadb_msg_satype == SADB_SATYPE_ESP &&
5310 		    SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT)) ||
5311 		    (mhp->msg->sadb_msg_satype == SADB_SATYPE_AH &&
5312 		    SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH))) {
5313 			ipseclog((LOG_DEBUG,
5314 			    "%s: invalid message: missing required header.\n",
5315 			    __func__));
5316 			key_freesav(&sav);
5317 			return key_senderror(so, m, EINVAL);
5318 		}
5319 		/*
5320 		 * We can set any values except src, dst and SPI.
5321 		 */
5322 		error = key_setsaval(sav, mhp);
5323 		if (error != 0) {
5324 			key_freesav(&sav);
5325 			return (key_senderror(so, m, error));
5326 		}
5327 		/* Change SA state to MATURE */
5328 		SAHTREE_WLOCK();
5329 		if (sav->state != SADB_SASTATE_LARVAL) {
5330 			/* SA was deleted or another thread made it MATURE. */
5331 			SAHTREE_WUNLOCK();
5332 			key_freesav(&sav);
5333 			return (key_senderror(so, m, ESRCH));
5334 		}
5335 		/*
5336 		 * NOTE: we keep SAs in savtree_alive ordered by created
5337 		 * time. When SA's state changed from LARVAL to MATURE,
5338 		 * we update its created time in key_setsaval() and move
5339 		 * it into head of savtree_alive.
5340 		 */
5341 		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
5342 		TAILQ_INSERT_HEAD(&sav->sah->savtree_alive, sav, chain);
5343 		sav->state = SADB_SASTATE_MATURE;
5344 		SAHTREE_WUNLOCK();
5345 	} else {
5346 		/*
5347 		 * For DYING and MATURE SA we can change only state
5348 		 * and lifetimes. Report EINVAL if something else attempted
5349 		 * to change.
5350 		 */
5351 		if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT) ||
5352 		    !SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH)) {
5353 			key_freesav(&sav);
5354 			return (key_senderror(so, m, EINVAL));
5355 		}
5356 		error = key_updatelifetimes(sav, mhp);
5357 		if (error != 0) {
5358 			key_freesav(&sav);
5359 			return (key_senderror(so, m, error));
5360 		}
5361 		/*
5362 		 * This is FreeBSD extension to RFC2367.
5363 		 * IKEd can specify SADB_X_EXT_NEW_ADDRESS_SRC and/or
5364 		 * SADB_X_EXT_NEW_ADDRESS_DST when it wants to change
5365 		 * SA addresses (for example to implement MOBIKE protocol
5366 		 * as described in RFC4555). Also we allow to change
5367 		 * NAT-T config.
5368 		 */
5369 		if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC) ||
5370 		    !SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST) ||
5371 		    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5372 		    sav->natt != NULL) {
5373 			error = key_updateaddresses(so, m, mhp, sav, &saidx);
5374 			key_freesav(&sav);
5375 			if (error != 0)
5376 				return (key_senderror(so, m, error));
5377 			return (0);
5378 		}
5379 		/* Check that SA is still alive */
5380 		SAHTREE_WLOCK();
5381 		if (sav->state == SADB_SASTATE_DEAD) {
5382 			/* SA was unlinked */
5383 			SAHTREE_WUNLOCK();
5384 			key_freesav(&sav);
5385 			return (key_senderror(so, m, ESRCH));
5386 		}
5387 		/*
5388 		 * NOTE: there is possible state moving from DYING to MATURE,
5389 		 * but this doesn't change created time, so we won't reorder
5390 		 * this SA.
5391 		 */
5392 		sav->state = SADB_SASTATE_MATURE;
5393 		SAHTREE_WUNLOCK();
5394 	}
5395 	KEYDBG(KEY_STAMP,
5396 	    printf("%s: SA(%p)\n", __func__, sav));
5397 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5398 	key_freesav(&sav);
5399 
5400     {
5401 	struct mbuf *n;
5402 
5403 	/* set msg buf from mhp */
5404 	n = key_getmsgbuf_x1(m, mhp);
5405 	if (n == NULL) {
5406 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5407 		return key_senderror(so, m, ENOBUFS);
5408 	}
5409 
5410 	m_freem(m);
5411 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5412     }
5413 }
5414 
5415 /*
5416  * SADB_ADD processing
5417  * add an entry to SA database, when received
5418  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5419  *       key(AE), (identity(SD),) (sensitivity)>
5420  * from the ikmpd,
5421  * and send
5422  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5423  *       (identity(SD),) (sensitivity)>
5424  * to the ikmpd.
5425  *
5426  * IGNORE identity and sensitivity messages.
5427  *
5428  * m will always be freed.
5429  */
5430 static int
5431 key_add(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5432 {
5433 	struct secasindex saidx;
5434 	struct sadb_address *src0, *dst0;
5435 	struct sadb_sa *sa0;
5436 	struct secasvar *sav;
5437 	uint32_t reqid, spi;
5438 	uint8_t mode, proto;
5439 	int error;
5440 
5441 	IPSEC_ASSERT(so != NULL, ("null socket"));
5442 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5443 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5444 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5445 
5446 	/* map satype to proto */
5447 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5448 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5449 		    __func__));
5450 		return key_senderror(so, m, EINVAL);
5451 	}
5452 
5453 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
5454 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5455 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5456 	    (mhp->msg->sadb_msg_satype == SADB_SATYPE_ESP && (
5457 		SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT) ||
5458 		SADB_CHECKLEN(mhp, SADB_EXT_KEY_ENCRYPT))) ||
5459 	    (mhp->msg->sadb_msg_satype == SADB_SATYPE_AH && (
5460 		SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH) ||
5461 		SADB_CHECKLEN(mhp, SADB_EXT_KEY_AUTH))) ||
5462 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
5463 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
5464 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
5465 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
5466 		ipseclog((LOG_DEBUG,
5467 		    "%s: invalid message: missing required header.\n",
5468 		    __func__));
5469 		return key_senderror(so, m, EINVAL);
5470 	}
5471 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
5472 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5473 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5474 		ipseclog((LOG_DEBUG,
5475 		    "%s: invalid message: wrong header size.\n", __func__));
5476 		return key_senderror(so, m, EINVAL);
5477 	}
5478 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
5479 		mode = IPSEC_MODE_ANY;
5480 		reqid = 0;
5481 	} else {
5482 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
5483 			ipseclog((LOG_DEBUG,
5484 			    "%s: invalid message: wrong header size.\n",
5485 			    __func__));
5486 			return key_senderror(so, m, EINVAL);
5487 		}
5488 		mode = ((struct sadb_x_sa2 *)
5489 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
5490 		reqid = ((struct sadb_x_sa2 *)
5491 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
5492 	}
5493 
5494 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5495 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
5496 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
5497 
5498 	/*
5499 	 * Only SADB_SASTATE_MATURE SAs may be submitted in an
5500 	 * SADB_ADD message.
5501 	 */
5502 	if (sa0->sadb_sa_state != SADB_SASTATE_MATURE) {
5503 		ipseclog((LOG_DEBUG, "%s: invalid state.\n", __func__));
5504 #ifdef PFKEY_STRICT_CHECKS
5505 		return key_senderror(so, m, EINVAL);
5506 #endif
5507 	}
5508 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
5509 	    (struct sockaddr *)(dst0 + 1));
5510 	if (error != 0) {
5511 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5512 		return key_senderror(so, m, error);
5513 	}
5514 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
5515 	spi = sa0->sadb_sa_spi;
5516 	/*
5517 	 * For TCP-MD5 SAs we don't use SPI. Check the uniqueness using
5518 	 * secasindex.
5519 	 * XXXAE: IPComp seems also doesn't use SPI.
5520 	 */
5521 	if (proto == IPPROTO_TCP) {
5522 		sav = key_getsav_tcpmd5(&saidx, &spi);
5523 		if (sav == NULL && spi == 0) {
5524 			/* Failed to allocate SPI */
5525 			ipseclog((LOG_DEBUG, "%s: SA already exists.\n",
5526 			    __func__));
5527 			return key_senderror(so, m, EEXIST);
5528 		}
5529 		/* XXX: SPI that we report back can have another value */
5530 	} else {
5531 		/* We can create new SA only if SPI is different. */
5532 		sav = key_getsavbyspi(spi);
5533 	}
5534 	if (sav != NULL) {
5535 		key_freesav(&sav);
5536 		ipseclog((LOG_DEBUG, "%s: SA already exists.\n", __func__));
5537 		return key_senderror(so, m, EEXIST);
5538 	}
5539 
5540 	sav = key_newsav(mhp, &saidx, spi, &error);
5541 	if (sav == NULL)
5542 		return key_senderror(so, m, error);
5543 	KEYDBG(KEY_STAMP,
5544 	    printf("%s: return SA(%p)\n", __func__, sav));
5545 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5546 	/*
5547 	 * If SADB_ADD was in response to SADB_ACQUIRE, we need to schedule
5548 	 * ACQ for deletion.
5549 	 */
5550 	if (sav->seq != 0)
5551 		key_acqdone(&saidx, sav->seq);
5552 
5553     {
5554 	/*
5555 	 * Don't call key_freesav() on error here, as we would like to
5556 	 * keep the SA in the database.
5557 	 */
5558 	struct mbuf *n;
5559 
5560 	/* set msg buf from mhp */
5561 	n = key_getmsgbuf_x1(m, mhp);
5562 	if (n == NULL) {
5563 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5564 		return key_senderror(so, m, ENOBUFS);
5565 	}
5566 
5567 	m_freem(m);
5568 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5569     }
5570 }
5571 
5572 /*
5573  * NAT-T support.
5574  * IKEd may request the use ESP in UDP encapsulation when it detects the
5575  * presence of NAT. It uses NAT-T extension headers for such SAs to specify
5576  * parameters needed for encapsulation and decapsulation. These PF_KEY
5577  * extension headers are not standardized, so this comment addresses our
5578  * implementation.
5579  * SADB_X_EXT_NAT_T_TYPE specifies type of encapsulation, we support only
5580  * UDP_ENCAP_ESPINUDP as described in RFC3948.
5581  * SADB_X_EXT_NAT_T_SPORT/DPORT specifies source and destination ports for
5582  * UDP header. We use these ports in UDP encapsulation procedure, also we
5583  * can check them in UDP decapsulation procedure.
5584  * SADB_X_EXT_NAT_T_OA[IR] specifies original address of initiator or
5585  * responder. These addresses can be used for transport mode to adjust
5586  * checksum after decapsulation and decryption. Since original IP addresses
5587  * used by peer usually different (we detected presence of NAT), TCP/UDP
5588  * pseudo header checksum and IP header checksum was calculated using original
5589  * addresses. After decapsulation and decryption we need to adjust checksum
5590  * to have correct datagram.
5591  *
5592  * We expect presence of NAT-T extension headers only in SADB_ADD and
5593  * SADB_UPDATE messages. We report NAT-T extension headers in replies
5594  * to SADB_ADD, SADB_UPDATE, SADB_GET, and SADB_DUMP messages.
5595  */
5596 static int
5597 key_setnatt(struct secasvar *sav, const struct sadb_msghdr *mhp)
5598 {
5599 	struct sadb_x_nat_t_port *port;
5600 	struct sadb_x_nat_t_type *type;
5601 	struct sadb_address *oai, *oar;
5602 	struct sockaddr *sa;
5603 	uint32_t addr;
5604 	uint16_t cksum;
5605 
5606 	IPSEC_ASSERT(sav->natt == NULL, ("natt is already initialized"));
5607 	/*
5608 	 * Ignore NAT-T headers if sproto isn't ESP.
5609 	 */
5610 	if (sav->sah->saidx.proto != IPPROTO_ESP)
5611 		return (0);
5612 
5613 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) &&
5614 	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_SPORT) &&
5615 	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5616 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5617 		    SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_SPORT) ||
5618 		    SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5619 			ipseclog((LOG_DEBUG,
5620 			    "%s: invalid message: wrong header size.\n",
5621 			    __func__));
5622 			return (EINVAL);
5623 		}
5624 	} else
5625 		return (0);
5626 
5627 	type = (struct sadb_x_nat_t_type *)mhp->ext[SADB_X_EXT_NAT_T_TYPE];
5628 	if (type->sadb_x_nat_t_type_type != UDP_ENCAP_ESPINUDP) {
5629 		ipseclog((LOG_DEBUG, "%s: unsupported NAT-T type %u.\n",
5630 		    __func__, type->sadb_x_nat_t_type_type));
5631 		return (EINVAL);
5632 	}
5633 	/*
5634 	 * Allocate storage for NAT-T config.
5635 	 * On error it will be released by key_cleansav().
5636 	 */
5637 	sav->natt = malloc(sizeof(struct secnatt), M_IPSEC_MISC,
5638 	    M_NOWAIT | M_ZERO);
5639 	if (sav->natt == NULL) {
5640 		PFKEYSTAT_INC(in_nomem);
5641 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5642 		return (ENOBUFS);
5643 	}
5644 	port = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_SPORT];
5645 	if (port->sadb_x_nat_t_port_port == 0) {
5646 		ipseclog((LOG_DEBUG, "%s: invalid NAT-T sport specified.\n",
5647 		    __func__));
5648 		return (EINVAL);
5649 	}
5650 	sav->natt->sport = port->sadb_x_nat_t_port_port;
5651 	port = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_DPORT];
5652 	if (port->sadb_x_nat_t_port_port == 0) {
5653 		ipseclog((LOG_DEBUG, "%s: invalid NAT-T dport specified.\n",
5654 		    __func__));
5655 		return (EINVAL);
5656 	}
5657 	sav->natt->dport = port->sadb_x_nat_t_port_port;
5658 
5659 	/*
5660 	 * SADB_X_EXT_NAT_T_OAI and SADB_X_EXT_NAT_T_OAR are optional
5661 	 * and needed only for transport mode IPsec.
5662 	 * Usually NAT translates only one address, but it is possible,
5663 	 * that both addresses could be translated.
5664 	 * NOTE: Value of SADB_X_EXT_NAT_T_OAI is equal to SADB_X_EXT_NAT_T_OA.
5665 	 */
5666 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_OAI)) {
5667 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_OAI)) {
5668 			ipseclog((LOG_DEBUG,
5669 			    "%s: invalid message: wrong header size.\n",
5670 			    __func__));
5671 			return (EINVAL);
5672 		}
5673 		oai = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAI];
5674 	} else
5675 		oai = NULL;
5676 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_OAR)) {
5677 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_OAR)) {
5678 			ipseclog((LOG_DEBUG,
5679 			    "%s: invalid message: wrong header size.\n",
5680 			    __func__));
5681 			return (EINVAL);
5682 		}
5683 		oar = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAR];
5684 	} else
5685 		oar = NULL;
5686 
5687 	/* Initialize addresses only for transport mode */
5688 	if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL) {
5689 		cksum = 0;
5690 		if (oai != NULL) {
5691 			/* Currently we support only AF_INET */
5692 			sa = (struct sockaddr *)(oai + 1);
5693 			if (sa->sa_family != AF_INET ||
5694 			    sa->sa_len != sizeof(struct sockaddr_in)) {
5695 				ipseclog((LOG_DEBUG,
5696 				    "%s: wrong NAT-OAi header.\n",
5697 				    __func__));
5698 				return (EINVAL);
5699 			}
5700 			/* Ignore address if it the same */
5701 			if (((struct sockaddr_in *)sa)->sin_addr.s_addr !=
5702 			    sav->sah->saidx.src.sin.sin_addr.s_addr) {
5703 				bcopy(sa, &sav->natt->oai.sa, sa->sa_len);
5704 				sav->natt->flags |= IPSEC_NATT_F_OAI;
5705 				/* Calculate checksum delta */
5706 				addr = sav->sah->saidx.src.sin.sin_addr.s_addr;
5707 				cksum = in_addword(cksum, ~addr >> 16);
5708 				cksum = in_addword(cksum, ~addr & 0xffff);
5709 				addr = sav->natt->oai.sin.sin_addr.s_addr;
5710 				cksum = in_addword(cksum, addr >> 16);
5711 				cksum = in_addword(cksum, addr & 0xffff);
5712 			}
5713 		}
5714 		if (oar != NULL) {
5715 			/* Currently we support only AF_INET */
5716 			sa = (struct sockaddr *)(oar + 1);
5717 			if (sa->sa_family != AF_INET ||
5718 			    sa->sa_len != sizeof(struct sockaddr_in)) {
5719 				ipseclog((LOG_DEBUG,
5720 				    "%s: wrong NAT-OAr header.\n",
5721 				    __func__));
5722 				return (EINVAL);
5723 			}
5724 			/* Ignore address if it the same */
5725 			if (((struct sockaddr_in *)sa)->sin_addr.s_addr !=
5726 			    sav->sah->saidx.dst.sin.sin_addr.s_addr) {
5727 				bcopy(sa, &sav->natt->oar.sa, sa->sa_len);
5728 				sav->natt->flags |= IPSEC_NATT_F_OAR;
5729 				/* Calculate checksum delta */
5730 				addr = sav->sah->saidx.dst.sin.sin_addr.s_addr;
5731 				cksum = in_addword(cksum, ~addr >> 16);
5732 				cksum = in_addword(cksum, ~addr & 0xffff);
5733 				addr = sav->natt->oar.sin.sin_addr.s_addr;
5734 				cksum = in_addword(cksum, addr >> 16);
5735 				cksum = in_addword(cksum, addr & 0xffff);
5736 			}
5737 		}
5738 		sav->natt->cksum = cksum;
5739 	}
5740 	return (0);
5741 }
5742 
5743 static int
5744 key_setident(struct secashead *sah, const struct sadb_msghdr *mhp)
5745 {
5746 	const struct sadb_ident *idsrc, *iddst;
5747 	int idsrclen, iddstlen;
5748 
5749 	IPSEC_ASSERT(sah != NULL, ("null secashead"));
5750 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5751 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5752 
5753 	/* don't make buffer if not there */
5754 	if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) &&
5755 	    SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) {
5756 		sah->idents = NULL;
5757 		sah->identd = NULL;
5758 		return (0);
5759 	}
5760 
5761 	if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) ||
5762 	    SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) {
5763 		ipseclog((LOG_DEBUG, "%s: invalid identity.\n", __func__));
5764 		return (EINVAL);
5765 	}
5766 
5767 	idsrc = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_SRC];
5768 	iddst = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_DST];
5769 	idsrclen = mhp->extlen[SADB_EXT_IDENTITY_SRC];
5770 	iddstlen = mhp->extlen[SADB_EXT_IDENTITY_DST];
5771 
5772 	/* validity check */
5773 	if (idsrc->sadb_ident_type != iddst->sadb_ident_type) {
5774 		ipseclog((LOG_DEBUG, "%s: ident type mismatch.\n", __func__));
5775 		return EINVAL;
5776 	}
5777 
5778 	switch (idsrc->sadb_ident_type) {
5779 	case SADB_IDENTTYPE_PREFIX:
5780 	case SADB_IDENTTYPE_FQDN:
5781 	case SADB_IDENTTYPE_USERFQDN:
5782 	default:
5783 		/* XXX do nothing */
5784 		sah->idents = NULL;
5785 		sah->identd = NULL;
5786 	 	return 0;
5787 	}
5788 
5789 	/* make structure */
5790 	sah->idents = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5791 	if (sah->idents == NULL) {
5792 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5793 		return ENOBUFS;
5794 	}
5795 	sah->identd = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5796 	if (sah->identd == NULL) {
5797 		free(sah->idents, M_IPSEC_MISC);
5798 		sah->idents = NULL;
5799 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5800 		return ENOBUFS;
5801 	}
5802 	sah->idents->type = idsrc->sadb_ident_type;
5803 	sah->idents->id = idsrc->sadb_ident_id;
5804 
5805 	sah->identd->type = iddst->sadb_ident_type;
5806 	sah->identd->id = iddst->sadb_ident_id;
5807 
5808 	return 0;
5809 }
5810 
5811 /*
5812  * m will not be freed on return.
5813  * it is caller's responsibility to free the result.
5814  *
5815  * Called from SADB_ADD and SADB_UPDATE. Reply will contain headers
5816  * from the request in defined order.
5817  */
5818 static struct mbuf *
5819 key_getmsgbuf_x1(struct mbuf *m, const struct sadb_msghdr *mhp)
5820 {
5821 	struct mbuf *n;
5822 
5823 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5824 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5825 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5826 
5827 	/* create new sadb_msg to reply. */
5828 	n = key_gather_mbuf(m, mhp, 1, 16, SADB_EXT_RESERVED,
5829 	    SADB_EXT_SA, SADB_X_EXT_SA2,
5830 	    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST,
5831 	    SADB_EXT_LIFETIME_HARD, SADB_EXT_LIFETIME_SOFT,
5832 	    SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST,
5833 	    SADB_X_EXT_NAT_T_TYPE, SADB_X_EXT_NAT_T_SPORT,
5834 	    SADB_X_EXT_NAT_T_DPORT, SADB_X_EXT_NAT_T_OAI,
5835 	    SADB_X_EXT_NAT_T_OAR, SADB_X_EXT_NEW_ADDRESS_SRC,
5836 	    SADB_X_EXT_NEW_ADDRESS_DST);
5837 	if (!n)
5838 		return NULL;
5839 
5840 	if (n->m_len < sizeof(struct sadb_msg)) {
5841 		n = m_pullup(n, sizeof(struct sadb_msg));
5842 		if (n == NULL)
5843 			return NULL;
5844 	}
5845 	mtod(n, struct sadb_msg *)->sadb_msg_errno = 0;
5846 	mtod(n, struct sadb_msg *)->sadb_msg_len =
5847 	    PFKEY_UNIT64(n->m_pkthdr.len);
5848 
5849 	return n;
5850 }
5851 
5852 /*
5853  * SADB_DELETE processing
5854  * receive
5855  *   <base, SA(*), address(SD)>
5856  * from the ikmpd, and set SADB_SASTATE_DEAD,
5857  * and send,
5858  *   <base, SA(*), address(SD)>
5859  * to the ikmpd.
5860  *
5861  * m will always be freed.
5862  */
5863 static int
5864 key_delete(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5865 {
5866 	struct secasindex saidx;
5867 	struct sadb_address *src0, *dst0;
5868 	struct secasvar *sav;
5869 	struct sadb_sa *sa0;
5870 	uint8_t proto;
5871 
5872 	IPSEC_ASSERT(so != NULL, ("null socket"));
5873 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5874 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5875 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5876 
5877 	/* map satype to proto */
5878 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5879 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5880 		    __func__));
5881 		return key_senderror(so, m, EINVAL);
5882 	}
5883 
5884 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5885 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5886 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5887 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5888 		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
5889 		    __func__));
5890 		return key_senderror(so, m, EINVAL);
5891 	}
5892 
5893 	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
5894 	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
5895 
5896 	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
5897 	    (struct sockaddr *)(dst0 + 1)) != 0) {
5898 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5899 		return (key_senderror(so, m, EINVAL));
5900 	}
5901 	KEY_SETSECASIDX(proto, IPSEC_MODE_ANY, 0, src0 + 1, dst0 + 1, &saidx);
5902 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA)) {
5903 		/*
5904 		 * Caller wants us to delete all non-LARVAL SAs
5905 		 * that match the src/dst.  This is used during
5906 		 * IKE INITIAL-CONTACT.
5907 		 * XXXAE: this looks like some extension to RFC2367.
5908 		 */
5909 		ipseclog((LOG_DEBUG, "%s: doing delete all.\n", __func__));
5910 		return (key_delete_all(so, m, mhp, &saidx));
5911 	}
5912 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA)) {
5913 		ipseclog((LOG_DEBUG,
5914 		    "%s: invalid message: wrong header size.\n", __func__));
5915 		return (key_senderror(so, m, EINVAL));
5916 	}
5917 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5918 	if (proto == IPPROTO_TCP)
5919 		sav = key_getsav_tcpmd5(&saidx, NULL);
5920 	else
5921 		sav = key_getsavbyspi(sa0->sadb_sa_spi);
5922 	if (sav == NULL) {
5923 		ipseclog((LOG_DEBUG, "%s: no SA found for SPI %u.\n",
5924 		    __func__, ntohl(sa0->sadb_sa_spi)));
5925 		return (key_senderror(so, m, ESRCH));
5926 	}
5927 	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) {
5928 		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u.\n",
5929 		    __func__, ntohl(sav->spi)));
5930 		key_freesav(&sav);
5931 		return (key_senderror(so, m, ESRCH));
5932 	}
5933 	KEYDBG(KEY_STAMP,
5934 	    printf("%s: SA(%p)\n", __func__, sav));
5935 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5936 	key_unlinksav(sav);
5937 	key_freesav(&sav);
5938 
5939     {
5940 	struct mbuf *n;
5941 	struct sadb_msg *newmsg;
5942 
5943 	/* create new sadb_msg to reply. */
5944 	n = key_gather_mbuf(m, mhp, 1, 4, SADB_EXT_RESERVED,
5945 	    SADB_EXT_SA, SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
5946 	if (!n)
5947 		return key_senderror(so, m, ENOBUFS);
5948 
5949 	if (n->m_len < sizeof(struct sadb_msg)) {
5950 		n = m_pullup(n, sizeof(struct sadb_msg));
5951 		if (n == NULL)
5952 			return key_senderror(so, m, ENOBUFS);
5953 	}
5954 	newmsg = mtod(n, struct sadb_msg *);
5955 	newmsg->sadb_msg_errno = 0;
5956 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
5957 
5958 	m_freem(m);
5959 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5960     }
5961 }
5962 
5963 /*
5964  * delete all SAs for src/dst.  Called from key_delete().
5965  */
5966 static int
5967 key_delete_all(struct socket *so, struct mbuf *m,
5968     const struct sadb_msghdr *mhp, struct secasindex *saidx)
5969 {
5970 	struct secasvar_queue drainq;
5971 	struct secashead *sah;
5972 	struct secasvar *sav, *nextsav;
5973 
5974 	TAILQ_INIT(&drainq);
5975 	SAHTREE_WLOCK();
5976 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
5977 		if (key_cmpsaidx(&sah->saidx, saidx, CMP_HEAD) == 0)
5978 			continue;
5979 		/* Move all ALIVE SAs into drainq */
5980 		TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain);
5981 	}
5982 	/* Unlink all queued SAs from SPI hash */
5983 	TAILQ_FOREACH(sav, &drainq, chain) {
5984 		sav->state = SADB_SASTATE_DEAD;
5985 		LIST_REMOVE(sav, spihash);
5986 	}
5987 	SAHTREE_WUNLOCK();
5988 	/* Now we can release reference for all SAs in drainq */
5989 	sav = TAILQ_FIRST(&drainq);
5990 	while (sav != NULL) {
5991 		KEYDBG(KEY_STAMP,
5992 		    printf("%s: SA(%p)\n", __func__, sav));
5993 		KEYDBG(KEY_DATA, kdebug_secasv(sav));
5994 		nextsav = TAILQ_NEXT(sav, chain);
5995 		key_freesah(&sav->sah); /* release reference from SAV */
5996 		key_freesav(&sav); /* release last reference */
5997 		sav = nextsav;
5998 	}
5999 
6000     {
6001 	struct mbuf *n;
6002 	struct sadb_msg *newmsg;
6003 
6004 	/* create new sadb_msg to reply. */
6005 	n = key_gather_mbuf(m, mhp, 1, 3, SADB_EXT_RESERVED,
6006 	    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
6007 	if (!n)
6008 		return key_senderror(so, m, ENOBUFS);
6009 
6010 	if (n->m_len < sizeof(struct sadb_msg)) {
6011 		n = m_pullup(n, sizeof(struct sadb_msg));
6012 		if (n == NULL)
6013 			return key_senderror(so, m, ENOBUFS);
6014 	}
6015 	newmsg = mtod(n, struct sadb_msg *);
6016 	newmsg->sadb_msg_errno = 0;
6017 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
6018 
6019 	m_freem(m);
6020 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
6021     }
6022 }
6023 
6024 /*
6025  * Delete all alive SAs for corresponding xform.
6026  * Larval SAs have not initialized tdb_xform, so it is safe to leave them
6027  * here when xform disappears.
6028  */
6029 static void
6030 key_delete_xform(const struct xformsw *xsp)
6031 {
6032 	struct secasvar_queue drainq;
6033 	struct secashead *sah;
6034 	struct secasvar *sav, *nextsav;
6035 
6036 	TAILQ_INIT(&drainq);
6037 	SAHTREE_WLOCK();
6038 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
6039 		sav = TAILQ_FIRST(&sah->savtree_alive);
6040 		if (sav == NULL)
6041 			continue;
6042 		if (sav->tdb_xform != xsp)
6043 			continue;
6044 		/*
6045 		 * It is supposed that all SAs in the chain are related to
6046 		 * one xform.
6047 		 */
6048 		TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain);
6049 	}
6050 	/* Unlink all queued SAs from SPI hash */
6051 	TAILQ_FOREACH(sav, &drainq, chain) {
6052 		sav->state = SADB_SASTATE_DEAD;
6053 		LIST_REMOVE(sav, spihash);
6054 	}
6055 	SAHTREE_WUNLOCK();
6056 
6057 	/* Now we can release reference for all SAs in drainq */
6058 	sav = TAILQ_FIRST(&drainq);
6059 	while (sav != NULL) {
6060 		KEYDBG(KEY_STAMP,
6061 		    printf("%s: SA(%p)\n", __func__, sav));
6062 		KEYDBG(KEY_DATA, kdebug_secasv(sav));
6063 		nextsav = TAILQ_NEXT(sav, chain);
6064 		key_freesah(&sav->sah); /* release reference from SAV */
6065 		key_freesav(&sav); /* release last reference */
6066 		sav = nextsav;
6067 	}
6068 }
6069 
6070 /*
6071  * SADB_GET processing
6072  * receive
6073  *   <base, SA(*), address(SD)>
6074  * from the ikmpd, and get a SP and a SA to respond,
6075  * and send,
6076  *   <base, SA, (lifetime(HSC),) address(SD), (address(P),) key(AE),
6077  *       (identity(SD),) (sensitivity)>
6078  * to the ikmpd.
6079  *
6080  * m will always be freed.
6081  */
6082 static int
6083 key_get(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
6084 {
6085 	struct secasindex saidx;
6086 	struct sadb_address *src0, *dst0;
6087 	struct sadb_sa *sa0;
6088 	struct secasvar *sav;
6089 	uint8_t proto;
6090 
6091 	IPSEC_ASSERT(so != NULL, ("null socket"));
6092 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
6093 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
6094 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
6095 
6096 	/* map satype to proto */
6097 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
6098 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
6099 			__func__));
6100 		return key_senderror(so, m, EINVAL);
6101 	}
6102 
6103 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
6104 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
6105 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST)) {
6106 		ipseclog((LOG_DEBUG,
6107 		    "%s: invalid message: missing required header.\n",
6108 		    __func__));
6109 		return key_senderror(so, m, EINVAL);
6110 	}
6111 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
6112 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
6113 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
6114 		ipseclog((LOG_DEBUG,
6115 		    "%s: invalid message: wrong header size.\n", __func__));
6116 		return key_senderror(so, m, EINVAL);
6117 	}
6118 
6119 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
6120 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
6121 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
6122 
6123 	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
6124 	    (struct sockaddr *)(dst0 + 1)) != 0) {
6125 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
6126 		return key_senderror(so, m, EINVAL);
6127 	}
6128 	KEY_SETSECASIDX(proto, IPSEC_MODE_ANY, 0, src0 + 1, dst0 + 1, &saidx);
6129 
6130 	if (proto == IPPROTO_TCP)
6131 		sav = key_getsav_tcpmd5(&saidx, NULL);
6132 	else
6133 		sav = key_getsavbyspi(sa0->sadb_sa_spi);
6134 	if (sav == NULL) {
6135 		ipseclog((LOG_DEBUG, "%s: no SA found.\n", __func__));
6136 		return key_senderror(so, m, ESRCH);
6137 	}
6138 	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) {
6139 		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u.\n",
6140 		    __func__, ntohl(sa0->sadb_sa_spi)));
6141 		key_freesav(&sav);
6142 		return (key_senderror(so, m, ESRCH));
6143 	}
6144 
6145     {
6146 	struct mbuf *n;
6147 	uint8_t satype;
6148 
6149 	/* map proto to satype */
6150 	if ((satype = key_proto2satype(sav->sah->saidx.proto)) == 0) {
6151 		ipseclog((LOG_DEBUG, "%s: there was invalid proto in SAD.\n",
6152 		    __func__));
6153 		key_freesav(&sav);
6154 		return key_senderror(so, m, EINVAL);
6155 	}
6156 
6157 	/* create new sadb_msg to reply. */
6158 	n = key_setdumpsa(sav, SADB_GET, satype, mhp->msg->sadb_msg_seq,
6159 	    mhp->msg->sadb_msg_pid);
6160 
6161 	key_freesav(&sav);
6162 	if (!n)
6163 		return key_senderror(so, m, ENOBUFS);
6164 
6165 	m_freem(m);
6166 	return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
6167     }
6168 }
6169 
6170 /* XXX make it sysctl-configurable? */
6171 static void
6172 key_getcomb_setlifetime(struct sadb_comb *comb)
6173 {
6174 
6175 	comb->sadb_comb_soft_allocations = 1;
6176 	comb->sadb_comb_hard_allocations = 1;
6177 	comb->sadb_comb_soft_bytes = 0;
6178 	comb->sadb_comb_hard_bytes = 0;
6179 	comb->sadb_comb_hard_addtime = 86400;	/* 1 day */
6180 	comb->sadb_comb_soft_addtime = comb->sadb_comb_soft_addtime * 80 / 100;
6181 	comb->sadb_comb_soft_usetime = 28800;	/* 8 hours */
6182 	comb->sadb_comb_hard_usetime = comb->sadb_comb_hard_usetime * 80 / 100;
6183 }
6184 
6185 /*
6186  * XXX reorder combinations by preference
6187  * XXX no idea if the user wants ESP authentication or not
6188  */
6189 static struct mbuf *
6190 key_getcomb_ealg(void)
6191 {
6192 	struct sadb_comb *comb;
6193 	const struct enc_xform *algo;
6194 	struct mbuf *result = NULL, *m, *n;
6195 	int encmin;
6196 	int i, off, o;
6197 	int totlen;
6198 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb));
6199 
6200 	m = NULL;
6201 	for (i = 1; i <= SADB_EALG_MAX; i++) {
6202 		algo = enc_algorithm_lookup(i);
6203 		if (algo == NULL)
6204 			continue;
6205 
6206 		/* discard algorithms with key size smaller than system min */
6207 		if (_BITS(algo->maxkey) < V_ipsec_esp_keymin)
6208 			continue;
6209 		if (_BITS(algo->minkey) < V_ipsec_esp_keymin)
6210 			encmin = V_ipsec_esp_keymin;
6211 		else
6212 			encmin = _BITS(algo->minkey);
6213 
6214 		if (V_ipsec_esp_auth)
6215 			m = key_getcomb_ah();
6216 		else {
6217 			IPSEC_ASSERT(l <= MLEN,
6218 				("l=%u > MLEN=%lu", l, (u_long) MLEN));
6219 			MGET(m, M_NOWAIT, MT_DATA);
6220 			if (m) {
6221 				M_ALIGN(m, l);
6222 				m->m_len = l;
6223 				m->m_next = NULL;
6224 				bzero(mtod(m, caddr_t), m->m_len);
6225 			}
6226 		}
6227 		if (!m)
6228 			goto fail;
6229 
6230 		totlen = 0;
6231 		for (n = m; n; n = n->m_next)
6232 			totlen += n->m_len;
6233 		IPSEC_ASSERT((totlen % l) == 0, ("totlen=%u, l=%u", totlen, l));
6234 
6235 		for (off = 0; off < totlen; off += l) {
6236 			n = m_pulldown(m, off, l, &o);
6237 			if (!n) {
6238 				/* m is already freed */
6239 				goto fail;
6240 			}
6241 			comb = (struct sadb_comb *)(mtod(n, caddr_t) + o);
6242 			bzero(comb, sizeof(*comb));
6243 			key_getcomb_setlifetime(comb);
6244 			comb->sadb_comb_encrypt = i;
6245 			comb->sadb_comb_encrypt_minbits = encmin;
6246 			comb->sadb_comb_encrypt_maxbits = _BITS(algo->maxkey);
6247 		}
6248 
6249 		if (!result)
6250 			result = m;
6251 		else
6252 			m_cat(result, m);
6253 	}
6254 
6255 	return result;
6256 
6257  fail:
6258 	if (result)
6259 		m_freem(result);
6260 	return NULL;
6261 }
6262 
6263 static void
6264 key_getsizes_ah(const struct auth_hash *ah, int alg, u_int16_t* min,
6265     u_int16_t* max)
6266 {
6267 
6268 	*min = *max = ah->hashsize;
6269 	if (ah->keysize == 0) {
6270 		/*
6271 		 * Transform takes arbitrary key size but algorithm
6272 		 * key size is restricted.  Enforce this here.
6273 		 */
6274 		switch (alg) {
6275 		case SADB_X_AALG_MD5:	*min = *max = 16; break;
6276 		case SADB_X_AALG_SHA:	*min = *max = 20; break;
6277 		case SADB_X_AALG_NULL:	*min = 1; *max = 256; break;
6278 		case SADB_X_AALG_SHA2_256: *min = *max = 32; break;
6279 		case SADB_X_AALG_SHA2_384: *min = *max = 48; break;
6280 		case SADB_X_AALG_SHA2_512: *min = *max = 64; break;
6281 		default:
6282 			DPRINTF(("%s: unknown AH algorithm %u\n",
6283 				__func__, alg));
6284 			break;
6285 		}
6286 	}
6287 }
6288 
6289 /*
6290  * XXX reorder combinations by preference
6291  */
6292 static struct mbuf *
6293 key_getcomb_ah()
6294 {
6295 	const struct auth_hash *algo;
6296 	struct sadb_comb *comb;
6297 	struct mbuf *m;
6298 	u_int16_t minkeysize, maxkeysize;
6299 	int i;
6300 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb));
6301 
6302 	m = NULL;
6303 	for (i = 1; i <= SADB_AALG_MAX; i++) {
6304 #if 1
6305 		/* we prefer HMAC algorithms, not old algorithms */
6306 		if (i != SADB_AALG_SHA1HMAC &&
6307 		    i != SADB_AALG_MD5HMAC  &&
6308 		    i != SADB_X_AALG_SHA2_256 &&
6309 		    i != SADB_X_AALG_SHA2_384 &&
6310 		    i != SADB_X_AALG_SHA2_512)
6311 			continue;
6312 #endif
6313 		algo = auth_algorithm_lookup(i);
6314 		if (!algo)
6315 			continue;
6316 		key_getsizes_ah(algo, i, &minkeysize, &maxkeysize);
6317 		/* discard algorithms with key size smaller than system min */
6318 		if (_BITS(minkeysize) < V_ipsec_ah_keymin)
6319 			continue;
6320 
6321 		if (!m) {
6322 			IPSEC_ASSERT(l <= MLEN,
6323 				("l=%u > MLEN=%lu", l, (u_long) MLEN));
6324 			MGET(m, M_NOWAIT, MT_DATA);
6325 			if (m) {
6326 				M_ALIGN(m, l);
6327 				m->m_len = l;
6328 				m->m_next = NULL;
6329 			}
6330 		} else
6331 			M_PREPEND(m, l, M_NOWAIT);
6332 		if (!m)
6333 			return NULL;
6334 
6335 		comb = mtod(m, struct sadb_comb *);
6336 		bzero(comb, sizeof(*comb));
6337 		key_getcomb_setlifetime(comb);
6338 		comb->sadb_comb_auth = i;
6339 		comb->sadb_comb_auth_minbits = _BITS(minkeysize);
6340 		comb->sadb_comb_auth_maxbits = _BITS(maxkeysize);
6341 	}
6342 
6343 	return m;
6344 }
6345 
6346 /*
6347  * not really an official behavior.  discussed in pf_key@inner.net in Sep2000.
6348  * XXX reorder combinations by preference
6349  */
6350 static struct mbuf *
6351 key_getcomb_ipcomp()
6352 {
6353 	const struct comp_algo *algo;
6354 	struct sadb_comb *comb;
6355 	struct mbuf *m;
6356 	int i;
6357 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb));
6358 
6359 	m = NULL;
6360 	for (i = 1; i <= SADB_X_CALG_MAX; i++) {
6361 		algo = comp_algorithm_lookup(i);
6362 		if (!algo)
6363 			continue;
6364 
6365 		if (!m) {
6366 			IPSEC_ASSERT(l <= MLEN,
6367 				("l=%u > MLEN=%lu", l, (u_long) MLEN));
6368 			MGET(m, M_NOWAIT, MT_DATA);
6369 			if (m) {
6370 				M_ALIGN(m, l);
6371 				m->m_len = l;
6372 				m->m_next = NULL;
6373 			}
6374 		} else
6375 			M_PREPEND(m, l, M_NOWAIT);
6376 		if (!m)
6377 			return NULL;
6378 
6379 		comb = mtod(m, struct sadb_comb *);
6380 		bzero(comb, sizeof(*comb));
6381 		key_getcomb_setlifetime(comb);
6382 		comb->sadb_comb_encrypt = i;
6383 		/* what should we set into sadb_comb_*_{min,max}bits? */
6384 	}
6385 
6386 	return m;
6387 }
6388 
6389 /*
6390  * XXX no way to pass mode (transport/tunnel) to userland
6391  * XXX replay checking?
6392  * XXX sysctl interface to ipsec_{ah,esp}_keymin
6393  */
6394 static struct mbuf *
6395 key_getprop(const struct secasindex *saidx)
6396 {
6397 	struct sadb_prop *prop;
6398 	struct mbuf *m, *n;
6399 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_prop));
6400 	int totlen;
6401 
6402 	switch (saidx->proto)  {
6403 	case IPPROTO_ESP:
6404 		m = key_getcomb_ealg();
6405 		break;
6406 	case IPPROTO_AH:
6407 		m = key_getcomb_ah();
6408 		break;
6409 	case IPPROTO_IPCOMP:
6410 		m = key_getcomb_ipcomp();
6411 		break;
6412 	default:
6413 		return NULL;
6414 	}
6415 
6416 	if (!m)
6417 		return NULL;
6418 	M_PREPEND(m, l, M_NOWAIT);
6419 	if (!m)
6420 		return NULL;
6421 
6422 	totlen = 0;
6423 	for (n = m; n; n = n->m_next)
6424 		totlen += n->m_len;
6425 
6426 	prop = mtod(m, struct sadb_prop *);
6427 	bzero(prop, sizeof(*prop));
6428 	prop->sadb_prop_len = PFKEY_UNIT64(totlen);
6429 	prop->sadb_prop_exttype = SADB_EXT_PROPOSAL;
6430 	prop->sadb_prop_replay = 32;	/* XXX */
6431 
6432 	return m;
6433 }
6434 
6435 /*
6436  * SADB_ACQUIRE processing called by key_checkrequest() and key_acquire2().
6437  * send
6438  *   <base, SA, address(SD), (address(P)), x_policy,
6439  *       (identity(SD),) (sensitivity,) proposal>
6440  * to KMD, and expect to receive
6441  *   <base> with SADB_ACQUIRE if error occurred,
6442  * or
6443  *   <base, src address, dst address, (SPI range)> with SADB_GETSPI
6444  * from KMD by PF_KEY.
6445  *
6446  * XXX x_policy is outside of RFC2367 (KAME extension).
6447  * XXX sensitivity is not supported.
6448  * XXX for ipcomp, RFC2367 does not define how to fill in proposal.
6449  * see comment for key_getcomb_ipcomp().
6450  *
6451  * OUT:
6452  *    0     : succeed
6453  *    others: error number
6454  */
6455 static int
6456 key_acquire(const struct secasindex *saidx, struct secpolicy *sp)
6457 {
6458 	union sockaddr_union addr;
6459 	struct mbuf *result, *m;
6460 	uint32_t seq;
6461 	int error;
6462 	uint16_t ul_proto;
6463 	uint8_t mask, satype;
6464 
6465 	IPSEC_ASSERT(saidx != NULL, ("null saidx"));
6466 	satype = key_proto2satype(saidx->proto);
6467 	IPSEC_ASSERT(satype != 0, ("null satype, protocol %u", saidx->proto));
6468 
6469 	error = -1;
6470 	result = NULL;
6471 	ul_proto = IPSEC_ULPROTO_ANY;
6472 
6473 	/* Get seq number to check whether sending message or not. */
6474 	seq = key_getacq(saidx, &error);
6475 	if (seq == 0)
6476 		return (error);
6477 
6478 	m = key_setsadbmsg(SADB_ACQUIRE, 0, satype, seq, 0, 0);
6479 	if (!m) {
6480 		error = ENOBUFS;
6481 		goto fail;
6482 	}
6483 	result = m;
6484 
6485 	/*
6486 	 * set sadb_address for saidx's.
6487 	 *
6488 	 * Note that if sp is supplied, then we're being called from
6489 	 * key_allocsa_policy() and should supply port and protocol
6490 	 * information.
6491 	 * XXXAE: why only TCP and UDP? ICMP and SCTP looks applicable too.
6492 	 * XXXAE: probably we can handle this in the ipsec[46]_allocsa().
6493 	 * XXXAE: it looks like we should save this info in the ACQ entry.
6494 	 */
6495 	if (sp != NULL && (sp->spidx.ul_proto == IPPROTO_TCP ||
6496 	    sp->spidx.ul_proto == IPPROTO_UDP))
6497 		ul_proto = sp->spidx.ul_proto;
6498 
6499 	addr = saidx->src;
6500 	mask = FULLMASK;
6501 	if (ul_proto != IPSEC_ULPROTO_ANY) {
6502 		switch (sp->spidx.src.sa.sa_family) {
6503 		case AF_INET:
6504 			if (sp->spidx.src.sin.sin_port != IPSEC_PORT_ANY) {
6505 				addr.sin.sin_port = sp->spidx.src.sin.sin_port;
6506 				mask = sp->spidx.prefs;
6507 			}
6508 			break;
6509 		case AF_INET6:
6510 			if (sp->spidx.src.sin6.sin6_port != IPSEC_PORT_ANY) {
6511 				addr.sin6.sin6_port =
6512 				    sp->spidx.src.sin6.sin6_port;
6513 				mask = sp->spidx.prefs;
6514 			}
6515 			break;
6516 		default:
6517 			break;
6518 		}
6519 	}
6520 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, &addr.sa, mask, ul_proto);
6521 	if (!m) {
6522 		error = ENOBUFS;
6523 		goto fail;
6524 	}
6525 	m_cat(result, m);
6526 
6527 	addr = saidx->dst;
6528 	mask = FULLMASK;
6529 	if (ul_proto != IPSEC_ULPROTO_ANY) {
6530 		switch (sp->spidx.dst.sa.sa_family) {
6531 		case AF_INET:
6532 			if (sp->spidx.dst.sin.sin_port != IPSEC_PORT_ANY) {
6533 				addr.sin.sin_port = sp->spidx.dst.sin.sin_port;
6534 				mask = sp->spidx.prefd;
6535 			}
6536 			break;
6537 		case AF_INET6:
6538 			if (sp->spidx.dst.sin6.sin6_port != IPSEC_PORT_ANY) {
6539 				addr.sin6.sin6_port =
6540 				    sp->spidx.dst.sin6.sin6_port;
6541 				mask = sp->spidx.prefd;
6542 			}
6543 			break;
6544 		default:
6545 			break;
6546 		}
6547 	}
6548 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, &addr.sa, mask, ul_proto);
6549 	if (!m) {
6550 		error = ENOBUFS;
6551 		goto fail;
6552 	}
6553 	m_cat(result, m);
6554 
6555 	/* XXX proxy address (optional) */
6556 
6557 	/* set sadb_x_policy */
6558 	if (sp != NULL) {
6559 		m = key_setsadbxpolicy(sp->policy, sp->spidx.dir, sp->id,
6560 		    sp->priority);
6561 		if (!m) {
6562 			error = ENOBUFS;
6563 			goto fail;
6564 		}
6565 		m_cat(result, m);
6566 	}
6567 
6568 	/* XXX identity (optional) */
6569 #if 0
6570 	if (idexttype && fqdn) {
6571 		/* create identity extension (FQDN) */
6572 		struct sadb_ident *id;
6573 		int fqdnlen;
6574 
6575 		fqdnlen = strlen(fqdn) + 1;	/* +1 for terminating-NUL */
6576 		id = (struct sadb_ident *)p;
6577 		bzero(id, sizeof(*id) + PFKEY_ALIGN8(fqdnlen));
6578 		id->sadb_ident_len = PFKEY_UNIT64(sizeof(*id) + PFKEY_ALIGN8(fqdnlen));
6579 		id->sadb_ident_exttype = idexttype;
6580 		id->sadb_ident_type = SADB_IDENTTYPE_FQDN;
6581 		bcopy(fqdn, id + 1, fqdnlen);
6582 		p += sizeof(struct sadb_ident) + PFKEY_ALIGN8(fqdnlen);
6583 	}
6584 
6585 	if (idexttype) {
6586 		/* create identity extension (USERFQDN) */
6587 		struct sadb_ident *id;
6588 		int userfqdnlen;
6589 
6590 		if (userfqdn) {
6591 			/* +1 for terminating-NUL */
6592 			userfqdnlen = strlen(userfqdn) + 1;
6593 		} else
6594 			userfqdnlen = 0;
6595 		id = (struct sadb_ident *)p;
6596 		bzero(id, sizeof(*id) + PFKEY_ALIGN8(userfqdnlen));
6597 		id->sadb_ident_len = PFKEY_UNIT64(sizeof(*id) + PFKEY_ALIGN8(userfqdnlen));
6598 		id->sadb_ident_exttype = idexttype;
6599 		id->sadb_ident_type = SADB_IDENTTYPE_USERFQDN;
6600 		/* XXX is it correct? */
6601 		if (curproc && curproc->p_cred)
6602 			id->sadb_ident_id = curproc->p_cred->p_ruid;
6603 		if (userfqdn && userfqdnlen)
6604 			bcopy(userfqdn, id + 1, userfqdnlen);
6605 		p += sizeof(struct sadb_ident) + PFKEY_ALIGN8(userfqdnlen);
6606 	}
6607 #endif
6608 
6609 	/* XXX sensitivity (optional) */
6610 
6611 	/* create proposal/combination extension */
6612 	m = key_getprop(saidx);
6613 #if 0
6614 	/*
6615 	 * spec conformant: always attach proposal/combination extension,
6616 	 * the problem is that we have no way to attach it for ipcomp,
6617 	 * due to the way sadb_comb is declared in RFC2367.
6618 	 */
6619 	if (!m) {
6620 		error = ENOBUFS;
6621 		goto fail;
6622 	}
6623 	m_cat(result, m);
6624 #else
6625 	/*
6626 	 * outside of spec; make proposal/combination extension optional.
6627 	 */
6628 	if (m)
6629 		m_cat(result, m);
6630 #endif
6631 
6632 	if ((result->m_flags & M_PKTHDR) == 0) {
6633 		error = EINVAL;
6634 		goto fail;
6635 	}
6636 
6637 	if (result->m_len < sizeof(struct sadb_msg)) {
6638 		result = m_pullup(result, sizeof(struct sadb_msg));
6639 		if (result == NULL) {
6640 			error = ENOBUFS;
6641 			goto fail;
6642 		}
6643 	}
6644 
6645 	result->m_pkthdr.len = 0;
6646 	for (m = result; m; m = m->m_next)
6647 		result->m_pkthdr.len += m->m_len;
6648 
6649 	mtod(result, struct sadb_msg *)->sadb_msg_len =
6650 	    PFKEY_UNIT64(result->m_pkthdr.len);
6651 
6652 	KEYDBG(KEY_STAMP,
6653 	    printf("%s: SP(%p)\n", __func__, sp));
6654 	KEYDBG(KEY_DATA, kdebug_secasindex(saidx, NULL));
6655 
6656 	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
6657 
6658  fail:
6659 	if (result)
6660 		m_freem(result);
6661 	return error;
6662 }
6663 
6664 static uint32_t
6665 key_newacq(const struct secasindex *saidx, int *perror)
6666 {
6667 	struct secacq *acq;
6668 	uint32_t seq;
6669 
6670 	acq = malloc(sizeof(*acq), M_IPSEC_SAQ, M_NOWAIT | M_ZERO);
6671 	if (acq == NULL) {
6672 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
6673 		*perror = ENOBUFS;
6674 		return (0);
6675 	}
6676 
6677 	/* copy secindex */
6678 	bcopy(saidx, &acq->saidx, sizeof(acq->saidx));
6679 	acq->created = time_second;
6680 	acq->count = 0;
6681 
6682 	/* add to acqtree */
6683 	ACQ_LOCK();
6684 	seq = acq->seq = (V_acq_seq == ~0 ? 1 : ++V_acq_seq);
6685 	LIST_INSERT_HEAD(&V_acqtree, acq, chain);
6686 	LIST_INSERT_HEAD(ACQADDRHASH_HASH(saidx), acq, addrhash);
6687 	LIST_INSERT_HEAD(ACQSEQHASH_HASH(seq), acq, seqhash);
6688 	ACQ_UNLOCK();
6689 	*perror = 0;
6690 	return (seq);
6691 }
6692 
6693 static uint32_t
6694 key_getacq(const struct secasindex *saidx, int *perror)
6695 {
6696 	struct secacq *acq;
6697 	uint32_t seq;
6698 
6699 	ACQ_LOCK();
6700 	LIST_FOREACH(acq, ACQADDRHASH_HASH(saidx), addrhash) {
6701 		if (key_cmpsaidx(&acq->saidx, saidx, CMP_EXACTLY)) {
6702 			if (acq->count > V_key_blockacq_count) {
6703 				/*
6704 				 * Reset counter and send message.
6705 				 * Also reset created time to keep ACQ for
6706 				 * this saidx.
6707 				 */
6708 				acq->created = time_second;
6709 				acq->count = 0;
6710 				seq = acq->seq;
6711 			} else {
6712 				/*
6713 				 * Increment counter and do nothing.
6714 				 * We send SADB_ACQUIRE message only
6715 				 * for each V_key_blockacq_count packet.
6716 				 */
6717 				acq->count++;
6718 				seq = 0;
6719 			}
6720 			break;
6721 		}
6722 	}
6723 	ACQ_UNLOCK();
6724 	if (acq != NULL) {
6725 		*perror = 0;
6726 		return (seq);
6727 	}
6728 	/* allocate new  entry */
6729 	return (key_newacq(saidx, perror));
6730 }
6731 
6732 static int
6733 key_acqreset(uint32_t seq)
6734 {
6735 	struct secacq *acq;
6736 
6737 	ACQ_LOCK();
6738 	LIST_FOREACH(acq, ACQSEQHASH_HASH(seq), seqhash) {
6739 		if (acq->seq == seq) {
6740 			acq->count = 0;
6741 			acq->created = time_second;
6742 			break;
6743 		}
6744 	}
6745 	ACQ_UNLOCK();
6746 	if (acq == NULL)
6747 		return (ESRCH);
6748 	return (0);
6749 }
6750 /*
6751  * Mark ACQ entry as stale to remove it in key_flush_acq().
6752  * Called after successful SADB_GETSPI message.
6753  */
6754 static int
6755 key_acqdone(const struct secasindex *saidx, uint32_t seq)
6756 {
6757 	struct secacq *acq;
6758 
6759 	ACQ_LOCK();
6760 	LIST_FOREACH(acq, ACQSEQHASH_HASH(seq), seqhash) {
6761 		if (acq->seq == seq)
6762 			break;
6763 	}
6764 	if (acq != NULL) {
6765 		if (key_cmpsaidx(&acq->saidx, saidx, CMP_EXACTLY) == 0) {
6766 			ipseclog((LOG_DEBUG,
6767 			    "%s: Mismatched saidx for ACQ %u", __func__, seq));
6768 			acq = NULL;
6769 		} else {
6770 			acq->created = 0;
6771 		}
6772 	} else {
6773 		ipseclog((LOG_DEBUG,
6774 		    "%s: ACQ %u is not found.", __func__, seq));
6775 	}
6776 	ACQ_UNLOCK();
6777 	if (acq == NULL)
6778 		return (ESRCH);
6779 	return (0);
6780 }
6781 
6782 static struct secspacq *
6783 key_newspacq(struct secpolicyindex *spidx)
6784 {
6785 	struct secspacq *acq;
6786 
6787 	/* get new entry */
6788 	acq = malloc(sizeof(struct secspacq), M_IPSEC_SAQ, M_NOWAIT|M_ZERO);
6789 	if (acq == NULL) {
6790 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
6791 		return NULL;
6792 	}
6793 
6794 	/* copy secindex */
6795 	bcopy(spidx, &acq->spidx, sizeof(acq->spidx));
6796 	acq->created = time_second;
6797 	acq->count = 0;
6798 
6799 	/* add to spacqtree */
6800 	SPACQ_LOCK();
6801 	LIST_INSERT_HEAD(&V_spacqtree, acq, chain);
6802 	SPACQ_UNLOCK();
6803 
6804 	return acq;
6805 }
6806 
6807 static struct secspacq *
6808 key_getspacq(struct secpolicyindex *spidx)
6809 {
6810 	struct secspacq *acq;
6811 
6812 	SPACQ_LOCK();
6813 	LIST_FOREACH(acq, &V_spacqtree, chain) {
6814 		if (key_cmpspidx_exactly(spidx, &acq->spidx)) {
6815 			/* NB: return holding spacq_lock */
6816 			return acq;
6817 		}
6818 	}
6819 	SPACQ_UNLOCK();
6820 
6821 	return NULL;
6822 }
6823 
6824 /*
6825  * SADB_ACQUIRE processing,
6826  * in first situation, is receiving
6827  *   <base>
6828  * from the ikmpd, and clear sequence of its secasvar entry.
6829  *
6830  * In second situation, is receiving
6831  *   <base, address(SD), (address(P),) (identity(SD),) (sensitivity,) proposal>
6832  * from a user land process, and return
6833  *   <base, address(SD), (address(P),) (identity(SD),) (sensitivity,) proposal>
6834  * to the socket.
6835  *
6836  * m will always be freed.
6837  */
6838 static int
6839 key_acquire2(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
6840 {
6841 	SAHTREE_RLOCK_TRACKER;
6842 	struct sadb_address *src0, *dst0;
6843 	struct secasindex saidx;
6844 	struct secashead *sah;
6845 	uint32_t reqid;
6846 	int error;
6847 	uint8_t mode, proto;
6848 
6849 	IPSEC_ASSERT(so != NULL, ("null socket"));
6850 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
6851 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
6852 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
6853 
6854 	/*
6855 	 * Error message from KMd.
6856 	 * We assume that if error was occurred in IKEd, the length of PFKEY
6857 	 * message is equal to the size of sadb_msg structure.
6858 	 * We do not raise error even if error occurred in this function.
6859 	 */
6860 	if (mhp->msg->sadb_msg_len == PFKEY_UNIT64(sizeof(struct sadb_msg))) {
6861 		/* check sequence number */
6862 		if (mhp->msg->sadb_msg_seq == 0 ||
6863 		    mhp->msg->sadb_msg_errno == 0) {
6864 			ipseclog((LOG_DEBUG, "%s: must specify sequence "
6865 				"number and errno.\n", __func__));
6866 		} else {
6867 			/*
6868 			 * IKEd reported that error occurred.
6869 			 * XXXAE: what it expects from the kernel?
6870 			 * Probably we should send SADB_ACQUIRE again?
6871 			 * If so, reset ACQ's state.
6872 			 * XXXAE: it looks useless.
6873 			 */
6874 			key_acqreset(mhp->msg->sadb_msg_seq);
6875 		}
6876 		m_freem(m);
6877 		return (0);
6878 	}
6879 
6880 	/*
6881 	 * This message is from user land.
6882 	 */
6883 
6884 	/* map satype to proto */
6885 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
6886 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
6887 		    __func__));
6888 		return key_senderror(so, m, EINVAL);
6889 	}
6890 
6891 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
6892 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
6893 	    SADB_CHECKHDR(mhp, SADB_EXT_PROPOSAL)) {
6894 		ipseclog((LOG_DEBUG,
6895 		    "%s: invalid message: missing required header.\n",
6896 		    __func__));
6897 		return key_senderror(so, m, EINVAL);
6898 	}
6899 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
6900 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
6901 	    SADB_CHECKLEN(mhp, SADB_EXT_PROPOSAL)) {
6902 		ipseclog((LOG_DEBUG,
6903 		    "%s: invalid message: wrong header size.\n", __func__));
6904 		return key_senderror(so, m, EINVAL);
6905 	}
6906 
6907 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
6908 		mode = IPSEC_MODE_ANY;
6909 		reqid = 0;
6910 	} else {
6911 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
6912 			ipseclog((LOG_DEBUG,
6913 			    "%s: invalid message: wrong header size.\n",
6914 			    __func__));
6915 			return key_senderror(so, m, EINVAL);
6916 		}
6917 		mode = ((struct sadb_x_sa2 *)
6918 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
6919 		reqid = ((struct sadb_x_sa2 *)
6920 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
6921 	}
6922 
6923 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
6924 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
6925 
6926 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
6927 	    (struct sockaddr *)(dst0 + 1));
6928 	if (error != 0) {
6929 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
6930 		return key_senderror(so, m, EINVAL);
6931 	}
6932 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
6933 
6934 	/* get a SA index */
6935 	SAHTREE_RLOCK();
6936 	LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
6937 		if (key_cmpsaidx(&sah->saidx, &saidx, CMP_MODE_REQID))
6938 			break;
6939 	}
6940 	SAHTREE_RUNLOCK();
6941 	if (sah != NULL) {
6942 		ipseclog((LOG_DEBUG, "%s: a SA exists already.\n", __func__));
6943 		return key_senderror(so, m, EEXIST);
6944 	}
6945 
6946 	error = key_acquire(&saidx, NULL);
6947 	if (error != 0) {
6948 		ipseclog((LOG_DEBUG,
6949 		    "%s: error %d returned from key_acquire()\n",
6950 			__func__, error));
6951 		return key_senderror(so, m, error);
6952 	}
6953 	m_freem(m);
6954 	return (0);
6955 }
6956 
6957 /*
6958  * SADB_REGISTER processing.
6959  * If SATYPE_UNSPEC has been passed as satype, only return sabd_supported.
6960  * receive
6961  *   <base>
6962  * from the ikmpd, and register a socket to send PF_KEY messages,
6963  * and send
6964  *   <base, supported>
6965  * to KMD by PF_KEY.
6966  * If socket is detached, must free from regnode.
6967  *
6968  * m will always be freed.
6969  */
6970 static int
6971 key_register(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
6972 {
6973 	struct secreg *reg, *newreg = NULL;
6974 
6975 	IPSEC_ASSERT(so != NULL, ("null socket"));
6976 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
6977 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
6978 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
6979 
6980 	/* check for invalid register message */
6981 	if (mhp->msg->sadb_msg_satype >= sizeof(V_regtree)/sizeof(V_regtree[0]))
6982 		return key_senderror(so, m, EINVAL);
6983 
6984 	/* When SATYPE_UNSPEC is specified, only return sabd_supported. */
6985 	if (mhp->msg->sadb_msg_satype == SADB_SATYPE_UNSPEC)
6986 		goto setmsg;
6987 
6988 	/* check whether existing or not */
6989 	REGTREE_LOCK();
6990 	LIST_FOREACH(reg, &V_regtree[mhp->msg->sadb_msg_satype], chain) {
6991 		if (reg->so == so) {
6992 			REGTREE_UNLOCK();
6993 			ipseclog((LOG_DEBUG, "%s: socket exists already.\n",
6994 				__func__));
6995 			return key_senderror(so, m, EEXIST);
6996 		}
6997 	}
6998 
6999 	/* create regnode */
7000 	newreg =  malloc(sizeof(struct secreg), M_IPSEC_SAR, M_NOWAIT|M_ZERO);
7001 	if (newreg == NULL) {
7002 		REGTREE_UNLOCK();
7003 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
7004 		return key_senderror(so, m, ENOBUFS);
7005 	}
7006 
7007 	newreg->so = so;
7008 	((struct keycb *)sotorawcb(so))->kp_registered++;
7009 
7010 	/* add regnode to regtree. */
7011 	LIST_INSERT_HEAD(&V_regtree[mhp->msg->sadb_msg_satype], newreg, chain);
7012 	REGTREE_UNLOCK();
7013 
7014   setmsg:
7015     {
7016 	struct mbuf *n;
7017 	struct sadb_msg *newmsg;
7018 	struct sadb_supported *sup;
7019 	u_int len, alen, elen;
7020 	int off;
7021 	int i;
7022 	struct sadb_alg *alg;
7023 
7024 	/* create new sadb_msg to reply. */
7025 	alen = 0;
7026 	for (i = 1; i <= SADB_AALG_MAX; i++) {
7027 		if (auth_algorithm_lookup(i))
7028 			alen += sizeof(struct sadb_alg);
7029 	}
7030 	if (alen)
7031 		alen += sizeof(struct sadb_supported);
7032 	elen = 0;
7033 	for (i = 1; i <= SADB_EALG_MAX; i++) {
7034 		if (enc_algorithm_lookup(i))
7035 			elen += sizeof(struct sadb_alg);
7036 	}
7037 	if (elen)
7038 		elen += sizeof(struct sadb_supported);
7039 
7040 	len = sizeof(struct sadb_msg) + alen + elen;
7041 
7042 	if (len > MCLBYTES)
7043 		return key_senderror(so, m, ENOBUFS);
7044 
7045 	MGETHDR(n, M_NOWAIT, MT_DATA);
7046 	if (len > MHLEN) {
7047 		if (!(MCLGET(n, M_NOWAIT))) {
7048 			m_freem(n);
7049 			n = NULL;
7050 		}
7051 	}
7052 	if (!n)
7053 		return key_senderror(so, m, ENOBUFS);
7054 
7055 	n->m_pkthdr.len = n->m_len = len;
7056 	n->m_next = NULL;
7057 	off = 0;
7058 
7059 	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
7060 	newmsg = mtod(n, struct sadb_msg *);
7061 	newmsg->sadb_msg_errno = 0;
7062 	newmsg->sadb_msg_len = PFKEY_UNIT64(len);
7063 	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
7064 
7065 	/* for authentication algorithm */
7066 	if (alen) {
7067 		sup = (struct sadb_supported *)(mtod(n, caddr_t) + off);
7068 		sup->sadb_supported_len = PFKEY_UNIT64(alen);
7069 		sup->sadb_supported_exttype = SADB_EXT_SUPPORTED_AUTH;
7070 		off += PFKEY_ALIGN8(sizeof(*sup));
7071 
7072 		for (i = 1; i <= SADB_AALG_MAX; i++) {
7073 			const struct auth_hash *aalgo;
7074 			u_int16_t minkeysize, maxkeysize;
7075 
7076 			aalgo = auth_algorithm_lookup(i);
7077 			if (!aalgo)
7078 				continue;
7079 			alg = (struct sadb_alg *)(mtod(n, caddr_t) + off);
7080 			alg->sadb_alg_id = i;
7081 			alg->sadb_alg_ivlen = 0;
7082 			key_getsizes_ah(aalgo, i, &minkeysize, &maxkeysize);
7083 			alg->sadb_alg_minbits = _BITS(minkeysize);
7084 			alg->sadb_alg_maxbits = _BITS(maxkeysize);
7085 			off += PFKEY_ALIGN8(sizeof(*alg));
7086 		}
7087 	}
7088 
7089 	/* for encryption algorithm */
7090 	if (elen) {
7091 		sup = (struct sadb_supported *)(mtod(n, caddr_t) + off);
7092 		sup->sadb_supported_len = PFKEY_UNIT64(elen);
7093 		sup->sadb_supported_exttype = SADB_EXT_SUPPORTED_ENCRYPT;
7094 		off += PFKEY_ALIGN8(sizeof(*sup));
7095 
7096 		for (i = 1; i <= SADB_EALG_MAX; i++) {
7097 			const struct enc_xform *ealgo;
7098 
7099 			ealgo = enc_algorithm_lookup(i);
7100 			if (!ealgo)
7101 				continue;
7102 			alg = (struct sadb_alg *)(mtod(n, caddr_t) + off);
7103 			alg->sadb_alg_id = i;
7104 			alg->sadb_alg_ivlen = ealgo->ivsize;
7105 			alg->sadb_alg_minbits = _BITS(ealgo->minkey);
7106 			alg->sadb_alg_maxbits = _BITS(ealgo->maxkey);
7107 			off += PFKEY_ALIGN8(sizeof(struct sadb_alg));
7108 		}
7109 	}
7110 
7111 	IPSEC_ASSERT(off == len,
7112 		("length assumption failed (off %u len %u)", off, len));
7113 
7114 	m_freem(m);
7115 	return key_sendup_mbuf(so, n, KEY_SENDUP_REGISTERED);
7116     }
7117 }
7118 
7119 /*
7120  * free secreg entry registered.
7121  * XXX: I want to do free a socket marked done SADB_RESIGER to socket.
7122  */
7123 void
7124 key_freereg(struct socket *so)
7125 {
7126 	struct secreg *reg;
7127 	int i;
7128 
7129 	IPSEC_ASSERT(so != NULL, ("NULL so"));
7130 
7131 	/*
7132 	 * check whether existing or not.
7133 	 * check all type of SA, because there is a potential that
7134 	 * one socket is registered to multiple type of SA.
7135 	 */
7136 	REGTREE_LOCK();
7137 	for (i = 0; i <= SADB_SATYPE_MAX; i++) {
7138 		LIST_FOREACH(reg, &V_regtree[i], chain) {
7139 			if (reg->so == so && __LIST_CHAINED(reg)) {
7140 				LIST_REMOVE(reg, chain);
7141 				free(reg, M_IPSEC_SAR);
7142 				break;
7143 			}
7144 		}
7145 	}
7146 	REGTREE_UNLOCK();
7147 }
7148 
7149 /*
7150  * SADB_EXPIRE processing
7151  * send
7152  *   <base, SA, SA2, lifetime(C and one of HS), address(SD)>
7153  * to KMD by PF_KEY.
7154  * NOTE: We send only soft lifetime extension.
7155  *
7156  * OUT:	0	: succeed
7157  *	others	: error number
7158  */
7159 static int
7160 key_expire(struct secasvar *sav, int hard)
7161 {
7162 	struct mbuf *result = NULL, *m;
7163 	struct sadb_lifetime *lt;
7164 	uint32_t replay_count;
7165 	int error, len;
7166 	uint8_t satype;
7167 
7168 	IPSEC_ASSERT (sav != NULL, ("null sav"));
7169 	IPSEC_ASSERT (sav->sah != NULL, ("null sa header"));
7170 
7171 	KEYDBG(KEY_STAMP,
7172 	    printf("%s: SA(%p) expired %s lifetime\n", __func__,
7173 		sav, hard ? "hard": "soft"));
7174 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
7175 	/* set msg header */
7176 	satype = key_proto2satype(sav->sah->saidx.proto);
7177 	IPSEC_ASSERT(satype != 0, ("invalid proto, satype %u", satype));
7178 	m = key_setsadbmsg(SADB_EXPIRE, 0, satype, sav->seq, 0, sav->refcnt);
7179 	if (!m) {
7180 		error = ENOBUFS;
7181 		goto fail;
7182 	}
7183 	result = m;
7184 
7185 	/* create SA extension */
7186 	m = key_setsadbsa(sav);
7187 	if (!m) {
7188 		error = ENOBUFS;
7189 		goto fail;
7190 	}
7191 	m_cat(result, m);
7192 
7193 	/* create SA extension */
7194 	SECASVAR_LOCK(sav);
7195 	replay_count = sav->replay ? sav->replay->count : 0;
7196 	SECASVAR_UNLOCK(sav);
7197 
7198 	m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
7199 			sav->sah->saidx.reqid);
7200 	if (!m) {
7201 		error = ENOBUFS;
7202 		goto fail;
7203 	}
7204 	m_cat(result, m);
7205 
7206 	if (sav->replay && sav->replay->wsize > UINT8_MAX) {
7207 		m = key_setsadbxsareplay(sav->replay->wsize);
7208 		if (!m) {
7209 			error = ENOBUFS;
7210 			goto fail;
7211 		}
7212 		m_cat(result, m);
7213 	}
7214 
7215 	/* create lifetime extension (current and soft) */
7216 	len = PFKEY_ALIGN8(sizeof(*lt)) * 2;
7217 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
7218 	if (m == NULL) {
7219 		error = ENOBUFS;
7220 		goto fail;
7221 	}
7222 	m_align(m, len);
7223 	m->m_len = len;
7224 	bzero(mtod(m, caddr_t), len);
7225 	lt = mtod(m, struct sadb_lifetime *);
7226 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
7227 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
7228 	lt->sadb_lifetime_allocations =
7229 	    (uint32_t)counter_u64_fetch(sav->lft_c_allocations);
7230 	lt->sadb_lifetime_bytes =
7231 	    counter_u64_fetch(sav->lft_c_bytes);
7232 	lt->sadb_lifetime_addtime = sav->created;
7233 	lt->sadb_lifetime_usetime = sav->firstused;
7234 	lt = (struct sadb_lifetime *)(mtod(m, caddr_t) + len / 2);
7235 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
7236 	if (hard) {
7237 		lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
7238 		lt->sadb_lifetime_allocations = sav->lft_h->allocations;
7239 		lt->sadb_lifetime_bytes = sav->lft_h->bytes;
7240 		lt->sadb_lifetime_addtime = sav->lft_h->addtime;
7241 		lt->sadb_lifetime_usetime = sav->lft_h->usetime;
7242 	} else {
7243 		lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT;
7244 		lt->sadb_lifetime_allocations = sav->lft_s->allocations;
7245 		lt->sadb_lifetime_bytes = sav->lft_s->bytes;
7246 		lt->sadb_lifetime_addtime = sav->lft_s->addtime;
7247 		lt->sadb_lifetime_usetime = sav->lft_s->usetime;
7248 	}
7249 	m_cat(result, m);
7250 
7251 	/* set sadb_address for source */
7252 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
7253 	    &sav->sah->saidx.src.sa,
7254 	    FULLMASK, IPSEC_ULPROTO_ANY);
7255 	if (!m) {
7256 		error = ENOBUFS;
7257 		goto fail;
7258 	}
7259 	m_cat(result, m);
7260 
7261 	/* set sadb_address for destination */
7262 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
7263 	    &sav->sah->saidx.dst.sa,
7264 	    FULLMASK, IPSEC_ULPROTO_ANY);
7265 	if (!m) {
7266 		error = ENOBUFS;
7267 		goto fail;
7268 	}
7269 	m_cat(result, m);
7270 
7271 	/*
7272 	 * XXX-BZ Handle NAT-T extensions here.
7273 	 * XXXAE: it doesn't seem quite useful. IKEs should not depend on
7274 	 * this information, we report only significant SA fields.
7275 	 */
7276 
7277 	if ((result->m_flags & M_PKTHDR) == 0) {
7278 		error = EINVAL;
7279 		goto fail;
7280 	}
7281 
7282 	if (result->m_len < sizeof(struct sadb_msg)) {
7283 		result = m_pullup(result, sizeof(struct sadb_msg));
7284 		if (result == NULL) {
7285 			error = ENOBUFS;
7286 			goto fail;
7287 		}
7288 	}
7289 
7290 	result->m_pkthdr.len = 0;
7291 	for (m = result; m; m = m->m_next)
7292 		result->m_pkthdr.len += m->m_len;
7293 
7294 	mtod(result, struct sadb_msg *)->sadb_msg_len =
7295 	    PFKEY_UNIT64(result->m_pkthdr.len);
7296 
7297 	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
7298 
7299  fail:
7300 	if (result)
7301 		m_freem(result);
7302 	return error;
7303 }
7304 
7305 static void
7306 key_freesah_flushed(struct secashead_queue *flushq)
7307 {
7308 	struct secashead *sah, *nextsah;
7309 	struct secasvar *sav, *nextsav;
7310 
7311 	sah = TAILQ_FIRST(flushq);
7312 	while (sah != NULL) {
7313 		sav = TAILQ_FIRST(&sah->savtree_larval);
7314 		while (sav != NULL) {
7315 			nextsav = TAILQ_NEXT(sav, chain);
7316 			TAILQ_REMOVE(&sah->savtree_larval, sav, chain);
7317 			key_freesav(&sav); /* release last reference */
7318 			key_freesah(&sah); /* release reference from SAV */
7319 			sav = nextsav;
7320 		}
7321 		sav = TAILQ_FIRST(&sah->savtree_alive);
7322 		while (sav != NULL) {
7323 			nextsav = TAILQ_NEXT(sav, chain);
7324 			TAILQ_REMOVE(&sah->savtree_alive, sav, chain);
7325 			key_freesav(&sav); /* release last reference */
7326 			key_freesah(&sah); /* release reference from SAV */
7327 			sav = nextsav;
7328 		}
7329 		nextsah = TAILQ_NEXT(sah, chain);
7330 		key_freesah(&sah);	/* release last reference */
7331 		sah = nextsah;
7332 	}
7333 }
7334 
7335 /*
7336  * SADB_FLUSH processing
7337  * receive
7338  *   <base>
7339  * from the ikmpd, and free all entries in secastree.
7340  * and send,
7341  *   <base>
7342  * to the ikmpd.
7343  * NOTE: to do is only marking SADB_SASTATE_DEAD.
7344  *
7345  * m will always be freed.
7346  */
7347 static int
7348 key_flush(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7349 {
7350 	struct secashead_queue flushq;
7351 	struct sadb_msg *newmsg;
7352 	struct secashead *sah, *nextsah;
7353 	struct secasvar *sav;
7354 	uint8_t proto;
7355 	int i;
7356 
7357 	IPSEC_ASSERT(so != NULL, ("null socket"));
7358 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7359 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7360 
7361 	/* map satype to proto */
7362 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
7363 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
7364 			__func__));
7365 		return key_senderror(so, m, EINVAL);
7366 	}
7367 	KEYDBG(KEY_STAMP,
7368 	    printf("%s: proto %u\n", __func__, proto));
7369 
7370 	TAILQ_INIT(&flushq);
7371 	if (proto == IPSEC_PROTO_ANY) {
7372 		/* no SATYPE specified, i.e. flushing all SA. */
7373 		SAHTREE_WLOCK();
7374 		/* Move all SAHs into flushq */
7375 		TAILQ_CONCAT(&flushq, &V_sahtree, chain);
7376 		/* Flush all buckets in SPI hash */
7377 		for (i = 0; i < V_savhash_mask + 1; i++)
7378 			LIST_INIT(&V_savhashtbl[i]);
7379 		/* Flush all buckets in SAHADDRHASH */
7380 		for (i = 0; i < V_sahaddrhash_mask + 1; i++)
7381 			LIST_INIT(&V_sahaddrhashtbl[i]);
7382 		/* Mark all SAHs as unlinked */
7383 		TAILQ_FOREACH(sah, &flushq, chain) {
7384 			sah->state = SADB_SASTATE_DEAD;
7385 			/*
7386 			 * Callout handler makes its job using
7387 			 * RLOCK and drain queues. In case, when this
7388 			 * function will be called just before it
7389 			 * acquires WLOCK, we need to mark SAs as
7390 			 * unlinked to prevent second unlink.
7391 			 */
7392 			TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7393 				sav->state = SADB_SASTATE_DEAD;
7394 			}
7395 			TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7396 				sav->state = SADB_SASTATE_DEAD;
7397 			}
7398 		}
7399 		SAHTREE_WUNLOCK();
7400 	} else {
7401 		SAHTREE_WLOCK();
7402 		sah = TAILQ_FIRST(&V_sahtree);
7403 		while (sah != NULL) {
7404 			IPSEC_ASSERT(sah->state != SADB_SASTATE_DEAD,
7405 			    ("DEAD SAH %p in SADB_FLUSH", sah));
7406 			nextsah = TAILQ_NEXT(sah, chain);
7407 			if (sah->saidx.proto != proto) {
7408 				sah = nextsah;
7409 				continue;
7410 			}
7411 			sah->state = SADB_SASTATE_DEAD;
7412 			TAILQ_REMOVE(&V_sahtree, sah, chain);
7413 			LIST_REMOVE(sah, addrhash);
7414 			/* Unlink all SAs from SPI hash */
7415 			TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7416 				LIST_REMOVE(sav, spihash);
7417 				sav->state = SADB_SASTATE_DEAD;
7418 			}
7419 			TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7420 				LIST_REMOVE(sav, spihash);
7421 				sav->state = SADB_SASTATE_DEAD;
7422 			}
7423 			/* Add SAH into flushq */
7424 			TAILQ_INSERT_HEAD(&flushq, sah, chain);
7425 			sah = nextsah;
7426 		}
7427 		SAHTREE_WUNLOCK();
7428 	}
7429 
7430 	key_freesah_flushed(&flushq);
7431 	/* Free all queued SAs and SAHs */
7432 	if (m->m_len < sizeof(struct sadb_msg) ||
7433 	    sizeof(struct sadb_msg) > m->m_len + M_TRAILINGSPACE(m)) {
7434 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
7435 		return key_senderror(so, m, ENOBUFS);
7436 	}
7437 
7438 	if (m->m_next)
7439 		m_freem(m->m_next);
7440 	m->m_next = NULL;
7441 	m->m_pkthdr.len = m->m_len = sizeof(struct sadb_msg);
7442 	newmsg = mtod(m, struct sadb_msg *);
7443 	newmsg->sadb_msg_errno = 0;
7444 	newmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
7445 
7446 	return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
7447 }
7448 
7449 /*
7450  * SADB_DUMP processing
7451  * dump all entries including status of DEAD in SAD.
7452  * receive
7453  *   <base>
7454  * from the ikmpd, and dump all secasvar leaves
7455  * and send,
7456  *   <base> .....
7457  * to the ikmpd.
7458  *
7459  * m will always be freed.
7460  */
7461 static int
7462 key_dump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7463 {
7464 	SAHTREE_RLOCK_TRACKER;
7465 	struct secashead *sah;
7466 	struct secasvar *sav;
7467 	struct sadb_msg *newmsg;
7468 	struct mbuf *n;
7469 	uint32_t cnt;
7470 	uint8_t proto, satype;
7471 
7472 	IPSEC_ASSERT(so != NULL, ("null socket"));
7473 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7474 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7475 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7476 
7477 	/* map satype to proto */
7478 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
7479 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
7480 		    __func__));
7481 		return key_senderror(so, m, EINVAL);
7482 	}
7483 
7484 	/* count sav entries to be sent to the userland. */
7485 	cnt = 0;
7486 	SAHTREE_RLOCK();
7487 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
7488 		if (mhp->msg->sadb_msg_satype != SADB_SATYPE_UNSPEC &&
7489 		    proto != sah->saidx.proto)
7490 			continue;
7491 
7492 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain)
7493 			cnt++;
7494 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain)
7495 			cnt++;
7496 	}
7497 
7498 	if (cnt == 0) {
7499 		SAHTREE_RUNLOCK();
7500 		return key_senderror(so, m, ENOENT);
7501 	}
7502 
7503 	/* send this to the userland, one at a time. */
7504 	newmsg = NULL;
7505 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
7506 		if (mhp->msg->sadb_msg_satype != SADB_SATYPE_UNSPEC &&
7507 		    proto != sah->saidx.proto)
7508 			continue;
7509 
7510 		/* map proto to satype */
7511 		if ((satype = key_proto2satype(sah->saidx.proto)) == 0) {
7512 			SAHTREE_RUNLOCK();
7513 			ipseclog((LOG_DEBUG, "%s: there was invalid proto in "
7514 			    "SAD.\n", __func__));
7515 			return key_senderror(so, m, EINVAL);
7516 		}
7517 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7518 			n = key_setdumpsa(sav, SADB_DUMP, satype,
7519 			    --cnt, mhp->msg->sadb_msg_pid);
7520 			if (n == NULL) {
7521 				SAHTREE_RUNLOCK();
7522 				return key_senderror(so, m, ENOBUFS);
7523 			}
7524 			key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
7525 		}
7526 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7527 			n = key_setdumpsa(sav, SADB_DUMP, satype,
7528 			    --cnt, mhp->msg->sadb_msg_pid);
7529 			if (n == NULL) {
7530 				SAHTREE_RUNLOCK();
7531 				return key_senderror(so, m, ENOBUFS);
7532 			}
7533 			key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
7534 		}
7535 	}
7536 	SAHTREE_RUNLOCK();
7537 	m_freem(m);
7538 	return (0);
7539 }
7540 /*
7541  * SADB_X_PROMISC processing
7542  *
7543  * m will always be freed.
7544  */
7545 static int
7546 key_promisc(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7547 {
7548 	int olen;
7549 
7550 	IPSEC_ASSERT(so != NULL, ("null socket"));
7551 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7552 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7553 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7554 
7555 	olen = PFKEY_UNUNIT64(mhp->msg->sadb_msg_len);
7556 
7557 	if (olen < sizeof(struct sadb_msg)) {
7558 #if 1
7559 		return key_senderror(so, m, EINVAL);
7560 #else
7561 		m_freem(m);
7562 		return 0;
7563 #endif
7564 	} else if (olen == sizeof(struct sadb_msg)) {
7565 		/* enable/disable promisc mode */
7566 		struct keycb *kp;
7567 
7568 		if ((kp = (struct keycb *)sotorawcb(so)) == NULL)
7569 			return key_senderror(so, m, EINVAL);
7570 		mhp->msg->sadb_msg_errno = 0;
7571 		switch (mhp->msg->sadb_msg_satype) {
7572 		case 0:
7573 		case 1:
7574 			kp->kp_promisc = mhp->msg->sadb_msg_satype;
7575 			break;
7576 		default:
7577 			return key_senderror(so, m, EINVAL);
7578 		}
7579 
7580 		/* send the original message back to everyone */
7581 		mhp->msg->sadb_msg_errno = 0;
7582 		return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
7583 	} else {
7584 		/* send packet as is */
7585 
7586 		m_adj(m, PFKEY_ALIGN8(sizeof(struct sadb_msg)));
7587 
7588 		/* TODO: if sadb_msg_seq is specified, send to specific pid */
7589 		return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
7590 	}
7591 }
7592 
7593 static int (*key_typesw[])(struct socket *, struct mbuf *,
7594 		const struct sadb_msghdr *) = {
7595 	NULL,		/* SADB_RESERVED */
7596 	key_getspi,	/* SADB_GETSPI */
7597 	key_update,	/* SADB_UPDATE */
7598 	key_add,	/* SADB_ADD */
7599 	key_delete,	/* SADB_DELETE */
7600 	key_get,	/* SADB_GET */
7601 	key_acquire2,	/* SADB_ACQUIRE */
7602 	key_register,	/* SADB_REGISTER */
7603 	NULL,		/* SADB_EXPIRE */
7604 	key_flush,	/* SADB_FLUSH */
7605 	key_dump,	/* SADB_DUMP */
7606 	key_promisc,	/* SADB_X_PROMISC */
7607 	NULL,		/* SADB_X_PCHANGE */
7608 	key_spdadd,	/* SADB_X_SPDUPDATE */
7609 	key_spdadd,	/* SADB_X_SPDADD */
7610 	key_spddelete,	/* SADB_X_SPDDELETE */
7611 	key_spdget,	/* SADB_X_SPDGET */
7612 	NULL,		/* SADB_X_SPDACQUIRE */
7613 	key_spddump,	/* SADB_X_SPDDUMP */
7614 	key_spdflush,	/* SADB_X_SPDFLUSH */
7615 	key_spdadd,	/* SADB_X_SPDSETIDX */
7616 	NULL,		/* SADB_X_SPDEXPIRE */
7617 	key_spddelete2,	/* SADB_X_SPDDELETE2 */
7618 };
7619 
7620 /*
7621  * parse sadb_msg buffer to process PFKEYv2,
7622  * and create a data to response if needed.
7623  * I think to be dealed with mbuf directly.
7624  * IN:
7625  *     msgp  : pointer to pointer to a received buffer pulluped.
7626  *             This is rewrited to response.
7627  *     so    : pointer to socket.
7628  * OUT:
7629  *    length for buffer to send to user process.
7630  */
7631 int
7632 key_parse(struct mbuf *m, struct socket *so)
7633 {
7634 	struct sadb_msg *msg;
7635 	struct sadb_msghdr mh;
7636 	u_int orglen;
7637 	int error;
7638 	int target;
7639 
7640 	IPSEC_ASSERT(so != NULL, ("null socket"));
7641 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7642 
7643 	if (m->m_len < sizeof(struct sadb_msg)) {
7644 		m = m_pullup(m, sizeof(struct sadb_msg));
7645 		if (!m)
7646 			return ENOBUFS;
7647 	}
7648 	msg = mtod(m, struct sadb_msg *);
7649 	orglen = PFKEY_UNUNIT64(msg->sadb_msg_len);
7650 	target = KEY_SENDUP_ONE;
7651 
7652 	if ((m->m_flags & M_PKTHDR) == 0 || m->m_pkthdr.len != orglen) {
7653 		ipseclog((LOG_DEBUG, "%s: invalid message length.\n",__func__));
7654 		PFKEYSTAT_INC(out_invlen);
7655 		error = EINVAL;
7656 		goto senderror;
7657 	}
7658 
7659 	if (msg->sadb_msg_version != PF_KEY_V2) {
7660 		ipseclog((LOG_DEBUG, "%s: PF_KEY version %u is mismatched.\n",
7661 		    __func__, msg->sadb_msg_version));
7662 		PFKEYSTAT_INC(out_invver);
7663 		error = EINVAL;
7664 		goto senderror;
7665 	}
7666 
7667 	if (msg->sadb_msg_type > SADB_MAX) {
7668 		ipseclog((LOG_DEBUG, "%s: invalid type %u is passed.\n",
7669 		    __func__, msg->sadb_msg_type));
7670 		PFKEYSTAT_INC(out_invmsgtype);
7671 		error = EINVAL;
7672 		goto senderror;
7673 	}
7674 
7675 	/* for old-fashioned code - should be nuked */
7676 	if (m->m_pkthdr.len > MCLBYTES) {
7677 		m_freem(m);
7678 		return ENOBUFS;
7679 	}
7680 	if (m->m_next) {
7681 		struct mbuf *n;
7682 
7683 		MGETHDR(n, M_NOWAIT, MT_DATA);
7684 		if (n && m->m_pkthdr.len > MHLEN) {
7685 			if (!(MCLGET(n, M_NOWAIT))) {
7686 				m_free(n);
7687 				n = NULL;
7688 			}
7689 		}
7690 		if (!n) {
7691 			m_freem(m);
7692 			return ENOBUFS;
7693 		}
7694 		m_copydata(m, 0, m->m_pkthdr.len, mtod(n, caddr_t));
7695 		n->m_pkthdr.len = n->m_len = m->m_pkthdr.len;
7696 		n->m_next = NULL;
7697 		m_freem(m);
7698 		m = n;
7699 	}
7700 
7701 	/* align the mbuf chain so that extensions are in contiguous region. */
7702 	error = key_align(m, &mh);
7703 	if (error)
7704 		return error;
7705 
7706 	msg = mh.msg;
7707 
7708 	/* We use satype as scope mask for spddump */
7709 	if (msg->sadb_msg_type == SADB_X_SPDDUMP) {
7710 		switch (msg->sadb_msg_satype) {
7711 		case IPSEC_POLICYSCOPE_ANY:
7712 		case IPSEC_POLICYSCOPE_GLOBAL:
7713 		case IPSEC_POLICYSCOPE_IFNET:
7714 		case IPSEC_POLICYSCOPE_PCB:
7715 			break;
7716 		default:
7717 			ipseclog((LOG_DEBUG, "%s: illegal satype=%u\n",
7718 			    __func__, msg->sadb_msg_type));
7719 			PFKEYSTAT_INC(out_invsatype);
7720 			error = EINVAL;
7721 			goto senderror;
7722 		}
7723 	} else {
7724 		switch (msg->sadb_msg_satype) { /* check SA type */
7725 		case SADB_SATYPE_UNSPEC:
7726 			switch (msg->sadb_msg_type) {
7727 			case SADB_GETSPI:
7728 			case SADB_UPDATE:
7729 			case SADB_ADD:
7730 			case SADB_DELETE:
7731 			case SADB_GET:
7732 			case SADB_ACQUIRE:
7733 			case SADB_EXPIRE:
7734 				ipseclog((LOG_DEBUG, "%s: must specify satype "
7735 				    "when msg type=%u.\n", __func__,
7736 				    msg->sadb_msg_type));
7737 				PFKEYSTAT_INC(out_invsatype);
7738 				error = EINVAL;
7739 				goto senderror;
7740 			}
7741 			break;
7742 		case SADB_SATYPE_AH:
7743 		case SADB_SATYPE_ESP:
7744 		case SADB_X_SATYPE_IPCOMP:
7745 		case SADB_X_SATYPE_TCPSIGNATURE:
7746 			switch (msg->sadb_msg_type) {
7747 			case SADB_X_SPDADD:
7748 			case SADB_X_SPDDELETE:
7749 			case SADB_X_SPDGET:
7750 			case SADB_X_SPDFLUSH:
7751 			case SADB_X_SPDSETIDX:
7752 			case SADB_X_SPDUPDATE:
7753 			case SADB_X_SPDDELETE2:
7754 				ipseclog((LOG_DEBUG, "%s: illegal satype=%u\n",
7755 				    __func__, msg->sadb_msg_type));
7756 				PFKEYSTAT_INC(out_invsatype);
7757 				error = EINVAL;
7758 				goto senderror;
7759 			}
7760 			break;
7761 		case SADB_SATYPE_RSVP:
7762 		case SADB_SATYPE_OSPFV2:
7763 		case SADB_SATYPE_RIPV2:
7764 		case SADB_SATYPE_MIP:
7765 			ipseclog((LOG_DEBUG, "%s: type %u isn't supported.\n",
7766 			    __func__, msg->sadb_msg_satype));
7767 			PFKEYSTAT_INC(out_invsatype);
7768 			error = EOPNOTSUPP;
7769 			goto senderror;
7770 		case 1:	/* XXX: What does it do? */
7771 			if (msg->sadb_msg_type == SADB_X_PROMISC)
7772 				break;
7773 			/*FALLTHROUGH*/
7774 		default:
7775 			ipseclog((LOG_DEBUG, "%s: invalid type %u is passed.\n",
7776 			    __func__, msg->sadb_msg_satype));
7777 			PFKEYSTAT_INC(out_invsatype);
7778 			error = EINVAL;
7779 			goto senderror;
7780 		}
7781 	}
7782 
7783 	/* check field of upper layer protocol and address family */
7784 	if (mh.ext[SADB_EXT_ADDRESS_SRC] != NULL
7785 	 && mh.ext[SADB_EXT_ADDRESS_DST] != NULL) {
7786 		struct sadb_address *src0, *dst0;
7787 		u_int plen;
7788 
7789 		src0 = (struct sadb_address *)(mh.ext[SADB_EXT_ADDRESS_SRC]);
7790 		dst0 = (struct sadb_address *)(mh.ext[SADB_EXT_ADDRESS_DST]);
7791 
7792 		/* check upper layer protocol */
7793 		if (src0->sadb_address_proto != dst0->sadb_address_proto) {
7794 			ipseclog((LOG_DEBUG, "%s: upper layer protocol "
7795 				"mismatched.\n", __func__));
7796 			PFKEYSTAT_INC(out_invaddr);
7797 			error = EINVAL;
7798 			goto senderror;
7799 		}
7800 
7801 		/* check family */
7802 		if (PFKEY_ADDR_SADDR(src0)->sa_family !=
7803 		    PFKEY_ADDR_SADDR(dst0)->sa_family) {
7804 			ipseclog((LOG_DEBUG, "%s: address family mismatched.\n",
7805 				__func__));
7806 			PFKEYSTAT_INC(out_invaddr);
7807 			error = EINVAL;
7808 			goto senderror;
7809 		}
7810 		if (PFKEY_ADDR_SADDR(src0)->sa_len !=
7811 		    PFKEY_ADDR_SADDR(dst0)->sa_len) {
7812 			ipseclog((LOG_DEBUG, "%s: address struct size "
7813 				"mismatched.\n", __func__));
7814 			PFKEYSTAT_INC(out_invaddr);
7815 			error = EINVAL;
7816 			goto senderror;
7817 		}
7818 
7819 		switch (PFKEY_ADDR_SADDR(src0)->sa_family) {
7820 		case AF_INET:
7821 			if (PFKEY_ADDR_SADDR(src0)->sa_len !=
7822 			    sizeof(struct sockaddr_in)) {
7823 				PFKEYSTAT_INC(out_invaddr);
7824 				error = EINVAL;
7825 				goto senderror;
7826 			}
7827 			break;
7828 		case AF_INET6:
7829 			if (PFKEY_ADDR_SADDR(src0)->sa_len !=
7830 			    sizeof(struct sockaddr_in6)) {
7831 				PFKEYSTAT_INC(out_invaddr);
7832 				error = EINVAL;
7833 				goto senderror;
7834 			}
7835 			break;
7836 		default:
7837 			ipseclog((LOG_DEBUG, "%s: unsupported address family\n",
7838 				__func__));
7839 			PFKEYSTAT_INC(out_invaddr);
7840 			error = EAFNOSUPPORT;
7841 			goto senderror;
7842 		}
7843 
7844 		switch (PFKEY_ADDR_SADDR(src0)->sa_family) {
7845 		case AF_INET:
7846 			plen = sizeof(struct in_addr) << 3;
7847 			break;
7848 		case AF_INET6:
7849 			plen = sizeof(struct in6_addr) << 3;
7850 			break;
7851 		default:
7852 			plen = 0;	/*fool gcc*/
7853 			break;
7854 		}
7855 
7856 		/* check max prefix length */
7857 		if (src0->sadb_address_prefixlen > plen ||
7858 		    dst0->sadb_address_prefixlen > plen) {
7859 			ipseclog((LOG_DEBUG, "%s: illegal prefixlen.\n",
7860 				__func__));
7861 			PFKEYSTAT_INC(out_invaddr);
7862 			error = EINVAL;
7863 			goto senderror;
7864 		}
7865 
7866 		/*
7867 		 * prefixlen == 0 is valid because there can be a case when
7868 		 * all addresses are matched.
7869 		 */
7870 	}
7871 
7872 	if (msg->sadb_msg_type >= nitems(key_typesw) ||
7873 	    key_typesw[msg->sadb_msg_type] == NULL) {
7874 		PFKEYSTAT_INC(out_invmsgtype);
7875 		error = EINVAL;
7876 		goto senderror;
7877 	}
7878 
7879 	return (*key_typesw[msg->sadb_msg_type])(so, m, &mh);
7880 
7881 senderror:
7882 	msg->sadb_msg_errno = error;
7883 	return key_sendup_mbuf(so, m, target);
7884 }
7885 
7886 static int
7887 key_senderror(struct socket *so, struct mbuf *m, int code)
7888 {
7889 	struct sadb_msg *msg;
7890 
7891 	IPSEC_ASSERT(m->m_len >= sizeof(struct sadb_msg),
7892 		("mbuf too small, len %u", m->m_len));
7893 
7894 	msg = mtod(m, struct sadb_msg *);
7895 	msg->sadb_msg_errno = code;
7896 	return key_sendup_mbuf(so, m, KEY_SENDUP_ONE);
7897 }
7898 
7899 /*
7900  * set the pointer to each header into message buffer.
7901  * m will be freed on error.
7902  * XXX larger-than-MCLBYTES extension?
7903  */
7904 static int
7905 key_align(struct mbuf *m, struct sadb_msghdr *mhp)
7906 {
7907 	struct mbuf *n;
7908 	struct sadb_ext *ext;
7909 	size_t off, end;
7910 	int extlen;
7911 	int toff;
7912 
7913 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7914 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7915 	IPSEC_ASSERT(m->m_len >= sizeof(struct sadb_msg),
7916 		("mbuf too small, len %u", m->m_len));
7917 
7918 	/* initialize */
7919 	bzero(mhp, sizeof(*mhp));
7920 
7921 	mhp->msg = mtod(m, struct sadb_msg *);
7922 	mhp->ext[0] = (struct sadb_ext *)mhp->msg;	/*XXX backward compat */
7923 
7924 	end = PFKEY_UNUNIT64(mhp->msg->sadb_msg_len);
7925 	extlen = end;	/*just in case extlen is not updated*/
7926 	for (off = sizeof(struct sadb_msg); off < end; off += extlen) {
7927 		n = m_pulldown(m, off, sizeof(struct sadb_ext), &toff);
7928 		if (!n) {
7929 			/* m is already freed */
7930 			return ENOBUFS;
7931 		}
7932 		ext = (struct sadb_ext *)(mtod(n, caddr_t) + toff);
7933 
7934 		/* set pointer */
7935 		switch (ext->sadb_ext_type) {
7936 		case SADB_EXT_SA:
7937 		case SADB_EXT_ADDRESS_SRC:
7938 		case SADB_EXT_ADDRESS_DST:
7939 		case SADB_EXT_ADDRESS_PROXY:
7940 		case SADB_EXT_LIFETIME_CURRENT:
7941 		case SADB_EXT_LIFETIME_HARD:
7942 		case SADB_EXT_LIFETIME_SOFT:
7943 		case SADB_EXT_KEY_AUTH:
7944 		case SADB_EXT_KEY_ENCRYPT:
7945 		case SADB_EXT_IDENTITY_SRC:
7946 		case SADB_EXT_IDENTITY_DST:
7947 		case SADB_EXT_SENSITIVITY:
7948 		case SADB_EXT_PROPOSAL:
7949 		case SADB_EXT_SUPPORTED_AUTH:
7950 		case SADB_EXT_SUPPORTED_ENCRYPT:
7951 		case SADB_EXT_SPIRANGE:
7952 		case SADB_X_EXT_POLICY:
7953 		case SADB_X_EXT_SA2:
7954 		case SADB_X_EXT_NAT_T_TYPE:
7955 		case SADB_X_EXT_NAT_T_SPORT:
7956 		case SADB_X_EXT_NAT_T_DPORT:
7957 		case SADB_X_EXT_NAT_T_OAI:
7958 		case SADB_X_EXT_NAT_T_OAR:
7959 		case SADB_X_EXT_NAT_T_FRAG:
7960 		case SADB_X_EXT_SA_REPLAY:
7961 		case SADB_X_EXT_NEW_ADDRESS_SRC:
7962 		case SADB_X_EXT_NEW_ADDRESS_DST:
7963 			/* duplicate check */
7964 			/*
7965 			 * XXX Are there duplication payloads of either
7966 			 * KEY_AUTH or KEY_ENCRYPT ?
7967 			 */
7968 			if (mhp->ext[ext->sadb_ext_type] != NULL) {
7969 				ipseclog((LOG_DEBUG, "%s: duplicate ext_type "
7970 					"%u\n", __func__, ext->sadb_ext_type));
7971 				m_freem(m);
7972 				PFKEYSTAT_INC(out_dupext);
7973 				return EINVAL;
7974 			}
7975 			break;
7976 		default:
7977 			ipseclog((LOG_DEBUG, "%s: invalid ext_type %u\n",
7978 				__func__, ext->sadb_ext_type));
7979 			m_freem(m);
7980 			PFKEYSTAT_INC(out_invexttype);
7981 			return EINVAL;
7982 		}
7983 
7984 		extlen = PFKEY_UNUNIT64(ext->sadb_ext_len);
7985 
7986 		if (key_validate_ext(ext, extlen)) {
7987 			m_freem(m);
7988 			PFKEYSTAT_INC(out_invlen);
7989 			return EINVAL;
7990 		}
7991 
7992 		n = m_pulldown(m, off, extlen, &toff);
7993 		if (!n) {
7994 			/* m is already freed */
7995 			return ENOBUFS;
7996 		}
7997 		ext = (struct sadb_ext *)(mtod(n, caddr_t) + toff);
7998 
7999 		mhp->ext[ext->sadb_ext_type] = ext;
8000 		mhp->extoff[ext->sadb_ext_type] = off;
8001 		mhp->extlen[ext->sadb_ext_type] = extlen;
8002 	}
8003 
8004 	if (off != end) {
8005 		m_freem(m);
8006 		PFKEYSTAT_INC(out_invlen);
8007 		return EINVAL;
8008 	}
8009 
8010 	return 0;
8011 }
8012 
8013 static int
8014 key_validate_ext(const struct sadb_ext *ext, int len)
8015 {
8016 	const struct sockaddr *sa;
8017 	enum { NONE, ADDR } checktype = NONE;
8018 	int baselen = 0;
8019 	const int sal = offsetof(struct sockaddr, sa_len) + sizeof(sa->sa_len);
8020 
8021 	if (len != PFKEY_UNUNIT64(ext->sadb_ext_len))
8022 		return EINVAL;
8023 
8024 	/* if it does not match minimum/maximum length, bail */
8025 	if (ext->sadb_ext_type >= nitems(minsize) ||
8026 	    ext->sadb_ext_type >= nitems(maxsize))
8027 		return EINVAL;
8028 	if (!minsize[ext->sadb_ext_type] || len < minsize[ext->sadb_ext_type])
8029 		return EINVAL;
8030 	if (maxsize[ext->sadb_ext_type] && len > maxsize[ext->sadb_ext_type])
8031 		return EINVAL;
8032 
8033 	/* more checks based on sadb_ext_type XXX need more */
8034 	switch (ext->sadb_ext_type) {
8035 	case SADB_EXT_ADDRESS_SRC:
8036 	case SADB_EXT_ADDRESS_DST:
8037 	case SADB_EXT_ADDRESS_PROXY:
8038 	case SADB_X_EXT_NAT_T_OAI:
8039 	case SADB_X_EXT_NAT_T_OAR:
8040 	case SADB_X_EXT_NEW_ADDRESS_SRC:
8041 	case SADB_X_EXT_NEW_ADDRESS_DST:
8042 		baselen = PFKEY_ALIGN8(sizeof(struct sadb_address));
8043 		checktype = ADDR;
8044 		break;
8045 	case SADB_EXT_IDENTITY_SRC:
8046 	case SADB_EXT_IDENTITY_DST:
8047 		if (((const struct sadb_ident *)ext)->sadb_ident_type ==
8048 		    SADB_X_IDENTTYPE_ADDR) {
8049 			baselen = PFKEY_ALIGN8(sizeof(struct sadb_ident));
8050 			checktype = ADDR;
8051 		} else
8052 			checktype = NONE;
8053 		break;
8054 	default:
8055 		checktype = NONE;
8056 		break;
8057 	}
8058 
8059 	switch (checktype) {
8060 	case NONE:
8061 		break;
8062 	case ADDR:
8063 		sa = (const struct sockaddr *)(((const u_int8_t*)ext)+baselen);
8064 		if (len < baselen + sal)
8065 			return EINVAL;
8066 		if (baselen + PFKEY_ALIGN8(sa->sa_len) != len)
8067 			return EINVAL;
8068 		break;
8069 	}
8070 
8071 	return 0;
8072 }
8073 
8074 void
8075 key_init(void)
8076 {
8077 	int i;
8078 
8079 	for (i = 0; i < IPSEC_DIR_MAX; i++) {
8080 		TAILQ_INIT(&V_sptree[i]);
8081 		TAILQ_INIT(&V_sptree_ifnet[i]);
8082 	}
8083 
8084 	V_key_lft_zone = uma_zcreate("IPsec SA lft_c",
8085 	    sizeof(uint64_t) * 2, NULL, NULL, NULL, NULL,
8086 	    UMA_ALIGN_PTR, UMA_ZONE_PCPU);
8087 
8088 	TAILQ_INIT(&V_sahtree);
8089 	V_sphashtbl = hashinit(SPHASH_NHASH, M_IPSEC_SP, &V_sphash_mask);
8090 	V_savhashtbl = hashinit(SAVHASH_NHASH, M_IPSEC_SA, &V_savhash_mask);
8091 	V_sahaddrhashtbl = hashinit(SAHHASH_NHASH, M_IPSEC_SAH,
8092 	    &V_sahaddrhash_mask);
8093 	V_acqaddrhashtbl = hashinit(ACQHASH_NHASH, M_IPSEC_SAQ,
8094 	    &V_acqaddrhash_mask);
8095 	V_acqseqhashtbl = hashinit(ACQHASH_NHASH, M_IPSEC_SAQ,
8096 	    &V_acqseqhash_mask);
8097 
8098 	for (i = 0; i <= SADB_SATYPE_MAX; i++)
8099 		LIST_INIT(&V_regtree[i]);
8100 
8101 	LIST_INIT(&V_acqtree);
8102 	LIST_INIT(&V_spacqtree);
8103 
8104 	if (!IS_DEFAULT_VNET(curvnet))
8105 		return;
8106 
8107 	XFORMS_LOCK_INIT();
8108 	SPTREE_LOCK_INIT();
8109 	REGTREE_LOCK_INIT();
8110 	SAHTREE_LOCK_INIT();
8111 	ACQ_LOCK_INIT();
8112 	SPACQ_LOCK_INIT();
8113 
8114 #ifndef IPSEC_DEBUG2
8115 	callout_init(&key_timer, 1);
8116 	callout_reset(&key_timer, hz, key_timehandler, NULL);
8117 #endif /*IPSEC_DEBUG2*/
8118 
8119 	/* initialize key statistics */
8120 	keystat.getspi_count = 1;
8121 
8122 	if (bootverbose)
8123 		printf("IPsec: Initialized Security Association Processing.\n");
8124 }
8125 
8126 #ifdef VIMAGE
8127 void
8128 key_destroy(void)
8129 {
8130 	struct secashead_queue sahdrainq;
8131 	struct secpolicy_queue drainq;
8132 	struct secpolicy *sp, *nextsp;
8133 	struct secacq *acq, *nextacq;
8134 	struct secspacq *spacq, *nextspacq;
8135 	struct secashead *sah;
8136 	struct secasvar *sav;
8137 	struct secreg *reg;
8138 	int i;
8139 
8140 	/*
8141 	 * XXX: can we just call free() for each object without
8142 	 * walking through safe way with releasing references?
8143 	 */
8144 	TAILQ_INIT(&drainq);
8145 	SPTREE_WLOCK();
8146 	for (i = 0; i < IPSEC_DIR_MAX; i++) {
8147 		TAILQ_CONCAT(&drainq, &V_sptree[i], chain);
8148 		TAILQ_CONCAT(&drainq, &V_sptree_ifnet[i], chain);
8149 	}
8150 	SPTREE_WUNLOCK();
8151 	sp = TAILQ_FIRST(&drainq);
8152 	while (sp != NULL) {
8153 		nextsp = TAILQ_NEXT(sp, chain);
8154 		key_freesp(&sp);
8155 		sp = nextsp;
8156 	}
8157 
8158 	TAILQ_INIT(&sahdrainq);
8159 	SAHTREE_WLOCK();
8160 	TAILQ_CONCAT(&sahdrainq, &V_sahtree, chain);
8161 	for (i = 0; i < V_savhash_mask + 1; i++)
8162 		LIST_INIT(&V_savhashtbl[i]);
8163 	for (i = 0; i < V_sahaddrhash_mask + 1; i++)
8164 		LIST_INIT(&V_sahaddrhashtbl[i]);
8165 	TAILQ_FOREACH(sah, &sahdrainq, chain) {
8166 		sah->state = SADB_SASTATE_DEAD;
8167 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
8168 			sav->state = SADB_SASTATE_DEAD;
8169 		}
8170 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
8171 			sav->state = SADB_SASTATE_DEAD;
8172 		}
8173 	}
8174 	SAHTREE_WUNLOCK();
8175 
8176 	key_freesah_flushed(&sahdrainq);
8177 	hashdestroy(V_sphashtbl, M_IPSEC_SP, V_sphash_mask);
8178 	hashdestroy(V_savhashtbl, M_IPSEC_SA, V_savhash_mask);
8179 	hashdestroy(V_sahaddrhashtbl, M_IPSEC_SAH, V_sahaddrhash_mask);
8180 
8181 	REGTREE_LOCK();
8182 	for (i = 0; i <= SADB_SATYPE_MAX; i++) {
8183 		LIST_FOREACH(reg, &V_regtree[i], chain) {
8184 			if (__LIST_CHAINED(reg)) {
8185 				LIST_REMOVE(reg, chain);
8186 				free(reg, M_IPSEC_SAR);
8187 				break;
8188 			}
8189 		}
8190 	}
8191 	REGTREE_UNLOCK();
8192 
8193 	ACQ_LOCK();
8194 	acq = LIST_FIRST(&V_acqtree);
8195 	while (acq != NULL) {
8196 		nextacq = LIST_NEXT(acq, chain);
8197 		LIST_REMOVE(acq, chain);
8198 		free(acq, M_IPSEC_SAQ);
8199 		acq = nextacq;
8200 	}
8201 	ACQ_UNLOCK();
8202 
8203 	SPACQ_LOCK();
8204 	for (spacq = LIST_FIRST(&V_spacqtree); spacq != NULL;
8205 	    spacq = nextspacq) {
8206 		nextspacq = LIST_NEXT(spacq, chain);
8207 		if (__LIST_CHAINED(spacq)) {
8208 			LIST_REMOVE(spacq, chain);
8209 			free(spacq, M_IPSEC_SAQ);
8210 		}
8211 	}
8212 	SPACQ_UNLOCK();
8213 	hashdestroy(V_acqaddrhashtbl, M_IPSEC_SAQ, V_acqaddrhash_mask);
8214 	hashdestroy(V_acqseqhashtbl, M_IPSEC_SAQ, V_acqseqhash_mask);
8215 	uma_zdestroy(V_key_lft_zone);
8216 }
8217 #endif
8218 
8219 /* record data transfer on SA, and update timestamps */
8220 void
8221 key_sa_recordxfer(struct secasvar *sav, struct mbuf *m)
8222 {
8223 	IPSEC_ASSERT(sav != NULL, ("Null secasvar"));
8224 	IPSEC_ASSERT(m != NULL, ("Null mbuf"));
8225 
8226 	/*
8227 	 * XXX Currently, there is a difference of bytes size
8228 	 * between inbound and outbound processing.
8229 	 */
8230 	counter_u64_add(sav->lft_c_bytes, m->m_pkthdr.len);
8231 
8232 	/*
8233 	 * We use the number of packets as the unit of
8234 	 * allocations.  We increment the variable
8235 	 * whenever {esp,ah}_{in,out}put is called.
8236 	 */
8237 	counter_u64_add(sav->lft_c_allocations, 1);
8238 
8239 	/*
8240 	 * NOTE: We record CURRENT usetime by using wall clock,
8241 	 * in seconds.  HARD and SOFT lifetime are measured by the time
8242 	 * difference (again in seconds) from usetime.
8243 	 *
8244 	 *	usetime
8245 	 *	v     expire   expire
8246 	 * -----+-----+--------+---> t
8247 	 *	<--------------> HARD
8248 	 *	<-----> SOFT
8249 	 */
8250 	if (sav->firstused == 0)
8251 		sav->firstused = time_second;
8252 }
8253 
8254 /*
8255  * Take one of the kernel's security keys and convert it into a PF_KEY
8256  * structure within an mbuf, suitable for sending up to a waiting
8257  * application in user land.
8258  *
8259  * IN:
8260  *    src: A pointer to a kernel security key.
8261  *    exttype: Which type of key this is. Refer to the PF_KEY data structures.
8262  * OUT:
8263  *    a valid mbuf or NULL indicating an error
8264  *
8265  */
8266 
8267 static struct mbuf *
8268 key_setkey(struct seckey *src, uint16_t exttype)
8269 {
8270 	struct mbuf *m;
8271 	struct sadb_key *p;
8272 	int len;
8273 
8274 	if (src == NULL)
8275 		return NULL;
8276 
8277 	len = PFKEY_ALIGN8(sizeof(struct sadb_key) + _KEYLEN(src));
8278 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
8279 	if (m == NULL)
8280 		return NULL;
8281 	m_align(m, len);
8282 	m->m_len = len;
8283 	p = mtod(m, struct sadb_key *);
8284 	bzero(p, len);
8285 	p->sadb_key_len = PFKEY_UNIT64(len);
8286 	p->sadb_key_exttype = exttype;
8287 	p->sadb_key_bits = src->bits;
8288 	bcopy(src->key_data, _KEYBUF(p), _KEYLEN(src));
8289 
8290 	return m;
8291 }
8292 
8293 /*
8294  * Take one of the kernel's lifetime data structures and convert it
8295  * into a PF_KEY structure within an mbuf, suitable for sending up to
8296  * a waiting application in user land.
8297  *
8298  * IN:
8299  *    src: A pointer to a kernel lifetime structure.
8300  *    exttype: Which type of lifetime this is. Refer to the PF_KEY
8301  *             data structures for more information.
8302  * OUT:
8303  *    a valid mbuf or NULL indicating an error
8304  *
8305  */
8306 
8307 static struct mbuf *
8308 key_setlifetime(struct seclifetime *src, uint16_t exttype)
8309 {
8310 	struct mbuf *m = NULL;
8311 	struct sadb_lifetime *p;
8312 	int len = PFKEY_ALIGN8(sizeof(struct sadb_lifetime));
8313 
8314 	if (src == NULL)
8315 		return NULL;
8316 
8317 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
8318 	if (m == NULL)
8319 		return m;
8320 	m_align(m, len);
8321 	m->m_len = len;
8322 	p = mtod(m, struct sadb_lifetime *);
8323 
8324 	bzero(p, len);
8325 	p->sadb_lifetime_len = PFKEY_UNIT64(len);
8326 	p->sadb_lifetime_exttype = exttype;
8327 	p->sadb_lifetime_allocations = src->allocations;
8328 	p->sadb_lifetime_bytes = src->bytes;
8329 	p->sadb_lifetime_addtime = src->addtime;
8330 	p->sadb_lifetime_usetime = src->usetime;
8331 
8332 	return m;
8333 
8334 }
8335 
8336 const struct enc_xform *
8337 enc_algorithm_lookup(int alg)
8338 {
8339 	int i;
8340 
8341 	for (i = 0; i < nitems(supported_ealgs); i++)
8342 		if (alg == supported_ealgs[i].sadb_alg)
8343 			return (supported_ealgs[i].xform);
8344 	return (NULL);
8345 }
8346 
8347 const struct auth_hash *
8348 auth_algorithm_lookup(int alg)
8349 {
8350 	int i;
8351 
8352 	for (i = 0; i < nitems(supported_aalgs); i++)
8353 		if (alg == supported_aalgs[i].sadb_alg)
8354 			return (supported_aalgs[i].xform);
8355 	return (NULL);
8356 }
8357 
8358 const struct comp_algo *
8359 comp_algorithm_lookup(int alg)
8360 {
8361 	int i;
8362 
8363 	for (i = 0; i < nitems(supported_calgs); i++)
8364 		if (alg == supported_calgs[i].sadb_alg)
8365 			return (supported_calgs[i].xform);
8366 	return (NULL);
8367 }
8368 
8369 /*
8370  * Register a transform.
8371  */
8372 static int
8373 xform_register(struct xformsw* xsp)
8374 {
8375 	struct xformsw *entry;
8376 
8377 	XFORMS_LOCK();
8378 	LIST_FOREACH(entry, &xforms, chain) {
8379 		if (entry->xf_type == xsp->xf_type) {
8380 			XFORMS_UNLOCK();
8381 			return (EEXIST);
8382 		}
8383 	}
8384 	LIST_INSERT_HEAD(&xforms, xsp, chain);
8385 	XFORMS_UNLOCK();
8386 	return (0);
8387 }
8388 
8389 void
8390 xform_attach(void *data)
8391 {
8392 	struct xformsw *xsp = (struct xformsw *)data;
8393 
8394 	if (xform_register(xsp) != 0)
8395 		printf("%s: failed to register %s xform\n", __func__,
8396 		    xsp->xf_name);
8397 }
8398 
8399 void
8400 xform_detach(void *data)
8401 {
8402 	struct xformsw *xsp = (struct xformsw *)data;
8403 
8404 	XFORMS_LOCK();
8405 	LIST_REMOVE(xsp, chain);
8406 	XFORMS_UNLOCK();
8407 
8408 	/* Delete all SAs related to this xform. */
8409 	key_delete_xform(xsp);
8410 }
8411 
8412 /*
8413  * Initialize transform support in an sav.
8414  */
8415 static int
8416 xform_init(struct secasvar *sav, u_short xftype)
8417 {
8418 	struct xformsw *entry;
8419 	int ret;
8420 
8421 	IPSEC_ASSERT(sav->tdb_xform == NULL,
8422 	    ("tdb_xform is already initialized"));
8423 
8424 	ret = EINVAL;
8425 	XFORMS_LOCK();
8426 	LIST_FOREACH(entry, &xforms, chain) {
8427 	    if (entry->xf_type == xftype) {
8428 		    ret = (*entry->xf_init)(sav, entry);
8429 		    break;
8430 	    }
8431 	}
8432 	XFORMS_UNLOCK();
8433 	return (ret);
8434 }
8435 
8436