xref: /freebsd/sys/netipsec/key.c (revision 3a3af6b2a160bea72509a9d5ef84e25906b0478a)
1 /*	$FreeBSD$	*/
2 /*	$KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $	*/
3 
4 /*-
5  * SPDX-License-Identifier: BSD-3-Clause
6  *
7  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
8  * All rights reserved.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of the project nor the names of its contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  */
34 
35 /*
36  * This code is referd to RFC 2367
37  */
38 
39 #include "opt_inet.h"
40 #include "opt_inet6.h"
41 #include "opt_ipsec.h"
42 
43 #include <sys/types.h>
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/kernel.h>
47 #include <sys/fnv_hash.h>
48 #include <sys/lock.h>
49 #include <sys/mutex.h>
50 #include <sys/mbuf.h>
51 #include <sys/domain.h>
52 #include <sys/protosw.h>
53 #include <sys/malloc.h>
54 #include <sys/rmlock.h>
55 #include <sys/socket.h>
56 #include <sys/socketvar.h>
57 #include <sys/sysctl.h>
58 #include <sys/errno.h>
59 #include <sys/proc.h>
60 #include <sys/queue.h>
61 #include <sys/refcount.h>
62 #include <sys/syslog.h>
63 
64 #include <vm/uma.h>
65 
66 #include <net/if.h>
67 #include <net/if_var.h>
68 #include <net/vnet.h>
69 
70 #include <netinet/in.h>
71 #include <netinet/in_systm.h>
72 #include <netinet/ip.h>
73 #include <netinet/in_var.h>
74 #include <netinet/udp.h>
75 
76 #ifdef INET6
77 #include <netinet/ip6.h>
78 #include <netinet6/in6_var.h>
79 #include <netinet6/ip6_var.h>
80 #endif /* INET6 */
81 
82 #include <net/pfkeyv2.h>
83 #include <netipsec/keydb.h>
84 #include <netipsec/key.h>
85 #include <netipsec/keysock.h>
86 #include <netipsec/key_debug.h>
87 
88 #include <netipsec/ipsec.h>
89 #ifdef INET6
90 #include <netipsec/ipsec6.h>
91 #endif
92 
93 #include <netipsec/xform.h>
94 #include <machine/in_cksum.h>
95 #include <machine/stdarg.h>
96 
97 /* randomness */
98 #include <sys/random.h>
99 
100 #define FULLMASK	0xff
101 #define	_BITS(bytes)	((bytes) << 3)
102 
103 #define	UINT32_80PCT	0xcccccccc
104 /*
105  * Note on SA reference counting:
106  * - SAs that are not in DEAD state will have (total external reference + 1)
107  *   following value in reference count field.  they cannot be freed and are
108  *   referenced from SA header.
109  * - SAs that are in DEAD state will have (total external reference)
110  *   in reference count field.  they are ready to be freed.  reference from
111  *   SA header will be removed in key_delsav(), when the reference count
112  *   field hits 0 (= no external reference other than from SA header.
113  */
114 
115 VNET_DEFINE(u_int32_t, key_debug_level) = 0;
116 VNET_DEFINE_STATIC(u_int, key_spi_trycnt) = 1000;
117 VNET_DEFINE_STATIC(u_int32_t, key_spi_minval) = 0x100;
118 VNET_DEFINE_STATIC(u_int32_t, key_spi_maxval) = 0x0fffffff;	/* XXX */
119 VNET_DEFINE_STATIC(u_int32_t, policy_id) = 0;
120 /*interval to initialize randseed,1(m)*/
121 VNET_DEFINE_STATIC(u_int, key_int_random) = 60;
122 /* interval to expire acquiring, 30(s)*/
123 VNET_DEFINE_STATIC(u_int, key_larval_lifetime) = 30;
124 /* counter for blocking SADB_ACQUIRE.*/
125 VNET_DEFINE_STATIC(int, key_blockacq_count) = 10;
126 /* lifetime for blocking SADB_ACQUIRE.*/
127 VNET_DEFINE_STATIC(int, key_blockacq_lifetime) = 20;
128 /* preferred old sa rather than new sa.*/
129 VNET_DEFINE_STATIC(int, key_preferred_oldsa) = 1;
130 #define	V_key_spi_trycnt	VNET(key_spi_trycnt)
131 #define	V_key_spi_minval	VNET(key_spi_minval)
132 #define	V_key_spi_maxval	VNET(key_spi_maxval)
133 #define	V_policy_id		VNET(policy_id)
134 #define	V_key_int_random	VNET(key_int_random)
135 #define	V_key_larval_lifetime	VNET(key_larval_lifetime)
136 #define	V_key_blockacq_count	VNET(key_blockacq_count)
137 #define	V_key_blockacq_lifetime	VNET(key_blockacq_lifetime)
138 #define	V_key_preferred_oldsa	VNET(key_preferred_oldsa)
139 
140 VNET_DEFINE_STATIC(u_int32_t, acq_seq) = 0;
141 #define	V_acq_seq		VNET(acq_seq)
142 
143 VNET_DEFINE_STATIC(uint32_t, sp_genid) = 0;
144 #define	V_sp_genid		VNET(sp_genid)
145 
146 /* SPD */
147 TAILQ_HEAD(secpolicy_queue, secpolicy);
148 LIST_HEAD(secpolicy_list, secpolicy);
149 VNET_DEFINE_STATIC(struct secpolicy_queue, sptree[IPSEC_DIR_MAX]);
150 VNET_DEFINE_STATIC(struct secpolicy_queue, sptree_ifnet[IPSEC_DIR_MAX]);
151 static struct rmlock sptree_lock;
152 #define	V_sptree		VNET(sptree)
153 #define	V_sptree_ifnet		VNET(sptree_ifnet)
154 #define	SPTREE_LOCK_INIT()      rm_init(&sptree_lock, "sptree")
155 #define	SPTREE_LOCK_DESTROY()   rm_destroy(&sptree_lock)
156 #define	SPTREE_RLOCK_TRACKER    struct rm_priotracker sptree_tracker
157 #define	SPTREE_RLOCK()          rm_rlock(&sptree_lock, &sptree_tracker)
158 #define	SPTREE_RUNLOCK()        rm_runlock(&sptree_lock, &sptree_tracker)
159 #define	SPTREE_RLOCK_ASSERT()   rm_assert(&sptree_lock, RA_RLOCKED)
160 #define	SPTREE_WLOCK()          rm_wlock(&sptree_lock)
161 #define	SPTREE_WUNLOCK()        rm_wunlock(&sptree_lock)
162 #define	SPTREE_WLOCK_ASSERT()   rm_assert(&sptree_lock, RA_WLOCKED)
163 #define	SPTREE_UNLOCK_ASSERT()  rm_assert(&sptree_lock, RA_UNLOCKED)
164 
165 /* Hash table for lookup SP using unique id */
166 VNET_DEFINE_STATIC(struct secpolicy_list *, sphashtbl);
167 VNET_DEFINE_STATIC(u_long, sphash_mask);
168 #define	V_sphashtbl		VNET(sphashtbl)
169 #define	V_sphash_mask		VNET(sphash_mask)
170 
171 #define	SPHASH_NHASH_LOG2	7
172 #define	SPHASH_NHASH		(1 << SPHASH_NHASH_LOG2)
173 #define	SPHASH_HASHVAL(id)	(key_u32hash(id) & V_sphash_mask)
174 #define	SPHASH_HASH(id)		&V_sphashtbl[SPHASH_HASHVAL(id)]
175 
176 /* SPD cache */
177 struct spdcache_entry {
178    struct secpolicyindex spidx;	/* secpolicyindex */
179    struct secpolicy *sp;	/* cached policy to be used */
180 
181    LIST_ENTRY(spdcache_entry) chain;
182 };
183 LIST_HEAD(spdcache_entry_list, spdcache_entry);
184 
185 #define	SPDCACHE_MAX_ENTRIES_PER_HASH	8
186 
187 VNET_DEFINE_STATIC(u_int, key_spdcache_maxentries) = 0;
188 #define	V_key_spdcache_maxentries	VNET(key_spdcache_maxentries)
189 VNET_DEFINE_STATIC(u_int, key_spdcache_threshold) = 32;
190 #define	V_key_spdcache_threshold	VNET(key_spdcache_threshold)
191 VNET_DEFINE_STATIC(unsigned long, spd_size) = 0;
192 #define	V_spd_size		VNET(spd_size)
193 
194 #define SPDCACHE_ENABLED()	(V_key_spdcache_maxentries != 0)
195 #define SPDCACHE_ACTIVE() \
196 	(SPDCACHE_ENABLED() && V_spd_size >= V_key_spdcache_threshold)
197 
198 VNET_DEFINE_STATIC(struct spdcache_entry_list *, spdcachehashtbl);
199 VNET_DEFINE_STATIC(u_long, spdcachehash_mask);
200 #define	V_spdcachehashtbl	VNET(spdcachehashtbl)
201 #define	V_spdcachehash_mask	VNET(spdcachehash_mask)
202 
203 #define	SPDCACHE_HASHVAL(idx) \
204 	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->ul_proto) &  \
205 	    V_spdcachehash_mask)
206 
207 /* Each cache line is protected by a mutex */
208 VNET_DEFINE_STATIC(struct mtx *, spdcache_lock);
209 #define	V_spdcache_lock		VNET(spdcache_lock)
210 
211 #define	SPDCACHE_LOCK_INIT(a) \
212 	mtx_init(&V_spdcache_lock[a], "spdcache", \
213 	    "fast ipsec SPD cache", MTX_DEF|MTX_DUPOK)
214 #define	SPDCACHE_LOCK_DESTROY(a)	mtx_destroy(&V_spdcache_lock[a])
215 #define	SPDCACHE_LOCK(a)		mtx_lock(&V_spdcache_lock[a]);
216 #define	SPDCACHE_UNLOCK(a)		mtx_unlock(&V_spdcache_lock[a]);
217 
218 static struct sx spi_alloc_lock;
219 #define	SPI_ALLOC_LOCK_INIT()		sx_init(&spi_alloc_lock, "spialloc")
220 #define	SPI_ALLOC_LOCK_DESTROY()	sx_destroy(&spi_alloc_lock)
221 #define	SPI_ALLOC_LOCK()          	sx_xlock(&spi_alloc_lock)
222 #define	SPI_ALLOC_UNLOCK()        	sx_unlock(&spi_alloc_lock)
223 #define	SPI_ALLOC_LOCK_ASSERT()   	sx_assert(&spi_alloc_lock, SA_XLOCKED)
224 
225 /* SAD */
226 TAILQ_HEAD(secashead_queue, secashead);
227 LIST_HEAD(secashead_list, secashead);
228 VNET_DEFINE_STATIC(struct secashead_queue, sahtree);
229 static struct rmlock sahtree_lock;
230 #define	V_sahtree		VNET(sahtree)
231 #define	SAHTREE_LOCK_INIT()	rm_init(&sahtree_lock, "sahtree")
232 #define	SAHTREE_LOCK_DESTROY()	rm_destroy(&sahtree_lock)
233 #define	SAHTREE_RLOCK_TRACKER	struct rm_priotracker sahtree_tracker
234 #define	SAHTREE_RLOCK()		rm_rlock(&sahtree_lock, &sahtree_tracker)
235 #define	SAHTREE_RUNLOCK()	rm_runlock(&sahtree_lock, &sahtree_tracker)
236 #define	SAHTREE_RLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_RLOCKED)
237 #define	SAHTREE_WLOCK()		rm_wlock(&sahtree_lock)
238 #define	SAHTREE_WUNLOCK()	rm_wunlock(&sahtree_lock)
239 #define	SAHTREE_WLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_WLOCKED)
240 #define	SAHTREE_UNLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_UNLOCKED)
241 
242 /* Hash table for lookup in SAD using SA addresses */
243 VNET_DEFINE_STATIC(struct secashead_list *, sahaddrhashtbl);
244 VNET_DEFINE_STATIC(u_long, sahaddrhash_mask);
245 #define	V_sahaddrhashtbl	VNET(sahaddrhashtbl)
246 #define	V_sahaddrhash_mask	VNET(sahaddrhash_mask)
247 
248 #define	SAHHASH_NHASH_LOG2	7
249 #define	SAHHASH_NHASH		(1 << SAHHASH_NHASH_LOG2)
250 #define	SAHADDRHASH_HASHVAL(idx)	\
251 	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->proto) & \
252 	    V_sahaddrhash_mask)
253 #define	SAHADDRHASH_HASH(saidx)		\
254     &V_sahaddrhashtbl[SAHADDRHASH_HASHVAL(saidx)]
255 
256 /* Hash table for lookup in SAD using SPI */
257 LIST_HEAD(secasvar_list, secasvar);
258 VNET_DEFINE_STATIC(struct secasvar_list *, savhashtbl);
259 VNET_DEFINE_STATIC(u_long, savhash_mask);
260 #define	V_savhashtbl		VNET(savhashtbl)
261 #define	V_savhash_mask		VNET(savhash_mask)
262 #define	SAVHASH_NHASH_LOG2	7
263 #define	SAVHASH_NHASH		(1 << SAVHASH_NHASH_LOG2)
264 #define	SAVHASH_HASHVAL(spi)	(key_u32hash(spi) & V_savhash_mask)
265 #define	SAVHASH_HASH(spi)	&V_savhashtbl[SAVHASH_HASHVAL(spi)]
266 
267 static uint32_t
268 key_addrprotohash(const union sockaddr_union *src,
269     const union sockaddr_union *dst, const uint8_t *proto)
270 {
271 	uint32_t hval;
272 
273 	hval = fnv_32_buf(proto, sizeof(*proto),
274 	    FNV1_32_INIT);
275 	switch (dst->sa.sa_family) {
276 #ifdef INET
277 	case AF_INET:
278 		hval = fnv_32_buf(&src->sin.sin_addr,
279 		    sizeof(in_addr_t), hval);
280 		hval = fnv_32_buf(&dst->sin.sin_addr,
281 		    sizeof(in_addr_t), hval);
282 		break;
283 #endif
284 #ifdef INET6
285 	case AF_INET6:
286 		hval = fnv_32_buf(&src->sin6.sin6_addr,
287 		    sizeof(struct in6_addr), hval);
288 		hval = fnv_32_buf(&dst->sin6.sin6_addr,
289 		    sizeof(struct in6_addr), hval);
290 		break;
291 #endif
292 	default:
293 		hval = 0;
294 		ipseclog((LOG_DEBUG, "%s: unknown address family %d\n",
295 		    __func__, dst->sa.sa_family));
296 	}
297 	return (hval);
298 }
299 
300 static uint32_t
301 key_u32hash(uint32_t val)
302 {
303 
304 	return (fnv_32_buf(&val, sizeof(val), FNV1_32_INIT));
305 }
306 
307 							/* registed list */
308 VNET_DEFINE_STATIC(LIST_HEAD(_regtree, secreg), regtree[SADB_SATYPE_MAX + 1]);
309 #define	V_regtree		VNET(regtree)
310 static struct mtx regtree_lock;
311 #define	REGTREE_LOCK_INIT() \
312 	mtx_init(&regtree_lock, "regtree", "fast ipsec regtree", MTX_DEF)
313 #define	REGTREE_LOCK_DESTROY()	mtx_destroy(&regtree_lock)
314 #define	REGTREE_LOCK()		mtx_lock(&regtree_lock)
315 #define	REGTREE_UNLOCK()	mtx_unlock(&regtree_lock)
316 #define	REGTREE_LOCK_ASSERT()	mtx_assert(&regtree_lock, MA_OWNED)
317 
318 /* Acquiring list */
319 LIST_HEAD(secacq_list, secacq);
320 VNET_DEFINE_STATIC(struct secacq_list, acqtree);
321 #define	V_acqtree		VNET(acqtree)
322 static struct mtx acq_lock;
323 #define	ACQ_LOCK_INIT() \
324     mtx_init(&acq_lock, "acqtree", "ipsec SA acquiring list", MTX_DEF)
325 #define	ACQ_LOCK_DESTROY()	mtx_destroy(&acq_lock)
326 #define	ACQ_LOCK()		mtx_lock(&acq_lock)
327 #define	ACQ_UNLOCK()		mtx_unlock(&acq_lock)
328 #define	ACQ_LOCK_ASSERT()	mtx_assert(&acq_lock, MA_OWNED)
329 
330 /* Hash table for lookup in ACQ list using SA addresses */
331 VNET_DEFINE_STATIC(struct secacq_list *, acqaddrhashtbl);
332 VNET_DEFINE_STATIC(u_long, acqaddrhash_mask);
333 #define	V_acqaddrhashtbl	VNET(acqaddrhashtbl)
334 #define	V_acqaddrhash_mask	VNET(acqaddrhash_mask)
335 
336 /* Hash table for lookup in ACQ list using SEQ number */
337 VNET_DEFINE_STATIC(struct secacq_list *, acqseqhashtbl);
338 VNET_DEFINE_STATIC(u_long, acqseqhash_mask);
339 #define	V_acqseqhashtbl		VNET(acqseqhashtbl)
340 #define	V_acqseqhash_mask	VNET(acqseqhash_mask)
341 
342 #define	ACQHASH_NHASH_LOG2	7
343 #define	ACQHASH_NHASH		(1 << ACQHASH_NHASH_LOG2)
344 #define	ACQADDRHASH_HASHVAL(idx)	\
345 	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->proto) & \
346 	    V_acqaddrhash_mask)
347 #define	ACQSEQHASH_HASHVAL(seq)		\
348     (key_u32hash(seq) & V_acqseqhash_mask)
349 #define	ACQADDRHASH_HASH(saidx)	\
350     &V_acqaddrhashtbl[ACQADDRHASH_HASHVAL(saidx)]
351 #define	ACQSEQHASH_HASH(seq)	\
352     &V_acqseqhashtbl[ACQSEQHASH_HASHVAL(seq)]
353 							/* SP acquiring list */
354 VNET_DEFINE_STATIC(LIST_HEAD(_spacqtree, secspacq), spacqtree);
355 #define	V_spacqtree		VNET(spacqtree)
356 static struct mtx spacq_lock;
357 #define	SPACQ_LOCK_INIT() \
358 	mtx_init(&spacq_lock, "spacqtree", \
359 		"fast ipsec security policy acquire list", MTX_DEF)
360 #define	SPACQ_LOCK_DESTROY()	mtx_destroy(&spacq_lock)
361 #define	SPACQ_LOCK()		mtx_lock(&spacq_lock)
362 #define	SPACQ_UNLOCK()		mtx_unlock(&spacq_lock)
363 #define	SPACQ_LOCK_ASSERT()	mtx_assert(&spacq_lock, MA_OWNED)
364 
365 static const int minsize[] = {
366 	sizeof(struct sadb_msg),	/* SADB_EXT_RESERVED */
367 	sizeof(struct sadb_sa),		/* SADB_EXT_SA */
368 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_CURRENT */
369 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_HARD */
370 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_SOFT */
371 	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_SRC */
372 	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_DST */
373 	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_PROXY */
374 	sizeof(struct sadb_key),	/* SADB_EXT_KEY_AUTH */
375 	sizeof(struct sadb_key),	/* SADB_EXT_KEY_ENCRYPT */
376 	sizeof(struct sadb_ident),	/* SADB_EXT_IDENTITY_SRC */
377 	sizeof(struct sadb_ident),	/* SADB_EXT_IDENTITY_DST */
378 	sizeof(struct sadb_sens),	/* SADB_EXT_SENSITIVITY */
379 	sizeof(struct sadb_prop),	/* SADB_EXT_PROPOSAL */
380 	sizeof(struct sadb_supported),	/* SADB_EXT_SUPPORTED_AUTH */
381 	sizeof(struct sadb_supported),	/* SADB_EXT_SUPPORTED_ENCRYPT */
382 	sizeof(struct sadb_spirange),	/* SADB_EXT_SPIRANGE */
383 	0,				/* SADB_X_EXT_KMPRIVATE */
384 	sizeof(struct sadb_x_policy),	/* SADB_X_EXT_POLICY */
385 	sizeof(struct sadb_x_sa2),	/* SADB_X_SA2 */
386 	sizeof(struct sadb_x_nat_t_type),/* SADB_X_EXT_NAT_T_TYPE */
387 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */
388 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */
389 	sizeof(struct sadb_address),	/* SADB_X_EXT_NAT_T_OAI */
390 	sizeof(struct sadb_address),	/* SADB_X_EXT_NAT_T_OAR */
391 	sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
392 	sizeof(struct sadb_x_sa_replay), /* SADB_X_EXT_SA_REPLAY */
393 	sizeof(struct sadb_address),	/* SADB_X_EXT_NEW_ADDRESS_SRC */
394 	sizeof(struct sadb_address),	/* SADB_X_EXT_NEW_ADDRESS_DST */
395 };
396 _Static_assert(sizeof(minsize)/sizeof(int) == SADB_EXT_MAX + 1, "minsize size mismatch");
397 
398 static const int maxsize[] = {
399 	sizeof(struct sadb_msg),	/* SADB_EXT_RESERVED */
400 	sizeof(struct sadb_sa),		/* SADB_EXT_SA */
401 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_CURRENT */
402 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_HARD */
403 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_SOFT */
404 	0,				/* SADB_EXT_ADDRESS_SRC */
405 	0,				/* SADB_EXT_ADDRESS_DST */
406 	0,				/* SADB_EXT_ADDRESS_PROXY */
407 	0,				/* SADB_EXT_KEY_AUTH */
408 	0,				/* SADB_EXT_KEY_ENCRYPT */
409 	0,				/* SADB_EXT_IDENTITY_SRC */
410 	0,				/* SADB_EXT_IDENTITY_DST */
411 	0,				/* SADB_EXT_SENSITIVITY */
412 	0,				/* SADB_EXT_PROPOSAL */
413 	0,				/* SADB_EXT_SUPPORTED_AUTH */
414 	0,				/* SADB_EXT_SUPPORTED_ENCRYPT */
415 	sizeof(struct sadb_spirange),	/* SADB_EXT_SPIRANGE */
416 	0,				/* SADB_X_EXT_KMPRIVATE */
417 	0,				/* SADB_X_EXT_POLICY */
418 	sizeof(struct sadb_x_sa2),	/* SADB_X_SA2 */
419 	sizeof(struct sadb_x_nat_t_type),/* SADB_X_EXT_NAT_T_TYPE */
420 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */
421 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */
422 	0,				/* SADB_X_EXT_NAT_T_OAI */
423 	0,				/* SADB_X_EXT_NAT_T_OAR */
424 	sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
425 	sizeof(struct sadb_x_sa_replay), /* SADB_X_EXT_SA_REPLAY */
426 	0,				/* SADB_X_EXT_NEW_ADDRESS_SRC */
427 	0,				/* SADB_X_EXT_NEW_ADDRESS_DST */
428 };
429 _Static_assert(sizeof(maxsize)/sizeof(int) == SADB_EXT_MAX + 1, "minsize size mismatch");
430 
431 /*
432  * Internal values for SA flags:
433  * SADB_X_EXT_F_CLONED means that SA was cloned by key_updateaddresses,
434  *	thus we will not free the most of SA content in key_delsav().
435  */
436 #define	SADB_X_EXT_F_CLONED	0x80000000
437 
438 #define	SADB_CHECKLEN(_mhp, _ext)			\
439     ((_mhp)->extlen[(_ext)] < minsize[(_ext)] || (maxsize[(_ext)] != 0 && \
440 	((_mhp)->extlen[(_ext)] > maxsize[(_ext)])))
441 #define	SADB_CHECKHDR(_mhp, _ext)	((_mhp)->ext[(_ext)] == NULL)
442 
443 VNET_DEFINE_STATIC(int, ipsec_esp_keymin) = 256;
444 VNET_DEFINE_STATIC(int, ipsec_esp_auth) = 0;
445 VNET_DEFINE_STATIC(int, ipsec_ah_keymin) = 128;
446 
447 #define	V_ipsec_esp_keymin	VNET(ipsec_esp_keymin)
448 #define	V_ipsec_esp_auth	VNET(ipsec_esp_auth)
449 #define	V_ipsec_ah_keymin	VNET(ipsec_ah_keymin)
450 
451 #ifdef IPSEC_DEBUG
452 VNET_DEFINE(int, ipsec_debug) = 1;
453 #else
454 VNET_DEFINE(int, ipsec_debug) = 0;
455 #endif
456 
457 #ifdef INET
458 SYSCTL_DECL(_net_inet_ipsec);
459 SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEBUG, debug,
460     CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0,
461     "Enable IPsec debugging output when set.");
462 #endif
463 #ifdef INET6
464 SYSCTL_DECL(_net_inet6_ipsec6);
465 SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_DEBUG, debug,
466     CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0,
467     "Enable IPsec debugging output when set.");
468 #endif
469 
470 SYSCTL_INT(_net_key, KEYCTL_DEBUG_LEVEL,	debug,
471 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_debug_level), 0, "");
472 
473 /* max count of trial for the decision of spi value */
474 SYSCTL_INT(_net_key, KEYCTL_SPI_TRY, spi_trycnt,
475 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_trycnt), 0, "");
476 
477 /* minimum spi value to allocate automatically. */
478 SYSCTL_INT(_net_key, KEYCTL_SPI_MIN_VALUE, spi_minval,
479 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_minval), 0, "");
480 
481 /* maximun spi value to allocate automatically. */
482 SYSCTL_INT(_net_key, KEYCTL_SPI_MAX_VALUE, spi_maxval,
483 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_maxval), 0, "");
484 
485 /* interval to initialize randseed */
486 SYSCTL_INT(_net_key, KEYCTL_RANDOM_INT, int_random,
487 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_int_random), 0, "");
488 
489 /* lifetime for larval SA */
490 SYSCTL_INT(_net_key, KEYCTL_LARVAL_LIFETIME, larval_lifetime,
491 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_larval_lifetime), 0, "");
492 
493 /* counter for blocking to send SADB_ACQUIRE to IKEd */
494 SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_COUNT, blockacq_count,
495 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_count), 0, "");
496 
497 /* lifetime for blocking to send SADB_ACQUIRE to IKEd */
498 SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_LIFETIME, blockacq_lifetime,
499 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_lifetime), 0, "");
500 
501 /* ESP auth */
502 SYSCTL_INT(_net_key, KEYCTL_ESP_AUTH, esp_auth,
503 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_auth), 0, "");
504 
505 /* minimum ESP key length */
506 SYSCTL_INT(_net_key, KEYCTL_ESP_KEYMIN, esp_keymin,
507 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_keymin), 0, "");
508 
509 /* minimum AH key length */
510 SYSCTL_INT(_net_key, KEYCTL_AH_KEYMIN, ah_keymin,
511 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_ah_keymin), 0, "");
512 
513 /* perfered old SA rather than new SA */
514 SYSCTL_INT(_net_key, KEYCTL_PREFERED_OLDSA, preferred_oldsa,
515 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_preferred_oldsa), 0, "");
516 
517 SYSCTL_NODE(_net_key, OID_AUTO, spdcache, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
518     "SPD cache");
519 
520 SYSCTL_UINT(_net_key_spdcache, OID_AUTO, maxentries,
521 	CTLFLAG_VNET | CTLFLAG_RDTUN, &VNET_NAME(key_spdcache_maxentries), 0,
522 	"Maximum number of entries in the SPD cache"
523 	" (power of 2, 0 to disable)");
524 
525 SYSCTL_UINT(_net_key_spdcache, OID_AUTO, threshold,
526 	CTLFLAG_VNET | CTLFLAG_RDTUN, &VNET_NAME(key_spdcache_threshold), 0,
527 	"Number of SPs that make the SPD cache active");
528 
529 #define __LIST_CHAINED(elm) \
530 	(!((elm)->chain.le_next == NULL && (elm)->chain.le_prev == NULL))
531 
532 MALLOC_DEFINE(M_IPSEC_SA, "secasvar", "ipsec security association");
533 MALLOC_DEFINE(M_IPSEC_SAH, "sahead", "ipsec sa head");
534 MALLOC_DEFINE(M_IPSEC_SP, "ipsecpolicy", "ipsec security policy");
535 MALLOC_DEFINE(M_IPSEC_SR, "ipsecrequest", "ipsec security request");
536 MALLOC_DEFINE(M_IPSEC_MISC, "ipsec-misc", "ipsec miscellaneous");
537 MALLOC_DEFINE(M_IPSEC_SAQ, "ipsec-saq", "ipsec sa acquire");
538 MALLOC_DEFINE(M_IPSEC_SAR, "ipsec-reg", "ipsec sa acquire");
539 MALLOC_DEFINE(M_IPSEC_SPDCACHE, "ipsec-spdcache", "ipsec SPD cache");
540 
541 static uma_zone_t __read_mostly ipsec_key_lft_zone;
542 
543 /*
544  * set parameters into secpolicyindex buffer.
545  * Must allocate secpolicyindex buffer passed to this function.
546  */
547 #define KEY_SETSECSPIDX(_dir, s, d, ps, pd, ulp, idx) \
548 do { \
549 	bzero((idx), sizeof(struct secpolicyindex));                         \
550 	(idx)->dir = (_dir);                                                 \
551 	(idx)->prefs = (ps);                                                 \
552 	(idx)->prefd = (pd);                                                 \
553 	(idx)->ul_proto = (ulp);                                             \
554 	bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len);     \
555 	bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len);     \
556 } while (0)
557 
558 /*
559  * set parameters into secasindex buffer.
560  * Must allocate secasindex buffer before calling this function.
561  */
562 #define KEY_SETSECASIDX(p, m, r, s, d, idx) \
563 do { \
564 	bzero((idx), sizeof(struct secasindex));                             \
565 	(idx)->proto = (p);                                                  \
566 	(idx)->mode = (m);                                                   \
567 	(idx)->reqid = (r);                                                  \
568 	bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len);     \
569 	bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len);     \
570 	key_porttosaddr(&(idx)->src.sa, 0);				     \
571 	key_porttosaddr(&(idx)->dst.sa, 0);				     \
572 } while (0)
573 
574 /* key statistics */
575 struct _keystat {
576 	u_long getspi_count; /* the avarage of count to try to get new SPI */
577 } keystat;
578 
579 struct sadb_msghdr {
580 	struct sadb_msg *msg;
581 	struct sadb_ext *ext[SADB_EXT_MAX + 1];
582 	int extoff[SADB_EXT_MAX + 1];
583 	int extlen[SADB_EXT_MAX + 1];
584 };
585 
586 static struct supported_ealgs {
587 	int sadb_alg;
588 	const struct enc_xform *xform;
589 } supported_ealgs[] = {
590 	{ SADB_X_EALG_AES,		&enc_xform_aes_cbc },
591 	{ SADB_EALG_NULL,		&enc_xform_null },
592 	{ SADB_X_EALG_AESCTR,		&enc_xform_aes_icm },
593 	{ SADB_X_EALG_AESGCM16,		&enc_xform_aes_nist_gcm },
594 	{ SADB_X_EALG_AESGMAC,		&enc_xform_aes_nist_gmac },
595 };
596 
597 static struct supported_aalgs {
598 	int sadb_alg;
599 	const struct auth_hash *xform;
600 } supported_aalgs[] = {
601 	{ SADB_X_AALG_NULL,		&auth_hash_null },
602 	{ SADB_AALG_SHA1HMAC,		&auth_hash_hmac_sha1 },
603 	{ SADB_X_AALG_SHA2_256,		&auth_hash_hmac_sha2_256 },
604 	{ SADB_X_AALG_SHA2_384,		&auth_hash_hmac_sha2_384 },
605 	{ SADB_X_AALG_SHA2_512,		&auth_hash_hmac_sha2_512 },
606 	{ SADB_X_AALG_AES128GMAC,	&auth_hash_nist_gmac_aes_128 },
607 	{ SADB_X_AALG_AES192GMAC,	&auth_hash_nist_gmac_aes_192 },
608 	{ SADB_X_AALG_AES256GMAC,	&auth_hash_nist_gmac_aes_256 },
609 };
610 
611 static struct supported_calgs {
612 	int sadb_alg;
613 	const struct comp_algo *xform;
614 } supported_calgs[] = {
615 	{ SADB_X_CALG_DEFLATE,		&comp_algo_deflate },
616 };
617 
618 #ifndef IPSEC_DEBUG2
619 static struct callout key_timer;
620 #endif
621 
622 static void key_unlink(struct secpolicy *);
623 static void key_detach(struct secpolicy *);
624 static struct secpolicy *key_do_allocsp(struct secpolicyindex *spidx, u_int dir);
625 static struct secpolicy *key_getsp(struct secpolicyindex *);
626 static struct secpolicy *key_getspbyid(u_int32_t);
627 static struct mbuf *key_gather_mbuf(struct mbuf *,
628 	const struct sadb_msghdr *, int, int, ...);
629 static int key_spdadd(struct socket *, struct mbuf *,
630 	const struct sadb_msghdr *);
631 static uint32_t key_getnewspid(void);
632 static int key_spddelete(struct socket *, struct mbuf *,
633 	const struct sadb_msghdr *);
634 static int key_spddelete2(struct socket *, struct mbuf *,
635 	const struct sadb_msghdr *);
636 static int key_spdget(struct socket *, struct mbuf *,
637 	const struct sadb_msghdr *);
638 static int key_spdflush(struct socket *, struct mbuf *,
639 	const struct sadb_msghdr *);
640 static int key_spddump(struct socket *, struct mbuf *,
641 	const struct sadb_msghdr *);
642 static struct mbuf *key_setdumpsp(struct secpolicy *,
643 	u_int8_t, u_int32_t, u_int32_t);
644 static struct mbuf *key_sp2mbuf(struct secpolicy *);
645 static size_t key_getspreqmsglen(struct secpolicy *);
646 static int key_spdexpire(struct secpolicy *);
647 static struct secashead *key_newsah(struct secasindex *);
648 static void key_freesah(struct secashead **);
649 static void key_delsah(struct secashead *);
650 static struct secasvar *key_newsav(const struct sadb_msghdr *,
651     struct secasindex *, uint32_t, int *);
652 static void key_delsav(struct secasvar *);
653 static void key_unlinksav(struct secasvar *);
654 static struct secashead *key_getsah(struct secasindex *);
655 static int key_checkspidup(uint32_t);
656 static struct secasvar *key_getsavbyspi(uint32_t);
657 static int key_setnatt(struct secasvar *, const struct sadb_msghdr *);
658 static int key_setsaval(struct secasvar *, const struct sadb_msghdr *);
659 static int key_updatelifetimes(struct secasvar *, const struct sadb_msghdr *);
660 static int key_updateaddresses(struct socket *, struct mbuf *,
661     const struct sadb_msghdr *, struct secasvar *, struct secasindex *);
662 
663 static struct mbuf *key_setdumpsa(struct secasvar *, u_int8_t,
664 	u_int8_t, u_int32_t, u_int32_t);
665 static struct mbuf *key_setsadbmsg(u_int8_t, u_int16_t, u_int8_t,
666 	u_int32_t, pid_t, u_int16_t);
667 static struct mbuf *key_setsadbsa(struct secasvar *);
668 static struct mbuf *key_setsadbaddr(u_int16_t,
669 	const struct sockaddr *, u_int8_t, u_int16_t);
670 static struct mbuf *key_setsadbxport(u_int16_t, u_int16_t);
671 static struct mbuf *key_setsadbxtype(u_int16_t);
672 static struct mbuf *key_setsadbxsa2(u_int8_t, u_int32_t, u_int32_t);
673 static struct mbuf *key_setsadbxsareplay(u_int32_t);
674 static struct mbuf *key_setsadbxpolicy(u_int16_t, u_int8_t,
675 	u_int32_t, u_int32_t);
676 static struct seckey *key_dup_keymsg(const struct sadb_key *, size_t,
677     struct malloc_type *);
678 static struct seclifetime *key_dup_lifemsg(const struct sadb_lifetime *src,
679     struct malloc_type *);
680 
681 /* flags for key_cmpsaidx() */
682 #define CMP_HEAD	1	/* protocol, addresses. */
683 #define CMP_MODE_REQID	2	/* additionally HEAD, reqid, mode. */
684 #define CMP_REQID	3	/* additionally HEAD, reaid. */
685 #define CMP_EXACTLY	4	/* all elements. */
686 static int key_cmpsaidx(const struct secasindex *,
687     const struct secasindex *, int);
688 static int key_cmpspidx_exactly(struct secpolicyindex *,
689     struct secpolicyindex *);
690 static int key_cmpspidx_withmask(struct secpolicyindex *,
691     struct secpolicyindex *);
692 static int key_bbcmp(const void *, const void *, u_int);
693 static uint8_t key_satype2proto(uint8_t);
694 static uint8_t key_proto2satype(uint8_t);
695 
696 static int key_getspi(struct socket *, struct mbuf *,
697 	const struct sadb_msghdr *);
698 static uint32_t key_do_getnewspi(struct sadb_spirange *, struct secasindex *);
699 static int key_update(struct socket *, struct mbuf *,
700 	const struct sadb_msghdr *);
701 static int key_add(struct socket *, struct mbuf *,
702 	const struct sadb_msghdr *);
703 static int key_setident(struct secashead *, const struct sadb_msghdr *);
704 static struct mbuf *key_getmsgbuf_x1(struct mbuf *,
705 	const struct sadb_msghdr *);
706 static int key_delete(struct socket *, struct mbuf *,
707 	const struct sadb_msghdr *);
708 static int key_delete_all(struct socket *, struct mbuf *,
709 	const struct sadb_msghdr *, struct secasindex *);
710 static int key_get(struct socket *, struct mbuf *,
711 	const struct sadb_msghdr *);
712 
713 static void key_getcomb_setlifetime(struct sadb_comb *);
714 static struct mbuf *key_getcomb_ealg(void);
715 static struct mbuf *key_getcomb_ah(void);
716 static struct mbuf *key_getcomb_ipcomp(void);
717 static struct mbuf *key_getprop(const struct secasindex *);
718 
719 static int key_acquire(const struct secasindex *, struct secpolicy *);
720 static uint32_t key_newacq(const struct secasindex *, int *);
721 static uint32_t key_getacq(const struct secasindex *, int *);
722 static int key_acqdone(const struct secasindex *, uint32_t);
723 static int key_acqreset(uint32_t);
724 static struct secspacq *key_newspacq(struct secpolicyindex *);
725 static struct secspacq *key_getspacq(struct secpolicyindex *);
726 static int key_acquire2(struct socket *, struct mbuf *,
727 	const struct sadb_msghdr *);
728 static int key_register(struct socket *, struct mbuf *,
729 	const struct sadb_msghdr *);
730 static int key_expire(struct secasvar *, int);
731 static int key_flush(struct socket *, struct mbuf *,
732 	const struct sadb_msghdr *);
733 static int key_dump(struct socket *, struct mbuf *,
734 	const struct sadb_msghdr *);
735 static int key_promisc(struct socket *, struct mbuf *,
736 	const struct sadb_msghdr *);
737 static int key_senderror(struct socket *, struct mbuf *, int);
738 static int key_validate_ext(const struct sadb_ext *, int);
739 static int key_align(struct mbuf *, struct sadb_msghdr *);
740 static struct mbuf *key_setlifetime(struct seclifetime *, uint16_t);
741 static struct mbuf *key_setkey(struct seckey *, uint16_t);
742 
743 static void spdcache_init(void);
744 static void spdcache_clear(void);
745 static struct spdcache_entry *spdcache_entry_alloc(
746 	const struct secpolicyindex *spidx,
747 	struct secpolicy *policy);
748 static void spdcache_entry_free(struct spdcache_entry *entry);
749 #ifdef VIMAGE
750 static void spdcache_destroy(void);
751 #endif
752 
753 #define	DBG_IPSEC_INITREF(t, p)	do {				\
754 	refcount_init(&(p)->refcnt, 1);				\
755 	KEYDBG(KEY_STAMP,					\
756 	    printf("%s: Initialize refcnt %s(%p) = %u\n",	\
757 	    __func__, #t, (p), (p)->refcnt));			\
758 } while (0)
759 #define	DBG_IPSEC_ADDREF(t, p)	do {				\
760 	refcount_acquire(&(p)->refcnt);				\
761 	KEYDBG(KEY_STAMP,					\
762 	    printf("%s: Acquire refcnt %s(%p) -> %u\n",		\
763 	    __func__, #t, (p), (p)->refcnt));			\
764 } while (0)
765 #define	DBG_IPSEC_DELREF(t, p)	do {				\
766 	KEYDBG(KEY_STAMP,					\
767 	    printf("%s: Release refcnt %s(%p) -> %u\n",		\
768 	    __func__, #t, (p), (p)->refcnt - 1));		\
769 	refcount_release(&(p)->refcnt);				\
770 } while (0)
771 
772 #define	IPSEC_INITREF(t, p)	refcount_init(&(p)->refcnt, 1)
773 #define	IPSEC_ADDREF(t, p)	refcount_acquire(&(p)->refcnt)
774 #define	IPSEC_DELREF(t, p)	refcount_release(&(p)->refcnt)
775 
776 #define	SP_INITREF(p)	IPSEC_INITREF(SP, p)
777 #define	SP_ADDREF(p)	IPSEC_ADDREF(SP, p)
778 #define	SP_DELREF(p)	IPSEC_DELREF(SP, p)
779 
780 #define	SAH_INITREF(p)	IPSEC_INITREF(SAH, p)
781 #define	SAH_ADDREF(p)	IPSEC_ADDREF(SAH, p)
782 #define	SAH_DELREF(p)	IPSEC_DELREF(SAH, p)
783 
784 #define	SAV_INITREF(p)	IPSEC_INITREF(SAV, p)
785 #define	SAV_ADDREF(p)	IPSEC_ADDREF(SAV, p)
786 #define	SAV_DELREF(p)	IPSEC_DELREF(SAV, p)
787 
788 /*
789  * Update the refcnt while holding the SPTREE lock.
790  */
791 void
792 key_addref(struct secpolicy *sp)
793 {
794 
795 	SP_ADDREF(sp);
796 }
797 
798 /*
799  * Return 0 when there are known to be no SP's for the specified
800  * direction.  Otherwise return 1.  This is used by IPsec code
801  * to optimize performance.
802  */
803 int
804 key_havesp(u_int dir)
805 {
806 
807 	return (dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND ?
808 		TAILQ_FIRST(&V_sptree[dir]) != NULL : 1);
809 }
810 
811 /* %%% IPsec policy management */
812 /*
813  * Return current SPDB generation.
814  */
815 uint32_t
816 key_getspgen(void)
817 {
818 
819 	return (V_sp_genid);
820 }
821 
822 void
823 key_bumpspgen(void)
824 {
825 
826 	V_sp_genid++;
827 }
828 
829 static int
830 key_checksockaddrs(struct sockaddr *src, struct sockaddr *dst)
831 {
832 
833 	/* family match */
834 	if (src->sa_family != dst->sa_family)
835 		return (EINVAL);
836 	/* sa_len match */
837 	if (src->sa_len != dst->sa_len)
838 		return (EINVAL);
839 	switch (src->sa_family) {
840 #ifdef INET
841 	case AF_INET:
842 		if (src->sa_len != sizeof(struct sockaddr_in))
843 			return (EINVAL);
844 		break;
845 #endif
846 #ifdef INET6
847 	case AF_INET6:
848 		if (src->sa_len != sizeof(struct sockaddr_in6))
849 			return (EINVAL);
850 		break;
851 #endif
852 	default:
853 		return (EAFNOSUPPORT);
854 	}
855 	return (0);
856 }
857 
858 struct secpolicy *
859 key_do_allocsp(struct secpolicyindex *spidx, u_int dir)
860 {
861 	SPTREE_RLOCK_TRACKER;
862 	struct secpolicy *sp;
863 
864 	IPSEC_ASSERT(spidx != NULL, ("null spidx"));
865 	IPSEC_ASSERT(dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND,
866 		("invalid direction %u", dir));
867 
868 	SPTREE_RLOCK();
869 	TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
870 		if (key_cmpspidx_withmask(&sp->spidx, spidx)) {
871 			SP_ADDREF(sp);
872 			break;
873 		}
874 	}
875 	SPTREE_RUNLOCK();
876 	return (sp);
877 }
878 
879 /*
880  * allocating a SP for OUTBOUND or INBOUND packet.
881  * Must call key_freesp() later.
882  * OUT:	NULL:	not found
883  *	others:	found and return the pointer.
884  */
885 struct secpolicy *
886 key_allocsp(struct secpolicyindex *spidx, u_int dir)
887 {
888 	struct spdcache_entry *entry, *lastentry, *tmpentry;
889 	struct secpolicy *sp;
890 	uint32_t hashv;
891 	int nb_entries;
892 
893 	if (!SPDCACHE_ACTIVE()) {
894 		sp = key_do_allocsp(spidx, dir);
895 		goto out;
896 	}
897 
898 	hashv = SPDCACHE_HASHVAL(spidx);
899 	SPDCACHE_LOCK(hashv);
900 	nb_entries = 0;
901 	LIST_FOREACH_SAFE(entry, &V_spdcachehashtbl[hashv], chain, tmpentry) {
902 		/* Removed outdated entries */
903 		if (entry->sp != NULL &&
904 		    entry->sp->state == IPSEC_SPSTATE_DEAD) {
905 			LIST_REMOVE(entry, chain);
906 			spdcache_entry_free(entry);
907 			continue;
908 		}
909 
910 		nb_entries++;
911 		if (!key_cmpspidx_exactly(&entry->spidx, spidx)) {
912 			lastentry = entry;
913 			continue;
914 		}
915 
916 		sp = entry->sp;
917 		if (entry->sp != NULL)
918 			SP_ADDREF(sp);
919 
920 		/* IPSECSTAT_INC(ips_spdcache_hits); */
921 
922 		SPDCACHE_UNLOCK(hashv);
923 		goto out;
924 	}
925 
926 	/* IPSECSTAT_INC(ips_spdcache_misses); */
927 
928 	sp = key_do_allocsp(spidx, dir);
929 	entry = spdcache_entry_alloc(spidx, sp);
930 	if (entry != NULL) {
931 		if (nb_entries >= SPDCACHE_MAX_ENTRIES_PER_HASH) {
932 			LIST_REMOVE(lastentry, chain);
933 			spdcache_entry_free(lastentry);
934 		}
935 
936 		LIST_INSERT_HEAD(&V_spdcachehashtbl[hashv], entry, chain);
937 	}
938 
939 	SPDCACHE_UNLOCK(hashv);
940 
941 out:
942 	if (sp != NULL) {	/* found a SPD entry */
943 		sp->lastused = time_second;
944 		KEYDBG(IPSEC_STAMP,
945 		    printf("%s: return SP(%p)\n", __func__, sp));
946 		KEYDBG(IPSEC_DATA, kdebug_secpolicy(sp));
947 	} else {
948 		KEYDBG(IPSEC_DATA,
949 		    printf("%s: lookup failed for ", __func__);
950 		    kdebug_secpolicyindex(spidx, NULL));
951 	}
952 	return (sp);
953 }
954 
955 /*
956  * Allocating an SA entry for an *INBOUND* or *OUTBOUND* TCP packet, signed
957  * or should be signed by MD5 signature.
958  * We don't use key_allocsa() for such lookups, because we don't know SPI.
959  * Unlike ESP and AH protocols, SPI isn't transmitted in the TCP header with
960  * signed packet. We use SADB only as storage for password.
961  * OUT:	positive:	corresponding SA for given saidx found.
962  *	NULL:		SA not found
963  */
964 struct secasvar *
965 key_allocsa_tcpmd5(struct secasindex *saidx)
966 {
967 	SAHTREE_RLOCK_TRACKER;
968 	struct secashead *sah;
969 	struct secasvar *sav;
970 
971 	IPSEC_ASSERT(saidx->proto == IPPROTO_TCP,
972 	    ("unexpected security protocol %u", saidx->proto));
973 	IPSEC_ASSERT(saidx->mode == IPSEC_MODE_TCPMD5,
974 	    ("unexpected mode %u", saidx->mode));
975 
976 	SAHTREE_RLOCK();
977 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
978 		KEYDBG(IPSEC_DUMP,
979 		    printf("%s: checking SAH\n", __func__);
980 		    kdebug_secash(sah, "  "));
981 		if (sah->saidx.proto != IPPROTO_TCP)
982 			continue;
983 		if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
984 		    !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
985 			break;
986 	}
987 	if (sah != NULL) {
988 		if (V_key_preferred_oldsa)
989 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
990 		else
991 			sav = TAILQ_FIRST(&sah->savtree_alive);
992 		if (sav != NULL)
993 			SAV_ADDREF(sav);
994 	} else
995 		sav = NULL;
996 	SAHTREE_RUNLOCK();
997 
998 	if (sav != NULL) {
999 		KEYDBG(IPSEC_STAMP,
1000 		    printf("%s: return SA(%p)\n", __func__, sav));
1001 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1002 	} else {
1003 		KEYDBG(IPSEC_STAMP,
1004 		    printf("%s: SA not found\n", __func__));
1005 		KEYDBG(IPSEC_DATA, kdebug_secasindex(saidx, NULL));
1006 	}
1007 	return (sav);
1008 }
1009 
1010 /*
1011  * Allocating an SA entry for an *OUTBOUND* packet.
1012  * OUT:	positive:	corresponding SA for given saidx found.
1013  *	NULL:		SA not found, but will be acquired, check *error
1014  *			for acquiring status.
1015  */
1016 struct secasvar *
1017 key_allocsa_policy(struct secpolicy *sp, const struct secasindex *saidx,
1018     int *error)
1019 {
1020 	SAHTREE_RLOCK_TRACKER;
1021 	struct secashead *sah;
1022 	struct secasvar *sav;
1023 
1024 	IPSEC_ASSERT(saidx != NULL, ("null saidx"));
1025 	IPSEC_ASSERT(saidx->mode == IPSEC_MODE_TRANSPORT ||
1026 		saidx->mode == IPSEC_MODE_TUNNEL,
1027 		("unexpected policy %u", saidx->mode));
1028 
1029 	/*
1030 	 * We check new SA in the IPsec request because a different
1031 	 * SA may be involved each time this request is checked, either
1032 	 * because new SAs are being configured, or this request is
1033 	 * associated with an unconnected datagram socket, or this request
1034 	 * is associated with a system default policy.
1035 	 */
1036 	SAHTREE_RLOCK();
1037 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
1038 		KEYDBG(IPSEC_DUMP,
1039 		    printf("%s: checking SAH\n", __func__);
1040 		    kdebug_secash(sah, "  "));
1041 		if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID))
1042 			break;
1043 	}
1044 	if (sah != NULL) {
1045 		/*
1046 		 * Allocate the oldest SA available according to
1047 		 * draft-jenkins-ipsec-rekeying-03.
1048 		 */
1049 		if (V_key_preferred_oldsa)
1050 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1051 		else
1052 			sav = TAILQ_FIRST(&sah->savtree_alive);
1053 		if (sav != NULL)
1054 			SAV_ADDREF(sav);
1055 	} else
1056 		sav = NULL;
1057 	SAHTREE_RUNLOCK();
1058 
1059 	if (sav != NULL) {
1060 		*error = 0;
1061 		KEYDBG(IPSEC_STAMP,
1062 		    printf("%s: chosen SA(%p) for SP(%p)\n", __func__,
1063 			sav, sp));
1064 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1065 		return (sav); /* return referenced SA */
1066 	}
1067 
1068 	/* there is no SA */
1069 	*error = key_acquire(saidx, sp);
1070 	if ((*error) != 0)
1071 		ipseclog((LOG_DEBUG,
1072 		    "%s: error %d returned from key_acquire()\n",
1073 			__func__, *error));
1074 	KEYDBG(IPSEC_STAMP,
1075 	    printf("%s: acquire SA for SP(%p), error %d\n",
1076 		__func__, sp, *error));
1077 	KEYDBG(IPSEC_DATA, kdebug_secasindex(saidx, NULL));
1078 	return (NULL);
1079 }
1080 
1081 /*
1082  * allocating a usable SA entry for a *INBOUND* packet.
1083  * Must call key_freesav() later.
1084  * OUT: positive:	pointer to a usable sav (i.e. MATURE or DYING state).
1085  *	NULL:		not found, or error occurred.
1086  *
1087  * According to RFC 2401 SA is uniquely identified by a triple SPI,
1088  * destination address, and security protocol. But according to RFC 4301,
1089  * SPI by itself suffices to specify an SA.
1090  *
1091  * Note that, however, we do need to keep source address in IPsec SA.
1092  * IKE specification and PF_KEY specification do assume that we
1093  * keep source address in IPsec SA.  We see a tricky situation here.
1094  */
1095 struct secasvar *
1096 key_allocsa(union sockaddr_union *dst, uint8_t proto, uint32_t spi)
1097 {
1098 	SAHTREE_RLOCK_TRACKER;
1099 	struct secasvar *sav;
1100 
1101 	IPSEC_ASSERT(proto == IPPROTO_ESP || proto == IPPROTO_AH ||
1102 	    proto == IPPROTO_IPCOMP, ("unexpected security protocol %u",
1103 	    proto));
1104 
1105 	SAHTREE_RLOCK();
1106 	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
1107 		if (sav->spi == spi)
1108 			break;
1109 	}
1110 	/*
1111 	 * We use single SPI namespace for all protocols, so it is
1112 	 * impossible to have SPI duplicates in the SAVHASH.
1113 	 */
1114 	if (sav != NULL) {
1115 		if (sav->state != SADB_SASTATE_LARVAL &&
1116 		    sav->sah->saidx.proto == proto &&
1117 		    key_sockaddrcmp(&dst->sa,
1118 			&sav->sah->saidx.dst.sa, 0) == 0)
1119 			SAV_ADDREF(sav);
1120 		else
1121 			sav = NULL;
1122 	}
1123 	SAHTREE_RUNLOCK();
1124 
1125 	if (sav == NULL) {
1126 		KEYDBG(IPSEC_STAMP,
1127 		    char buf[IPSEC_ADDRSTRLEN];
1128 		    printf("%s: SA not found for spi %u proto %u dst %s\n",
1129 			__func__, ntohl(spi), proto, ipsec_address(dst, buf,
1130 			sizeof(buf))));
1131 	} else {
1132 		KEYDBG(IPSEC_STAMP,
1133 		    printf("%s: return SA(%p)\n", __func__, sav));
1134 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1135 	}
1136 	return (sav);
1137 }
1138 
1139 struct secasvar *
1140 key_allocsa_tunnel(union sockaddr_union *src, union sockaddr_union *dst,
1141     uint8_t proto)
1142 {
1143 	SAHTREE_RLOCK_TRACKER;
1144 	struct secasindex saidx;
1145 	struct secashead *sah;
1146 	struct secasvar *sav;
1147 
1148 	IPSEC_ASSERT(src != NULL, ("null src address"));
1149 	IPSEC_ASSERT(dst != NULL, ("null dst address"));
1150 
1151 	KEY_SETSECASIDX(proto, IPSEC_MODE_TUNNEL, 0, &src->sa,
1152 	    &dst->sa, &saidx);
1153 
1154 	sav = NULL;
1155 	SAHTREE_RLOCK();
1156 	LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
1157 		if (IPSEC_MODE_TUNNEL != sah->saidx.mode)
1158 			continue;
1159 		if (proto != sah->saidx.proto)
1160 			continue;
1161 		if (key_sockaddrcmp(&src->sa, &sah->saidx.src.sa, 0) != 0)
1162 			continue;
1163 		if (key_sockaddrcmp(&dst->sa, &sah->saidx.dst.sa, 0) != 0)
1164 			continue;
1165 		/* XXXAE: is key_preferred_oldsa reasonably?*/
1166 		if (V_key_preferred_oldsa)
1167 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1168 		else
1169 			sav = TAILQ_FIRST(&sah->savtree_alive);
1170 		if (sav != NULL) {
1171 			SAV_ADDREF(sav);
1172 			break;
1173 		}
1174 	}
1175 	SAHTREE_RUNLOCK();
1176 	KEYDBG(IPSEC_STAMP,
1177 	    printf("%s: return SA(%p)\n", __func__, sav));
1178 	if (sav != NULL)
1179 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1180 	return (sav);
1181 }
1182 
1183 /*
1184  * Must be called after calling key_allocsp().
1185  */
1186 void
1187 key_freesp(struct secpolicy **spp)
1188 {
1189 	struct secpolicy *sp = *spp;
1190 
1191 	IPSEC_ASSERT(sp != NULL, ("null sp"));
1192 	if (SP_DELREF(sp) == 0)
1193 		return;
1194 
1195 	KEYDBG(IPSEC_STAMP,
1196 	    printf("%s: last reference to SP(%p)\n", __func__, sp));
1197 	KEYDBG(IPSEC_DATA, kdebug_secpolicy(sp));
1198 
1199 	*spp = NULL;
1200 	while (sp->tcount > 0)
1201 		ipsec_delisr(sp->req[--sp->tcount]);
1202 	free(sp, M_IPSEC_SP);
1203 }
1204 
1205 static void
1206 key_unlink(struct secpolicy *sp)
1207 {
1208 	SPTREE_WLOCK();
1209 	key_detach(sp);
1210 	SPTREE_WUNLOCK();
1211 	if (SPDCACHE_ENABLED())
1212 		spdcache_clear();
1213 	key_freesp(&sp);
1214 }
1215 
1216 static void
1217 key_detach(struct secpolicy *sp)
1218 {
1219 	IPSEC_ASSERT(sp->spidx.dir == IPSEC_DIR_INBOUND ||
1220 	    sp->spidx.dir == IPSEC_DIR_OUTBOUND,
1221 	    ("invalid direction %u", sp->spidx.dir));
1222 	SPTREE_WLOCK_ASSERT();
1223 
1224 	KEYDBG(KEY_STAMP,
1225 	    printf("%s: SP(%p)\n", __func__, sp));
1226 	if (sp->state != IPSEC_SPSTATE_ALIVE) {
1227 		/* SP is already unlinked */
1228 		return;
1229 	}
1230 	sp->state = IPSEC_SPSTATE_DEAD;
1231 	TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain);
1232 	V_spd_size--;
1233 	LIST_REMOVE(sp, idhash);
1234 	V_sp_genid++;
1235 }
1236 
1237 /*
1238  * insert a secpolicy into the SP database. Lower priorities first
1239  */
1240 static void
1241 key_insertsp(struct secpolicy *newsp)
1242 {
1243 	struct secpolicy *sp;
1244 
1245 	SPTREE_WLOCK_ASSERT();
1246 	TAILQ_FOREACH(sp, &V_sptree[newsp->spidx.dir], chain) {
1247 		if (newsp->priority < sp->priority) {
1248 			TAILQ_INSERT_BEFORE(sp, newsp, chain);
1249 			goto done;
1250 		}
1251 	}
1252 	TAILQ_INSERT_TAIL(&V_sptree[newsp->spidx.dir], newsp, chain);
1253 done:
1254 	LIST_INSERT_HEAD(SPHASH_HASH(newsp->id), newsp, idhash);
1255 	newsp->state = IPSEC_SPSTATE_ALIVE;
1256 	V_spd_size++;
1257 	V_sp_genid++;
1258 }
1259 
1260 /*
1261  * Insert a bunch of VTI secpolicies into the SPDB.
1262  * We keep VTI policies in the separate list due to following reasons:
1263  * 1) they should be immutable to user's or some deamon's attempts to
1264  *    delete. The only way delete such policies - destroy or unconfigure
1265  *    corresponding virtual inteface.
1266  * 2) such policies have traffic selector that matches all traffic per
1267  *    address family.
1268  * Since all VTI policies have the same priority, we don't care about
1269  * policies order.
1270  */
1271 int
1272 key_register_ifnet(struct secpolicy **spp, u_int count)
1273 {
1274 	struct mbuf *m;
1275 	u_int i;
1276 
1277 	SPTREE_WLOCK();
1278 	/*
1279 	 * First of try to acquire id for each SP.
1280 	 */
1281 	for (i = 0; i < count; i++) {
1282 		IPSEC_ASSERT(spp[i]->spidx.dir == IPSEC_DIR_INBOUND ||
1283 		    spp[i]->spidx.dir == IPSEC_DIR_OUTBOUND,
1284 		    ("invalid direction %u", spp[i]->spidx.dir));
1285 
1286 		if ((spp[i]->id = key_getnewspid()) == 0) {
1287 			SPTREE_WUNLOCK();
1288 			return (EAGAIN);
1289 		}
1290 	}
1291 	for (i = 0; i < count; i++) {
1292 		TAILQ_INSERT_TAIL(&V_sptree_ifnet[spp[i]->spidx.dir],
1293 		    spp[i], chain);
1294 		/*
1295 		 * NOTE: despite the fact that we keep VTI SP in the
1296 		 * separate list, SPHASH contains policies from both
1297 		 * sources. Thus SADB_X_SPDGET will correctly return
1298 		 * SP by id, because it uses SPHASH for lookups.
1299 		 */
1300 		LIST_INSERT_HEAD(SPHASH_HASH(spp[i]->id), spp[i], idhash);
1301 		spp[i]->state = IPSEC_SPSTATE_IFNET;
1302 	}
1303 	SPTREE_WUNLOCK();
1304 	/*
1305 	 * Notify user processes about new SP.
1306 	 */
1307 	for (i = 0; i < count; i++) {
1308 		m = key_setdumpsp(spp[i], SADB_X_SPDADD, 0, 0);
1309 		if (m != NULL)
1310 			key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL);
1311 	}
1312 	return (0);
1313 }
1314 
1315 void
1316 key_unregister_ifnet(struct secpolicy **spp, u_int count)
1317 {
1318 	struct mbuf *m;
1319 	u_int i;
1320 
1321 	SPTREE_WLOCK();
1322 	for (i = 0; i < count; i++) {
1323 		IPSEC_ASSERT(spp[i]->spidx.dir == IPSEC_DIR_INBOUND ||
1324 		    spp[i]->spidx.dir == IPSEC_DIR_OUTBOUND,
1325 		    ("invalid direction %u", spp[i]->spidx.dir));
1326 
1327 		if (spp[i]->state != IPSEC_SPSTATE_IFNET)
1328 			continue;
1329 		spp[i]->state = IPSEC_SPSTATE_DEAD;
1330 		TAILQ_REMOVE(&V_sptree_ifnet[spp[i]->spidx.dir],
1331 		    spp[i], chain);
1332 		V_spd_size--;
1333 		LIST_REMOVE(spp[i], idhash);
1334 	}
1335 	SPTREE_WUNLOCK();
1336 	if (SPDCACHE_ENABLED())
1337 		spdcache_clear();
1338 
1339 	for (i = 0; i < count; i++) {
1340 		m = key_setdumpsp(spp[i], SADB_X_SPDDELETE, 0, 0);
1341 		if (m != NULL)
1342 			key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL);
1343 	}
1344 }
1345 
1346 /*
1347  * Must be called after calling key_allocsa().
1348  * This function is called by key_freesp() to free some SA allocated
1349  * for a policy.
1350  */
1351 void
1352 key_freesav(struct secasvar **psav)
1353 {
1354 	struct secasvar *sav = *psav;
1355 
1356 	IPSEC_ASSERT(sav != NULL, ("null sav"));
1357 	CURVNET_ASSERT_SET();
1358 	if (SAV_DELREF(sav) == 0)
1359 		return;
1360 
1361 	KEYDBG(IPSEC_STAMP,
1362 	    printf("%s: last reference to SA(%p)\n", __func__, sav));
1363 
1364 	*psav = NULL;
1365 	key_delsav(sav);
1366 }
1367 
1368 /*
1369  * Unlink SA from SAH and SPI hash under SAHTREE_WLOCK.
1370  * Expect that SA has extra reference due to lookup.
1371  * Release this references, also release SAH reference after unlink.
1372  */
1373 static void
1374 key_unlinksav(struct secasvar *sav)
1375 {
1376 	struct secashead *sah;
1377 
1378 	KEYDBG(KEY_STAMP,
1379 	    printf("%s: SA(%p)\n", __func__, sav));
1380 
1381 	CURVNET_ASSERT_SET();
1382 	SAHTREE_UNLOCK_ASSERT();
1383 	SAHTREE_WLOCK();
1384 	if (sav->state == SADB_SASTATE_DEAD) {
1385 		/* SA is already unlinked */
1386 		SAHTREE_WUNLOCK();
1387 		return;
1388 	}
1389 	/* Unlink from SAH */
1390 	if (sav->state == SADB_SASTATE_LARVAL)
1391 		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
1392 	else
1393 		TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
1394 	/* Unlink from SPI hash */
1395 	LIST_REMOVE(sav, spihash);
1396 	sav->state = SADB_SASTATE_DEAD;
1397 	sah = sav->sah;
1398 	SAHTREE_WUNLOCK();
1399 	key_freesav(&sav);
1400 	/* Since we are unlinked, release reference to SAH */
1401 	key_freesah(&sah);
1402 }
1403 
1404 /* %%% SPD management */
1405 /*
1406  * search SPD
1407  * OUT:	NULL	: not found
1408  *	others	: found, pointer to a SP.
1409  */
1410 static struct secpolicy *
1411 key_getsp(struct secpolicyindex *spidx)
1412 {
1413 	SPTREE_RLOCK_TRACKER;
1414 	struct secpolicy *sp;
1415 
1416 	IPSEC_ASSERT(spidx != NULL, ("null spidx"));
1417 
1418 	SPTREE_RLOCK();
1419 	TAILQ_FOREACH(sp, &V_sptree[spidx->dir], chain) {
1420 		if (key_cmpspidx_exactly(spidx, &sp->spidx)) {
1421 			SP_ADDREF(sp);
1422 			break;
1423 		}
1424 	}
1425 	SPTREE_RUNLOCK();
1426 
1427 	return sp;
1428 }
1429 
1430 /*
1431  * get SP by index.
1432  * OUT:	NULL	: not found
1433  *	others	: found, pointer to referenced SP.
1434  */
1435 static struct secpolicy *
1436 key_getspbyid(uint32_t id)
1437 {
1438 	SPTREE_RLOCK_TRACKER;
1439 	struct secpolicy *sp;
1440 
1441 	SPTREE_RLOCK();
1442 	LIST_FOREACH(sp, SPHASH_HASH(id), idhash) {
1443 		if (sp->id == id) {
1444 			SP_ADDREF(sp);
1445 			break;
1446 		}
1447 	}
1448 	SPTREE_RUNLOCK();
1449 	return (sp);
1450 }
1451 
1452 struct secpolicy *
1453 key_newsp(void)
1454 {
1455 	struct secpolicy *sp;
1456 
1457 	sp = malloc(sizeof(*sp), M_IPSEC_SP, M_NOWAIT | M_ZERO);
1458 	if (sp != NULL)
1459 		SP_INITREF(sp);
1460 	return (sp);
1461 }
1462 
1463 struct ipsecrequest *
1464 ipsec_newisr(void)
1465 {
1466 
1467 	return (malloc(sizeof(struct ipsecrequest), M_IPSEC_SR,
1468 	    M_NOWAIT | M_ZERO));
1469 }
1470 
1471 void
1472 ipsec_delisr(struct ipsecrequest *p)
1473 {
1474 
1475 	free(p, M_IPSEC_SR);
1476 }
1477 
1478 /*
1479  * create secpolicy structure from sadb_x_policy structure.
1480  * NOTE: `state', `secpolicyindex' and 'id' in secpolicy structure
1481  * are not set, so must be set properly later.
1482  */
1483 struct secpolicy *
1484 key_msg2sp(struct sadb_x_policy *xpl0, size_t len, int *error)
1485 {
1486 	struct secpolicy *newsp;
1487 
1488 	IPSEC_ASSERT(xpl0 != NULL, ("null xpl0"));
1489 	IPSEC_ASSERT(len >= sizeof(*xpl0), ("policy too short: %zu", len));
1490 
1491 	if (len != PFKEY_EXTLEN(xpl0)) {
1492 		ipseclog((LOG_DEBUG, "%s: Invalid msg length.\n", __func__));
1493 		*error = EINVAL;
1494 		return NULL;
1495 	}
1496 
1497 	if ((newsp = key_newsp()) == NULL) {
1498 		*error = ENOBUFS;
1499 		return NULL;
1500 	}
1501 
1502 	newsp->spidx.dir = xpl0->sadb_x_policy_dir;
1503 	newsp->policy = xpl0->sadb_x_policy_type;
1504 	newsp->priority = xpl0->sadb_x_policy_priority;
1505 	newsp->tcount = 0;
1506 
1507 	/* check policy */
1508 	switch (xpl0->sadb_x_policy_type) {
1509 	case IPSEC_POLICY_DISCARD:
1510 	case IPSEC_POLICY_NONE:
1511 	case IPSEC_POLICY_ENTRUST:
1512 	case IPSEC_POLICY_BYPASS:
1513 		break;
1514 
1515 	case IPSEC_POLICY_IPSEC:
1516 	    {
1517 		struct sadb_x_ipsecrequest *xisr;
1518 		struct ipsecrequest *isr;
1519 		int tlen;
1520 
1521 		/* validity check */
1522 		if (PFKEY_EXTLEN(xpl0) < sizeof(*xpl0)) {
1523 			ipseclog((LOG_DEBUG, "%s: Invalid msg length.\n",
1524 				__func__));
1525 			key_freesp(&newsp);
1526 			*error = EINVAL;
1527 			return NULL;
1528 		}
1529 
1530 		tlen = PFKEY_EXTLEN(xpl0) - sizeof(*xpl0);
1531 		xisr = (struct sadb_x_ipsecrequest *)(xpl0 + 1);
1532 
1533 		while (tlen > 0) {
1534 			/* length check */
1535 			if (xisr->sadb_x_ipsecrequest_len < sizeof(*xisr) ||
1536 			    xisr->sadb_x_ipsecrequest_len > tlen) {
1537 				ipseclog((LOG_DEBUG, "%s: invalid ipsecrequest "
1538 					"length.\n", __func__));
1539 				key_freesp(&newsp);
1540 				*error = EINVAL;
1541 				return NULL;
1542 			}
1543 
1544 			if (newsp->tcount >= IPSEC_MAXREQ) {
1545 				ipseclog((LOG_DEBUG,
1546 				    "%s: too many ipsecrequests.\n",
1547 				    __func__));
1548 				key_freesp(&newsp);
1549 				*error = EINVAL;
1550 				return (NULL);
1551 			}
1552 
1553 			/* allocate request buffer */
1554 			/* NB: data structure is zero'd */
1555 			isr = ipsec_newisr();
1556 			if (isr == NULL) {
1557 				ipseclog((LOG_DEBUG,
1558 				    "%s: No more memory.\n", __func__));
1559 				key_freesp(&newsp);
1560 				*error = ENOBUFS;
1561 				return NULL;
1562 			}
1563 
1564 			newsp->req[newsp->tcount++] = isr;
1565 
1566 			/* set values */
1567 			switch (xisr->sadb_x_ipsecrequest_proto) {
1568 			case IPPROTO_ESP:
1569 			case IPPROTO_AH:
1570 			case IPPROTO_IPCOMP:
1571 				break;
1572 			default:
1573 				ipseclog((LOG_DEBUG,
1574 				    "%s: invalid proto type=%u\n", __func__,
1575 				    xisr->sadb_x_ipsecrequest_proto));
1576 				key_freesp(&newsp);
1577 				*error = EPROTONOSUPPORT;
1578 				return NULL;
1579 			}
1580 			isr->saidx.proto =
1581 			    (uint8_t)xisr->sadb_x_ipsecrequest_proto;
1582 
1583 			switch (xisr->sadb_x_ipsecrequest_mode) {
1584 			case IPSEC_MODE_TRANSPORT:
1585 			case IPSEC_MODE_TUNNEL:
1586 				break;
1587 			case IPSEC_MODE_ANY:
1588 			default:
1589 				ipseclog((LOG_DEBUG,
1590 				    "%s: invalid mode=%u\n", __func__,
1591 				    xisr->sadb_x_ipsecrequest_mode));
1592 				key_freesp(&newsp);
1593 				*error = EINVAL;
1594 				return NULL;
1595 			}
1596 			isr->saidx.mode = xisr->sadb_x_ipsecrequest_mode;
1597 
1598 			switch (xisr->sadb_x_ipsecrequest_level) {
1599 			case IPSEC_LEVEL_DEFAULT:
1600 			case IPSEC_LEVEL_USE:
1601 			case IPSEC_LEVEL_REQUIRE:
1602 				break;
1603 			case IPSEC_LEVEL_UNIQUE:
1604 				/* validity check */
1605 				/*
1606 				 * If range violation of reqid, kernel will
1607 				 * update it, don't refuse it.
1608 				 */
1609 				if (xisr->sadb_x_ipsecrequest_reqid
1610 						> IPSEC_MANUAL_REQID_MAX) {
1611 					ipseclog((LOG_DEBUG,
1612 					    "%s: reqid=%d range "
1613 					    "violation, updated by kernel.\n",
1614 					    __func__,
1615 					    xisr->sadb_x_ipsecrequest_reqid));
1616 					xisr->sadb_x_ipsecrequest_reqid = 0;
1617 				}
1618 
1619 				/* allocate new reqid id if reqid is zero. */
1620 				if (xisr->sadb_x_ipsecrequest_reqid == 0) {
1621 					u_int32_t reqid;
1622 					if ((reqid = key_newreqid()) == 0) {
1623 						key_freesp(&newsp);
1624 						*error = ENOBUFS;
1625 						return NULL;
1626 					}
1627 					isr->saidx.reqid = reqid;
1628 					xisr->sadb_x_ipsecrequest_reqid = reqid;
1629 				} else {
1630 				/* set it for manual keying. */
1631 					isr->saidx.reqid =
1632 					    xisr->sadb_x_ipsecrequest_reqid;
1633 				}
1634 				break;
1635 
1636 			default:
1637 				ipseclog((LOG_DEBUG, "%s: invalid level=%u\n",
1638 					__func__,
1639 					xisr->sadb_x_ipsecrequest_level));
1640 				key_freesp(&newsp);
1641 				*error = EINVAL;
1642 				return NULL;
1643 			}
1644 			isr->level = xisr->sadb_x_ipsecrequest_level;
1645 
1646 			/* set IP addresses if there */
1647 			if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
1648 				struct sockaddr *paddr;
1649 
1650 				len = tlen - sizeof(*xisr);
1651 				paddr = (struct sockaddr *)(xisr + 1);
1652 				/* validity check */
1653 				if (len < sizeof(struct sockaddr) ||
1654 				    len < 2 * paddr->sa_len ||
1655 				    paddr->sa_len > sizeof(isr->saidx.src)) {
1656 					ipseclog((LOG_DEBUG, "%s: invalid "
1657 						"request address length.\n",
1658 						__func__));
1659 					key_freesp(&newsp);
1660 					*error = EINVAL;
1661 					return NULL;
1662 				}
1663 				/*
1664 				 * Request length should be enough to keep
1665 				 * source and destination addresses.
1666 				 */
1667 				if (xisr->sadb_x_ipsecrequest_len <
1668 				    sizeof(*xisr) + 2 * paddr->sa_len) {
1669 					ipseclog((LOG_DEBUG, "%s: invalid "
1670 					    "ipsecrequest length.\n",
1671 					    __func__));
1672 					key_freesp(&newsp);
1673 					*error = EINVAL;
1674 					return (NULL);
1675 				}
1676 				bcopy(paddr, &isr->saidx.src, paddr->sa_len);
1677 				paddr = (struct sockaddr *)((caddr_t)paddr +
1678 				    paddr->sa_len);
1679 
1680 				/* validity check */
1681 				if (paddr->sa_len !=
1682 				    isr->saidx.src.sa.sa_len) {
1683 					ipseclog((LOG_DEBUG, "%s: invalid "
1684 						"request address length.\n",
1685 						__func__));
1686 					key_freesp(&newsp);
1687 					*error = EINVAL;
1688 					return NULL;
1689 				}
1690 				/* AF family should match */
1691 				if (paddr->sa_family !=
1692 				    isr->saidx.src.sa.sa_family) {
1693 					ipseclog((LOG_DEBUG, "%s: address "
1694 					    "family doesn't match.\n",
1695 						__func__));
1696 					key_freesp(&newsp);
1697 					*error = EINVAL;
1698 					return (NULL);
1699 				}
1700 				bcopy(paddr, &isr->saidx.dst, paddr->sa_len);
1701 			} else {
1702 				/*
1703 				 * Addresses for TUNNEL mode requests are
1704 				 * mandatory.
1705 				 */
1706 				if (isr->saidx.mode == IPSEC_MODE_TUNNEL) {
1707 					ipseclog((LOG_DEBUG, "%s: missing "
1708 					    "request addresses.\n", __func__));
1709 					key_freesp(&newsp);
1710 					*error = EINVAL;
1711 					return (NULL);
1712 				}
1713 			}
1714 			tlen -= xisr->sadb_x_ipsecrequest_len;
1715 
1716 			/* validity check */
1717 			if (tlen < 0) {
1718 				ipseclog((LOG_DEBUG, "%s: becoming tlen < 0.\n",
1719 					__func__));
1720 				key_freesp(&newsp);
1721 				*error = EINVAL;
1722 				return NULL;
1723 			}
1724 
1725 			xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr
1726 			                 + xisr->sadb_x_ipsecrequest_len);
1727 		}
1728 		/* XXXAE: LARVAL SP */
1729 		if (newsp->tcount < 1) {
1730 			ipseclog((LOG_DEBUG, "%s: valid IPSEC transforms "
1731 			    "not found.\n", __func__));
1732 			key_freesp(&newsp);
1733 			*error = EINVAL;
1734 			return (NULL);
1735 		}
1736 	    }
1737 		break;
1738 	default:
1739 		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
1740 		key_freesp(&newsp);
1741 		*error = EINVAL;
1742 		return NULL;
1743 	}
1744 
1745 	*error = 0;
1746 	return (newsp);
1747 }
1748 
1749 uint32_t
1750 key_newreqid(void)
1751 {
1752 	static uint32_t auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1753 
1754 	if (auto_reqid == ~0)
1755 		auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1756 	else
1757 		auto_reqid++;
1758 
1759 	/* XXX should be unique check */
1760 	return (auto_reqid);
1761 }
1762 
1763 /*
1764  * copy secpolicy struct to sadb_x_policy structure indicated.
1765  */
1766 static struct mbuf *
1767 key_sp2mbuf(struct secpolicy *sp)
1768 {
1769 	struct mbuf *m;
1770 	size_t tlen;
1771 
1772 	tlen = key_getspreqmsglen(sp);
1773 	m = m_get2(tlen, M_NOWAIT, MT_DATA, 0);
1774 	if (m == NULL)
1775 		return (NULL);
1776 	m_align(m, tlen);
1777 	m->m_len = tlen;
1778 	if (key_sp2msg(sp, m->m_data, &tlen) != 0) {
1779 		m_freem(m);
1780 		return (NULL);
1781 	}
1782 	return (m);
1783 }
1784 
1785 int
1786 key_sp2msg(struct secpolicy *sp, void *request, size_t *len)
1787 {
1788 	struct sadb_x_ipsecrequest *xisr;
1789 	struct sadb_x_policy *xpl;
1790 	struct ipsecrequest *isr;
1791 	size_t xlen, ilen;
1792 	caddr_t p;
1793 	int error, i;
1794 
1795 	IPSEC_ASSERT(sp != NULL, ("null policy"));
1796 
1797 	xlen = sizeof(*xpl);
1798 	if (*len < xlen)
1799 		return (EINVAL);
1800 
1801 	error = 0;
1802 	bzero(request, *len);
1803 	xpl = (struct sadb_x_policy *)request;
1804 	xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
1805 	xpl->sadb_x_policy_type = sp->policy;
1806 	xpl->sadb_x_policy_dir = sp->spidx.dir;
1807 	xpl->sadb_x_policy_id = sp->id;
1808 	xpl->sadb_x_policy_priority = sp->priority;
1809 	switch (sp->state) {
1810 	case IPSEC_SPSTATE_IFNET:
1811 		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_IFNET;
1812 		break;
1813 	case IPSEC_SPSTATE_PCB:
1814 		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_PCB;
1815 		break;
1816 	default:
1817 		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_GLOBAL;
1818 	}
1819 
1820 	/* if is the policy for ipsec ? */
1821 	if (sp->policy == IPSEC_POLICY_IPSEC) {
1822 		p = (caddr_t)xpl + sizeof(*xpl);
1823 		for (i = 0; i < sp->tcount; i++) {
1824 			isr = sp->req[i];
1825 			ilen = PFKEY_ALIGN8(sizeof(*xisr) +
1826 			    isr->saidx.src.sa.sa_len +
1827 			    isr->saidx.dst.sa.sa_len);
1828 			xlen += ilen;
1829 			if (xlen > *len) {
1830 				error = ENOBUFS;
1831 				/* Calculate needed size */
1832 				continue;
1833 			}
1834 			xisr = (struct sadb_x_ipsecrequest *)p;
1835 			xisr->sadb_x_ipsecrequest_len = ilen;
1836 			xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto;
1837 			xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode;
1838 			xisr->sadb_x_ipsecrequest_level = isr->level;
1839 			xisr->sadb_x_ipsecrequest_reqid = isr->saidx.reqid;
1840 
1841 			p += sizeof(*xisr);
1842 			bcopy(&isr->saidx.src, p, isr->saidx.src.sa.sa_len);
1843 			p += isr->saidx.src.sa.sa_len;
1844 			bcopy(&isr->saidx.dst, p, isr->saidx.dst.sa.sa_len);
1845 			p += isr->saidx.dst.sa.sa_len;
1846 		}
1847 	}
1848 	xpl->sadb_x_policy_len = PFKEY_UNIT64(xlen);
1849 	if (error == 0)
1850 		*len = xlen;
1851 	else
1852 		*len = sizeof(*xpl);
1853 	return (error);
1854 }
1855 
1856 /* m will not be freed nor modified */
1857 static struct mbuf *
1858 key_gather_mbuf(struct mbuf *m, const struct sadb_msghdr *mhp,
1859     int ndeep, int nitem, ...)
1860 {
1861 	va_list ap;
1862 	int idx;
1863 	int i;
1864 	struct mbuf *result = NULL, *n;
1865 	int len;
1866 
1867 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
1868 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
1869 
1870 	va_start(ap, nitem);
1871 	for (i = 0; i < nitem; i++) {
1872 		idx = va_arg(ap, int);
1873 		if (idx < 0 || idx > SADB_EXT_MAX)
1874 			goto fail;
1875 		/* don't attempt to pull empty extension */
1876 		if (idx == SADB_EXT_RESERVED && mhp->msg == NULL)
1877 			continue;
1878 		if (idx != SADB_EXT_RESERVED  &&
1879 		    (mhp->ext[idx] == NULL || mhp->extlen[idx] == 0))
1880 			continue;
1881 
1882 		if (idx == SADB_EXT_RESERVED) {
1883 			len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
1884 
1885 			IPSEC_ASSERT(len <= MHLEN, ("header too big %u", len));
1886 
1887 			MGETHDR(n, M_NOWAIT, MT_DATA);
1888 			if (!n)
1889 				goto fail;
1890 			n->m_len = len;
1891 			n->m_next = NULL;
1892 			m_copydata(m, 0, sizeof(struct sadb_msg),
1893 			    mtod(n, caddr_t));
1894 		} else if (i < ndeep) {
1895 			len = mhp->extlen[idx];
1896 			n = m_get2(len, M_NOWAIT, MT_DATA, 0);
1897 			if (n == NULL)
1898 				goto fail;
1899 			m_align(n, len);
1900 			n->m_len = len;
1901 			m_copydata(m, mhp->extoff[idx], mhp->extlen[idx],
1902 			    mtod(n, caddr_t));
1903 		} else {
1904 			n = m_copym(m, mhp->extoff[idx], mhp->extlen[idx],
1905 			    M_NOWAIT);
1906 		}
1907 		if (n == NULL)
1908 			goto fail;
1909 
1910 		if (result)
1911 			m_cat(result, n);
1912 		else
1913 			result = n;
1914 	}
1915 	va_end(ap);
1916 
1917 	if ((result->m_flags & M_PKTHDR) != 0) {
1918 		result->m_pkthdr.len = 0;
1919 		for (n = result; n; n = n->m_next)
1920 			result->m_pkthdr.len += n->m_len;
1921 	}
1922 
1923 	return result;
1924 
1925 fail:
1926 	m_freem(result);
1927 	va_end(ap);
1928 	return NULL;
1929 }
1930 
1931 /*
1932  * SADB_X_SPDADD, SADB_X_SPDSETIDX or SADB_X_SPDUPDATE processing
1933  * add an entry to SP database, when received
1934  *   <base, address(SD), (lifetime(H),) policy>
1935  * from the user(?).
1936  * Adding to SP database,
1937  * and send
1938  *   <base, address(SD), (lifetime(H),) policy>
1939  * to the socket which was send.
1940  *
1941  * SPDADD set a unique policy entry.
1942  * SPDSETIDX like SPDADD without a part of policy requests.
1943  * SPDUPDATE replace a unique policy entry.
1944  *
1945  * XXXAE: serialize this in PF_KEY to avoid races.
1946  * m will always be freed.
1947  */
1948 static int
1949 key_spdadd(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
1950 {
1951 	struct secpolicyindex spidx;
1952 	struct sadb_address *src0, *dst0;
1953 	struct sadb_x_policy *xpl0, *xpl;
1954 	struct sadb_lifetime *lft = NULL;
1955 	struct secpolicy *newsp, *oldsp;
1956 	int error;
1957 
1958 	IPSEC_ASSERT(so != NULL, ("null socket"));
1959 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
1960 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
1961 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
1962 
1963 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
1964 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
1965 	    SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY)) {
1966 		ipseclog((LOG_DEBUG,
1967 		    "%s: invalid message: missing required header.\n",
1968 		    __func__));
1969 		return key_senderror(so, m, EINVAL);
1970 	}
1971 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
1972 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
1973 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
1974 		ipseclog((LOG_DEBUG,
1975 		    "%s: invalid message: wrong header size.\n", __func__));
1976 		return key_senderror(so, m, EINVAL);
1977 	}
1978 	if (!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD)) {
1979 		if (SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_HARD)) {
1980 			ipseclog((LOG_DEBUG,
1981 			    "%s: invalid message: wrong header size.\n",
1982 			    __func__));
1983 			return key_senderror(so, m, EINVAL);
1984 		}
1985 		lft = (struct sadb_lifetime *)mhp->ext[SADB_EXT_LIFETIME_HARD];
1986 	}
1987 
1988 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
1989 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
1990 	xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
1991 
1992 	/* check the direciton */
1993 	switch (xpl0->sadb_x_policy_dir) {
1994 	case IPSEC_DIR_INBOUND:
1995 	case IPSEC_DIR_OUTBOUND:
1996 		break;
1997 	default:
1998 		ipseclog((LOG_DEBUG, "%s: invalid SP direction.\n", __func__));
1999 		return key_senderror(so, m, EINVAL);
2000 	}
2001 	/* key_spdadd() accepts DISCARD, NONE and IPSEC. */
2002 	if (xpl0->sadb_x_policy_type != IPSEC_POLICY_DISCARD &&
2003 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_NONE &&
2004 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
2005 		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
2006 		return key_senderror(so, m, EINVAL);
2007 	}
2008 
2009 	/* policy requests are mandatory when action is ipsec. */
2010 	if (xpl0->sadb_x_policy_type == IPSEC_POLICY_IPSEC &&
2011 	    mhp->extlen[SADB_X_EXT_POLICY] <= sizeof(*xpl0)) {
2012 		ipseclog((LOG_DEBUG,
2013 		    "%s: policy requests required.\n", __func__));
2014 		return key_senderror(so, m, EINVAL);
2015 	}
2016 
2017 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
2018 	    (struct sockaddr *)(dst0 + 1));
2019 	if (error != 0 ||
2020 	    src0->sadb_address_proto != dst0->sadb_address_proto) {
2021 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
2022 		return key_senderror(so, m, error);
2023 	}
2024 	/* make secindex */
2025 	KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
2026 	                src0 + 1,
2027 	                dst0 + 1,
2028 	                src0->sadb_address_prefixlen,
2029 	                dst0->sadb_address_prefixlen,
2030 	                src0->sadb_address_proto,
2031 	                &spidx);
2032 	/* Checking there is SP already or not. */
2033 	oldsp = key_getsp(&spidx);
2034 	if (oldsp != NULL) {
2035 		if (mhp->msg->sadb_msg_type == SADB_X_SPDUPDATE) {
2036 			KEYDBG(KEY_STAMP,
2037 			    printf("%s: unlink SP(%p) for SPDUPDATE\n",
2038 				__func__, oldsp));
2039 			KEYDBG(KEY_DATA, kdebug_secpolicy(oldsp));
2040 		} else {
2041 			key_freesp(&oldsp);
2042 			ipseclog((LOG_DEBUG,
2043 			    "%s: a SP entry exists already.\n", __func__));
2044 			return (key_senderror(so, m, EEXIST));
2045 		}
2046 	}
2047 
2048 	/* allocate new SP entry */
2049 	if ((newsp = key_msg2sp(xpl0, PFKEY_EXTLEN(xpl0), &error)) == NULL) {
2050 		if (oldsp != NULL) {
2051 			key_unlink(oldsp);
2052 			key_freesp(&oldsp); /* second for our reference */
2053 		}
2054 		return key_senderror(so, m, error);
2055 	}
2056 
2057 	newsp->lastused = newsp->created = time_second;
2058 	newsp->lifetime = lft ? lft->sadb_lifetime_addtime : 0;
2059 	newsp->validtime = lft ? lft->sadb_lifetime_usetime : 0;
2060 	bcopy(&spidx, &newsp->spidx, sizeof(spidx));
2061 
2062 	SPTREE_WLOCK();
2063 	if ((newsp->id = key_getnewspid()) == 0) {
2064 		if (oldsp != NULL)
2065 			key_detach(oldsp);
2066 		SPTREE_WUNLOCK();
2067 		if (oldsp != NULL) {
2068 			key_freesp(&oldsp); /* first for key_detach */
2069 			IPSEC_ASSERT(oldsp != NULL, ("null oldsp: refcount bug"));
2070 			key_freesp(&oldsp); /* second for our reference */
2071 			if (SPDCACHE_ENABLED()) /* refresh cache because of key_detach */
2072 				spdcache_clear();
2073 		}
2074 		key_freesp(&newsp);
2075 		return key_senderror(so, m, ENOBUFS);
2076 	}
2077 	if (oldsp != NULL)
2078 		key_detach(oldsp);
2079 	key_insertsp(newsp);
2080 	SPTREE_WUNLOCK();
2081 	if (oldsp != NULL) {
2082 		key_freesp(&oldsp); /* first for key_detach */
2083 		IPSEC_ASSERT(oldsp != NULL, ("null oldsp: refcount bug"));
2084 		key_freesp(&oldsp); /* second for our reference */
2085 	}
2086 	if (SPDCACHE_ENABLED())
2087 		spdcache_clear();
2088 	KEYDBG(KEY_STAMP,
2089 	    printf("%s: SP(%p)\n", __func__, newsp));
2090 	KEYDBG(KEY_DATA, kdebug_secpolicy(newsp));
2091 
2092     {
2093 	struct mbuf *n, *mpolicy;
2094 	struct sadb_msg *newmsg;
2095 	int off;
2096 
2097 	/* create new sadb_msg to reply. */
2098 	if (lft) {
2099 		n = key_gather_mbuf(m, mhp, 2, 5, SADB_EXT_RESERVED,
2100 		    SADB_X_EXT_POLICY, SADB_EXT_LIFETIME_HARD,
2101 		    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2102 	} else {
2103 		n = key_gather_mbuf(m, mhp, 2, 4, SADB_EXT_RESERVED,
2104 		    SADB_X_EXT_POLICY,
2105 		    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2106 	}
2107 	if (!n)
2108 		return key_senderror(so, m, ENOBUFS);
2109 
2110 	if (n->m_len < sizeof(*newmsg)) {
2111 		n = m_pullup(n, sizeof(*newmsg));
2112 		if (!n)
2113 			return key_senderror(so, m, ENOBUFS);
2114 	}
2115 	newmsg = mtod(n, struct sadb_msg *);
2116 	newmsg->sadb_msg_errno = 0;
2117 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2118 
2119 	off = 0;
2120 	mpolicy = m_pulldown(n, PFKEY_ALIGN8(sizeof(struct sadb_msg)),
2121 	    sizeof(*xpl), &off);
2122 	if (mpolicy == NULL) {
2123 		/* n is already freed */
2124 		return key_senderror(so, m, ENOBUFS);
2125 	}
2126 	xpl = (struct sadb_x_policy *)(mtod(mpolicy, caddr_t) + off);
2127 	if (xpl->sadb_x_policy_exttype != SADB_X_EXT_POLICY) {
2128 		m_freem(n);
2129 		return key_senderror(so, m, EINVAL);
2130 	}
2131 	xpl->sadb_x_policy_id = newsp->id;
2132 
2133 	m_freem(m);
2134 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2135     }
2136 }
2137 
2138 /*
2139  * get new policy id.
2140  * OUT:
2141  *	0:	failure.
2142  *	others: success.
2143  */
2144 static uint32_t
2145 key_getnewspid(void)
2146 {
2147 	struct secpolicy *sp;
2148 	uint32_t newid = 0;
2149 	int tries, limit;
2150 
2151 	SPTREE_WLOCK_ASSERT();
2152 
2153 	limit = atomic_load_int(&V_key_spi_trycnt);
2154 	for (tries = 0; tries < limit; tries++) {
2155 		if (V_policy_id == ~0) /* overflowed */
2156 			newid = V_policy_id = 1;
2157 		else
2158 			newid = ++V_policy_id;
2159 		LIST_FOREACH(sp, SPHASH_HASH(newid), idhash) {
2160 			if (sp->id == newid)
2161 				break;
2162 		}
2163 		if (sp == NULL)
2164 			break;
2165 	}
2166 	if (tries == limit || newid == 0) {
2167 		ipseclog((LOG_DEBUG, "%s: failed to allocate policy id.\n",
2168 		    __func__));
2169 		return (0);
2170 	}
2171 	return (newid);
2172 }
2173 
2174 /*
2175  * SADB_SPDDELETE processing
2176  * receive
2177  *   <base, address(SD), policy(*)>
2178  * from the user(?), and set SADB_SASTATE_DEAD,
2179  * and send,
2180  *   <base, address(SD), policy(*)>
2181  * to the ikmpd.
2182  * policy(*) including direction of policy.
2183  *
2184  * m will always be freed.
2185  */
2186 static int
2187 key_spddelete(struct socket *so, struct mbuf *m,
2188     const struct sadb_msghdr *mhp)
2189 {
2190 	struct secpolicyindex spidx;
2191 	struct sadb_address *src0, *dst0;
2192 	struct sadb_x_policy *xpl0;
2193 	struct secpolicy *sp;
2194 
2195 	IPSEC_ASSERT(so != NULL, ("null so"));
2196 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2197 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2198 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2199 
2200 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
2201 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
2202 	    SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY)) {
2203 		ipseclog((LOG_DEBUG,
2204 		    "%s: invalid message: missing required header.\n",
2205 		    __func__));
2206 		return key_senderror(so, m, EINVAL);
2207 	}
2208 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
2209 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
2210 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2211 		ipseclog((LOG_DEBUG,
2212 		    "%s: invalid message: wrong header size.\n", __func__));
2213 		return key_senderror(so, m, EINVAL);
2214 	}
2215 
2216 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
2217 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
2218 	xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
2219 
2220 	/* check the direciton */
2221 	switch (xpl0->sadb_x_policy_dir) {
2222 	case IPSEC_DIR_INBOUND:
2223 	case IPSEC_DIR_OUTBOUND:
2224 		break;
2225 	default:
2226 		ipseclog((LOG_DEBUG, "%s: invalid SP direction.\n", __func__));
2227 		return key_senderror(so, m, EINVAL);
2228 	}
2229 	/* Only DISCARD, NONE and IPSEC are allowed */
2230 	if (xpl0->sadb_x_policy_type != IPSEC_POLICY_DISCARD &&
2231 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_NONE &&
2232 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
2233 		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
2234 		return key_senderror(so, m, EINVAL);
2235 	}
2236 	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
2237 	    (struct sockaddr *)(dst0 + 1)) != 0 ||
2238 	    src0->sadb_address_proto != dst0->sadb_address_proto) {
2239 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
2240 		return key_senderror(so, m, EINVAL);
2241 	}
2242 	/* make secindex */
2243 	KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
2244 	                src0 + 1,
2245 	                dst0 + 1,
2246 	                src0->sadb_address_prefixlen,
2247 	                dst0->sadb_address_prefixlen,
2248 	                src0->sadb_address_proto,
2249 	                &spidx);
2250 
2251 	/* Is there SP in SPD ? */
2252 	if ((sp = key_getsp(&spidx)) == NULL) {
2253 		ipseclog((LOG_DEBUG, "%s: no SP found.\n", __func__));
2254 		return key_senderror(so, m, EINVAL);
2255 	}
2256 
2257 	/* save policy id to buffer to be returned. */
2258 	xpl0->sadb_x_policy_id = sp->id;
2259 
2260 	KEYDBG(KEY_STAMP,
2261 	    printf("%s: SP(%p)\n", __func__, sp));
2262 	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2263 	key_unlink(sp);
2264 	key_freesp(&sp);
2265 
2266     {
2267 	struct mbuf *n;
2268 	struct sadb_msg *newmsg;
2269 
2270 	/* create new sadb_msg to reply. */
2271 	n = key_gather_mbuf(m, mhp, 1, 4, SADB_EXT_RESERVED,
2272 	    SADB_X_EXT_POLICY, SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2273 	if (!n)
2274 		return key_senderror(so, m, ENOBUFS);
2275 
2276 	newmsg = mtod(n, struct sadb_msg *);
2277 	newmsg->sadb_msg_errno = 0;
2278 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2279 
2280 	m_freem(m);
2281 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2282     }
2283 }
2284 
2285 /*
2286  * SADB_SPDDELETE2 processing
2287  * receive
2288  *   <base, policy(*)>
2289  * from the user(?), and set SADB_SASTATE_DEAD,
2290  * and send,
2291  *   <base, policy(*)>
2292  * to the ikmpd.
2293  * policy(*) including direction of policy.
2294  *
2295  * m will always be freed.
2296  */
2297 static int
2298 key_spddelete2(struct socket *so, struct mbuf *m,
2299     const struct sadb_msghdr *mhp)
2300 {
2301 	struct secpolicy *sp;
2302 	uint32_t id;
2303 
2304 	IPSEC_ASSERT(so != NULL, ("null socket"));
2305 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2306 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2307 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2308 
2309 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY) ||
2310 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2311 		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
2312 		    __func__));
2313 		return key_senderror(so, m, EINVAL);
2314 	}
2315 
2316 	id = ((struct sadb_x_policy *)
2317 	    mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
2318 
2319 	/* Is there SP in SPD ? */
2320 	if ((sp = key_getspbyid(id)) == NULL) {
2321 		ipseclog((LOG_DEBUG, "%s: no SP found for id %u.\n",
2322 		    __func__, id));
2323 		return key_senderror(so, m, EINVAL);
2324 	}
2325 
2326 	KEYDBG(KEY_STAMP,
2327 	    printf("%s: SP(%p)\n", __func__, sp));
2328 	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2329 	key_unlink(sp);
2330 	if (sp->state != IPSEC_SPSTATE_DEAD) {
2331 		ipseclog((LOG_DEBUG, "%s: failed to delete SP with id %u.\n",
2332 		    __func__, id));
2333 		key_freesp(&sp);
2334 		return (key_senderror(so, m, EACCES));
2335 	}
2336 	key_freesp(&sp);
2337 
2338     {
2339 	struct mbuf *n, *nn;
2340 	struct sadb_msg *newmsg;
2341 	int off, len;
2342 
2343 	/* create new sadb_msg to reply. */
2344 	len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
2345 
2346 	MGETHDR(n, M_NOWAIT, MT_DATA);
2347 	if (n && len > MHLEN) {
2348 		if (!(MCLGET(n, M_NOWAIT))) {
2349 			m_freem(n);
2350 			n = NULL;
2351 		}
2352 	}
2353 	if (!n)
2354 		return key_senderror(so, m, ENOBUFS);
2355 
2356 	n->m_len = len;
2357 	n->m_next = NULL;
2358 	off = 0;
2359 
2360 	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
2361 	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
2362 
2363 	IPSEC_ASSERT(off == len, ("length inconsistency (off %u len %u)",
2364 		off, len));
2365 
2366 	n->m_next = m_copym(m, mhp->extoff[SADB_X_EXT_POLICY],
2367 	    mhp->extlen[SADB_X_EXT_POLICY], M_NOWAIT);
2368 	if (!n->m_next) {
2369 		m_freem(n);
2370 		return key_senderror(so, m, ENOBUFS);
2371 	}
2372 
2373 	n->m_pkthdr.len = 0;
2374 	for (nn = n; nn; nn = nn->m_next)
2375 		n->m_pkthdr.len += nn->m_len;
2376 
2377 	newmsg = mtod(n, struct sadb_msg *);
2378 	newmsg->sadb_msg_errno = 0;
2379 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2380 
2381 	m_freem(m);
2382 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2383     }
2384 }
2385 
2386 /*
2387  * SADB_X_SPDGET processing
2388  * receive
2389  *   <base, policy(*)>
2390  * from the user(?),
2391  * and send,
2392  *   <base, address(SD), policy>
2393  * to the ikmpd.
2394  * policy(*) including direction of policy.
2395  *
2396  * m will always be freed.
2397  */
2398 static int
2399 key_spdget(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2400 {
2401 	struct secpolicy *sp;
2402 	struct mbuf *n;
2403 	uint32_t id;
2404 
2405 	IPSEC_ASSERT(so != NULL, ("null socket"));
2406 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2407 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2408 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2409 
2410 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY) ||
2411 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2412 		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
2413 		    __func__));
2414 		return key_senderror(so, m, EINVAL);
2415 	}
2416 
2417 	id = ((struct sadb_x_policy *)
2418 	    mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
2419 
2420 	/* Is there SP in SPD ? */
2421 	if ((sp = key_getspbyid(id)) == NULL) {
2422 		ipseclog((LOG_DEBUG, "%s: no SP found for id %u.\n",
2423 		    __func__, id));
2424 		return key_senderror(so, m, ENOENT);
2425 	}
2426 
2427 	n = key_setdumpsp(sp, SADB_X_SPDGET, mhp->msg->sadb_msg_seq,
2428 	    mhp->msg->sadb_msg_pid);
2429 	key_freesp(&sp);
2430 	if (n != NULL) {
2431 		m_freem(m);
2432 		return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2433 	} else
2434 		return key_senderror(so, m, ENOBUFS);
2435 }
2436 
2437 /*
2438  * SADB_X_SPDACQUIRE processing.
2439  * Acquire policy and SA(s) for a *OUTBOUND* packet.
2440  * send
2441  *   <base, policy(*)>
2442  * to KMD, and expect to receive
2443  *   <base> with SADB_X_SPDACQUIRE if error occurred,
2444  * or
2445  *   <base, policy>
2446  * with SADB_X_SPDUPDATE from KMD by PF_KEY.
2447  * policy(*) is without policy requests.
2448  *
2449  *    0     : succeed
2450  *    others: error number
2451  */
2452 int
2453 key_spdacquire(struct secpolicy *sp)
2454 {
2455 	struct mbuf *result = NULL, *m;
2456 	struct secspacq *newspacq;
2457 
2458 	IPSEC_ASSERT(sp != NULL, ("null secpolicy"));
2459 	IPSEC_ASSERT(sp->req == NULL, ("policy exists"));
2460 	IPSEC_ASSERT(sp->policy == IPSEC_POLICY_IPSEC,
2461 		("policy not IPSEC %u", sp->policy));
2462 
2463 	/* Get an entry to check whether sent message or not. */
2464 	newspacq = key_getspacq(&sp->spidx);
2465 	if (newspacq != NULL) {
2466 		if (V_key_blockacq_count < newspacq->count) {
2467 			/* reset counter and do send message. */
2468 			newspacq->count = 0;
2469 		} else {
2470 			/* increment counter and do nothing. */
2471 			newspacq->count++;
2472 			SPACQ_UNLOCK();
2473 			return (0);
2474 		}
2475 		SPACQ_UNLOCK();
2476 	} else {
2477 		/* make new entry for blocking to send SADB_ACQUIRE. */
2478 		newspacq = key_newspacq(&sp->spidx);
2479 		if (newspacq == NULL)
2480 			return ENOBUFS;
2481 	}
2482 
2483 	/* create new sadb_msg to reply. */
2484 	m = key_setsadbmsg(SADB_X_SPDACQUIRE, 0, 0, 0, 0, 0);
2485 	if (!m)
2486 		return ENOBUFS;
2487 
2488 	result = m;
2489 
2490 	result->m_pkthdr.len = 0;
2491 	for (m = result; m; m = m->m_next)
2492 		result->m_pkthdr.len += m->m_len;
2493 
2494 	mtod(result, struct sadb_msg *)->sadb_msg_len =
2495 	    PFKEY_UNIT64(result->m_pkthdr.len);
2496 
2497 	return key_sendup_mbuf(NULL, m, KEY_SENDUP_REGISTERED);
2498 }
2499 
2500 /*
2501  * SADB_SPDFLUSH processing
2502  * receive
2503  *   <base>
2504  * from the user, and free all entries in secpctree.
2505  * and send,
2506  *   <base>
2507  * to the user.
2508  * NOTE: what to do is only marking SADB_SASTATE_DEAD.
2509  *
2510  * m will always be freed.
2511  */
2512 static int
2513 key_spdflush(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2514 {
2515 	struct secpolicy_queue drainq;
2516 	struct sadb_msg *newmsg;
2517 	struct secpolicy *sp, *nextsp;
2518 	u_int dir;
2519 
2520 	IPSEC_ASSERT(so != NULL, ("null socket"));
2521 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2522 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2523 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2524 
2525 	if (m->m_len != PFKEY_ALIGN8(sizeof(struct sadb_msg)))
2526 		return key_senderror(so, m, EINVAL);
2527 
2528 	TAILQ_INIT(&drainq);
2529 	SPTREE_WLOCK();
2530 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2531 		TAILQ_CONCAT(&drainq, &V_sptree[dir], chain);
2532 	}
2533 	/*
2534 	 * We need to set state to DEAD for each policy to be sure,
2535 	 * that another thread won't try to unlink it.
2536 	 * Also remove SP from sphash.
2537 	 */
2538 	TAILQ_FOREACH(sp, &drainq, chain) {
2539 		sp->state = IPSEC_SPSTATE_DEAD;
2540 		LIST_REMOVE(sp, idhash);
2541 	}
2542 	V_sp_genid++;
2543 	V_spd_size = 0;
2544 	SPTREE_WUNLOCK();
2545 	if (SPDCACHE_ENABLED())
2546 		spdcache_clear();
2547 	sp = TAILQ_FIRST(&drainq);
2548 	while (sp != NULL) {
2549 		nextsp = TAILQ_NEXT(sp, chain);
2550 		key_freesp(&sp);
2551 		sp = nextsp;
2552 	}
2553 
2554 	if (sizeof(struct sadb_msg) > m->m_len + M_TRAILINGSPACE(m)) {
2555 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
2556 		return key_senderror(so, m, ENOBUFS);
2557 	}
2558 
2559 	if (m->m_next)
2560 		m_freem(m->m_next);
2561 	m->m_next = NULL;
2562 	m->m_pkthdr.len = m->m_len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
2563 	newmsg = mtod(m, struct sadb_msg *);
2564 	newmsg->sadb_msg_errno = 0;
2565 	newmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
2566 
2567 	return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
2568 }
2569 
2570 static uint8_t
2571 key_satype2scopemask(uint8_t satype)
2572 {
2573 
2574 	if (satype == IPSEC_POLICYSCOPE_ANY)
2575 		return (0xff);
2576 	return (satype);
2577 }
2578 /*
2579  * SADB_SPDDUMP processing
2580  * receive
2581  *   <base>
2582  * from the user, and dump all SP leaves and send,
2583  *   <base> .....
2584  * to the ikmpd.
2585  *
2586  * NOTE:
2587  *   sadb_msg_satype is considered as mask of policy scopes.
2588  *   m will always be freed.
2589  */
2590 static int
2591 key_spddump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2592 {
2593 	SPTREE_RLOCK_TRACKER;
2594 	struct secpolicy *sp;
2595 	struct mbuf *n;
2596 	int cnt;
2597 	u_int dir, scope;
2598 
2599 	IPSEC_ASSERT(so != NULL, ("null socket"));
2600 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2601 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2602 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2603 
2604 	/* search SPD entry and get buffer size. */
2605 	cnt = 0;
2606 	scope = key_satype2scopemask(mhp->msg->sadb_msg_satype);
2607 	SPTREE_RLOCK();
2608 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2609 		if (scope & IPSEC_POLICYSCOPE_GLOBAL) {
2610 			TAILQ_FOREACH(sp, &V_sptree[dir], chain)
2611 				cnt++;
2612 		}
2613 		if (scope & IPSEC_POLICYSCOPE_IFNET) {
2614 			TAILQ_FOREACH(sp, &V_sptree_ifnet[dir], chain)
2615 				cnt++;
2616 		}
2617 	}
2618 
2619 	if (cnt == 0) {
2620 		SPTREE_RUNLOCK();
2621 		return key_senderror(so, m, ENOENT);
2622 	}
2623 
2624 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2625 		if (scope & IPSEC_POLICYSCOPE_GLOBAL) {
2626 			TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
2627 				--cnt;
2628 				n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt,
2629 				    mhp->msg->sadb_msg_pid);
2630 
2631 				if (n != NULL)
2632 					key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2633 			}
2634 		}
2635 		if (scope & IPSEC_POLICYSCOPE_IFNET) {
2636 			TAILQ_FOREACH(sp, &V_sptree_ifnet[dir], chain) {
2637 				--cnt;
2638 				n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt,
2639 				    mhp->msg->sadb_msg_pid);
2640 
2641 				if (n != NULL)
2642 					key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2643 			}
2644 		}
2645 	}
2646 
2647 	SPTREE_RUNLOCK();
2648 	m_freem(m);
2649 	return (0);
2650 }
2651 
2652 static struct mbuf *
2653 key_setdumpsp(struct secpolicy *sp, u_int8_t type, u_int32_t seq,
2654     u_int32_t pid)
2655 {
2656 	struct mbuf *result = NULL, *m;
2657 	struct seclifetime lt;
2658 
2659 	m = key_setsadbmsg(type, 0, SADB_SATYPE_UNSPEC, seq, pid, sp->refcnt);
2660 	if (!m)
2661 		goto fail;
2662 	result = m;
2663 
2664 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
2665 	    &sp->spidx.src.sa, sp->spidx.prefs,
2666 	    sp->spidx.ul_proto);
2667 	if (!m)
2668 		goto fail;
2669 	m_cat(result, m);
2670 
2671 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
2672 	    &sp->spidx.dst.sa, sp->spidx.prefd,
2673 	    sp->spidx.ul_proto);
2674 	if (!m)
2675 		goto fail;
2676 	m_cat(result, m);
2677 
2678 	m = key_sp2mbuf(sp);
2679 	if (!m)
2680 		goto fail;
2681 	m_cat(result, m);
2682 
2683 	if(sp->lifetime){
2684 		lt.addtime=sp->created;
2685 		lt.usetime= sp->lastused;
2686 		m = key_setlifetime(&lt, SADB_EXT_LIFETIME_CURRENT);
2687 		if (!m)
2688 			goto fail;
2689 		m_cat(result, m);
2690 
2691 		lt.addtime=sp->lifetime;
2692 		lt.usetime= sp->validtime;
2693 		m = key_setlifetime(&lt, SADB_EXT_LIFETIME_HARD);
2694 		if (!m)
2695 			goto fail;
2696 		m_cat(result, m);
2697 	}
2698 
2699 	if ((result->m_flags & M_PKTHDR) == 0)
2700 		goto fail;
2701 
2702 	if (result->m_len < sizeof(struct sadb_msg)) {
2703 		result = m_pullup(result, sizeof(struct sadb_msg));
2704 		if (result == NULL)
2705 			goto fail;
2706 	}
2707 
2708 	result->m_pkthdr.len = 0;
2709 	for (m = result; m; m = m->m_next)
2710 		result->m_pkthdr.len += m->m_len;
2711 
2712 	mtod(result, struct sadb_msg *)->sadb_msg_len =
2713 	    PFKEY_UNIT64(result->m_pkthdr.len);
2714 
2715 	return result;
2716 
2717 fail:
2718 	m_freem(result);
2719 	return NULL;
2720 }
2721 /*
2722  * get PFKEY message length for security policy and request.
2723  */
2724 static size_t
2725 key_getspreqmsglen(struct secpolicy *sp)
2726 {
2727 	size_t tlen, len;
2728 	int i;
2729 
2730 	tlen = sizeof(struct sadb_x_policy);
2731 	/* if is the policy for ipsec ? */
2732 	if (sp->policy != IPSEC_POLICY_IPSEC)
2733 		return (tlen);
2734 
2735 	/* get length of ipsec requests */
2736 	for (i = 0; i < sp->tcount; i++) {
2737 		len = sizeof(struct sadb_x_ipsecrequest)
2738 			+ sp->req[i]->saidx.src.sa.sa_len
2739 			+ sp->req[i]->saidx.dst.sa.sa_len;
2740 
2741 		tlen += PFKEY_ALIGN8(len);
2742 	}
2743 	return (tlen);
2744 }
2745 
2746 /*
2747  * SADB_SPDEXPIRE processing
2748  * send
2749  *   <base, address(SD), lifetime(CH), policy>
2750  * to KMD by PF_KEY.
2751  *
2752  * OUT:	0	: succeed
2753  *	others	: error number
2754  */
2755 static int
2756 key_spdexpire(struct secpolicy *sp)
2757 {
2758 	struct sadb_lifetime *lt;
2759 	struct mbuf *result = NULL, *m;
2760 	int len, error = -1;
2761 
2762 	IPSEC_ASSERT(sp != NULL, ("null secpolicy"));
2763 
2764 	KEYDBG(KEY_STAMP,
2765 	    printf("%s: SP(%p)\n", __func__, sp));
2766 	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2767 
2768 	/* set msg header */
2769 	m = key_setsadbmsg(SADB_X_SPDEXPIRE, 0, 0, 0, 0, 0);
2770 	if (!m) {
2771 		error = ENOBUFS;
2772 		goto fail;
2773 	}
2774 	result = m;
2775 
2776 	/* create lifetime extension (current and hard) */
2777 	len = PFKEY_ALIGN8(sizeof(*lt)) * 2;
2778 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
2779 	if (m == NULL) {
2780 		error = ENOBUFS;
2781 		goto fail;
2782 	}
2783 	m_align(m, len);
2784 	m->m_len = len;
2785 	bzero(mtod(m, caddr_t), len);
2786 	lt = mtod(m, struct sadb_lifetime *);
2787 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2788 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
2789 	lt->sadb_lifetime_allocations = 0;
2790 	lt->sadb_lifetime_bytes = 0;
2791 	lt->sadb_lifetime_addtime = sp->created;
2792 	lt->sadb_lifetime_usetime = sp->lastused;
2793 	lt = (struct sadb_lifetime *)(mtod(m, caddr_t) + len / 2);
2794 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2795 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
2796 	lt->sadb_lifetime_allocations = 0;
2797 	lt->sadb_lifetime_bytes = 0;
2798 	lt->sadb_lifetime_addtime = sp->lifetime;
2799 	lt->sadb_lifetime_usetime = sp->validtime;
2800 	m_cat(result, m);
2801 
2802 	/* set sadb_address for source */
2803 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
2804 	    &sp->spidx.src.sa,
2805 	    sp->spidx.prefs, sp->spidx.ul_proto);
2806 	if (!m) {
2807 		error = ENOBUFS;
2808 		goto fail;
2809 	}
2810 	m_cat(result, m);
2811 
2812 	/* set sadb_address for destination */
2813 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
2814 	    &sp->spidx.dst.sa,
2815 	    sp->spidx.prefd, sp->spidx.ul_proto);
2816 	if (!m) {
2817 		error = ENOBUFS;
2818 		goto fail;
2819 	}
2820 	m_cat(result, m);
2821 
2822 	/* set secpolicy */
2823 	m = key_sp2mbuf(sp);
2824 	if (!m) {
2825 		error = ENOBUFS;
2826 		goto fail;
2827 	}
2828 	m_cat(result, m);
2829 
2830 	if ((result->m_flags & M_PKTHDR) == 0) {
2831 		error = EINVAL;
2832 		goto fail;
2833 	}
2834 
2835 	if (result->m_len < sizeof(struct sadb_msg)) {
2836 		result = m_pullup(result, sizeof(struct sadb_msg));
2837 		if (result == NULL) {
2838 			error = ENOBUFS;
2839 			goto fail;
2840 		}
2841 	}
2842 
2843 	result->m_pkthdr.len = 0;
2844 	for (m = result; m; m = m->m_next)
2845 		result->m_pkthdr.len += m->m_len;
2846 
2847 	mtod(result, struct sadb_msg *)->sadb_msg_len =
2848 	    PFKEY_UNIT64(result->m_pkthdr.len);
2849 
2850 	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
2851 
2852  fail:
2853 	if (result)
2854 		m_freem(result);
2855 	return error;
2856 }
2857 
2858 /* %%% SAD management */
2859 /*
2860  * allocating and initialize new SA head.
2861  * OUT:	NULL	: failure due to the lack of memory.
2862  *	others	: pointer to new SA head.
2863  */
2864 static struct secashead *
2865 key_newsah(struct secasindex *saidx)
2866 {
2867 	struct secashead *sah;
2868 
2869 	sah = malloc(sizeof(struct secashead), M_IPSEC_SAH,
2870 	    M_NOWAIT | M_ZERO);
2871 	if (sah == NULL) {
2872 		PFKEYSTAT_INC(in_nomem);
2873 		return (NULL);
2874 	}
2875 	TAILQ_INIT(&sah->savtree_larval);
2876 	TAILQ_INIT(&sah->savtree_alive);
2877 	sah->saidx = *saidx;
2878 	sah->state = SADB_SASTATE_DEAD;
2879 	SAH_INITREF(sah);
2880 
2881 	KEYDBG(KEY_STAMP,
2882 	    printf("%s: SAH(%p)\n", __func__, sah));
2883 	KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2884 	return (sah);
2885 }
2886 
2887 static void
2888 key_freesah(struct secashead **psah)
2889 {
2890 	struct secashead *sah = *psah;
2891 
2892 	CURVNET_ASSERT_SET();
2893 
2894 	if (SAH_DELREF(sah) == 0)
2895 		return;
2896 
2897 	KEYDBG(KEY_STAMP,
2898 	    printf("%s: last reference to SAH(%p)\n", __func__, sah));
2899 	KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2900 
2901 	*psah = NULL;
2902 	key_delsah(sah);
2903 }
2904 
2905 static void
2906 key_delsah(struct secashead *sah)
2907 {
2908 	IPSEC_ASSERT(sah != NULL, ("NULL sah"));
2909 	IPSEC_ASSERT(sah->state == SADB_SASTATE_DEAD,
2910 	    ("Attempt to free non DEAD SAH %p", sah));
2911 	IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_larval),
2912 	    ("Attempt to free SAH %p with LARVAL SA", sah));
2913 	IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_alive),
2914 	    ("Attempt to free SAH %p with ALIVE SA", sah));
2915 
2916 	free(sah, M_IPSEC_SAH);
2917 }
2918 
2919 /*
2920  * allocating a new SA for key_add() and key_getspi() call,
2921  * and copy the values of mhp into new buffer.
2922  * When SAD message type is SADB_GETSPI set SA state to LARVAL.
2923  * For SADB_ADD create and initialize SA with MATURE state.
2924  * OUT:	NULL	: fail
2925  *	others	: pointer to new secasvar.
2926  */
2927 static struct secasvar *
2928 key_newsav(const struct sadb_msghdr *mhp, struct secasindex *saidx,
2929     uint32_t spi, int *errp)
2930 {
2931 	struct secashead *sah;
2932 	struct secasvar *sav;
2933 	int isnew;
2934 
2935 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2936 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2937 	IPSEC_ASSERT(mhp->msg->sadb_msg_type == SADB_GETSPI ||
2938 	    mhp->msg->sadb_msg_type == SADB_ADD, ("wrong message type"));
2939 
2940 	sav = NULL;
2941 	sah = NULL;
2942 	/* check SPI value */
2943 	switch (saidx->proto) {
2944 	case IPPROTO_ESP:
2945 	case IPPROTO_AH:
2946 		/*
2947 		 * RFC 4302, 2.4. Security Parameters Index (SPI), SPI values
2948 		 * 1-255 reserved by IANA for future use,
2949 		 * 0 for implementation specific, local use.
2950 		 */
2951 		if (ntohl(spi) <= 255) {
2952 			ipseclog((LOG_DEBUG, "%s: illegal range of SPI %u.\n",
2953 			    __func__, ntohl(spi)));
2954 			*errp = EINVAL;
2955 			goto done;
2956 		}
2957 		break;
2958 	}
2959 
2960 	sav = malloc(sizeof(struct secasvar), M_IPSEC_SA, M_NOWAIT | M_ZERO);
2961 	if (sav == NULL) {
2962 		*errp = ENOBUFS;
2963 		goto done;
2964 	}
2965 	sav->lock = malloc_aligned(max(sizeof(struct rmlock),
2966 	    CACHE_LINE_SIZE), CACHE_LINE_SIZE, M_IPSEC_MISC,
2967 	    M_NOWAIT | M_ZERO);
2968 	if (sav->lock == NULL) {
2969 		*errp = ENOBUFS;
2970 		goto done;
2971 	}
2972 	rm_init(sav->lock, "ipsec association");
2973 	sav->lft_c = uma_zalloc_pcpu(ipsec_key_lft_zone, M_NOWAIT | M_ZERO);
2974 	if (sav->lft_c == NULL) {
2975 		*errp = ENOBUFS;
2976 		goto done;
2977 	}
2978 
2979 	sav->spi = spi;
2980 	sav->seq = mhp->msg->sadb_msg_seq;
2981 	sav->state = SADB_SASTATE_LARVAL;
2982 	sav->pid = (pid_t)mhp->msg->sadb_msg_pid;
2983 	SAV_INITREF(sav);
2984 again:
2985 	sah = key_getsah(saidx);
2986 	if (sah == NULL) {
2987 		/* create a new SA index */
2988 		sah = key_newsah(saidx);
2989 		if (sah == NULL) {
2990 			ipseclog((LOG_DEBUG,
2991 			    "%s: No more memory.\n", __func__));
2992 			*errp = ENOBUFS;
2993 			goto done;
2994 		}
2995 		isnew = 1;
2996 	} else
2997 		isnew = 0;
2998 
2999 	sav->sah = sah;
3000 	if (mhp->msg->sadb_msg_type == SADB_GETSPI) {
3001 		sav->created = time_second;
3002 	} else if (sav->state == SADB_SASTATE_LARVAL) {
3003 		/*
3004 		 * Do not call key_setsaval() second time in case
3005 		 * of `goto again`. We will have MATURE state.
3006 		 */
3007 		*errp = key_setsaval(sav, mhp);
3008 		if (*errp != 0)
3009 			goto done;
3010 		sav->state = SADB_SASTATE_MATURE;
3011 	}
3012 
3013 	SAHTREE_WLOCK();
3014 	/*
3015 	 * Check that existing SAH wasn't unlinked.
3016 	 * Since we didn't hold the SAHTREE lock, it is possible,
3017 	 * that callout handler or key_flush() or key_delete() could
3018 	 * unlink this SAH.
3019 	 */
3020 	if (isnew == 0 && sah->state == SADB_SASTATE_DEAD) {
3021 		SAHTREE_WUNLOCK();
3022 		key_freesah(&sah);	/* reference from key_getsah() */
3023 		goto again;
3024 	}
3025 	if (isnew != 0) {
3026 		/*
3027 		 * Add new SAH into SADB.
3028 		 *
3029 		 * XXXAE: we can serialize key_add and key_getspi calls, so
3030 		 * several threads will not fight in the race.
3031 		 * Otherwise we should check under SAHTREE lock, that this
3032 		 * SAH would not added twice.
3033 		 */
3034 		TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
3035 		/* Add new SAH into hash by addresses */
3036 		LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
3037 		/* Now we are linked in the chain */
3038 		sah->state = SADB_SASTATE_MATURE;
3039 		/*
3040 		 * SAV references this new SAH.
3041 		 * In case of existing SAH we reuse reference
3042 		 * from key_getsah().
3043 		 */
3044 		SAH_ADDREF(sah);
3045 	}
3046 	/* Link SAV with SAH */
3047 	if (sav->state == SADB_SASTATE_MATURE)
3048 		TAILQ_INSERT_HEAD(&sah->savtree_alive, sav, chain);
3049 	else
3050 		TAILQ_INSERT_HEAD(&sah->savtree_larval, sav, chain);
3051 	/* Add SAV into SPI hash */
3052 	LIST_INSERT_HEAD(SAVHASH_HASH(sav->spi), sav, spihash);
3053 	SAHTREE_WUNLOCK();
3054 	*errp = 0;	/* success */
3055 done:
3056 	if (*errp != 0) {
3057 		if (sav != NULL) {
3058 			if (sav->lock != NULL) {
3059 				rm_destroy(sav->lock);
3060 				free(sav->lock, M_IPSEC_MISC);
3061 			}
3062 			if (sav->lft_c != NULL)
3063 				uma_zfree_pcpu(ipsec_key_lft_zone, sav->lft_c);
3064 			free(sav, M_IPSEC_SA), sav = NULL;
3065 		}
3066 		if (sah != NULL)
3067 			key_freesah(&sah);
3068 		if (*errp == ENOBUFS) {
3069 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3070 			    __func__));
3071 			PFKEYSTAT_INC(in_nomem);
3072 		}
3073 	}
3074 	return (sav);
3075 }
3076 
3077 /*
3078  * free() SA variable entry.
3079  */
3080 static void
3081 key_cleansav(struct secasvar *sav)
3082 {
3083 
3084 	if (sav->natt != NULL) {
3085 		free(sav->natt, M_IPSEC_MISC);
3086 		sav->natt = NULL;
3087 	}
3088 	if (sav->flags & SADB_X_EXT_F_CLONED)
3089 		return;
3090 	if (sav->tdb_xform != NULL) {
3091 		sav->tdb_xform->xf_cleanup(sav);
3092 		sav->tdb_xform = NULL;
3093 	}
3094 	if (sav->key_auth != NULL) {
3095 		zfree(sav->key_auth->key_data, M_IPSEC_MISC);
3096 		free(sav->key_auth, M_IPSEC_MISC);
3097 		sav->key_auth = NULL;
3098 	}
3099 	if (sav->key_enc != NULL) {
3100 		zfree(sav->key_enc->key_data, M_IPSEC_MISC);
3101 		free(sav->key_enc, M_IPSEC_MISC);
3102 		sav->key_enc = NULL;
3103 	}
3104 	if (sav->replay != NULL) {
3105 		mtx_destroy(&sav->replay->lock);
3106 		if (sav->replay->bitmap != NULL)
3107 			free(sav->replay->bitmap, M_IPSEC_MISC);
3108 		free(sav->replay, M_IPSEC_MISC);
3109 		sav->replay = NULL;
3110 	}
3111 	if (sav->lft_h != NULL) {
3112 		free(sav->lft_h, M_IPSEC_MISC);
3113 		sav->lft_h = NULL;
3114 	}
3115 	if (sav->lft_s != NULL) {
3116 		free(sav->lft_s, M_IPSEC_MISC);
3117 		sav->lft_s = NULL;
3118 	}
3119 }
3120 
3121 /*
3122  * free() SA variable entry.
3123  */
3124 static void
3125 key_delsav(struct secasvar *sav)
3126 {
3127 	IPSEC_ASSERT(sav != NULL, ("null sav"));
3128 	IPSEC_ASSERT(sav->state == SADB_SASTATE_DEAD,
3129 	    ("attempt to free non DEAD SA %p", sav));
3130 	IPSEC_ASSERT(sav->refcnt == 0, ("reference count %u > 0",
3131 	    sav->refcnt));
3132 
3133 	/*
3134 	 * SA must be unlinked from the chain and hashtbl.
3135 	 * If SA was cloned, we leave all fields untouched,
3136 	 * except NAT-T config.
3137 	 */
3138 	key_cleansav(sav);
3139 	if ((sav->flags & SADB_X_EXT_F_CLONED) == 0) {
3140 		rm_destroy(sav->lock);
3141 		free(sav->lock, M_IPSEC_MISC);
3142 		uma_zfree_pcpu(ipsec_key_lft_zone, sav->lft_c);
3143 	}
3144 	free(sav, M_IPSEC_SA);
3145 }
3146 
3147 /*
3148  * search SAH.
3149  * OUT:
3150  *	NULL	: not found
3151  *	others	: found, referenced pointer to a SAH.
3152  */
3153 static struct secashead *
3154 key_getsah(struct secasindex *saidx)
3155 {
3156 	SAHTREE_RLOCK_TRACKER;
3157 	struct secashead *sah;
3158 
3159 	SAHTREE_RLOCK();
3160 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
3161 	    if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID) != 0) {
3162 		    SAH_ADDREF(sah);
3163 		    break;
3164 	    }
3165 	}
3166 	SAHTREE_RUNLOCK();
3167 	return (sah);
3168 }
3169 
3170 /*
3171  * Check not to be duplicated SPI.
3172  * OUT:
3173  *	0	: not found
3174  *	1	: found SA with given SPI.
3175  */
3176 static int
3177 key_checkspidup(uint32_t spi)
3178 {
3179 	SAHTREE_RLOCK_TRACKER;
3180 	struct secasvar *sav;
3181 
3182 	/* Assume SPI is in network byte order */
3183 	SAHTREE_RLOCK();
3184 	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
3185 		if (sav->spi == spi)
3186 			break;
3187 	}
3188 	SAHTREE_RUNLOCK();
3189 	return (sav != NULL);
3190 }
3191 
3192 /*
3193  * Search SA by SPI.
3194  * OUT:
3195  *	NULL	: not found
3196  *	others	: found, referenced pointer to a SA.
3197  */
3198 static struct secasvar *
3199 key_getsavbyspi(uint32_t spi)
3200 {
3201 	SAHTREE_RLOCK_TRACKER;
3202 	struct secasvar *sav;
3203 
3204 	/* Assume SPI is in network byte order */
3205 	SAHTREE_RLOCK();
3206 	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
3207 		if (sav->spi != spi)
3208 			continue;
3209 		SAV_ADDREF(sav);
3210 		break;
3211 	}
3212 	SAHTREE_RUNLOCK();
3213 	return (sav);
3214 }
3215 
3216 static int
3217 key_updatelifetimes(struct secasvar *sav, const struct sadb_msghdr *mhp)
3218 {
3219 	struct seclifetime *lft_h, *lft_s, *tmp;
3220 
3221 	/* Lifetime extension is optional, check that it is present. */
3222 	if (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
3223 	    SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) {
3224 		/*
3225 		 * In case of SADB_UPDATE we may need to change
3226 		 * existing lifetimes.
3227 		 */
3228 		if (sav->state == SADB_SASTATE_MATURE) {
3229 			lft_h = lft_s = NULL;
3230 			goto reset;
3231 		}
3232 		return (0);
3233 	}
3234 	/* Both HARD and SOFT extensions must present */
3235 	if ((SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
3236 	    !SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
3237 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
3238 	    !SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
3239 		ipseclog((LOG_DEBUG,
3240 		    "%s: invalid message: missing required header.\n",
3241 		    __func__));
3242 		return (EINVAL);
3243 	}
3244 	if (SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_HARD) ||
3245 	    SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_SOFT)) {
3246 		ipseclog((LOG_DEBUG,
3247 		    "%s: invalid message: wrong header size.\n", __func__));
3248 		return (EINVAL);
3249 	}
3250 	lft_h = key_dup_lifemsg((const struct sadb_lifetime *)
3251 	    mhp->ext[SADB_EXT_LIFETIME_HARD], M_IPSEC_MISC);
3252 	if (lft_h == NULL) {
3253 		PFKEYSTAT_INC(in_nomem);
3254 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3255 		return (ENOBUFS);
3256 	}
3257 	lft_s = key_dup_lifemsg((const struct sadb_lifetime *)
3258 	    mhp->ext[SADB_EXT_LIFETIME_SOFT], M_IPSEC_MISC);
3259 	if (lft_s == NULL) {
3260 		PFKEYSTAT_INC(in_nomem);
3261 		free(lft_h, M_IPSEC_MISC);
3262 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3263 		return (ENOBUFS);
3264 	}
3265 reset:
3266 	if (sav->state != SADB_SASTATE_LARVAL) {
3267 		/*
3268 		 * key_update() holds reference to this SA,
3269 		 * so it won't be deleted in meanwhile.
3270 		 */
3271 		SECASVAR_WLOCK(sav);
3272 		tmp = sav->lft_h;
3273 		sav->lft_h = lft_h;
3274 		lft_h = tmp;
3275 
3276 		tmp = sav->lft_s;
3277 		sav->lft_s = lft_s;
3278 		lft_s = tmp;
3279 		SECASVAR_WUNLOCK(sav);
3280 		if (lft_h != NULL)
3281 			free(lft_h, M_IPSEC_MISC);
3282 		if (lft_s != NULL)
3283 			free(lft_s, M_IPSEC_MISC);
3284 		return (0);
3285 	}
3286 	/* We can update lifetime without holding a lock */
3287 	IPSEC_ASSERT(sav->lft_h == NULL, ("lft_h is already initialized\n"));
3288 	IPSEC_ASSERT(sav->lft_s == NULL, ("lft_s is already initialized\n"));
3289 	sav->lft_h = lft_h;
3290 	sav->lft_s = lft_s;
3291 	return (0);
3292 }
3293 
3294 /*
3295  * copy SA values from PF_KEY message except *SPI, SEQ, PID and TYPE*.
3296  * You must update these if need. Expects only LARVAL SAs.
3297  * OUT:	0:	success.
3298  *	!0:	failure.
3299  */
3300 static int
3301 key_setsaval(struct secasvar *sav, const struct sadb_msghdr *mhp)
3302 {
3303 	const struct sadb_sa *sa0;
3304 	const struct sadb_key *key0;
3305 	uint32_t replay;
3306 	size_t len;
3307 	int error;
3308 
3309 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
3310 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
3311 	IPSEC_ASSERT(sav->state == SADB_SASTATE_LARVAL,
3312 	    ("Attempt to update non LARVAL SA"));
3313 
3314 	/* XXX rewrite */
3315 	error = key_setident(sav->sah, mhp);
3316 	if (error != 0)
3317 		goto fail;
3318 
3319 	/* SA */
3320 	if (!SADB_CHECKHDR(mhp, SADB_EXT_SA)) {
3321 		if (SADB_CHECKLEN(mhp, SADB_EXT_SA)) {
3322 			error = EINVAL;
3323 			goto fail;
3324 		}
3325 		sa0 = (const struct sadb_sa *)mhp->ext[SADB_EXT_SA];
3326 		sav->alg_auth = sa0->sadb_sa_auth;
3327 		sav->alg_enc = sa0->sadb_sa_encrypt;
3328 		sav->flags = sa0->sadb_sa_flags;
3329 		if ((sav->flags & SADB_KEY_FLAGS_MAX) != sav->flags) {
3330 			ipseclog((LOG_DEBUG,
3331 			    "%s: invalid sa_flags 0x%08x.\n", __func__,
3332 			    sav->flags));
3333 			error = EINVAL;
3334 			goto fail;
3335 		}
3336 
3337 		/* Optional replay window */
3338 		replay = 0;
3339 		if ((sa0->sadb_sa_flags & SADB_X_EXT_OLD) == 0)
3340 			replay = sa0->sadb_sa_replay;
3341 		if (!SADB_CHECKHDR(mhp, SADB_X_EXT_SA_REPLAY)) {
3342 			if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA_REPLAY)) {
3343 				error = EINVAL;
3344 				goto fail;
3345 			}
3346 			replay = ((const struct sadb_x_sa_replay *)
3347 			    mhp->ext[SADB_X_EXT_SA_REPLAY])->sadb_x_sa_replay_replay;
3348 
3349 			if (replay > UINT32_MAX - 32) {
3350 				ipseclog((LOG_DEBUG,
3351 				    "%s: replay window too big.\n", __func__));
3352 				error = EINVAL;
3353 				goto fail;
3354 			}
3355 
3356 			replay = (replay + 7) >> 3;
3357 		}
3358 
3359 		sav->replay = malloc(sizeof(struct secreplay), M_IPSEC_MISC,
3360 		    M_NOWAIT | M_ZERO);
3361 		if (sav->replay == NULL) {
3362 			PFKEYSTAT_INC(in_nomem);
3363 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3364 			    __func__));
3365 			error = ENOBUFS;
3366 			goto fail;
3367 		}
3368 		mtx_init(&sav->replay->lock, "ipsec replay", NULL, MTX_DEF);
3369 
3370 		if (replay != 0) {
3371 			/* number of 32b blocks to be allocated */
3372 			uint32_t bitmap_size;
3373 
3374 			/* RFC 6479:
3375 			 * - the allocated replay window size must be
3376 			 *   a power of two.
3377 			 * - use an extra 32b block as a redundant window.
3378 			 */
3379 			bitmap_size = 1;
3380 			while (replay + 4 > bitmap_size)
3381 				bitmap_size <<= 1;
3382 			bitmap_size = bitmap_size / 4;
3383 
3384 			sav->replay->bitmap = malloc(
3385 			    bitmap_size * sizeof(uint32_t), M_IPSEC_MISC,
3386 			    M_NOWAIT | M_ZERO);
3387 			if (sav->replay->bitmap == NULL) {
3388 				PFKEYSTAT_INC(in_nomem);
3389 				ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3390 					__func__));
3391 				error = ENOBUFS;
3392 				goto fail;
3393 			}
3394 			sav->replay->bitmap_size = bitmap_size;
3395 			sav->replay->wsize = replay;
3396 		}
3397 	}
3398 
3399 	/* Authentication keys */
3400 	if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH)) {
3401 		if (SADB_CHECKLEN(mhp, SADB_EXT_KEY_AUTH)) {
3402 			error = EINVAL;
3403 			goto fail;
3404 		}
3405 		error = 0;
3406 		key0 = (const struct sadb_key *)mhp->ext[SADB_EXT_KEY_AUTH];
3407 		len = mhp->extlen[SADB_EXT_KEY_AUTH];
3408 		switch (mhp->msg->sadb_msg_satype) {
3409 		case SADB_SATYPE_AH:
3410 		case SADB_SATYPE_ESP:
3411 		case SADB_X_SATYPE_TCPSIGNATURE:
3412 			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
3413 			    sav->alg_auth != SADB_X_AALG_NULL)
3414 				error = EINVAL;
3415 			break;
3416 		case SADB_X_SATYPE_IPCOMP:
3417 		default:
3418 			error = EINVAL;
3419 			break;
3420 		}
3421 		if (error) {
3422 			ipseclog((LOG_DEBUG, "%s: invalid key_auth values.\n",
3423 				__func__));
3424 			goto fail;
3425 		}
3426 
3427 		sav->key_auth = key_dup_keymsg(key0, len, M_IPSEC_MISC);
3428 		if (sav->key_auth == NULL ) {
3429 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3430 				  __func__));
3431 			PFKEYSTAT_INC(in_nomem);
3432 			error = ENOBUFS;
3433 			goto fail;
3434 		}
3435 	}
3436 
3437 	/* Encryption key */
3438 	if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT)) {
3439 		if (SADB_CHECKLEN(mhp, SADB_EXT_KEY_ENCRYPT)) {
3440 			error = EINVAL;
3441 			goto fail;
3442 		}
3443 		error = 0;
3444 		key0 = (const struct sadb_key *)mhp->ext[SADB_EXT_KEY_ENCRYPT];
3445 		len = mhp->extlen[SADB_EXT_KEY_ENCRYPT];
3446 		switch (mhp->msg->sadb_msg_satype) {
3447 		case SADB_SATYPE_ESP:
3448 			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
3449 			    sav->alg_enc != SADB_EALG_NULL) {
3450 				error = EINVAL;
3451 				break;
3452 			}
3453 			sav->key_enc = key_dup_keymsg(key0, len, M_IPSEC_MISC);
3454 			if (sav->key_enc == NULL) {
3455 				ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3456 					__func__));
3457 				PFKEYSTAT_INC(in_nomem);
3458 				error = ENOBUFS;
3459 				goto fail;
3460 			}
3461 			break;
3462 		case SADB_X_SATYPE_IPCOMP:
3463 			if (len != PFKEY_ALIGN8(sizeof(struct sadb_key)))
3464 				error = EINVAL;
3465 			sav->key_enc = NULL;	/*just in case*/
3466 			break;
3467 		case SADB_SATYPE_AH:
3468 		case SADB_X_SATYPE_TCPSIGNATURE:
3469 		default:
3470 			error = EINVAL;
3471 			break;
3472 		}
3473 		if (error) {
3474 			ipseclog((LOG_DEBUG, "%s: invalid key_enc value.\n",
3475 				__func__));
3476 			goto fail;
3477 		}
3478 	}
3479 
3480 	/* set iv */
3481 	sav->ivlen = 0;
3482 	switch (mhp->msg->sadb_msg_satype) {
3483 	case SADB_SATYPE_AH:
3484 		if (sav->flags & SADB_X_EXT_DERIV) {
3485 			ipseclog((LOG_DEBUG, "%s: invalid flag (derived) "
3486 			    "given to AH SA.\n", __func__));
3487 			error = EINVAL;
3488 			goto fail;
3489 		}
3490 		if (sav->alg_enc != SADB_EALG_NONE) {
3491 			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3492 			    "mismated.\n", __func__));
3493 			error = EINVAL;
3494 			goto fail;
3495 		}
3496 		error = xform_init(sav, XF_AH);
3497 		break;
3498 	case SADB_SATYPE_ESP:
3499 		if ((sav->flags & (SADB_X_EXT_OLD | SADB_X_EXT_DERIV)) ==
3500 		    (SADB_X_EXT_OLD | SADB_X_EXT_DERIV)) {
3501 			ipseclog((LOG_DEBUG, "%s: invalid flag (derived) "
3502 			    "given to old-esp.\n", __func__));
3503 			error = EINVAL;
3504 			goto fail;
3505 		}
3506 		error = xform_init(sav, XF_ESP);
3507 		break;
3508 	case SADB_X_SATYPE_IPCOMP:
3509 		if (sav->alg_auth != SADB_AALG_NONE) {
3510 			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3511 			    "mismated.\n", __func__));
3512 			error = EINVAL;
3513 			goto fail;
3514 		}
3515 		if ((sav->flags & SADB_X_EXT_RAWCPI) == 0 &&
3516 		    ntohl(sav->spi) >= 0x10000) {
3517 			ipseclog((LOG_DEBUG, "%s: invalid cpi for IPComp.\n",
3518 			    __func__));
3519 			error = EINVAL;
3520 			goto fail;
3521 		}
3522 		error = xform_init(sav, XF_IPCOMP);
3523 		break;
3524 	case SADB_X_SATYPE_TCPSIGNATURE:
3525 		if (sav->alg_enc != SADB_EALG_NONE) {
3526 			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3527 			    "mismated.\n", __func__));
3528 			error = EINVAL;
3529 			goto fail;
3530 		}
3531 		error = xform_init(sav, XF_TCPSIGNATURE);
3532 		break;
3533 	default:
3534 		ipseclog((LOG_DEBUG, "%s: Invalid satype.\n", __func__));
3535 		error = EPROTONOSUPPORT;
3536 		goto fail;
3537 	}
3538 	if (error) {
3539 		ipseclog((LOG_DEBUG, "%s: unable to initialize SA type %u.\n",
3540 		    __func__, mhp->msg->sadb_msg_satype));
3541 		goto fail;
3542 	}
3543 
3544 	/* Handle NAT-T headers */
3545 	error = key_setnatt(sav, mhp);
3546 	if (error != 0)
3547 		goto fail;
3548 
3549 	/* Initialize lifetime for CURRENT */
3550 	sav->firstused = 0;
3551 	sav->created = time_second;
3552 
3553 	/* lifetimes for HARD and SOFT */
3554 	error = key_updatelifetimes(sav, mhp);
3555 	if (error == 0)
3556 		return (0);
3557 fail:
3558 	key_cleansav(sav);
3559 	return (error);
3560 }
3561 
3562 /*
3563  * subroutine for SADB_GET and SADB_DUMP.
3564  */
3565 static struct mbuf *
3566 key_setdumpsa(struct secasvar *sav, uint8_t type, uint8_t satype,
3567     uint32_t seq, uint32_t pid)
3568 {
3569 	struct seclifetime lft_c;
3570 	struct mbuf *result = NULL, *tres = NULL, *m;
3571 	int i, dumporder[] = {
3572 		SADB_EXT_SA, SADB_X_EXT_SA2, SADB_X_EXT_SA_REPLAY,
3573 		SADB_EXT_LIFETIME_HARD, SADB_EXT_LIFETIME_SOFT,
3574 		SADB_EXT_LIFETIME_CURRENT, SADB_EXT_ADDRESS_SRC,
3575 		SADB_EXT_ADDRESS_DST, SADB_EXT_ADDRESS_PROXY,
3576 		SADB_EXT_KEY_AUTH, SADB_EXT_KEY_ENCRYPT,
3577 		SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST,
3578 		SADB_EXT_SENSITIVITY,
3579 		SADB_X_EXT_NAT_T_TYPE,
3580 		SADB_X_EXT_NAT_T_SPORT, SADB_X_EXT_NAT_T_DPORT,
3581 		SADB_X_EXT_NAT_T_OAI, SADB_X_EXT_NAT_T_OAR,
3582 		SADB_X_EXT_NAT_T_FRAG,
3583 	};
3584 	uint32_t replay_count;
3585 
3586 	SECASVAR_RLOCK_TRACKER;
3587 
3588 	m = key_setsadbmsg(type, 0, satype, seq, pid, sav->refcnt);
3589 	if (m == NULL)
3590 		goto fail;
3591 	result = m;
3592 
3593 	for (i = nitems(dumporder) - 1; i >= 0; i--) {
3594 		m = NULL;
3595 		switch (dumporder[i]) {
3596 		case SADB_EXT_SA:
3597 			m = key_setsadbsa(sav);
3598 			if (!m)
3599 				goto fail;
3600 			break;
3601 
3602 		case SADB_X_EXT_SA2: {
3603 			SECASVAR_RLOCK(sav);
3604 			replay_count = sav->replay ? sav->replay->count : 0;
3605 			SECASVAR_RUNLOCK(sav);
3606 			m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
3607 					sav->sah->saidx.reqid);
3608 			if (!m)
3609 				goto fail;
3610 			break;
3611 		}
3612 		case SADB_X_EXT_SA_REPLAY:
3613 			if (sav->replay == NULL ||
3614 			    sav->replay->wsize <= UINT8_MAX)
3615 				continue;
3616 
3617 			m = key_setsadbxsareplay(sav->replay->wsize);
3618 			if (!m)
3619 				goto fail;
3620 			break;
3621 
3622 		case SADB_EXT_ADDRESS_SRC:
3623 			m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
3624 			    &sav->sah->saidx.src.sa,
3625 			    FULLMASK, IPSEC_ULPROTO_ANY);
3626 			if (!m)
3627 				goto fail;
3628 			break;
3629 
3630 		case SADB_EXT_ADDRESS_DST:
3631 			m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
3632 			    &sav->sah->saidx.dst.sa,
3633 			    FULLMASK, IPSEC_ULPROTO_ANY);
3634 			if (!m)
3635 				goto fail;
3636 			break;
3637 
3638 		case SADB_EXT_KEY_AUTH:
3639 			if (!sav->key_auth)
3640 				continue;
3641 			m = key_setkey(sav->key_auth, SADB_EXT_KEY_AUTH);
3642 			if (!m)
3643 				goto fail;
3644 			break;
3645 
3646 		case SADB_EXT_KEY_ENCRYPT:
3647 			if (!sav->key_enc)
3648 				continue;
3649 			m = key_setkey(sav->key_enc, SADB_EXT_KEY_ENCRYPT);
3650 			if (!m)
3651 				goto fail;
3652 			break;
3653 
3654 		case SADB_EXT_LIFETIME_CURRENT:
3655 			lft_c.addtime = sav->created;
3656 			lft_c.allocations = (uint32_t)counter_u64_fetch(
3657 			    sav->lft_c_allocations);
3658 			lft_c.bytes = counter_u64_fetch(sav->lft_c_bytes);
3659 			lft_c.usetime = sav->firstused;
3660 			m = key_setlifetime(&lft_c, SADB_EXT_LIFETIME_CURRENT);
3661 			if (!m)
3662 				goto fail;
3663 			break;
3664 
3665 		case SADB_EXT_LIFETIME_HARD:
3666 			if (!sav->lft_h)
3667 				continue;
3668 			m = key_setlifetime(sav->lft_h,
3669 					    SADB_EXT_LIFETIME_HARD);
3670 			if (!m)
3671 				goto fail;
3672 			break;
3673 
3674 		case SADB_EXT_LIFETIME_SOFT:
3675 			if (!sav->lft_s)
3676 				continue;
3677 			m = key_setlifetime(sav->lft_s,
3678 					    SADB_EXT_LIFETIME_SOFT);
3679 
3680 			if (!m)
3681 				goto fail;
3682 			break;
3683 
3684 		case SADB_X_EXT_NAT_T_TYPE:
3685 			if (sav->natt == NULL)
3686 				continue;
3687 			m = key_setsadbxtype(UDP_ENCAP_ESPINUDP);
3688 			if (!m)
3689 				goto fail;
3690 			break;
3691 
3692 		case SADB_X_EXT_NAT_T_DPORT:
3693 			if (sav->natt == NULL)
3694 				continue;
3695 			m = key_setsadbxport(sav->natt->dport,
3696 			    SADB_X_EXT_NAT_T_DPORT);
3697 			if (!m)
3698 				goto fail;
3699 			break;
3700 
3701 		case SADB_X_EXT_NAT_T_SPORT:
3702 			if (sav->natt == NULL)
3703 				continue;
3704 			m = key_setsadbxport(sav->natt->sport,
3705 			    SADB_X_EXT_NAT_T_SPORT);
3706 			if (!m)
3707 				goto fail;
3708 			break;
3709 
3710 		case SADB_X_EXT_NAT_T_OAI:
3711 			if (sav->natt == NULL ||
3712 			    (sav->natt->flags & IPSEC_NATT_F_OAI) == 0)
3713 				continue;
3714 			m = key_setsadbaddr(SADB_X_EXT_NAT_T_OAI,
3715 			    &sav->natt->oai.sa, FULLMASK, IPSEC_ULPROTO_ANY);
3716 			if (!m)
3717 				goto fail;
3718 			break;
3719 		case SADB_X_EXT_NAT_T_OAR:
3720 			if (sav->natt == NULL ||
3721 			    (sav->natt->flags & IPSEC_NATT_F_OAR) == 0)
3722 				continue;
3723 			m = key_setsadbaddr(SADB_X_EXT_NAT_T_OAR,
3724 			    &sav->natt->oar.sa, FULLMASK, IPSEC_ULPROTO_ANY);
3725 			if (!m)
3726 				goto fail;
3727 			break;
3728 		case SADB_X_EXT_NAT_T_FRAG:
3729 			/* We do not (yet) support those. */
3730 			continue;
3731 
3732 		case SADB_EXT_ADDRESS_PROXY:
3733 		case SADB_EXT_IDENTITY_SRC:
3734 		case SADB_EXT_IDENTITY_DST:
3735 			/* XXX: should we brought from SPD ? */
3736 		case SADB_EXT_SENSITIVITY:
3737 		default:
3738 			continue;
3739 		}
3740 
3741 		if (!m)
3742 			goto fail;
3743 		if (tres)
3744 			m_cat(m, tres);
3745 		tres = m;
3746 	}
3747 
3748 	m_cat(result, tres);
3749 	tres = NULL;
3750 	if (result->m_len < sizeof(struct sadb_msg)) {
3751 		result = m_pullup(result, sizeof(struct sadb_msg));
3752 		if (result == NULL)
3753 			goto fail;
3754 	}
3755 
3756 	result->m_pkthdr.len = 0;
3757 	for (m = result; m; m = m->m_next)
3758 		result->m_pkthdr.len += m->m_len;
3759 
3760 	mtod(result, struct sadb_msg *)->sadb_msg_len =
3761 	    PFKEY_UNIT64(result->m_pkthdr.len);
3762 
3763 	return result;
3764 
3765 fail:
3766 	m_freem(result);
3767 	m_freem(tres);
3768 	return NULL;
3769 }
3770 
3771 /*
3772  * set data into sadb_msg.
3773  */
3774 static struct mbuf *
3775 key_setsadbmsg(u_int8_t type, u_int16_t tlen, u_int8_t satype, u_int32_t seq,
3776     pid_t pid, u_int16_t reserved)
3777 {
3778 	struct mbuf *m;
3779 	struct sadb_msg *p;
3780 	int len;
3781 
3782 	len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
3783 	if (len > MCLBYTES)
3784 		return NULL;
3785 	MGETHDR(m, M_NOWAIT, MT_DATA);
3786 	if (m && len > MHLEN) {
3787 		if (!(MCLGET(m, M_NOWAIT))) {
3788 			m_freem(m);
3789 			m = NULL;
3790 		}
3791 	}
3792 	if (!m)
3793 		return NULL;
3794 	m->m_pkthdr.len = m->m_len = len;
3795 	m->m_next = NULL;
3796 
3797 	p = mtod(m, struct sadb_msg *);
3798 
3799 	bzero(p, len);
3800 	p->sadb_msg_version = PF_KEY_V2;
3801 	p->sadb_msg_type = type;
3802 	p->sadb_msg_errno = 0;
3803 	p->sadb_msg_satype = satype;
3804 	p->sadb_msg_len = PFKEY_UNIT64(tlen);
3805 	p->sadb_msg_reserved = reserved;
3806 	p->sadb_msg_seq = seq;
3807 	p->sadb_msg_pid = (u_int32_t)pid;
3808 
3809 	return m;
3810 }
3811 
3812 /*
3813  * copy secasvar data into sadb_address.
3814  */
3815 static struct mbuf *
3816 key_setsadbsa(struct secasvar *sav)
3817 {
3818 	struct mbuf *m;
3819 	struct sadb_sa *p;
3820 	int len;
3821 
3822 	len = PFKEY_ALIGN8(sizeof(struct sadb_sa));
3823 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3824 	if (m == NULL)
3825 		return (NULL);
3826 	m_align(m, len);
3827 	m->m_len = len;
3828 	p = mtod(m, struct sadb_sa *);
3829 	bzero(p, len);
3830 	p->sadb_sa_len = PFKEY_UNIT64(len);
3831 	p->sadb_sa_exttype = SADB_EXT_SA;
3832 	p->sadb_sa_spi = sav->spi;
3833 	p->sadb_sa_replay = sav->replay ?
3834 	    (sav->replay->wsize > UINT8_MAX ? UINT8_MAX :
3835 		sav->replay->wsize): 0;
3836 	p->sadb_sa_state = sav->state;
3837 	p->sadb_sa_auth = sav->alg_auth;
3838 	p->sadb_sa_encrypt = sav->alg_enc;
3839 	p->sadb_sa_flags = sav->flags & SADB_KEY_FLAGS_MAX;
3840 	return (m);
3841 }
3842 
3843 /*
3844  * set data into sadb_address.
3845  */
3846 static struct mbuf *
3847 key_setsadbaddr(u_int16_t exttype, const struct sockaddr *saddr,
3848     u_int8_t prefixlen, u_int16_t ul_proto)
3849 {
3850 	struct mbuf *m;
3851 	struct sadb_address *p;
3852 	size_t len;
3853 
3854 	len = PFKEY_ALIGN8(sizeof(struct sadb_address)) +
3855 	    PFKEY_ALIGN8(saddr->sa_len);
3856 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3857 	if (m == NULL)
3858 		return (NULL);
3859 	m_align(m, len);
3860 	m->m_len = len;
3861 	p = mtod(m, struct sadb_address *);
3862 
3863 	bzero(p, len);
3864 	p->sadb_address_len = PFKEY_UNIT64(len);
3865 	p->sadb_address_exttype = exttype;
3866 	p->sadb_address_proto = ul_proto;
3867 	if (prefixlen == FULLMASK) {
3868 		switch (saddr->sa_family) {
3869 		case AF_INET:
3870 			prefixlen = sizeof(struct in_addr) << 3;
3871 			break;
3872 		case AF_INET6:
3873 			prefixlen = sizeof(struct in6_addr) << 3;
3874 			break;
3875 		default:
3876 			; /*XXX*/
3877 		}
3878 	}
3879 	p->sadb_address_prefixlen = prefixlen;
3880 	p->sadb_address_reserved = 0;
3881 
3882 	bcopy(saddr,
3883 	    mtod(m, caddr_t) + PFKEY_ALIGN8(sizeof(struct sadb_address)),
3884 	    saddr->sa_len);
3885 
3886 	return m;
3887 }
3888 
3889 /*
3890  * set data into sadb_x_sa2.
3891  */
3892 static struct mbuf *
3893 key_setsadbxsa2(u_int8_t mode, u_int32_t seq, u_int32_t reqid)
3894 {
3895 	struct mbuf *m;
3896 	struct sadb_x_sa2 *p;
3897 	size_t len;
3898 
3899 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa2));
3900 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3901 	if (m == NULL)
3902 		return (NULL);
3903 	m_align(m, len);
3904 	m->m_len = len;
3905 	p = mtod(m, struct sadb_x_sa2 *);
3906 
3907 	bzero(p, len);
3908 	p->sadb_x_sa2_len = PFKEY_UNIT64(len);
3909 	p->sadb_x_sa2_exttype = SADB_X_EXT_SA2;
3910 	p->sadb_x_sa2_mode = mode;
3911 	p->sadb_x_sa2_reserved1 = 0;
3912 	p->sadb_x_sa2_reserved2 = 0;
3913 	p->sadb_x_sa2_sequence = seq;
3914 	p->sadb_x_sa2_reqid = reqid;
3915 
3916 	return m;
3917 }
3918 
3919 /*
3920  * Set data into sadb_x_sa_replay.
3921  */
3922 static struct mbuf *
3923 key_setsadbxsareplay(u_int32_t replay)
3924 {
3925 	struct mbuf *m;
3926 	struct sadb_x_sa_replay *p;
3927 	size_t len;
3928 
3929 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa_replay));
3930 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3931 	if (m == NULL)
3932 		return (NULL);
3933 	m_align(m, len);
3934 	m->m_len = len;
3935 	p = mtod(m, struct sadb_x_sa_replay *);
3936 
3937 	bzero(p, len);
3938 	p->sadb_x_sa_replay_len = PFKEY_UNIT64(len);
3939 	p->sadb_x_sa_replay_exttype = SADB_X_EXT_SA_REPLAY;
3940 	p->sadb_x_sa_replay_replay = (replay << 3);
3941 
3942 	return m;
3943 }
3944 
3945 /*
3946  * Set a type in sadb_x_nat_t_type.
3947  */
3948 static struct mbuf *
3949 key_setsadbxtype(u_int16_t type)
3950 {
3951 	struct mbuf *m;
3952 	size_t len;
3953 	struct sadb_x_nat_t_type *p;
3954 
3955 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_type));
3956 
3957 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3958 	if (m == NULL)
3959 		return (NULL);
3960 	m_align(m, len);
3961 	m->m_len = len;
3962 	p = mtod(m, struct sadb_x_nat_t_type *);
3963 
3964 	bzero(p, len);
3965 	p->sadb_x_nat_t_type_len = PFKEY_UNIT64(len);
3966 	p->sadb_x_nat_t_type_exttype = SADB_X_EXT_NAT_T_TYPE;
3967 	p->sadb_x_nat_t_type_type = type;
3968 
3969 	return (m);
3970 }
3971 /*
3972  * Set a port in sadb_x_nat_t_port.
3973  * In contrast to default RFC 2367 behaviour, port is in network byte order.
3974  */
3975 static struct mbuf *
3976 key_setsadbxport(u_int16_t port, u_int16_t type)
3977 {
3978 	struct mbuf *m;
3979 	size_t len;
3980 	struct sadb_x_nat_t_port *p;
3981 
3982 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_port));
3983 
3984 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3985 	if (m == NULL)
3986 		return (NULL);
3987 	m_align(m, len);
3988 	m->m_len = len;
3989 	p = mtod(m, struct sadb_x_nat_t_port *);
3990 
3991 	bzero(p, len);
3992 	p->sadb_x_nat_t_port_len = PFKEY_UNIT64(len);
3993 	p->sadb_x_nat_t_port_exttype = type;
3994 	p->sadb_x_nat_t_port_port = port;
3995 
3996 	return (m);
3997 }
3998 
3999 /*
4000  * Get port from sockaddr. Port is in network byte order.
4001  */
4002 uint16_t
4003 key_portfromsaddr(struct sockaddr *sa)
4004 {
4005 
4006 	switch (sa->sa_family) {
4007 #ifdef INET
4008 	case AF_INET:
4009 		return ((struct sockaddr_in *)sa)->sin_port;
4010 #endif
4011 #ifdef INET6
4012 	case AF_INET6:
4013 		return ((struct sockaddr_in6 *)sa)->sin6_port;
4014 #endif
4015 	}
4016 	return (0);
4017 }
4018 
4019 /*
4020  * Set port in struct sockaddr. Port is in network byte order.
4021  */
4022 void
4023 key_porttosaddr(struct sockaddr *sa, uint16_t port)
4024 {
4025 
4026 	switch (sa->sa_family) {
4027 #ifdef INET
4028 	case AF_INET:
4029 		((struct sockaddr_in *)sa)->sin_port = port;
4030 		break;
4031 #endif
4032 #ifdef INET6
4033 	case AF_INET6:
4034 		((struct sockaddr_in6 *)sa)->sin6_port = port;
4035 		break;
4036 #endif
4037 	default:
4038 		ipseclog((LOG_DEBUG, "%s: unexpected address family %d.\n",
4039 			__func__, sa->sa_family));
4040 		break;
4041 	}
4042 }
4043 
4044 /*
4045  * set data into sadb_x_policy
4046  */
4047 static struct mbuf *
4048 key_setsadbxpolicy(u_int16_t type, u_int8_t dir, u_int32_t id, u_int32_t priority)
4049 {
4050 	struct mbuf *m;
4051 	struct sadb_x_policy *p;
4052 	size_t len;
4053 
4054 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_policy));
4055 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
4056 	if (m == NULL)
4057 		return (NULL);
4058 	m_align(m, len);
4059 	m->m_len = len;
4060 	p = mtod(m, struct sadb_x_policy *);
4061 
4062 	bzero(p, len);
4063 	p->sadb_x_policy_len = PFKEY_UNIT64(len);
4064 	p->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
4065 	p->sadb_x_policy_type = type;
4066 	p->sadb_x_policy_dir = dir;
4067 	p->sadb_x_policy_id = id;
4068 	p->sadb_x_policy_priority = priority;
4069 
4070 	return m;
4071 }
4072 
4073 /* %%% utilities */
4074 /* Take a key message (sadb_key) from the socket and turn it into one
4075  * of the kernel's key structures (seckey).
4076  *
4077  * IN: pointer to the src
4078  * OUT: NULL no more memory
4079  */
4080 struct seckey *
4081 key_dup_keymsg(const struct sadb_key *src, size_t len,
4082     struct malloc_type *type)
4083 {
4084 	struct seckey *dst;
4085 
4086 	dst = malloc(sizeof(*dst), type, M_NOWAIT);
4087 	if (dst != NULL) {
4088 		dst->bits = src->sadb_key_bits;
4089 		dst->key_data = malloc(len, type, M_NOWAIT);
4090 		if (dst->key_data != NULL) {
4091 			bcopy((const char *)(src + 1), dst->key_data, len);
4092 		} else {
4093 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
4094 			    __func__));
4095 			free(dst, type);
4096 			dst = NULL;
4097 		}
4098 	} else {
4099 		ipseclog((LOG_DEBUG, "%s: No more memory.\n",
4100 		    __func__));
4101 	}
4102 	return (dst);
4103 }
4104 
4105 /* Take a lifetime message (sadb_lifetime) passed in on a socket and
4106  * turn it into one of the kernel's lifetime structures (seclifetime).
4107  *
4108  * IN: pointer to the destination, source and malloc type
4109  * OUT: NULL, no more memory
4110  */
4111 
4112 static struct seclifetime *
4113 key_dup_lifemsg(const struct sadb_lifetime *src, struct malloc_type *type)
4114 {
4115 	struct seclifetime *dst;
4116 
4117 	dst = malloc(sizeof(*dst), type, M_NOWAIT);
4118 	if (dst == NULL) {
4119 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
4120 		return (NULL);
4121 	}
4122 	dst->allocations = src->sadb_lifetime_allocations;
4123 	dst->bytes = src->sadb_lifetime_bytes;
4124 	dst->addtime = src->sadb_lifetime_addtime;
4125 	dst->usetime = src->sadb_lifetime_usetime;
4126 	return (dst);
4127 }
4128 
4129 /*
4130  * compare two secasindex structure.
4131  * flag can specify to compare 2 saidxes.
4132  * compare two secasindex structure without both mode and reqid.
4133  * don't compare port.
4134  * IN:
4135  *      saidx0: source, it can be in SAD.
4136  *      saidx1: object.
4137  * OUT:
4138  *      1 : equal
4139  *      0 : not equal
4140  */
4141 static int
4142 key_cmpsaidx(const struct secasindex *saidx0, const struct secasindex *saidx1,
4143     int flag)
4144 {
4145 
4146 	/* sanity */
4147 	if (saidx0 == NULL && saidx1 == NULL)
4148 		return 1;
4149 
4150 	if (saidx0 == NULL || saidx1 == NULL)
4151 		return 0;
4152 
4153 	if (saidx0->proto != saidx1->proto)
4154 		return 0;
4155 
4156 	if (flag == CMP_EXACTLY) {
4157 		if (saidx0->mode != saidx1->mode)
4158 			return 0;
4159 		if (saidx0->reqid != saidx1->reqid)
4160 			return 0;
4161 		if (bcmp(&saidx0->src, &saidx1->src,
4162 		    saidx0->src.sa.sa_len) != 0 ||
4163 		    bcmp(&saidx0->dst, &saidx1->dst,
4164 		    saidx0->dst.sa.sa_len) != 0)
4165 			return 0;
4166 	} else {
4167 		/* CMP_MODE_REQID, CMP_REQID, CMP_HEAD */
4168 		if (flag == CMP_MODE_REQID || flag == CMP_REQID) {
4169 			/*
4170 			 * If reqid of SPD is non-zero, unique SA is required.
4171 			 * The result must be of same reqid in this case.
4172 			 */
4173 			if (saidx1->reqid != 0 &&
4174 			    saidx0->reqid != saidx1->reqid)
4175 				return 0;
4176 		}
4177 
4178 		if (flag == CMP_MODE_REQID) {
4179 			if (saidx0->mode != IPSEC_MODE_ANY
4180 			 && saidx0->mode != saidx1->mode)
4181 				return 0;
4182 		}
4183 
4184 		if (key_sockaddrcmp(&saidx0->src.sa, &saidx1->src.sa, 0) != 0)
4185 			return 0;
4186 		if (key_sockaddrcmp(&saidx0->dst.sa, &saidx1->dst.sa, 0) != 0)
4187 			return 0;
4188 	}
4189 
4190 	return 1;
4191 }
4192 
4193 /*
4194  * compare two secindex structure exactly.
4195  * IN:
4196  *	spidx0: source, it is often in SPD.
4197  *	spidx1: object, it is often from PFKEY message.
4198  * OUT:
4199  *	1 : equal
4200  *	0 : not equal
4201  */
4202 static int
4203 key_cmpspidx_exactly(struct secpolicyindex *spidx0,
4204     struct secpolicyindex *spidx1)
4205 {
4206 	/* sanity */
4207 	if (spidx0 == NULL && spidx1 == NULL)
4208 		return 1;
4209 
4210 	if (spidx0 == NULL || spidx1 == NULL)
4211 		return 0;
4212 
4213 	if (spidx0->prefs != spidx1->prefs
4214 	 || spidx0->prefd != spidx1->prefd
4215 	 || spidx0->ul_proto != spidx1->ul_proto
4216 	 || spidx0->dir != spidx1->dir)
4217 		return 0;
4218 
4219 	return key_sockaddrcmp(&spidx0->src.sa, &spidx1->src.sa, 1) == 0 &&
4220 	       key_sockaddrcmp(&spidx0->dst.sa, &spidx1->dst.sa, 1) == 0;
4221 }
4222 
4223 /*
4224  * compare two secindex structure with mask.
4225  * IN:
4226  *	spidx0: source, it is often in SPD.
4227  *	spidx1: object, it is often from IP header.
4228  * OUT:
4229  *	1 : equal
4230  *	0 : not equal
4231  */
4232 static int
4233 key_cmpspidx_withmask(struct secpolicyindex *spidx0,
4234     struct secpolicyindex *spidx1)
4235 {
4236 	/* sanity */
4237 	if (spidx0 == NULL && spidx1 == NULL)
4238 		return 1;
4239 
4240 	if (spidx0 == NULL || spidx1 == NULL)
4241 		return 0;
4242 
4243 	if (spidx0->src.sa.sa_family != spidx1->src.sa.sa_family ||
4244 	    spidx0->dst.sa.sa_family != spidx1->dst.sa.sa_family ||
4245 	    spidx0->src.sa.sa_len != spidx1->src.sa.sa_len ||
4246 	    spidx0->dst.sa.sa_len != spidx1->dst.sa.sa_len)
4247 		return 0;
4248 
4249 	/* if spidx.ul_proto == IPSEC_ULPROTO_ANY, ignore. */
4250 	if (spidx0->ul_proto != (u_int16_t)IPSEC_ULPROTO_ANY
4251 	 && spidx0->ul_proto != spidx1->ul_proto)
4252 		return 0;
4253 
4254 	switch (spidx0->src.sa.sa_family) {
4255 	case AF_INET:
4256 		if (spidx0->src.sin.sin_port != IPSEC_PORT_ANY
4257 		 && spidx0->src.sin.sin_port != spidx1->src.sin.sin_port)
4258 			return 0;
4259 		if (!key_bbcmp(&spidx0->src.sin.sin_addr,
4260 		    &spidx1->src.sin.sin_addr, spidx0->prefs))
4261 			return 0;
4262 		break;
4263 	case AF_INET6:
4264 		if (spidx0->src.sin6.sin6_port != IPSEC_PORT_ANY
4265 		 && spidx0->src.sin6.sin6_port != spidx1->src.sin6.sin6_port)
4266 			return 0;
4267 		/*
4268 		 * scope_id check. if sin6_scope_id is 0, we regard it
4269 		 * as a wildcard scope, which matches any scope zone ID.
4270 		 */
4271 		if (spidx0->src.sin6.sin6_scope_id &&
4272 		    spidx1->src.sin6.sin6_scope_id &&
4273 		    spidx0->src.sin6.sin6_scope_id != spidx1->src.sin6.sin6_scope_id)
4274 			return 0;
4275 		if (!key_bbcmp(&spidx0->src.sin6.sin6_addr,
4276 		    &spidx1->src.sin6.sin6_addr, spidx0->prefs))
4277 			return 0;
4278 		break;
4279 	default:
4280 		/* XXX */
4281 		if (bcmp(&spidx0->src, &spidx1->src, spidx0->src.sa.sa_len) != 0)
4282 			return 0;
4283 		break;
4284 	}
4285 
4286 	switch (spidx0->dst.sa.sa_family) {
4287 	case AF_INET:
4288 		if (spidx0->dst.sin.sin_port != IPSEC_PORT_ANY
4289 		 && spidx0->dst.sin.sin_port != spidx1->dst.sin.sin_port)
4290 			return 0;
4291 		if (!key_bbcmp(&spidx0->dst.sin.sin_addr,
4292 		    &spidx1->dst.sin.sin_addr, spidx0->prefd))
4293 			return 0;
4294 		break;
4295 	case AF_INET6:
4296 		if (spidx0->dst.sin6.sin6_port != IPSEC_PORT_ANY
4297 		 && spidx0->dst.sin6.sin6_port != spidx1->dst.sin6.sin6_port)
4298 			return 0;
4299 		/*
4300 		 * scope_id check. if sin6_scope_id is 0, we regard it
4301 		 * as a wildcard scope, which matches any scope zone ID.
4302 		 */
4303 		if (spidx0->dst.sin6.sin6_scope_id &&
4304 		    spidx1->dst.sin6.sin6_scope_id &&
4305 		    spidx0->dst.sin6.sin6_scope_id != spidx1->dst.sin6.sin6_scope_id)
4306 			return 0;
4307 		if (!key_bbcmp(&spidx0->dst.sin6.sin6_addr,
4308 		    &spidx1->dst.sin6.sin6_addr, spidx0->prefd))
4309 			return 0;
4310 		break;
4311 	default:
4312 		/* XXX */
4313 		if (bcmp(&spidx0->dst, &spidx1->dst, spidx0->dst.sa.sa_len) != 0)
4314 			return 0;
4315 		break;
4316 	}
4317 
4318 	/* XXX Do we check other field ?  e.g. flowinfo */
4319 
4320 	return 1;
4321 }
4322 
4323 #ifdef satosin
4324 #undef satosin
4325 #endif
4326 #define satosin(s) ((const struct sockaddr_in *)s)
4327 #ifdef satosin6
4328 #undef satosin6
4329 #endif
4330 #define satosin6(s) ((const struct sockaddr_in6 *)s)
4331 /* returns 0 on match */
4332 int
4333 key_sockaddrcmp(const struct sockaddr *sa1, const struct sockaddr *sa2,
4334     int port)
4335 {
4336 	if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
4337 		return 1;
4338 
4339 	switch (sa1->sa_family) {
4340 #ifdef INET
4341 	case AF_INET:
4342 		if (sa1->sa_len != sizeof(struct sockaddr_in))
4343 			return 1;
4344 		if (satosin(sa1)->sin_addr.s_addr !=
4345 		    satosin(sa2)->sin_addr.s_addr) {
4346 			return 1;
4347 		}
4348 		if (port && satosin(sa1)->sin_port != satosin(sa2)->sin_port)
4349 			return 1;
4350 		break;
4351 #endif
4352 #ifdef INET6
4353 	case AF_INET6:
4354 		if (sa1->sa_len != sizeof(struct sockaddr_in6))
4355 			return 1;	/*EINVAL*/
4356 		if (satosin6(sa1)->sin6_scope_id !=
4357 		    satosin6(sa2)->sin6_scope_id) {
4358 			return 1;
4359 		}
4360 		if (!IN6_ARE_ADDR_EQUAL(&satosin6(sa1)->sin6_addr,
4361 		    &satosin6(sa2)->sin6_addr)) {
4362 			return 1;
4363 		}
4364 		if (port &&
4365 		    satosin6(sa1)->sin6_port != satosin6(sa2)->sin6_port) {
4366 			return 1;
4367 		}
4368 		break;
4369 #endif
4370 	default:
4371 		if (bcmp(sa1, sa2, sa1->sa_len) != 0)
4372 			return 1;
4373 		break;
4374 	}
4375 
4376 	return 0;
4377 }
4378 
4379 /* returns 0 on match */
4380 int
4381 key_sockaddrcmp_withmask(const struct sockaddr *sa1,
4382     const struct sockaddr *sa2, size_t mask)
4383 {
4384 	if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
4385 		return (1);
4386 
4387 	switch (sa1->sa_family) {
4388 #ifdef INET
4389 	case AF_INET:
4390 		return (!key_bbcmp(&satosin(sa1)->sin_addr,
4391 		    &satosin(sa2)->sin_addr, mask));
4392 #endif
4393 #ifdef INET6
4394 	case AF_INET6:
4395 		if (satosin6(sa1)->sin6_scope_id !=
4396 		    satosin6(sa2)->sin6_scope_id)
4397 			return (1);
4398 		return (!key_bbcmp(&satosin6(sa1)->sin6_addr,
4399 		    &satosin6(sa2)->sin6_addr, mask));
4400 #endif
4401 	}
4402 	return (1);
4403 }
4404 #undef satosin
4405 #undef satosin6
4406 
4407 /*
4408  * compare two buffers with mask.
4409  * IN:
4410  *	addr1: source
4411  *	addr2: object
4412  *	bits:  Number of bits to compare
4413  * OUT:
4414  *	1 : equal
4415  *	0 : not equal
4416  */
4417 static int
4418 key_bbcmp(const void *a1, const void *a2, u_int bits)
4419 {
4420 	const unsigned char *p1 = a1;
4421 	const unsigned char *p2 = a2;
4422 
4423 	/* XXX: This could be considerably faster if we compare a word
4424 	 * at a time, but it is complicated on LSB Endian machines */
4425 
4426 	/* Handle null pointers */
4427 	if (p1 == NULL || p2 == NULL)
4428 		return (p1 == p2);
4429 
4430 	while (bits >= 8) {
4431 		if (*p1++ != *p2++)
4432 			return 0;
4433 		bits -= 8;
4434 	}
4435 
4436 	if (bits > 0) {
4437 		u_int8_t mask = ~((1<<(8-bits))-1);
4438 		if ((*p1 & mask) != (*p2 & mask))
4439 			return 0;
4440 	}
4441 	return 1;	/* Match! */
4442 }
4443 
4444 static void
4445 key_flush_spd(time_t now)
4446 {
4447 	SPTREE_RLOCK_TRACKER;
4448 	struct secpolicy_list drainq;
4449 	struct secpolicy *sp, *nextsp;
4450 	u_int dir;
4451 
4452 	LIST_INIT(&drainq);
4453 	SPTREE_RLOCK();
4454 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
4455 		TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
4456 			if (sp->lifetime == 0 && sp->validtime == 0)
4457 				continue;
4458 			if ((sp->lifetime &&
4459 			    now - sp->created > sp->lifetime) ||
4460 			    (sp->validtime &&
4461 			    now - sp->lastused > sp->validtime)) {
4462 				/* Hold extra reference to send SPDEXPIRE */
4463 				SP_ADDREF(sp);
4464 				LIST_INSERT_HEAD(&drainq, sp, drainq);
4465 			}
4466 		}
4467 	}
4468 	SPTREE_RUNLOCK();
4469 	if (LIST_EMPTY(&drainq))
4470 		return;
4471 
4472 	SPTREE_WLOCK();
4473 	sp = LIST_FIRST(&drainq);
4474 	while (sp != NULL) {
4475 		nextsp = LIST_NEXT(sp, drainq);
4476 		/* Check that SP is still linked */
4477 		if (sp->state != IPSEC_SPSTATE_ALIVE) {
4478 			LIST_REMOVE(sp, drainq);
4479 			key_freesp(&sp); /* release extra reference */
4480 			sp = nextsp;
4481 			continue;
4482 		}
4483 		TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain);
4484 		V_spd_size--;
4485 		LIST_REMOVE(sp, idhash);
4486 		sp->state = IPSEC_SPSTATE_DEAD;
4487 		sp = nextsp;
4488 	}
4489 	V_sp_genid++;
4490 	SPTREE_WUNLOCK();
4491 	if (SPDCACHE_ENABLED())
4492 		spdcache_clear();
4493 
4494 	sp = LIST_FIRST(&drainq);
4495 	while (sp != NULL) {
4496 		nextsp = LIST_NEXT(sp, drainq);
4497 		key_spdexpire(sp);
4498 		key_freesp(&sp); /* release extra reference */
4499 		key_freesp(&sp); /* release last reference */
4500 		sp = nextsp;
4501 	}
4502 }
4503 
4504 static void
4505 key_flush_sad(time_t now)
4506 {
4507 	SAHTREE_RLOCK_TRACKER;
4508 	struct secashead_list emptyq;
4509 	struct secasvar_list drainq, hexpireq, sexpireq, freeq;
4510 	struct secashead *sah, *nextsah;
4511 	struct secasvar *sav, *nextsav;
4512 
4513 	SECASVAR_RLOCK_TRACKER;
4514 
4515 	LIST_INIT(&drainq);
4516 	LIST_INIT(&hexpireq);
4517 	LIST_INIT(&sexpireq);
4518 	LIST_INIT(&emptyq);
4519 
4520 	SAHTREE_RLOCK();
4521 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
4522 		/* Check for empty SAH */
4523 		if (TAILQ_EMPTY(&sah->savtree_larval) &&
4524 		    TAILQ_EMPTY(&sah->savtree_alive)) {
4525 			SAH_ADDREF(sah);
4526 			LIST_INSERT_HEAD(&emptyq, sah, drainq);
4527 			continue;
4528 		}
4529 		/* Add all stale LARVAL SAs into drainq */
4530 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
4531 			if (now - sav->created < V_key_larval_lifetime)
4532 				continue;
4533 			SAV_ADDREF(sav);
4534 			LIST_INSERT_HEAD(&drainq, sav, drainq);
4535 		}
4536 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
4537 			/* lifetimes aren't specified */
4538 			if (sav->lft_h == NULL)
4539 				continue;
4540 			SECASVAR_RLOCK(sav);
4541 			/*
4542 			 * Check again with lock held, because it may
4543 			 * be updated by SADB_UPDATE.
4544 			 */
4545 			if (sav->lft_h == NULL) {
4546 				SECASVAR_RUNLOCK(sav);
4547 				continue;
4548 			}
4549 			/*
4550 			 * RFC 2367:
4551 			 * HARD lifetimes MUST take precedence over SOFT
4552 			 * lifetimes, meaning if the HARD and SOFT lifetimes
4553 			 * are the same, the HARD lifetime will appear on the
4554 			 * EXPIRE message.
4555 			 */
4556 			/* check HARD lifetime */
4557 			if ((sav->lft_h->addtime != 0 &&
4558 			    now - sav->created > sav->lft_h->addtime) ||
4559 			    (sav->lft_h->usetime != 0 && sav->firstused &&
4560 			    now - sav->firstused > sav->lft_h->usetime) ||
4561 			    (sav->lft_h->bytes != 0 && counter_u64_fetch(
4562 			        sav->lft_c_bytes) > sav->lft_h->bytes)) {
4563 				SECASVAR_RUNLOCK(sav);
4564 				SAV_ADDREF(sav);
4565 				LIST_INSERT_HEAD(&hexpireq, sav, drainq);
4566 				continue;
4567 			}
4568 			/* check SOFT lifetime (only for MATURE SAs) */
4569 			if (sav->state == SADB_SASTATE_MATURE && (
4570 			    (sav->lft_s->addtime != 0 &&
4571 			    now - sav->created > sav->lft_s->addtime) ||
4572 			    (sav->lft_s->usetime != 0 && sav->firstused &&
4573 			    now - sav->firstused > sav->lft_s->usetime) ||
4574 			    (sav->lft_s->bytes != 0 && counter_u64_fetch(
4575 				sav->lft_c_bytes) > sav->lft_s->bytes) ||
4576 			    (!(sav->flags & SADB_X_SAFLAGS_ESN) &&
4577 			    (sav->replay != NULL) && (
4578 			    (sav->replay->count > UINT32_80PCT) ||
4579 			    (sav->replay->last > UINT32_80PCT))))) {
4580 				SECASVAR_RUNLOCK(sav);
4581 				SAV_ADDREF(sav);
4582 				LIST_INSERT_HEAD(&sexpireq, sav, drainq);
4583 				continue;
4584 			}
4585 			SECASVAR_RUNLOCK(sav);
4586 		}
4587 	}
4588 	SAHTREE_RUNLOCK();
4589 
4590 	if (LIST_EMPTY(&emptyq) && LIST_EMPTY(&drainq) &&
4591 	    LIST_EMPTY(&hexpireq) && LIST_EMPTY(&sexpireq))
4592 		return;
4593 
4594 	LIST_INIT(&freeq);
4595 	SAHTREE_WLOCK();
4596 	/* Unlink stale LARVAL SAs */
4597 	sav = LIST_FIRST(&drainq);
4598 	while (sav != NULL) {
4599 		nextsav = LIST_NEXT(sav, drainq);
4600 		/* Check that SA is still LARVAL */
4601 		if (sav->state != SADB_SASTATE_LARVAL) {
4602 			LIST_REMOVE(sav, drainq);
4603 			LIST_INSERT_HEAD(&freeq, sav, drainq);
4604 			sav = nextsav;
4605 			continue;
4606 		}
4607 		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
4608 		LIST_REMOVE(sav, spihash);
4609 		sav->state = SADB_SASTATE_DEAD;
4610 		sav = nextsav;
4611 	}
4612 	/* Unlink all SAs with expired HARD lifetime */
4613 	sav = LIST_FIRST(&hexpireq);
4614 	while (sav != NULL) {
4615 		nextsav = LIST_NEXT(sav, drainq);
4616 		/* Check that SA is not unlinked */
4617 		if (sav->state == SADB_SASTATE_DEAD) {
4618 			LIST_REMOVE(sav, drainq);
4619 			LIST_INSERT_HEAD(&freeq, sav, drainq);
4620 			sav = nextsav;
4621 			continue;
4622 		}
4623 		TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
4624 		LIST_REMOVE(sav, spihash);
4625 		sav->state = SADB_SASTATE_DEAD;
4626 		sav = nextsav;
4627 	}
4628 	/* Mark all SAs with expired SOFT lifetime as DYING */
4629 	sav = LIST_FIRST(&sexpireq);
4630 	while (sav != NULL) {
4631 		nextsav = LIST_NEXT(sav, drainq);
4632 		/* Check that SA is not unlinked */
4633 		if (sav->state == SADB_SASTATE_DEAD) {
4634 			LIST_REMOVE(sav, drainq);
4635 			LIST_INSERT_HEAD(&freeq, sav, drainq);
4636 			sav = nextsav;
4637 			continue;
4638 		}
4639 		/*
4640 		 * NOTE: this doesn't change SA order in the chain.
4641 		 */
4642 		sav->state = SADB_SASTATE_DYING;
4643 		sav = nextsav;
4644 	}
4645 	/* Unlink empty SAHs */
4646 	sah = LIST_FIRST(&emptyq);
4647 	while (sah != NULL) {
4648 		nextsah = LIST_NEXT(sah, drainq);
4649 		/* Check that SAH is still empty and not unlinked */
4650 		if (sah->state == SADB_SASTATE_DEAD ||
4651 		    !TAILQ_EMPTY(&sah->savtree_larval) ||
4652 		    !TAILQ_EMPTY(&sah->savtree_alive)) {
4653 			LIST_REMOVE(sah, drainq);
4654 			key_freesah(&sah); /* release extra reference */
4655 			sah = nextsah;
4656 			continue;
4657 		}
4658 		TAILQ_REMOVE(&V_sahtree, sah, chain);
4659 		LIST_REMOVE(sah, addrhash);
4660 		sah->state = SADB_SASTATE_DEAD;
4661 		sah = nextsah;
4662 	}
4663 	SAHTREE_WUNLOCK();
4664 
4665 	/* Send SPDEXPIRE messages */
4666 	sav = LIST_FIRST(&hexpireq);
4667 	while (sav != NULL) {
4668 		nextsav = LIST_NEXT(sav, drainq);
4669 		key_expire(sav, 1);
4670 		key_freesah(&sav->sah); /* release reference from SAV */
4671 		key_freesav(&sav); /* release extra reference */
4672 		key_freesav(&sav); /* release last reference */
4673 		sav = nextsav;
4674 	}
4675 	sav = LIST_FIRST(&sexpireq);
4676 	while (sav != NULL) {
4677 		nextsav = LIST_NEXT(sav, drainq);
4678 		key_expire(sav, 0);
4679 		key_freesav(&sav); /* release extra reference */
4680 		sav = nextsav;
4681 	}
4682 	/* Free stale LARVAL SAs */
4683 	sav = LIST_FIRST(&drainq);
4684 	while (sav != NULL) {
4685 		nextsav = LIST_NEXT(sav, drainq);
4686 		key_freesah(&sav->sah); /* release reference from SAV */
4687 		key_freesav(&sav); /* release extra reference */
4688 		key_freesav(&sav); /* release last reference */
4689 		sav = nextsav;
4690 	}
4691 	/* Free SAs that were unlinked/changed by someone else */
4692 	sav = LIST_FIRST(&freeq);
4693 	while (sav != NULL) {
4694 		nextsav = LIST_NEXT(sav, drainq);
4695 		key_freesav(&sav); /* release extra reference */
4696 		sav = nextsav;
4697 	}
4698 	/* Free empty SAH */
4699 	sah = LIST_FIRST(&emptyq);
4700 	while (sah != NULL) {
4701 		nextsah = LIST_NEXT(sah, drainq);
4702 		key_freesah(&sah); /* release extra reference */
4703 		key_freesah(&sah); /* release last reference */
4704 		sah = nextsah;
4705 	}
4706 }
4707 
4708 static void
4709 key_flush_acq(time_t now)
4710 {
4711 	struct secacq *acq, *nextacq;
4712 
4713 	/* ACQ tree */
4714 	ACQ_LOCK();
4715 	acq = LIST_FIRST(&V_acqtree);
4716 	while (acq != NULL) {
4717 		nextacq = LIST_NEXT(acq, chain);
4718 		if (now - acq->created > V_key_blockacq_lifetime) {
4719 			LIST_REMOVE(acq, chain);
4720 			LIST_REMOVE(acq, addrhash);
4721 			LIST_REMOVE(acq, seqhash);
4722 			free(acq, M_IPSEC_SAQ);
4723 		}
4724 		acq = nextacq;
4725 	}
4726 	ACQ_UNLOCK();
4727 }
4728 
4729 static void
4730 key_flush_spacq(time_t now)
4731 {
4732 	struct secspacq *acq, *nextacq;
4733 
4734 	/* SP ACQ tree */
4735 	SPACQ_LOCK();
4736 	for (acq = LIST_FIRST(&V_spacqtree); acq != NULL; acq = nextacq) {
4737 		nextacq = LIST_NEXT(acq, chain);
4738 		if (now - acq->created > V_key_blockacq_lifetime
4739 		 && __LIST_CHAINED(acq)) {
4740 			LIST_REMOVE(acq, chain);
4741 			free(acq, M_IPSEC_SAQ);
4742 		}
4743 	}
4744 	SPACQ_UNLOCK();
4745 }
4746 
4747 /*
4748  * time handler.
4749  * scanning SPD and SAD to check status for each entries,
4750  * and do to remove or to expire.
4751  * XXX: year 2038 problem may remain.
4752  */
4753 static void
4754 key_timehandler(void *arg)
4755 {
4756 	VNET_ITERATOR_DECL(vnet_iter);
4757 	time_t now = time_second;
4758 
4759 	VNET_LIST_RLOCK_NOSLEEP();
4760 	VNET_FOREACH(vnet_iter) {
4761 		CURVNET_SET(vnet_iter);
4762 		key_flush_spd(now);
4763 		key_flush_sad(now);
4764 		key_flush_acq(now);
4765 		key_flush_spacq(now);
4766 		CURVNET_RESTORE();
4767 	}
4768 	VNET_LIST_RUNLOCK_NOSLEEP();
4769 
4770 #ifndef IPSEC_DEBUG2
4771 	/* do exchange to tick time !! */
4772 	callout_schedule(&key_timer, hz);
4773 #endif /* IPSEC_DEBUG2 */
4774 }
4775 
4776 u_long
4777 key_random(void)
4778 {
4779 	u_long value;
4780 
4781 	arc4random_buf(&value, sizeof(value));
4782 	return value;
4783 }
4784 
4785 /*
4786  * map SADB_SATYPE_* to IPPROTO_*.
4787  * if satype == SADB_SATYPE then satype is mapped to ~0.
4788  * OUT:
4789  *	0: invalid satype.
4790  */
4791 static uint8_t
4792 key_satype2proto(uint8_t satype)
4793 {
4794 	switch (satype) {
4795 	case SADB_SATYPE_UNSPEC:
4796 		return IPSEC_PROTO_ANY;
4797 	case SADB_SATYPE_AH:
4798 		return IPPROTO_AH;
4799 	case SADB_SATYPE_ESP:
4800 		return IPPROTO_ESP;
4801 	case SADB_X_SATYPE_IPCOMP:
4802 		return IPPROTO_IPCOMP;
4803 	case SADB_X_SATYPE_TCPSIGNATURE:
4804 		return IPPROTO_TCP;
4805 	default:
4806 		return 0;
4807 	}
4808 	/* NOTREACHED */
4809 }
4810 
4811 /*
4812  * map IPPROTO_* to SADB_SATYPE_*
4813  * OUT:
4814  *	0: invalid protocol type.
4815  */
4816 static uint8_t
4817 key_proto2satype(uint8_t proto)
4818 {
4819 	switch (proto) {
4820 	case IPPROTO_AH:
4821 		return SADB_SATYPE_AH;
4822 	case IPPROTO_ESP:
4823 		return SADB_SATYPE_ESP;
4824 	case IPPROTO_IPCOMP:
4825 		return SADB_X_SATYPE_IPCOMP;
4826 	case IPPROTO_TCP:
4827 		return SADB_X_SATYPE_TCPSIGNATURE;
4828 	default:
4829 		return 0;
4830 	}
4831 	/* NOTREACHED */
4832 }
4833 
4834 /* %%% PF_KEY */
4835 /*
4836  * SADB_GETSPI processing is to receive
4837  *	<base, (SA2), src address, dst address, (SPI range)>
4838  * from the IKMPd, to assign a unique spi value, to hang on the INBOUND
4839  * tree with the status of LARVAL, and send
4840  *	<base, SA(*), address(SD)>
4841  * to the IKMPd.
4842  *
4843  * IN:	mhp: pointer to the pointer to each header.
4844  * OUT:	NULL if fail.
4845  *	other if success, return pointer to the message to send.
4846  */
4847 static int
4848 key_getspi(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
4849 {
4850 	struct secasindex saidx;
4851 	struct sadb_address *src0, *dst0;
4852 	struct secasvar *sav;
4853 	uint32_t reqid, spi;
4854 	int error;
4855 	uint8_t mode, proto;
4856 
4857 	IPSEC_ASSERT(so != NULL, ("null socket"));
4858 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
4859 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
4860 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
4861 
4862 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
4863 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST)
4864 #ifdef PFKEY_STRICT_CHECKS
4865 	    || SADB_CHECKHDR(mhp, SADB_EXT_SPIRANGE)
4866 #endif
4867 	    ) {
4868 		ipseclog((LOG_DEBUG,
4869 		    "%s: invalid message: missing required header.\n",
4870 		    __func__));
4871 		error = EINVAL;
4872 		goto fail;
4873 	}
4874 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
4875 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)
4876 #ifdef PFKEY_STRICT_CHECKS
4877 	    || SADB_CHECKLEN(mhp, SADB_EXT_SPIRANGE)
4878 #endif
4879 	    ) {
4880 		ipseclog((LOG_DEBUG,
4881 		    "%s: invalid message: wrong header size.\n", __func__));
4882 		error = EINVAL;
4883 		goto fail;
4884 	}
4885 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
4886 		mode = IPSEC_MODE_ANY;
4887 		reqid = 0;
4888 	} else {
4889 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
4890 			ipseclog((LOG_DEBUG,
4891 			    "%s: invalid message: wrong header size.\n",
4892 			    __func__));
4893 			error = EINVAL;
4894 			goto fail;
4895 		}
4896 		mode = ((struct sadb_x_sa2 *)
4897 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
4898 		reqid = ((struct sadb_x_sa2 *)
4899 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
4900 	}
4901 
4902 	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
4903 	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
4904 
4905 	/* map satype to proto */
4906 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
4907 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
4908 			__func__));
4909 		error = EINVAL;
4910 		goto fail;
4911 	}
4912 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
4913 	    (struct sockaddr *)(dst0 + 1));
4914 	if (error != 0) {
4915 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
4916 		error = EINVAL;
4917 		goto fail;
4918 	}
4919 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
4920 
4921 	/* SPI allocation */
4922 	SPI_ALLOC_LOCK();
4923 	spi = key_do_getnewspi(
4924 	    (struct sadb_spirange *)mhp->ext[SADB_EXT_SPIRANGE], &saidx);
4925 	if (spi == 0) {
4926 		/*
4927 		 * Requested SPI or SPI range is not available or
4928 		 * already used.
4929 		 */
4930 		SPI_ALLOC_UNLOCK();
4931 		error = EEXIST;
4932 		goto fail;
4933 	}
4934 	sav = key_newsav(mhp, &saidx, spi, &error);
4935 	SPI_ALLOC_UNLOCK();
4936 	if (sav == NULL)
4937 		goto fail;
4938 
4939 	if (sav->seq != 0) {
4940 		/*
4941 		 * RFC2367:
4942 		 * If the SADB_GETSPI message is in response to a
4943 		 * kernel-generated SADB_ACQUIRE, the sadb_msg_seq
4944 		 * MUST be the same as the SADB_ACQUIRE message.
4945 		 *
4946 		 * XXXAE: However it doesn't definethe behaviour how to
4947 		 * check this and what to do if it doesn't match.
4948 		 * Also what we should do if it matches?
4949 		 *
4950 		 * We can compare saidx used in SADB_ACQUIRE with saidx
4951 		 * used in SADB_GETSPI, but this probably can break
4952 		 * existing software. For now just warn if it doesn't match.
4953 		 *
4954 		 * XXXAE: anyway it looks useless.
4955 		 */
4956 		key_acqdone(&saidx, sav->seq);
4957 	}
4958 	KEYDBG(KEY_STAMP,
4959 	    printf("%s: SA(%p)\n", __func__, sav));
4960 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
4961 
4962     {
4963 	struct mbuf *n, *nn;
4964 	struct sadb_sa *m_sa;
4965 	struct sadb_msg *newmsg;
4966 	int off, len;
4967 
4968 	/* create new sadb_msg to reply. */
4969 	len = PFKEY_ALIGN8(sizeof(struct sadb_msg)) +
4970 	    PFKEY_ALIGN8(sizeof(struct sadb_sa));
4971 
4972 	MGETHDR(n, M_NOWAIT, MT_DATA);
4973 	if (len > MHLEN) {
4974 		if (!(MCLGET(n, M_NOWAIT))) {
4975 			m_freem(n);
4976 			n = NULL;
4977 		}
4978 	}
4979 	if (!n) {
4980 		error = ENOBUFS;
4981 		goto fail;
4982 	}
4983 
4984 	n->m_len = len;
4985 	n->m_next = NULL;
4986 	off = 0;
4987 
4988 	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
4989 	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
4990 
4991 	m_sa = (struct sadb_sa *)(mtod(n, caddr_t) + off);
4992 	m_sa->sadb_sa_len = PFKEY_UNIT64(sizeof(struct sadb_sa));
4993 	m_sa->sadb_sa_exttype = SADB_EXT_SA;
4994 	m_sa->sadb_sa_spi = spi; /* SPI is already in network byte order */
4995 	off += PFKEY_ALIGN8(sizeof(struct sadb_sa));
4996 
4997 	IPSEC_ASSERT(off == len,
4998 		("length inconsistency (off %u len %u)", off, len));
4999 
5000 	n->m_next = key_gather_mbuf(m, mhp, 0, 2, SADB_EXT_ADDRESS_SRC,
5001 	    SADB_EXT_ADDRESS_DST);
5002 	if (!n->m_next) {
5003 		m_freem(n);
5004 		error = ENOBUFS;
5005 		goto fail;
5006 	}
5007 
5008 	if (n->m_len < sizeof(struct sadb_msg)) {
5009 		n = m_pullup(n, sizeof(struct sadb_msg));
5010 		if (n == NULL)
5011 			return key_sendup_mbuf(so, m, KEY_SENDUP_ONE);
5012 	}
5013 
5014 	n->m_pkthdr.len = 0;
5015 	for (nn = n; nn; nn = nn->m_next)
5016 		n->m_pkthdr.len += nn->m_len;
5017 
5018 	newmsg = mtod(n, struct sadb_msg *);
5019 	newmsg->sadb_msg_seq = sav->seq;
5020 	newmsg->sadb_msg_errno = 0;
5021 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
5022 
5023 	m_freem(m);
5024 	return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
5025     }
5026 
5027 fail:
5028 	return (key_senderror(so, m, error));
5029 }
5030 
5031 /*
5032  * allocating new SPI
5033  * called by key_getspi().
5034  * OUT:
5035  *	0:	failure.
5036  *	others: success, SPI in network byte order.
5037  */
5038 static uint32_t
5039 key_do_getnewspi(struct sadb_spirange *spirange, struct secasindex *saidx)
5040 {
5041 	uint32_t min, max, newspi, t;
5042 	int tries, limit;
5043 
5044 	SPI_ALLOC_LOCK_ASSERT();
5045 
5046 	/* set spi range to allocate */
5047 	if (spirange != NULL) {
5048 		min = spirange->sadb_spirange_min;
5049 		max = spirange->sadb_spirange_max;
5050 	} else {
5051 		min = V_key_spi_minval;
5052 		max = V_key_spi_maxval;
5053 	}
5054 	/* IPCOMP needs 2-byte SPI */
5055 	if (saidx->proto == IPPROTO_IPCOMP) {
5056 		if (min >= 0x10000)
5057 			min = 0xffff;
5058 		if (max >= 0x10000)
5059 			max = 0xffff;
5060 		if (min > max) {
5061 			t = min; min = max; max = t;
5062 		}
5063 	}
5064 
5065 	if (min == max) {
5066 		if (key_checkspidup(htonl(min))) {
5067 			ipseclog((LOG_DEBUG, "%s: SPI %u exists already.\n",
5068 			    __func__, min));
5069 			return 0;
5070 		}
5071 
5072 		tries = 1;
5073 		newspi = min;
5074 	} else {
5075 		/* init SPI */
5076 		newspi = 0;
5077 
5078 		limit = atomic_load_int(&V_key_spi_trycnt);
5079 		/* when requesting to allocate spi ranged */
5080 		for (tries = 0; tries < limit; tries++) {
5081 			/* generate pseudo-random SPI value ranged. */
5082 			newspi = min + (key_random() % (max - min + 1));
5083 			if (!key_checkspidup(htonl(newspi)))
5084 				break;
5085 		}
5086 
5087 		if (tries == limit || newspi == 0) {
5088 			ipseclog((LOG_DEBUG,
5089 			    "%s: failed to allocate SPI.\n", __func__));
5090 			return 0;
5091 		}
5092 	}
5093 
5094 	/* statistics */
5095 	keystat.getspi_count =
5096 	    (keystat.getspi_count + tries) / 2;
5097 
5098 	return (htonl(newspi));
5099 }
5100 
5101 /*
5102  * Find TCP-MD5 SA with corresponding secasindex.
5103  * If not found, return NULL and fill SPI with usable value if needed.
5104  */
5105 static struct secasvar *
5106 key_getsav_tcpmd5(struct secasindex *saidx, uint32_t *spi)
5107 {
5108 	SAHTREE_RLOCK_TRACKER;
5109 	struct secashead *sah;
5110 	struct secasvar *sav;
5111 
5112 	IPSEC_ASSERT(saidx->proto == IPPROTO_TCP, ("wrong proto"));
5113 	SAHTREE_RLOCK();
5114 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
5115 		if (sah->saidx.proto != IPPROTO_TCP)
5116 			continue;
5117 		if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
5118 		    !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
5119 			break;
5120 	}
5121 	if (sah != NULL) {
5122 		if (V_key_preferred_oldsa)
5123 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
5124 		else
5125 			sav = TAILQ_FIRST(&sah->savtree_alive);
5126 		if (sav != NULL) {
5127 			SAV_ADDREF(sav);
5128 			SAHTREE_RUNLOCK();
5129 			return (sav);
5130 		}
5131 	}
5132 	if (spi == NULL) {
5133 		/* No SPI required */
5134 		SAHTREE_RUNLOCK();
5135 		return (NULL);
5136 	}
5137 	/* Check that SPI is unique */
5138 	LIST_FOREACH(sav, SAVHASH_HASH(*spi), spihash) {
5139 		if (sav->spi == *spi)
5140 			break;
5141 	}
5142 	if (sav == NULL) {
5143 		SAHTREE_RUNLOCK();
5144 		/* SPI is already unique */
5145 		return (NULL);
5146 	}
5147 	SAHTREE_RUNLOCK();
5148 	/* XXX: not optimal */
5149 	*spi = key_do_getnewspi(NULL, saidx);
5150 	return (NULL);
5151 }
5152 
5153 static int
5154 key_updateaddresses(struct socket *so, struct mbuf *m,
5155     const struct sadb_msghdr *mhp, struct secasvar *sav,
5156     struct secasindex *saidx)
5157 {
5158 	struct sockaddr *newaddr;
5159 	struct secashead *sah;
5160 	struct secasvar *newsav, *tmp;
5161 	struct mbuf *n;
5162 	int error, isnew;
5163 
5164 	/* Check that we need to change SAH */
5165 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC)) {
5166 		newaddr = (struct sockaddr *)(
5167 		    ((struct sadb_address *)
5168 		    mhp->ext[SADB_X_EXT_NEW_ADDRESS_SRC]) + 1);
5169 		bcopy(newaddr, &saidx->src, newaddr->sa_len);
5170 		key_porttosaddr(&saidx->src.sa, 0);
5171 	}
5172 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST)) {
5173 		newaddr = (struct sockaddr *)(
5174 		    ((struct sadb_address *)
5175 		    mhp->ext[SADB_X_EXT_NEW_ADDRESS_DST]) + 1);
5176 		bcopy(newaddr, &saidx->dst, newaddr->sa_len);
5177 		key_porttosaddr(&saidx->dst.sa, 0);
5178 	}
5179 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC) ||
5180 	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST)) {
5181 		error = key_checksockaddrs(&saidx->src.sa, &saidx->dst.sa);
5182 		if (error != 0) {
5183 			ipseclog((LOG_DEBUG, "%s: invalid new sockaddr.\n",
5184 			    __func__));
5185 			return (error);
5186 		}
5187 
5188 		sah = key_getsah(saidx);
5189 		if (sah == NULL) {
5190 			/* create a new SA index */
5191 			sah = key_newsah(saidx);
5192 			if (sah == NULL) {
5193 				ipseclog((LOG_DEBUG,
5194 				    "%s: No more memory.\n", __func__));
5195 				return (ENOBUFS);
5196 			}
5197 			isnew = 2; /* SAH is new */
5198 		} else
5199 			isnew = 1; /* existing SAH is referenced */
5200 	} else {
5201 		/*
5202 		 * src and dst addresses are still the same.
5203 		 * Do we want to change NAT-T config?
5204 		 */
5205 		if (sav->sah->saidx.proto != IPPROTO_ESP ||
5206 		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5207 		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_SPORT) ||
5208 		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5209 			ipseclog((LOG_DEBUG,
5210 			    "%s: invalid message: missing required header.\n",
5211 			    __func__));
5212 			return (EINVAL);
5213 		}
5214 		/* We hold reference to SA, thus SAH will be referenced too. */
5215 		sah = sav->sah;
5216 		isnew = 0;
5217 	}
5218 
5219 	newsav = malloc(sizeof(struct secasvar), M_IPSEC_SA,
5220 	    M_NOWAIT | M_ZERO);
5221 	if (newsav == NULL) {
5222 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5223 		error = ENOBUFS;
5224 		goto fail;
5225 	}
5226 
5227 	/* Clone SA's content into newsav */
5228 	SAV_INITREF(newsav);
5229 	bcopy(sav, newsav, offsetof(struct secasvar, chain));
5230 	/*
5231 	 * We create new NAT-T config if it is needed.
5232 	 * Old NAT-T config will be freed by key_cleansav() when
5233 	 * last reference to SA will be released.
5234 	 */
5235 	newsav->natt = NULL;
5236 	newsav->sah = sah;
5237 	newsav->state = SADB_SASTATE_MATURE;
5238 	error = key_setnatt(newsav, mhp);
5239 	if (error != 0)
5240 		goto fail;
5241 
5242 	SAHTREE_WLOCK();
5243 	/* Check that SA is still alive */
5244 	if (sav->state == SADB_SASTATE_DEAD) {
5245 		/* SA was unlinked */
5246 		SAHTREE_WUNLOCK();
5247 		error = ESRCH;
5248 		goto fail;
5249 	}
5250 
5251 	/* Unlink SA from SAH and SPI hash */
5252 	IPSEC_ASSERT((sav->flags & SADB_X_EXT_F_CLONED) == 0,
5253 	    ("SA is already cloned"));
5254 	IPSEC_ASSERT(sav->state == SADB_SASTATE_MATURE ||
5255 	    sav->state == SADB_SASTATE_DYING,
5256 	    ("Wrong SA state %u\n", sav->state));
5257 	TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
5258 	LIST_REMOVE(sav, spihash);
5259 	sav->state = SADB_SASTATE_DEAD;
5260 
5261 	/*
5262 	 * Link new SA with SAH. Keep SAs ordered by
5263 	 * create time (newer are first).
5264 	 */
5265 	TAILQ_FOREACH(tmp, &sah->savtree_alive, chain) {
5266 		if (newsav->created > tmp->created) {
5267 			TAILQ_INSERT_BEFORE(tmp, newsav, chain);
5268 			break;
5269 		}
5270 	}
5271 	if (tmp == NULL)
5272 		TAILQ_INSERT_TAIL(&sah->savtree_alive, newsav, chain);
5273 
5274 	/* Add new SA into SPI hash. */
5275 	LIST_INSERT_HEAD(SAVHASH_HASH(newsav->spi), newsav, spihash);
5276 
5277 	/* Add new SAH into SADB. */
5278 	if (isnew == 2) {
5279 		TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
5280 		LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
5281 		sah->state = SADB_SASTATE_MATURE;
5282 		SAH_ADDREF(sah); /* newsav references new SAH */
5283 	}
5284 	/*
5285 	 * isnew == 1 -> @sah was referenced by key_getsah().
5286 	 * isnew == 0 -> we use the same @sah, that was used by @sav,
5287 	 *	and we use its reference for @newsav.
5288 	 */
5289 	SECASVAR_WLOCK(sav);
5290 	/* XXX: replace cntr with pointer? */
5291 	newsav->cntr = sav->cntr;
5292 	sav->flags |= SADB_X_EXT_F_CLONED;
5293 	SECASVAR_WUNLOCK(sav);
5294 
5295 	SAHTREE_WUNLOCK();
5296 
5297 	KEYDBG(KEY_STAMP,
5298 	    printf("%s: SA(%p) cloned into SA(%p)\n",
5299 	    __func__, sav, newsav));
5300 	KEYDBG(KEY_DATA, kdebug_secasv(newsav));
5301 
5302 	key_freesav(&sav); /* release last reference */
5303 
5304 	/* set msg buf from mhp */
5305 	n = key_getmsgbuf_x1(m, mhp);
5306 	if (n == NULL) {
5307 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5308 		return (ENOBUFS);
5309 	}
5310 	m_freem(m);
5311 	key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5312 	return (0);
5313 fail:
5314 	if (isnew != 0)
5315 		key_freesah(&sah);
5316 	if (newsav != NULL) {
5317 		if (newsav->natt != NULL)
5318 			free(newsav->natt, M_IPSEC_MISC);
5319 		free(newsav, M_IPSEC_SA);
5320 	}
5321 	return (error);
5322 }
5323 
5324 /*
5325  * SADB_UPDATE processing
5326  * receive
5327  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5328  *       key(AE), (identity(SD),) (sensitivity)>
5329  * from the ikmpd, and update a secasvar entry whose status is SADB_SASTATE_LARVAL.
5330  * and send
5331  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5332  *       (identity(SD),) (sensitivity)>
5333  * to the ikmpd.
5334  *
5335  * m will always be freed.
5336  */
5337 static int
5338 key_update(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5339 {
5340 	struct secasindex saidx;
5341 	struct sadb_address *src0, *dst0;
5342 	struct sadb_sa *sa0;
5343 	struct secasvar *sav;
5344 	uint32_t reqid;
5345 	int error;
5346 	uint8_t mode, proto;
5347 
5348 	IPSEC_ASSERT(so != NULL, ("null socket"));
5349 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5350 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5351 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5352 
5353 	/* map satype to proto */
5354 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5355 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5356 		    __func__));
5357 		return key_senderror(so, m, EINVAL);
5358 	}
5359 
5360 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
5361 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5362 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5363 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
5364 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
5365 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
5366 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
5367 		ipseclog((LOG_DEBUG,
5368 		    "%s: invalid message: missing required header.\n",
5369 		    __func__));
5370 		return key_senderror(so, m, EINVAL);
5371 	}
5372 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
5373 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5374 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5375 		ipseclog((LOG_DEBUG,
5376 		    "%s: invalid message: wrong header size.\n", __func__));
5377 		return key_senderror(so, m, EINVAL);
5378 	}
5379 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
5380 		mode = IPSEC_MODE_ANY;
5381 		reqid = 0;
5382 	} else {
5383 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
5384 			ipseclog((LOG_DEBUG,
5385 			    "%s: invalid message: wrong header size.\n",
5386 			    __func__));
5387 			return key_senderror(so, m, EINVAL);
5388 		}
5389 		mode = ((struct sadb_x_sa2 *)
5390 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
5391 		reqid = ((struct sadb_x_sa2 *)
5392 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
5393 	}
5394 
5395 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5396 	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
5397 	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
5398 
5399 	/*
5400 	 * Only SADB_SASTATE_MATURE SAs may be submitted in an
5401 	 * SADB_UPDATE message.
5402 	 */
5403 	if (sa0->sadb_sa_state != SADB_SASTATE_MATURE) {
5404 		ipseclog((LOG_DEBUG, "%s: invalid state.\n", __func__));
5405 #ifdef PFKEY_STRICT_CHECKS
5406 		return key_senderror(so, m, EINVAL);
5407 #endif
5408 	}
5409 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
5410 	    (struct sockaddr *)(dst0 + 1));
5411 	if (error != 0) {
5412 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5413 		return key_senderror(so, m, error);
5414 	}
5415 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
5416 	sav = key_getsavbyspi(sa0->sadb_sa_spi);
5417 	if (sav == NULL) {
5418 		ipseclog((LOG_DEBUG, "%s: no SA found for SPI %u\n",
5419 		    __func__, ntohl(sa0->sadb_sa_spi)));
5420 		return key_senderror(so, m, EINVAL);
5421 	}
5422 	/*
5423 	 * Check that SADB_UPDATE issued by the same process that did
5424 	 * SADB_GETSPI or SADB_ADD.
5425 	 */
5426 	if (sav->pid != mhp->msg->sadb_msg_pid) {
5427 		ipseclog((LOG_DEBUG,
5428 		    "%s: pid mismatched (SPI %u, pid %u vs. %u)\n", __func__,
5429 		    ntohl(sav->spi), sav->pid, mhp->msg->sadb_msg_pid));
5430 		key_freesav(&sav);
5431 		return key_senderror(so, m, EINVAL);
5432 	}
5433 	/* saidx should match with SA. */
5434 	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_MODE_REQID) == 0) {
5435 		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u\n",
5436 		    __func__, ntohl(sav->spi)));
5437 		key_freesav(&sav);
5438 		return key_senderror(so, m, ESRCH);
5439 	}
5440 
5441 	if (sav->state == SADB_SASTATE_LARVAL) {
5442 		if ((mhp->msg->sadb_msg_satype == SADB_SATYPE_ESP &&
5443 		    SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT)) ||
5444 		    (mhp->msg->sadb_msg_satype == SADB_SATYPE_AH &&
5445 		    SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH))) {
5446 			ipseclog((LOG_DEBUG,
5447 			    "%s: invalid message: missing required header.\n",
5448 			    __func__));
5449 			key_freesav(&sav);
5450 			return key_senderror(so, m, EINVAL);
5451 		}
5452 		/*
5453 		 * We can set any values except src, dst and SPI.
5454 		 */
5455 		error = key_setsaval(sav, mhp);
5456 		if (error != 0) {
5457 			key_freesav(&sav);
5458 			return (key_senderror(so, m, error));
5459 		}
5460 		/* Change SA state to MATURE */
5461 		SAHTREE_WLOCK();
5462 		if (sav->state != SADB_SASTATE_LARVAL) {
5463 			/* SA was deleted or another thread made it MATURE. */
5464 			SAHTREE_WUNLOCK();
5465 			key_freesav(&sav);
5466 			return (key_senderror(so, m, ESRCH));
5467 		}
5468 		/*
5469 		 * NOTE: we keep SAs in savtree_alive ordered by created
5470 		 * time. When SA's state changed from LARVAL to MATURE,
5471 		 * we update its created time in key_setsaval() and move
5472 		 * it into head of savtree_alive.
5473 		 */
5474 		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
5475 		TAILQ_INSERT_HEAD(&sav->sah->savtree_alive, sav, chain);
5476 		sav->state = SADB_SASTATE_MATURE;
5477 		SAHTREE_WUNLOCK();
5478 	} else {
5479 		/*
5480 		 * For DYING and MATURE SA we can change only state
5481 		 * and lifetimes. Report EINVAL if something else attempted
5482 		 * to change.
5483 		 */
5484 		if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT) ||
5485 		    !SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH)) {
5486 			key_freesav(&sav);
5487 			return (key_senderror(so, m, EINVAL));
5488 		}
5489 		error = key_updatelifetimes(sav, mhp);
5490 		if (error != 0) {
5491 			key_freesav(&sav);
5492 			return (key_senderror(so, m, error));
5493 		}
5494 		/*
5495 		 * This is FreeBSD extension to RFC2367.
5496 		 * IKEd can specify SADB_X_EXT_NEW_ADDRESS_SRC and/or
5497 		 * SADB_X_EXT_NEW_ADDRESS_DST when it wants to change
5498 		 * SA addresses (for example to implement MOBIKE protocol
5499 		 * as described in RFC4555). Also we allow to change
5500 		 * NAT-T config.
5501 		 */
5502 		if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC) ||
5503 		    !SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST) ||
5504 		    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5505 		    sav->natt != NULL) {
5506 			error = key_updateaddresses(so, m, mhp, sav, &saidx);
5507 			key_freesav(&sav);
5508 			if (error != 0)
5509 				return (key_senderror(so, m, error));
5510 			return (0);
5511 		}
5512 		/* Check that SA is still alive */
5513 		SAHTREE_WLOCK();
5514 		if (sav->state == SADB_SASTATE_DEAD) {
5515 			/* SA was unlinked */
5516 			SAHTREE_WUNLOCK();
5517 			key_freesav(&sav);
5518 			return (key_senderror(so, m, ESRCH));
5519 		}
5520 		/*
5521 		 * NOTE: there is possible state moving from DYING to MATURE,
5522 		 * but this doesn't change created time, so we won't reorder
5523 		 * this SA.
5524 		 */
5525 		sav->state = SADB_SASTATE_MATURE;
5526 		SAHTREE_WUNLOCK();
5527 	}
5528 	KEYDBG(KEY_STAMP,
5529 	    printf("%s: SA(%p)\n", __func__, sav));
5530 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5531 	key_freesav(&sav);
5532 
5533     {
5534 	struct mbuf *n;
5535 
5536 	/* set msg buf from mhp */
5537 	n = key_getmsgbuf_x1(m, mhp);
5538 	if (n == NULL) {
5539 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5540 		return key_senderror(so, m, ENOBUFS);
5541 	}
5542 
5543 	m_freem(m);
5544 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5545     }
5546 }
5547 
5548 /*
5549  * SADB_ADD processing
5550  * add an entry to SA database, when received
5551  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5552  *       key(AE), (identity(SD),) (sensitivity)>
5553  * from the ikmpd,
5554  * and send
5555  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5556  *       (identity(SD),) (sensitivity)>
5557  * to the ikmpd.
5558  *
5559  * IGNORE identity and sensitivity messages.
5560  *
5561  * m will always be freed.
5562  */
5563 static int
5564 key_add(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5565 {
5566 	struct secasindex saidx;
5567 	struct sadb_address *src0, *dst0;
5568 	struct sadb_sa *sa0;
5569 	struct secasvar *sav;
5570 	uint32_t reqid, spi;
5571 	uint8_t mode, proto;
5572 	int error;
5573 
5574 	IPSEC_ASSERT(so != NULL, ("null socket"));
5575 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5576 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5577 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5578 
5579 	/* map satype to proto */
5580 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5581 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5582 		    __func__));
5583 		return key_senderror(so, m, EINVAL);
5584 	}
5585 
5586 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
5587 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5588 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5589 	    (mhp->msg->sadb_msg_satype == SADB_SATYPE_ESP && (
5590 		SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT) ||
5591 		SADB_CHECKLEN(mhp, SADB_EXT_KEY_ENCRYPT))) ||
5592 	    (mhp->msg->sadb_msg_satype == SADB_SATYPE_AH && (
5593 		SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH) ||
5594 		SADB_CHECKLEN(mhp, SADB_EXT_KEY_AUTH))) ||
5595 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
5596 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
5597 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
5598 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
5599 		ipseclog((LOG_DEBUG,
5600 		    "%s: invalid message: missing required header.\n",
5601 		    __func__));
5602 		return key_senderror(so, m, EINVAL);
5603 	}
5604 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
5605 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5606 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5607 		ipseclog((LOG_DEBUG,
5608 		    "%s: invalid message: wrong header size.\n", __func__));
5609 		return key_senderror(so, m, EINVAL);
5610 	}
5611 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
5612 		mode = IPSEC_MODE_ANY;
5613 		reqid = 0;
5614 	} else {
5615 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
5616 			ipseclog((LOG_DEBUG,
5617 			    "%s: invalid message: wrong header size.\n",
5618 			    __func__));
5619 			return key_senderror(so, m, EINVAL);
5620 		}
5621 		mode = ((struct sadb_x_sa2 *)
5622 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
5623 		reqid = ((struct sadb_x_sa2 *)
5624 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
5625 	}
5626 
5627 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5628 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
5629 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
5630 
5631 	/*
5632 	 * Only SADB_SASTATE_MATURE SAs may be submitted in an
5633 	 * SADB_ADD message.
5634 	 */
5635 	if (sa0->sadb_sa_state != SADB_SASTATE_MATURE) {
5636 		ipseclog((LOG_DEBUG, "%s: invalid state.\n", __func__));
5637 #ifdef PFKEY_STRICT_CHECKS
5638 		return key_senderror(so, m, EINVAL);
5639 #endif
5640 	}
5641 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
5642 	    (struct sockaddr *)(dst0 + 1));
5643 	if (error != 0) {
5644 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5645 		return key_senderror(so, m, error);
5646 	}
5647 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
5648 	spi = sa0->sadb_sa_spi;
5649 	/*
5650 	 * For TCP-MD5 SAs we don't use SPI. Check the uniqueness using
5651 	 * secasindex.
5652 	 * XXXAE: IPComp seems also doesn't use SPI.
5653 	 */
5654 	SPI_ALLOC_LOCK();
5655 	if (proto == IPPROTO_TCP) {
5656 		sav = key_getsav_tcpmd5(&saidx, &spi);
5657 		if (sav == NULL && spi == 0) {
5658 			SPI_ALLOC_UNLOCK();
5659 			/* Failed to allocate SPI */
5660 			ipseclog((LOG_DEBUG, "%s: SA already exists.\n",
5661 			    __func__));
5662 			return key_senderror(so, m, EEXIST);
5663 		}
5664 		/* XXX: SPI that we report back can have another value */
5665 	} else {
5666 		/* We can create new SA only if SPI is different. */
5667 		sav = key_getsavbyspi(spi);
5668 	}
5669 	if (sav != NULL) {
5670 		SPI_ALLOC_UNLOCK();
5671 		key_freesav(&sav);
5672 		ipseclog((LOG_DEBUG, "%s: SA already exists.\n", __func__));
5673 		return key_senderror(so, m, EEXIST);
5674 	}
5675 
5676 	sav = key_newsav(mhp, &saidx, spi, &error);
5677 	SPI_ALLOC_UNLOCK();
5678 	if (sav == NULL)
5679 		return key_senderror(so, m, error);
5680 	KEYDBG(KEY_STAMP,
5681 	    printf("%s: return SA(%p)\n", __func__, sav));
5682 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5683 	/*
5684 	 * If SADB_ADD was in response to SADB_ACQUIRE, we need to schedule
5685 	 * ACQ for deletion.
5686 	 */
5687 	if (sav->seq != 0)
5688 		key_acqdone(&saidx, sav->seq);
5689 
5690     {
5691 	/*
5692 	 * Don't call key_freesav() on error here, as we would like to
5693 	 * keep the SA in the database.
5694 	 */
5695 	struct mbuf *n;
5696 
5697 	/* set msg buf from mhp */
5698 	n = key_getmsgbuf_x1(m, mhp);
5699 	if (n == NULL) {
5700 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5701 		return key_senderror(so, m, ENOBUFS);
5702 	}
5703 
5704 	m_freem(m);
5705 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5706     }
5707 }
5708 
5709 /*
5710  * NAT-T support.
5711  * IKEd may request the use ESP in UDP encapsulation when it detects the
5712  * presence of NAT. It uses NAT-T extension headers for such SAs to specify
5713  * parameters needed for encapsulation and decapsulation. These PF_KEY
5714  * extension headers are not standardized, so this comment addresses our
5715  * implementation.
5716  * SADB_X_EXT_NAT_T_TYPE specifies type of encapsulation, we support only
5717  * UDP_ENCAP_ESPINUDP as described in RFC3948.
5718  * SADB_X_EXT_NAT_T_SPORT/DPORT specifies source and destination ports for
5719  * UDP header. We use these ports in UDP encapsulation procedure, also we
5720  * can check them in UDP decapsulation procedure.
5721  * SADB_X_EXT_NAT_T_OA[IR] specifies original address of initiator or
5722  * responder. These addresses can be used for transport mode to adjust
5723  * checksum after decapsulation and decryption. Since original IP addresses
5724  * used by peer usually different (we detected presence of NAT), TCP/UDP
5725  * pseudo header checksum and IP header checksum was calculated using original
5726  * addresses. After decapsulation and decryption we need to adjust checksum
5727  * to have correct datagram.
5728  *
5729  * We expect presence of NAT-T extension headers only in SADB_ADD and
5730  * SADB_UPDATE messages. We report NAT-T extension headers in replies
5731  * to SADB_ADD, SADB_UPDATE, SADB_GET, and SADB_DUMP messages.
5732  */
5733 static int
5734 key_setnatt(struct secasvar *sav, const struct sadb_msghdr *mhp)
5735 {
5736 	struct sadb_x_nat_t_port *port;
5737 	struct sadb_x_nat_t_type *type;
5738 	struct sadb_address *oai, *oar;
5739 	struct sockaddr *sa;
5740 	uint32_t addr;
5741 	uint16_t cksum;
5742 
5743 	IPSEC_ASSERT(sav->natt == NULL, ("natt is already initialized"));
5744 	/*
5745 	 * Ignore NAT-T headers if sproto isn't ESP.
5746 	 */
5747 	if (sav->sah->saidx.proto != IPPROTO_ESP)
5748 		return (0);
5749 
5750 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) &&
5751 	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_SPORT) &&
5752 	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5753 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5754 		    SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_SPORT) ||
5755 		    SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5756 			ipseclog((LOG_DEBUG,
5757 			    "%s: invalid message: wrong header size.\n",
5758 			    __func__));
5759 			return (EINVAL);
5760 		}
5761 	} else
5762 		return (0);
5763 
5764 	type = (struct sadb_x_nat_t_type *)mhp->ext[SADB_X_EXT_NAT_T_TYPE];
5765 	if (type->sadb_x_nat_t_type_type != UDP_ENCAP_ESPINUDP) {
5766 		ipseclog((LOG_DEBUG, "%s: unsupported NAT-T type %u.\n",
5767 		    __func__, type->sadb_x_nat_t_type_type));
5768 		return (EINVAL);
5769 	}
5770 	/*
5771 	 * Allocate storage for NAT-T config.
5772 	 * On error it will be released by key_cleansav().
5773 	 */
5774 	sav->natt = malloc(sizeof(struct secnatt), M_IPSEC_MISC,
5775 	    M_NOWAIT | M_ZERO);
5776 	if (sav->natt == NULL) {
5777 		PFKEYSTAT_INC(in_nomem);
5778 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5779 		return (ENOBUFS);
5780 	}
5781 	port = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_SPORT];
5782 	if (port->sadb_x_nat_t_port_port == 0) {
5783 		ipseclog((LOG_DEBUG, "%s: invalid NAT-T sport specified.\n",
5784 		    __func__));
5785 		return (EINVAL);
5786 	}
5787 	sav->natt->sport = port->sadb_x_nat_t_port_port;
5788 	port = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_DPORT];
5789 	if (port->sadb_x_nat_t_port_port == 0) {
5790 		ipseclog((LOG_DEBUG, "%s: invalid NAT-T dport specified.\n",
5791 		    __func__));
5792 		return (EINVAL);
5793 	}
5794 	sav->natt->dport = port->sadb_x_nat_t_port_port;
5795 
5796 	/*
5797 	 * SADB_X_EXT_NAT_T_OAI and SADB_X_EXT_NAT_T_OAR are optional
5798 	 * and needed only for transport mode IPsec.
5799 	 * Usually NAT translates only one address, but it is possible,
5800 	 * that both addresses could be translated.
5801 	 * NOTE: Value of SADB_X_EXT_NAT_T_OAI is equal to SADB_X_EXT_NAT_T_OA.
5802 	 */
5803 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_OAI)) {
5804 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_OAI)) {
5805 			ipseclog((LOG_DEBUG,
5806 			    "%s: invalid message: wrong header size.\n",
5807 			    __func__));
5808 			return (EINVAL);
5809 		}
5810 		oai = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAI];
5811 	} else
5812 		oai = NULL;
5813 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_OAR)) {
5814 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_OAR)) {
5815 			ipseclog((LOG_DEBUG,
5816 			    "%s: invalid message: wrong header size.\n",
5817 			    __func__));
5818 			return (EINVAL);
5819 		}
5820 		oar = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAR];
5821 	} else
5822 		oar = NULL;
5823 
5824 	/* Initialize addresses only for transport mode */
5825 	if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL) {
5826 		cksum = 0;
5827 		if (oai != NULL) {
5828 			/* Currently we support only AF_INET */
5829 			sa = (struct sockaddr *)(oai + 1);
5830 			if (sa->sa_family != AF_INET ||
5831 			    sa->sa_len != sizeof(struct sockaddr_in)) {
5832 				ipseclog((LOG_DEBUG,
5833 				    "%s: wrong NAT-OAi header.\n",
5834 				    __func__));
5835 				return (EINVAL);
5836 			}
5837 			/* Ignore address if it the same */
5838 			if (((struct sockaddr_in *)sa)->sin_addr.s_addr !=
5839 			    sav->sah->saidx.src.sin.sin_addr.s_addr) {
5840 				bcopy(sa, &sav->natt->oai.sa, sa->sa_len);
5841 				sav->natt->flags |= IPSEC_NATT_F_OAI;
5842 				/* Calculate checksum delta */
5843 				addr = sav->sah->saidx.src.sin.sin_addr.s_addr;
5844 				cksum = in_addword(cksum, ~addr >> 16);
5845 				cksum = in_addword(cksum, ~addr & 0xffff);
5846 				addr = sav->natt->oai.sin.sin_addr.s_addr;
5847 				cksum = in_addword(cksum, addr >> 16);
5848 				cksum = in_addword(cksum, addr & 0xffff);
5849 			}
5850 		}
5851 		if (oar != NULL) {
5852 			/* Currently we support only AF_INET */
5853 			sa = (struct sockaddr *)(oar + 1);
5854 			if (sa->sa_family != AF_INET ||
5855 			    sa->sa_len != sizeof(struct sockaddr_in)) {
5856 				ipseclog((LOG_DEBUG,
5857 				    "%s: wrong NAT-OAr header.\n",
5858 				    __func__));
5859 				return (EINVAL);
5860 			}
5861 			/* Ignore address if it the same */
5862 			if (((struct sockaddr_in *)sa)->sin_addr.s_addr !=
5863 			    sav->sah->saidx.dst.sin.sin_addr.s_addr) {
5864 				bcopy(sa, &sav->natt->oar.sa, sa->sa_len);
5865 				sav->natt->flags |= IPSEC_NATT_F_OAR;
5866 				/* Calculate checksum delta */
5867 				addr = sav->sah->saidx.dst.sin.sin_addr.s_addr;
5868 				cksum = in_addword(cksum, ~addr >> 16);
5869 				cksum = in_addword(cksum, ~addr & 0xffff);
5870 				addr = sav->natt->oar.sin.sin_addr.s_addr;
5871 				cksum = in_addword(cksum, addr >> 16);
5872 				cksum = in_addword(cksum, addr & 0xffff);
5873 			}
5874 		}
5875 		sav->natt->cksum = cksum;
5876 	}
5877 	return (0);
5878 }
5879 
5880 static int
5881 key_setident(struct secashead *sah, const struct sadb_msghdr *mhp)
5882 {
5883 	const struct sadb_ident *idsrc, *iddst;
5884 
5885 	IPSEC_ASSERT(sah != NULL, ("null secashead"));
5886 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5887 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5888 
5889 	/* don't make buffer if not there */
5890 	if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) &&
5891 	    SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) {
5892 		sah->idents = NULL;
5893 		sah->identd = NULL;
5894 		return (0);
5895 	}
5896 
5897 	if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) ||
5898 	    SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) {
5899 		ipseclog((LOG_DEBUG, "%s: invalid identity.\n", __func__));
5900 		return (EINVAL);
5901 	}
5902 
5903 	idsrc = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_SRC];
5904 	iddst = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_DST];
5905 
5906 	/* validity check */
5907 	if (idsrc->sadb_ident_type != iddst->sadb_ident_type) {
5908 		ipseclog((LOG_DEBUG, "%s: ident type mismatch.\n", __func__));
5909 		return EINVAL;
5910 	}
5911 
5912 	switch (idsrc->sadb_ident_type) {
5913 	case SADB_IDENTTYPE_PREFIX:
5914 	case SADB_IDENTTYPE_FQDN:
5915 	case SADB_IDENTTYPE_USERFQDN:
5916 	default:
5917 		/* XXX do nothing */
5918 		sah->idents = NULL;
5919 		sah->identd = NULL;
5920 	 	return 0;
5921 	}
5922 
5923 	/* make structure */
5924 	sah->idents = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5925 	if (sah->idents == NULL) {
5926 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5927 		return ENOBUFS;
5928 	}
5929 	sah->identd = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5930 	if (sah->identd == NULL) {
5931 		free(sah->idents, M_IPSEC_MISC);
5932 		sah->idents = NULL;
5933 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5934 		return ENOBUFS;
5935 	}
5936 	sah->idents->type = idsrc->sadb_ident_type;
5937 	sah->idents->id = idsrc->sadb_ident_id;
5938 
5939 	sah->identd->type = iddst->sadb_ident_type;
5940 	sah->identd->id = iddst->sadb_ident_id;
5941 
5942 	return 0;
5943 }
5944 
5945 /*
5946  * m will not be freed on return.
5947  * it is caller's responsibility to free the result.
5948  *
5949  * Called from SADB_ADD and SADB_UPDATE. Reply will contain headers
5950  * from the request in defined order.
5951  */
5952 static struct mbuf *
5953 key_getmsgbuf_x1(struct mbuf *m, const struct sadb_msghdr *mhp)
5954 {
5955 	struct mbuf *n;
5956 
5957 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5958 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5959 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5960 
5961 	/* create new sadb_msg to reply. */
5962 	n = key_gather_mbuf(m, mhp, 1, 16, SADB_EXT_RESERVED,
5963 	    SADB_EXT_SA, SADB_X_EXT_SA2,
5964 	    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST,
5965 	    SADB_EXT_LIFETIME_HARD, SADB_EXT_LIFETIME_SOFT,
5966 	    SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST,
5967 	    SADB_X_EXT_NAT_T_TYPE, SADB_X_EXT_NAT_T_SPORT,
5968 	    SADB_X_EXT_NAT_T_DPORT, SADB_X_EXT_NAT_T_OAI,
5969 	    SADB_X_EXT_NAT_T_OAR, SADB_X_EXT_NEW_ADDRESS_SRC,
5970 	    SADB_X_EXT_NEW_ADDRESS_DST);
5971 	if (!n)
5972 		return NULL;
5973 
5974 	if (n->m_len < sizeof(struct sadb_msg)) {
5975 		n = m_pullup(n, sizeof(struct sadb_msg));
5976 		if (n == NULL)
5977 			return NULL;
5978 	}
5979 	mtod(n, struct sadb_msg *)->sadb_msg_errno = 0;
5980 	mtod(n, struct sadb_msg *)->sadb_msg_len =
5981 	    PFKEY_UNIT64(n->m_pkthdr.len);
5982 
5983 	return n;
5984 }
5985 
5986 /*
5987  * SADB_DELETE processing
5988  * receive
5989  *   <base, SA(*), address(SD)>
5990  * from the ikmpd, and set SADB_SASTATE_DEAD,
5991  * and send,
5992  *   <base, SA(*), address(SD)>
5993  * to the ikmpd.
5994  *
5995  * m will always be freed.
5996  */
5997 static int
5998 key_delete(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5999 {
6000 	struct secasindex saidx;
6001 	struct sadb_address *src0, *dst0;
6002 	struct secasvar *sav;
6003 	struct sadb_sa *sa0;
6004 	uint8_t proto;
6005 
6006 	IPSEC_ASSERT(so != NULL, ("null socket"));
6007 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
6008 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
6009 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
6010 
6011 	/* map satype to proto */
6012 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
6013 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
6014 		    __func__));
6015 		return key_senderror(so, m, EINVAL);
6016 	}
6017 
6018 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
6019 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
6020 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
6021 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
6022 		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
6023 		    __func__));
6024 		return key_senderror(so, m, EINVAL);
6025 	}
6026 
6027 	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
6028 	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
6029 
6030 	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
6031 	    (struct sockaddr *)(dst0 + 1)) != 0) {
6032 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
6033 		return (key_senderror(so, m, EINVAL));
6034 	}
6035 	KEY_SETSECASIDX(proto, IPSEC_MODE_ANY, 0, src0 + 1, dst0 + 1, &saidx);
6036 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA)) {
6037 		/*
6038 		 * Caller wants us to delete all non-LARVAL SAs
6039 		 * that match the src/dst.  This is used during
6040 		 * IKE INITIAL-CONTACT.
6041 		 * XXXAE: this looks like some extension to RFC2367.
6042 		 */
6043 		ipseclog((LOG_DEBUG, "%s: doing delete all.\n", __func__));
6044 		return (key_delete_all(so, m, mhp, &saidx));
6045 	}
6046 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA)) {
6047 		ipseclog((LOG_DEBUG,
6048 		    "%s: invalid message: wrong header size.\n", __func__));
6049 		return (key_senderror(so, m, EINVAL));
6050 	}
6051 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
6052 	SPI_ALLOC_LOCK();
6053 	if (proto == IPPROTO_TCP)
6054 		sav = key_getsav_tcpmd5(&saidx, NULL);
6055 	else
6056 		sav = key_getsavbyspi(sa0->sadb_sa_spi);
6057 	SPI_ALLOC_UNLOCK();
6058 	if (sav == NULL) {
6059 		ipseclog((LOG_DEBUG, "%s: no SA found for SPI %u.\n",
6060 		    __func__, ntohl(sa0->sadb_sa_spi)));
6061 		return (key_senderror(so, m, ESRCH));
6062 	}
6063 	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) {
6064 		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u.\n",
6065 		    __func__, ntohl(sav->spi)));
6066 		key_freesav(&sav);
6067 		return (key_senderror(so, m, ESRCH));
6068 	}
6069 	KEYDBG(KEY_STAMP,
6070 	    printf("%s: SA(%p)\n", __func__, sav));
6071 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
6072 	key_unlinksav(sav);
6073 	key_freesav(&sav);
6074 
6075     {
6076 	struct mbuf *n;
6077 	struct sadb_msg *newmsg;
6078 
6079 	/* create new sadb_msg to reply. */
6080 	n = key_gather_mbuf(m, mhp, 1, 4, SADB_EXT_RESERVED,
6081 	    SADB_EXT_SA, SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
6082 	if (!n)
6083 		return key_senderror(so, m, ENOBUFS);
6084 
6085 	if (n->m_len < sizeof(struct sadb_msg)) {
6086 		n = m_pullup(n, sizeof(struct sadb_msg));
6087 		if (n == NULL)
6088 			return key_senderror(so, m, ENOBUFS);
6089 	}
6090 	newmsg = mtod(n, struct sadb_msg *);
6091 	newmsg->sadb_msg_errno = 0;
6092 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
6093 
6094 	m_freem(m);
6095 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
6096     }
6097 }
6098 
6099 /*
6100  * delete all SAs for src/dst.  Called from key_delete().
6101  */
6102 static int
6103 key_delete_all(struct socket *so, struct mbuf *m,
6104     const struct sadb_msghdr *mhp, struct secasindex *saidx)
6105 {
6106 	struct secasvar_queue drainq;
6107 	struct secashead *sah;
6108 	struct secasvar *sav, *nextsav;
6109 
6110 	TAILQ_INIT(&drainq);
6111 	SAHTREE_WLOCK();
6112 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
6113 		if (key_cmpsaidx(&sah->saidx, saidx, CMP_HEAD) == 0)
6114 			continue;
6115 		/* Move all ALIVE SAs into drainq */
6116 		TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain);
6117 	}
6118 	/* Unlink all queued SAs from SPI hash */
6119 	TAILQ_FOREACH(sav, &drainq, chain) {
6120 		sav->state = SADB_SASTATE_DEAD;
6121 		LIST_REMOVE(sav, spihash);
6122 	}
6123 	SAHTREE_WUNLOCK();
6124 	/* Now we can release reference for all SAs in drainq */
6125 	sav = TAILQ_FIRST(&drainq);
6126 	while (sav != NULL) {
6127 		KEYDBG(KEY_STAMP,
6128 		    printf("%s: SA(%p)\n", __func__, sav));
6129 		KEYDBG(KEY_DATA, kdebug_secasv(sav));
6130 		nextsav = TAILQ_NEXT(sav, chain);
6131 		key_freesah(&sav->sah); /* release reference from SAV */
6132 		key_freesav(&sav); /* release last reference */
6133 		sav = nextsav;
6134 	}
6135 
6136     {
6137 	struct mbuf *n;
6138 	struct sadb_msg *newmsg;
6139 
6140 	/* create new sadb_msg to reply. */
6141 	n = key_gather_mbuf(m, mhp, 1, 3, SADB_EXT_RESERVED,
6142 	    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
6143 	if (!n)
6144 		return key_senderror(so, m, ENOBUFS);
6145 
6146 	if (n->m_len < sizeof(struct sadb_msg)) {
6147 		n = m_pullup(n, sizeof(struct sadb_msg));
6148 		if (n == NULL)
6149 			return key_senderror(so, m, ENOBUFS);
6150 	}
6151 	newmsg = mtod(n, struct sadb_msg *);
6152 	newmsg->sadb_msg_errno = 0;
6153 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
6154 
6155 	m_freem(m);
6156 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
6157     }
6158 }
6159 
6160 /*
6161  * Delete all alive SAs for corresponding xform.
6162  * Larval SAs have not initialized tdb_xform, so it is safe to leave them
6163  * here when xform disappears.
6164  */
6165 void
6166 key_delete_xform(const struct xformsw *xsp)
6167 {
6168 	struct secasvar_queue drainq;
6169 	struct secashead *sah;
6170 	struct secasvar *sav, *nextsav;
6171 
6172 	TAILQ_INIT(&drainq);
6173 	SAHTREE_WLOCK();
6174 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
6175 		sav = TAILQ_FIRST(&sah->savtree_alive);
6176 		if (sav == NULL)
6177 			continue;
6178 		if (sav->tdb_xform != xsp)
6179 			continue;
6180 		/*
6181 		 * It is supposed that all SAs in the chain are related to
6182 		 * one xform.
6183 		 */
6184 		TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain);
6185 	}
6186 	/* Unlink all queued SAs from SPI hash */
6187 	TAILQ_FOREACH(sav, &drainq, chain) {
6188 		sav->state = SADB_SASTATE_DEAD;
6189 		LIST_REMOVE(sav, spihash);
6190 	}
6191 	SAHTREE_WUNLOCK();
6192 
6193 	/* Now we can release reference for all SAs in drainq */
6194 	sav = TAILQ_FIRST(&drainq);
6195 	while (sav != NULL) {
6196 		KEYDBG(KEY_STAMP,
6197 		    printf("%s: SA(%p)\n", __func__, sav));
6198 		KEYDBG(KEY_DATA, kdebug_secasv(sav));
6199 		nextsav = TAILQ_NEXT(sav, chain);
6200 		key_freesah(&sav->sah); /* release reference from SAV */
6201 		key_freesav(&sav); /* release last reference */
6202 		sav = nextsav;
6203 	}
6204 }
6205 
6206 /*
6207  * SADB_GET processing
6208  * receive
6209  *   <base, SA(*), address(SD)>
6210  * from the ikmpd, and get a SP and a SA to respond,
6211  * and send,
6212  *   <base, SA, (lifetime(HSC),) address(SD), (address(P),) key(AE),
6213  *       (identity(SD),) (sensitivity)>
6214  * to the ikmpd.
6215  *
6216  * m will always be freed.
6217  */
6218 static int
6219 key_get(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
6220 {
6221 	struct secasindex saidx;
6222 	struct sadb_address *src0, *dst0;
6223 	struct sadb_sa *sa0;
6224 	struct secasvar *sav;
6225 	uint8_t proto;
6226 
6227 	IPSEC_ASSERT(so != NULL, ("null socket"));
6228 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
6229 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
6230 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
6231 
6232 	/* map satype to proto */
6233 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
6234 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
6235 			__func__));
6236 		return key_senderror(so, m, EINVAL);
6237 	}
6238 
6239 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
6240 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
6241 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST)) {
6242 		ipseclog((LOG_DEBUG,
6243 		    "%s: invalid message: missing required header.\n",
6244 		    __func__));
6245 		return key_senderror(so, m, EINVAL);
6246 	}
6247 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
6248 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
6249 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
6250 		ipseclog((LOG_DEBUG,
6251 		    "%s: invalid message: wrong header size.\n", __func__));
6252 		return key_senderror(so, m, EINVAL);
6253 	}
6254 
6255 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
6256 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
6257 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
6258 
6259 	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
6260 	    (struct sockaddr *)(dst0 + 1)) != 0) {
6261 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
6262 		return key_senderror(so, m, EINVAL);
6263 	}
6264 	KEY_SETSECASIDX(proto, IPSEC_MODE_ANY, 0, src0 + 1, dst0 + 1, &saidx);
6265 
6266 	SPI_ALLOC_LOCK();
6267 	if (proto == IPPROTO_TCP)
6268 		sav = key_getsav_tcpmd5(&saidx, NULL);
6269 	else
6270 		sav = key_getsavbyspi(sa0->sadb_sa_spi);
6271 	SPI_ALLOC_UNLOCK();
6272 	if (sav == NULL) {
6273 		ipseclog((LOG_DEBUG, "%s: no SA found.\n", __func__));
6274 		return key_senderror(so, m, ESRCH);
6275 	}
6276 	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) {
6277 		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u.\n",
6278 		    __func__, ntohl(sa0->sadb_sa_spi)));
6279 		key_freesav(&sav);
6280 		return (key_senderror(so, m, ESRCH));
6281 	}
6282 
6283     {
6284 	struct mbuf *n;
6285 	uint8_t satype;
6286 
6287 	/* map proto to satype */
6288 	if ((satype = key_proto2satype(sav->sah->saidx.proto)) == 0) {
6289 		ipseclog((LOG_DEBUG, "%s: there was invalid proto in SAD.\n",
6290 		    __func__));
6291 		key_freesav(&sav);
6292 		return key_senderror(so, m, EINVAL);
6293 	}
6294 
6295 	/* create new sadb_msg to reply. */
6296 	n = key_setdumpsa(sav, SADB_GET, satype, mhp->msg->sadb_msg_seq,
6297 	    mhp->msg->sadb_msg_pid);
6298 
6299 	key_freesav(&sav);
6300 	if (!n)
6301 		return key_senderror(so, m, ENOBUFS);
6302 
6303 	m_freem(m);
6304 	return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
6305     }
6306 }
6307 
6308 /* XXX make it sysctl-configurable? */
6309 static void
6310 key_getcomb_setlifetime(struct sadb_comb *comb)
6311 {
6312 
6313 	comb->sadb_comb_soft_allocations = 1;
6314 	comb->sadb_comb_hard_allocations = 1;
6315 	comb->sadb_comb_soft_bytes = 0;
6316 	comb->sadb_comb_hard_bytes = 0;
6317 	comb->sadb_comb_hard_addtime = 86400;	/* 1 day */
6318 	comb->sadb_comb_soft_addtime = comb->sadb_comb_soft_addtime * 80 / 100;
6319 	comb->sadb_comb_soft_usetime = 28800;	/* 8 hours */
6320 	comb->sadb_comb_hard_usetime = comb->sadb_comb_hard_usetime * 80 / 100;
6321 }
6322 
6323 /*
6324  * XXX reorder combinations by preference
6325  * XXX no idea if the user wants ESP authentication or not
6326  */
6327 static struct mbuf *
6328 key_getcomb_ealg(void)
6329 {
6330 	struct sadb_comb *comb;
6331 	const struct enc_xform *algo;
6332 	struct mbuf *result = NULL, *m, *n;
6333 	int encmin;
6334 	int i, off, o;
6335 	int totlen;
6336 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb));
6337 
6338 	m = NULL;
6339 	for (i = 1; i <= SADB_EALG_MAX; i++) {
6340 		algo = enc_algorithm_lookup(i);
6341 		if (algo == NULL)
6342 			continue;
6343 
6344 		/* discard algorithms with key size smaller than system min */
6345 		if (_BITS(algo->maxkey) < V_ipsec_esp_keymin)
6346 			continue;
6347 		if (_BITS(algo->minkey) < V_ipsec_esp_keymin)
6348 			encmin = V_ipsec_esp_keymin;
6349 		else
6350 			encmin = _BITS(algo->minkey);
6351 
6352 		if (V_ipsec_esp_auth)
6353 			m = key_getcomb_ah();
6354 		else {
6355 			IPSEC_ASSERT(l <= MLEN,
6356 				("l=%u > MLEN=%lu", l, (u_long) MLEN));
6357 			MGET(m, M_NOWAIT, MT_DATA);
6358 			if (m) {
6359 				M_ALIGN(m, l);
6360 				m->m_len = l;
6361 				m->m_next = NULL;
6362 				bzero(mtod(m, caddr_t), m->m_len);
6363 			}
6364 		}
6365 		if (!m)
6366 			goto fail;
6367 
6368 		totlen = 0;
6369 		for (n = m; n; n = n->m_next)
6370 			totlen += n->m_len;
6371 		IPSEC_ASSERT((totlen % l) == 0, ("totlen=%u, l=%u", totlen, l));
6372 
6373 		for (off = 0; off < totlen; off += l) {
6374 			n = m_pulldown(m, off, l, &o);
6375 			if (!n) {
6376 				/* m is already freed */
6377 				goto fail;
6378 			}
6379 			comb = (struct sadb_comb *)(mtod(n, caddr_t) + o);
6380 			bzero(comb, sizeof(*comb));
6381 			key_getcomb_setlifetime(comb);
6382 			comb->sadb_comb_encrypt = i;
6383 			comb->sadb_comb_encrypt_minbits = encmin;
6384 			comb->sadb_comb_encrypt_maxbits = _BITS(algo->maxkey);
6385 		}
6386 
6387 		if (!result)
6388 			result = m;
6389 		else
6390 			m_cat(result, m);
6391 	}
6392 
6393 	return result;
6394 
6395  fail:
6396 	if (result)
6397 		m_freem(result);
6398 	return NULL;
6399 }
6400 
6401 static void
6402 key_getsizes_ah(const struct auth_hash *ah, int alg, u_int16_t* min,
6403     u_int16_t* max)
6404 {
6405 
6406 	*min = *max = ah->hashsize;
6407 	if (ah->keysize == 0) {
6408 		/*
6409 		 * Transform takes arbitrary key size but algorithm
6410 		 * key size is restricted.  Enforce this here.
6411 		 */
6412 		switch (alg) {
6413 		case SADB_X_AALG_NULL:	*min = 1; *max = 256; break;
6414 		case SADB_X_AALG_SHA2_256: *min = *max = 32; break;
6415 		case SADB_X_AALG_SHA2_384: *min = *max = 48; break;
6416 		case SADB_X_AALG_SHA2_512: *min = *max = 64; break;
6417 		default:
6418 			DPRINTF(("%s: unknown AH algorithm %u\n",
6419 				__func__, alg));
6420 			break;
6421 		}
6422 	}
6423 }
6424 
6425 /*
6426  * XXX reorder combinations by preference
6427  */
6428 static struct mbuf *
6429 key_getcomb_ah(void)
6430 {
6431 	const struct auth_hash *algo;
6432 	struct sadb_comb *comb;
6433 	struct mbuf *m;
6434 	u_int16_t minkeysize, maxkeysize;
6435 	int i;
6436 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb));
6437 
6438 	m = NULL;
6439 	for (i = 1; i <= SADB_AALG_MAX; i++) {
6440 #if 1
6441 		/* we prefer HMAC algorithms, not old algorithms */
6442 		if (i != SADB_AALG_SHA1HMAC &&
6443 		    i != SADB_X_AALG_SHA2_256 &&
6444 		    i != SADB_X_AALG_SHA2_384 &&
6445 		    i != SADB_X_AALG_SHA2_512)
6446 			continue;
6447 #endif
6448 		algo = auth_algorithm_lookup(i);
6449 		if (!algo)
6450 			continue;
6451 		key_getsizes_ah(algo, i, &minkeysize, &maxkeysize);
6452 		/* discard algorithms with key size smaller than system min */
6453 		if (_BITS(minkeysize) < V_ipsec_ah_keymin)
6454 			continue;
6455 
6456 		if (!m) {
6457 			IPSEC_ASSERT(l <= MLEN,
6458 				("l=%u > MLEN=%lu", l, (u_long) MLEN));
6459 			MGET(m, M_NOWAIT, MT_DATA);
6460 			if (m) {
6461 				M_ALIGN(m, l);
6462 				m->m_len = l;
6463 				m->m_next = NULL;
6464 			}
6465 		} else
6466 			M_PREPEND(m, l, M_NOWAIT);
6467 		if (!m)
6468 			return NULL;
6469 
6470 		comb = mtod(m, struct sadb_comb *);
6471 		bzero(comb, sizeof(*comb));
6472 		key_getcomb_setlifetime(comb);
6473 		comb->sadb_comb_auth = i;
6474 		comb->sadb_comb_auth_minbits = _BITS(minkeysize);
6475 		comb->sadb_comb_auth_maxbits = _BITS(maxkeysize);
6476 	}
6477 
6478 	return m;
6479 }
6480 
6481 /*
6482  * not really an official behavior.  discussed in pf_key@inner.net in Sep2000.
6483  * XXX reorder combinations by preference
6484  */
6485 static struct mbuf *
6486 key_getcomb_ipcomp(void)
6487 {
6488 	const struct comp_algo *algo;
6489 	struct sadb_comb *comb;
6490 	struct mbuf *m;
6491 	int i;
6492 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb));
6493 
6494 	m = NULL;
6495 	for (i = 1; i <= SADB_X_CALG_MAX; i++) {
6496 		algo = comp_algorithm_lookup(i);
6497 		if (!algo)
6498 			continue;
6499 
6500 		if (!m) {
6501 			IPSEC_ASSERT(l <= MLEN,
6502 				("l=%u > MLEN=%lu", l, (u_long) MLEN));
6503 			MGET(m, M_NOWAIT, MT_DATA);
6504 			if (m) {
6505 				M_ALIGN(m, l);
6506 				m->m_len = l;
6507 				m->m_next = NULL;
6508 			}
6509 		} else
6510 			M_PREPEND(m, l, M_NOWAIT);
6511 		if (!m)
6512 			return NULL;
6513 
6514 		comb = mtod(m, struct sadb_comb *);
6515 		bzero(comb, sizeof(*comb));
6516 		key_getcomb_setlifetime(comb);
6517 		comb->sadb_comb_encrypt = i;
6518 		/* what should we set into sadb_comb_*_{min,max}bits? */
6519 	}
6520 
6521 	return m;
6522 }
6523 
6524 /*
6525  * XXX no way to pass mode (transport/tunnel) to userland
6526  * XXX replay checking?
6527  * XXX sysctl interface to ipsec_{ah,esp}_keymin
6528  */
6529 static struct mbuf *
6530 key_getprop(const struct secasindex *saidx)
6531 {
6532 	struct sadb_prop *prop;
6533 	struct mbuf *m, *n;
6534 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_prop));
6535 	int totlen;
6536 
6537 	switch (saidx->proto)  {
6538 	case IPPROTO_ESP:
6539 		m = key_getcomb_ealg();
6540 		break;
6541 	case IPPROTO_AH:
6542 		m = key_getcomb_ah();
6543 		break;
6544 	case IPPROTO_IPCOMP:
6545 		m = key_getcomb_ipcomp();
6546 		break;
6547 	default:
6548 		return NULL;
6549 	}
6550 
6551 	if (!m)
6552 		return NULL;
6553 	M_PREPEND(m, l, M_NOWAIT);
6554 	if (!m)
6555 		return NULL;
6556 
6557 	totlen = 0;
6558 	for (n = m; n; n = n->m_next)
6559 		totlen += n->m_len;
6560 
6561 	prop = mtod(m, struct sadb_prop *);
6562 	bzero(prop, sizeof(*prop));
6563 	prop->sadb_prop_len = PFKEY_UNIT64(totlen);
6564 	prop->sadb_prop_exttype = SADB_EXT_PROPOSAL;
6565 	prop->sadb_prop_replay = 32;	/* XXX */
6566 
6567 	return m;
6568 }
6569 
6570 /*
6571  * SADB_ACQUIRE processing called by key_checkrequest() and key_acquire2().
6572  * send
6573  *   <base, SA, address(SD), (address(P)), x_policy,
6574  *       (identity(SD),) (sensitivity,) proposal>
6575  * to KMD, and expect to receive
6576  *   <base> with SADB_ACQUIRE if error occurred,
6577  * or
6578  *   <base, src address, dst address, (SPI range)> with SADB_GETSPI
6579  * from KMD by PF_KEY.
6580  *
6581  * XXX x_policy is outside of RFC2367 (KAME extension).
6582  * XXX sensitivity is not supported.
6583  * XXX for ipcomp, RFC2367 does not define how to fill in proposal.
6584  * see comment for key_getcomb_ipcomp().
6585  *
6586  * OUT:
6587  *    0     : succeed
6588  *    others: error number
6589  */
6590 static int
6591 key_acquire(const struct secasindex *saidx, struct secpolicy *sp)
6592 {
6593 	union sockaddr_union addr;
6594 	struct mbuf *result, *m;
6595 	uint32_t seq;
6596 	int error;
6597 	uint16_t ul_proto;
6598 	uint8_t mask, satype;
6599 
6600 	IPSEC_ASSERT(saidx != NULL, ("null saidx"));
6601 	satype = key_proto2satype(saidx->proto);
6602 	IPSEC_ASSERT(satype != 0, ("null satype, protocol %u", saidx->proto));
6603 
6604 	error = -1;
6605 	result = NULL;
6606 	ul_proto = IPSEC_ULPROTO_ANY;
6607 
6608 	/* Get seq number to check whether sending message or not. */
6609 	seq = key_getacq(saidx, &error);
6610 	if (seq == 0)
6611 		return (error);
6612 
6613 	m = key_setsadbmsg(SADB_ACQUIRE, 0, satype, seq, 0, 0);
6614 	if (!m) {
6615 		error = ENOBUFS;
6616 		goto fail;
6617 	}
6618 	result = m;
6619 
6620 	/*
6621 	 * set sadb_address for saidx's.
6622 	 *
6623 	 * Note that if sp is supplied, then we're being called from
6624 	 * key_allocsa_policy() and should supply port and protocol
6625 	 * information.
6626 	 * XXXAE: why only TCP and UDP? ICMP and SCTP looks applicable too.
6627 	 * XXXAE: probably we can handle this in the ipsec[46]_allocsa().
6628 	 * XXXAE: it looks like we should save this info in the ACQ entry.
6629 	 */
6630 	if (sp != NULL && (sp->spidx.ul_proto == IPPROTO_TCP ||
6631 	    sp->spidx.ul_proto == IPPROTO_UDP))
6632 		ul_proto = sp->spidx.ul_proto;
6633 
6634 	addr = saidx->src;
6635 	mask = FULLMASK;
6636 	if (ul_proto != IPSEC_ULPROTO_ANY) {
6637 		switch (sp->spidx.src.sa.sa_family) {
6638 		case AF_INET:
6639 			if (sp->spidx.src.sin.sin_port != IPSEC_PORT_ANY) {
6640 				addr.sin.sin_port = sp->spidx.src.sin.sin_port;
6641 				mask = sp->spidx.prefs;
6642 			}
6643 			break;
6644 		case AF_INET6:
6645 			if (sp->spidx.src.sin6.sin6_port != IPSEC_PORT_ANY) {
6646 				addr.sin6.sin6_port =
6647 				    sp->spidx.src.sin6.sin6_port;
6648 				mask = sp->spidx.prefs;
6649 			}
6650 			break;
6651 		default:
6652 			break;
6653 		}
6654 	}
6655 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, &addr.sa, mask, ul_proto);
6656 	if (!m) {
6657 		error = ENOBUFS;
6658 		goto fail;
6659 	}
6660 	m_cat(result, m);
6661 
6662 	addr = saidx->dst;
6663 	mask = FULLMASK;
6664 	if (ul_proto != IPSEC_ULPROTO_ANY) {
6665 		switch (sp->spidx.dst.sa.sa_family) {
6666 		case AF_INET:
6667 			if (sp->spidx.dst.sin.sin_port != IPSEC_PORT_ANY) {
6668 				addr.sin.sin_port = sp->spidx.dst.sin.sin_port;
6669 				mask = sp->spidx.prefd;
6670 			}
6671 			break;
6672 		case AF_INET6:
6673 			if (sp->spidx.dst.sin6.sin6_port != IPSEC_PORT_ANY) {
6674 				addr.sin6.sin6_port =
6675 				    sp->spidx.dst.sin6.sin6_port;
6676 				mask = sp->spidx.prefd;
6677 			}
6678 			break;
6679 		default:
6680 			break;
6681 		}
6682 	}
6683 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, &addr.sa, mask, ul_proto);
6684 	if (!m) {
6685 		error = ENOBUFS;
6686 		goto fail;
6687 	}
6688 	m_cat(result, m);
6689 
6690 	/* XXX proxy address (optional) */
6691 
6692 	/*
6693 	 * Set sadb_x_policy. This is KAME extension to RFC2367.
6694 	 */
6695 	if (sp != NULL) {
6696 		m = key_setsadbxpolicy(sp->policy, sp->spidx.dir, sp->id,
6697 		    sp->priority);
6698 		if (!m) {
6699 			error = ENOBUFS;
6700 			goto fail;
6701 		}
6702 		m_cat(result, m);
6703 	}
6704 
6705 	/*
6706 	 * Set sadb_x_sa2 extension if saidx->reqid is not zero.
6707 	 * This is FreeBSD extension to RFC2367.
6708 	 */
6709 	if (saidx->reqid != 0) {
6710 		m = key_setsadbxsa2(saidx->mode, 0, saidx->reqid);
6711 		if (m == NULL) {
6712 			error = ENOBUFS;
6713 			goto fail;
6714 		}
6715 		m_cat(result, m);
6716 	}
6717 	/* XXX identity (optional) */
6718 #if 0
6719 	if (idexttype && fqdn) {
6720 		/* create identity extension (FQDN) */
6721 		struct sadb_ident *id;
6722 		int fqdnlen;
6723 
6724 		fqdnlen = strlen(fqdn) + 1;	/* +1 for terminating-NUL */
6725 		id = (struct sadb_ident *)p;
6726 		bzero(id, sizeof(*id) + PFKEY_ALIGN8(fqdnlen));
6727 		id->sadb_ident_len = PFKEY_UNIT64(sizeof(*id) + PFKEY_ALIGN8(fqdnlen));
6728 		id->sadb_ident_exttype = idexttype;
6729 		id->sadb_ident_type = SADB_IDENTTYPE_FQDN;
6730 		bcopy(fqdn, id + 1, fqdnlen);
6731 		p += sizeof(struct sadb_ident) + PFKEY_ALIGN8(fqdnlen);
6732 	}
6733 
6734 	if (idexttype) {
6735 		/* create identity extension (USERFQDN) */
6736 		struct sadb_ident *id;
6737 		int userfqdnlen;
6738 
6739 		if (userfqdn) {
6740 			/* +1 for terminating-NUL */
6741 			userfqdnlen = strlen(userfqdn) + 1;
6742 		} else
6743 			userfqdnlen = 0;
6744 		id = (struct sadb_ident *)p;
6745 		bzero(id, sizeof(*id) + PFKEY_ALIGN8(userfqdnlen));
6746 		id->sadb_ident_len = PFKEY_UNIT64(sizeof(*id) + PFKEY_ALIGN8(userfqdnlen));
6747 		id->sadb_ident_exttype = idexttype;
6748 		id->sadb_ident_type = SADB_IDENTTYPE_USERFQDN;
6749 		/* XXX is it correct? */
6750 		if (curproc && curproc->p_cred)
6751 			id->sadb_ident_id = curproc->p_cred->p_ruid;
6752 		if (userfqdn && userfqdnlen)
6753 			bcopy(userfqdn, id + 1, userfqdnlen);
6754 		p += sizeof(struct sadb_ident) + PFKEY_ALIGN8(userfqdnlen);
6755 	}
6756 #endif
6757 
6758 	/* XXX sensitivity (optional) */
6759 
6760 	/* create proposal/combination extension */
6761 	m = key_getprop(saidx);
6762 #if 0
6763 	/*
6764 	 * spec conformant: always attach proposal/combination extension,
6765 	 * the problem is that we have no way to attach it for ipcomp,
6766 	 * due to the way sadb_comb is declared in RFC2367.
6767 	 */
6768 	if (!m) {
6769 		error = ENOBUFS;
6770 		goto fail;
6771 	}
6772 	m_cat(result, m);
6773 #else
6774 	/*
6775 	 * outside of spec; make proposal/combination extension optional.
6776 	 */
6777 	if (m)
6778 		m_cat(result, m);
6779 #endif
6780 
6781 	if ((result->m_flags & M_PKTHDR) == 0) {
6782 		error = EINVAL;
6783 		goto fail;
6784 	}
6785 
6786 	if (result->m_len < sizeof(struct sadb_msg)) {
6787 		result = m_pullup(result, sizeof(struct sadb_msg));
6788 		if (result == NULL) {
6789 			error = ENOBUFS;
6790 			goto fail;
6791 		}
6792 	}
6793 
6794 	result->m_pkthdr.len = 0;
6795 	for (m = result; m; m = m->m_next)
6796 		result->m_pkthdr.len += m->m_len;
6797 
6798 	mtod(result, struct sadb_msg *)->sadb_msg_len =
6799 	    PFKEY_UNIT64(result->m_pkthdr.len);
6800 
6801 	KEYDBG(KEY_STAMP,
6802 	    printf("%s: SP(%p)\n", __func__, sp));
6803 	KEYDBG(KEY_DATA, kdebug_secasindex(saidx, NULL));
6804 
6805 	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
6806 
6807  fail:
6808 	if (result)
6809 		m_freem(result);
6810 	return error;
6811 }
6812 
6813 static uint32_t
6814 key_newacq(const struct secasindex *saidx, int *perror)
6815 {
6816 	struct secacq *acq;
6817 	uint32_t seq;
6818 
6819 	acq = malloc(sizeof(*acq), M_IPSEC_SAQ, M_NOWAIT | M_ZERO);
6820 	if (acq == NULL) {
6821 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
6822 		*perror = ENOBUFS;
6823 		return (0);
6824 	}
6825 
6826 	/* copy secindex */
6827 	bcopy(saidx, &acq->saidx, sizeof(acq->saidx));
6828 	acq->created = time_second;
6829 	acq->count = 0;
6830 
6831 	/* add to acqtree */
6832 	ACQ_LOCK();
6833 	seq = acq->seq = (V_acq_seq == ~0 ? 1 : ++V_acq_seq);
6834 	LIST_INSERT_HEAD(&V_acqtree, acq, chain);
6835 	LIST_INSERT_HEAD(ACQADDRHASH_HASH(saidx), acq, addrhash);
6836 	LIST_INSERT_HEAD(ACQSEQHASH_HASH(seq), acq, seqhash);
6837 	ACQ_UNLOCK();
6838 	*perror = 0;
6839 	return (seq);
6840 }
6841 
6842 static uint32_t
6843 key_getacq(const struct secasindex *saidx, int *perror)
6844 {
6845 	struct secacq *acq;
6846 	uint32_t seq;
6847 
6848 	ACQ_LOCK();
6849 	LIST_FOREACH(acq, ACQADDRHASH_HASH(saidx), addrhash) {
6850 		if (key_cmpsaidx(&acq->saidx, saidx, CMP_EXACTLY)) {
6851 			if (acq->count > V_key_blockacq_count) {
6852 				/*
6853 				 * Reset counter and send message.
6854 				 * Also reset created time to keep ACQ for
6855 				 * this saidx.
6856 				 */
6857 				acq->created = time_second;
6858 				acq->count = 0;
6859 				seq = acq->seq;
6860 			} else {
6861 				/*
6862 				 * Increment counter and do nothing.
6863 				 * We send SADB_ACQUIRE message only
6864 				 * for each V_key_blockacq_count packet.
6865 				 */
6866 				acq->count++;
6867 				seq = 0;
6868 			}
6869 			break;
6870 		}
6871 	}
6872 	ACQ_UNLOCK();
6873 	if (acq != NULL) {
6874 		*perror = 0;
6875 		return (seq);
6876 	}
6877 	/* allocate new  entry */
6878 	return (key_newacq(saidx, perror));
6879 }
6880 
6881 static int
6882 key_acqreset(uint32_t seq)
6883 {
6884 	struct secacq *acq;
6885 
6886 	ACQ_LOCK();
6887 	LIST_FOREACH(acq, ACQSEQHASH_HASH(seq), seqhash) {
6888 		if (acq->seq == seq) {
6889 			acq->count = 0;
6890 			acq->created = time_second;
6891 			break;
6892 		}
6893 	}
6894 	ACQ_UNLOCK();
6895 	if (acq == NULL)
6896 		return (ESRCH);
6897 	return (0);
6898 }
6899 /*
6900  * Mark ACQ entry as stale to remove it in key_flush_acq().
6901  * Called after successful SADB_GETSPI message.
6902  */
6903 static int
6904 key_acqdone(const struct secasindex *saidx, uint32_t seq)
6905 {
6906 	struct secacq *acq;
6907 
6908 	ACQ_LOCK();
6909 	LIST_FOREACH(acq, ACQSEQHASH_HASH(seq), seqhash) {
6910 		if (acq->seq == seq)
6911 			break;
6912 	}
6913 	if (acq != NULL) {
6914 		if (key_cmpsaidx(&acq->saidx, saidx, CMP_EXACTLY) == 0) {
6915 			ipseclog((LOG_DEBUG,
6916 			    "%s: Mismatched saidx for ACQ %u\n", __func__, seq));
6917 			acq = NULL;
6918 		} else {
6919 			acq->created = 0;
6920 		}
6921 	} else {
6922 		ipseclog((LOG_DEBUG,
6923 		    "%s: ACQ %u is not found.\n", __func__, seq));
6924 	}
6925 	ACQ_UNLOCK();
6926 	if (acq == NULL)
6927 		return (ESRCH);
6928 	return (0);
6929 }
6930 
6931 static struct secspacq *
6932 key_newspacq(struct secpolicyindex *spidx)
6933 {
6934 	struct secspacq *acq;
6935 
6936 	/* get new entry */
6937 	acq = malloc(sizeof(struct secspacq), M_IPSEC_SAQ, M_NOWAIT|M_ZERO);
6938 	if (acq == NULL) {
6939 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
6940 		return NULL;
6941 	}
6942 
6943 	/* copy secindex */
6944 	bcopy(spidx, &acq->spidx, sizeof(acq->spidx));
6945 	acq->created = time_second;
6946 	acq->count = 0;
6947 
6948 	/* add to spacqtree */
6949 	SPACQ_LOCK();
6950 	LIST_INSERT_HEAD(&V_spacqtree, acq, chain);
6951 	SPACQ_UNLOCK();
6952 
6953 	return acq;
6954 }
6955 
6956 static struct secspacq *
6957 key_getspacq(struct secpolicyindex *spidx)
6958 {
6959 	struct secspacq *acq;
6960 
6961 	SPACQ_LOCK();
6962 	LIST_FOREACH(acq, &V_spacqtree, chain) {
6963 		if (key_cmpspidx_exactly(spidx, &acq->spidx)) {
6964 			/* NB: return holding spacq_lock */
6965 			return acq;
6966 		}
6967 	}
6968 	SPACQ_UNLOCK();
6969 
6970 	return NULL;
6971 }
6972 
6973 /*
6974  * SADB_ACQUIRE processing,
6975  * in first situation, is receiving
6976  *   <base>
6977  * from the ikmpd, and clear sequence of its secasvar entry.
6978  *
6979  * In second situation, is receiving
6980  *   <base, address(SD), (address(P),) (identity(SD),) (sensitivity,) proposal>
6981  * from a user land process, and return
6982  *   <base, address(SD), (address(P),) (identity(SD),) (sensitivity,) proposal>
6983  * to the socket.
6984  *
6985  * m will always be freed.
6986  */
6987 static int
6988 key_acquire2(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
6989 {
6990 	SAHTREE_RLOCK_TRACKER;
6991 	struct sadb_address *src0, *dst0;
6992 	struct secasindex saidx;
6993 	struct secashead *sah;
6994 	uint32_t reqid;
6995 	int error;
6996 	uint8_t mode, proto;
6997 
6998 	IPSEC_ASSERT(so != NULL, ("null socket"));
6999 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7000 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7001 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7002 
7003 	/*
7004 	 * Error message from KMd.
7005 	 * We assume that if error was occurred in IKEd, the length of PFKEY
7006 	 * message is equal to the size of sadb_msg structure.
7007 	 * We do not raise error even if error occurred in this function.
7008 	 */
7009 	if (mhp->msg->sadb_msg_len == PFKEY_UNIT64(sizeof(struct sadb_msg))) {
7010 		/* check sequence number */
7011 		if (mhp->msg->sadb_msg_seq == 0 ||
7012 		    mhp->msg->sadb_msg_errno == 0) {
7013 			ipseclog((LOG_DEBUG, "%s: must specify sequence "
7014 				"number and errno.\n", __func__));
7015 		} else {
7016 			/*
7017 			 * IKEd reported that error occurred.
7018 			 * XXXAE: what it expects from the kernel?
7019 			 * Probably we should send SADB_ACQUIRE again?
7020 			 * If so, reset ACQ's state.
7021 			 * XXXAE: it looks useless.
7022 			 */
7023 			key_acqreset(mhp->msg->sadb_msg_seq);
7024 		}
7025 		m_freem(m);
7026 		return (0);
7027 	}
7028 
7029 	/*
7030 	 * This message is from user land.
7031 	 */
7032 
7033 	/* map satype to proto */
7034 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
7035 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
7036 		    __func__));
7037 		return key_senderror(so, m, EINVAL);
7038 	}
7039 
7040 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
7041 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
7042 	    SADB_CHECKHDR(mhp, SADB_EXT_PROPOSAL)) {
7043 		ipseclog((LOG_DEBUG,
7044 		    "%s: invalid message: missing required header.\n",
7045 		    __func__));
7046 		return key_senderror(so, m, EINVAL);
7047 	}
7048 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
7049 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
7050 	    SADB_CHECKLEN(mhp, SADB_EXT_PROPOSAL)) {
7051 		ipseclog((LOG_DEBUG,
7052 		    "%s: invalid message: wrong header size.\n", __func__));
7053 		return key_senderror(so, m, EINVAL);
7054 	}
7055 
7056 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
7057 		mode = IPSEC_MODE_ANY;
7058 		reqid = 0;
7059 	} else {
7060 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
7061 			ipseclog((LOG_DEBUG,
7062 			    "%s: invalid message: wrong header size.\n",
7063 			    __func__));
7064 			return key_senderror(so, m, EINVAL);
7065 		}
7066 		mode = ((struct sadb_x_sa2 *)
7067 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
7068 		reqid = ((struct sadb_x_sa2 *)
7069 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
7070 	}
7071 
7072 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
7073 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
7074 
7075 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
7076 	    (struct sockaddr *)(dst0 + 1));
7077 	if (error != 0) {
7078 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
7079 		return key_senderror(so, m, EINVAL);
7080 	}
7081 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
7082 
7083 	/* get a SA index */
7084 	SAHTREE_RLOCK();
7085 	LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
7086 		if (key_cmpsaidx(&sah->saidx, &saidx, CMP_MODE_REQID))
7087 			break;
7088 	}
7089 	SAHTREE_RUNLOCK();
7090 	if (sah != NULL) {
7091 		ipseclog((LOG_DEBUG, "%s: a SA exists already.\n", __func__));
7092 		return key_senderror(so, m, EEXIST);
7093 	}
7094 
7095 	error = key_acquire(&saidx, NULL);
7096 	if (error != 0) {
7097 		ipseclog((LOG_DEBUG,
7098 		    "%s: error %d returned from key_acquire()\n",
7099 			__func__, error));
7100 		return key_senderror(so, m, error);
7101 	}
7102 	m_freem(m);
7103 	return (0);
7104 }
7105 
7106 /*
7107  * SADB_REGISTER processing.
7108  * If SATYPE_UNSPEC has been passed as satype, only return sabd_supported.
7109  * receive
7110  *   <base>
7111  * from the ikmpd, and register a socket to send PF_KEY messages,
7112  * and send
7113  *   <base, supported>
7114  * to KMD by PF_KEY.
7115  * If socket is detached, must free from regnode.
7116  *
7117  * m will always be freed.
7118  */
7119 static int
7120 key_register(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7121 {
7122 	struct secreg *reg, *newreg = NULL;
7123 
7124 	IPSEC_ASSERT(so != NULL, ("null socket"));
7125 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7126 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7127 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7128 
7129 	/* check for invalid register message */
7130 	if (mhp->msg->sadb_msg_satype >= sizeof(V_regtree)/sizeof(V_regtree[0]))
7131 		return key_senderror(so, m, EINVAL);
7132 
7133 	/* When SATYPE_UNSPEC is specified, only return sabd_supported. */
7134 	if (mhp->msg->sadb_msg_satype == SADB_SATYPE_UNSPEC)
7135 		goto setmsg;
7136 
7137 	/* check whether existing or not */
7138 	REGTREE_LOCK();
7139 	LIST_FOREACH(reg, &V_regtree[mhp->msg->sadb_msg_satype], chain) {
7140 		if (reg->so == so) {
7141 			REGTREE_UNLOCK();
7142 			ipseclog((LOG_DEBUG, "%s: socket exists already.\n",
7143 				__func__));
7144 			return key_senderror(so, m, EEXIST);
7145 		}
7146 	}
7147 
7148 	/* create regnode */
7149 	newreg =  malloc(sizeof(struct secreg), M_IPSEC_SAR, M_NOWAIT|M_ZERO);
7150 	if (newreg == NULL) {
7151 		REGTREE_UNLOCK();
7152 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
7153 		return key_senderror(so, m, ENOBUFS);
7154 	}
7155 
7156 	newreg->so = so;
7157 	((struct keycb *)(so->so_pcb))->kp_registered++;
7158 
7159 	/* add regnode to regtree. */
7160 	LIST_INSERT_HEAD(&V_regtree[mhp->msg->sadb_msg_satype], newreg, chain);
7161 	REGTREE_UNLOCK();
7162 
7163   setmsg:
7164     {
7165 	struct mbuf *n;
7166 	struct sadb_msg *newmsg;
7167 	struct sadb_supported *sup;
7168 	u_int len, alen, elen;
7169 	int off;
7170 	int i;
7171 	struct sadb_alg *alg;
7172 
7173 	/* create new sadb_msg to reply. */
7174 	alen = 0;
7175 	for (i = 1; i <= SADB_AALG_MAX; i++) {
7176 		if (auth_algorithm_lookup(i))
7177 			alen += sizeof(struct sadb_alg);
7178 	}
7179 	if (alen)
7180 		alen += sizeof(struct sadb_supported);
7181 	elen = 0;
7182 	for (i = 1; i <= SADB_EALG_MAX; i++) {
7183 		if (enc_algorithm_lookup(i))
7184 			elen += sizeof(struct sadb_alg);
7185 	}
7186 	if (elen)
7187 		elen += sizeof(struct sadb_supported);
7188 
7189 	len = sizeof(struct sadb_msg) + alen + elen;
7190 
7191 	if (len > MCLBYTES)
7192 		return key_senderror(so, m, ENOBUFS);
7193 
7194 	MGETHDR(n, M_NOWAIT, MT_DATA);
7195 	if (n != NULL && len > MHLEN) {
7196 		if (!(MCLGET(n, M_NOWAIT))) {
7197 			m_freem(n);
7198 			n = NULL;
7199 		}
7200 	}
7201 	if (!n)
7202 		return key_senderror(so, m, ENOBUFS);
7203 
7204 	n->m_pkthdr.len = n->m_len = len;
7205 	n->m_next = NULL;
7206 	off = 0;
7207 
7208 	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
7209 	newmsg = mtod(n, struct sadb_msg *);
7210 	newmsg->sadb_msg_errno = 0;
7211 	newmsg->sadb_msg_len = PFKEY_UNIT64(len);
7212 	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
7213 
7214 	/* for authentication algorithm */
7215 	if (alen) {
7216 		sup = (struct sadb_supported *)(mtod(n, caddr_t) + off);
7217 		sup->sadb_supported_len = PFKEY_UNIT64(alen);
7218 		sup->sadb_supported_exttype = SADB_EXT_SUPPORTED_AUTH;
7219 		off += PFKEY_ALIGN8(sizeof(*sup));
7220 
7221 		for (i = 1; i <= SADB_AALG_MAX; i++) {
7222 			const struct auth_hash *aalgo;
7223 			u_int16_t minkeysize, maxkeysize;
7224 
7225 			aalgo = auth_algorithm_lookup(i);
7226 			if (!aalgo)
7227 				continue;
7228 			alg = (struct sadb_alg *)(mtod(n, caddr_t) + off);
7229 			alg->sadb_alg_id = i;
7230 			alg->sadb_alg_ivlen = 0;
7231 			key_getsizes_ah(aalgo, i, &minkeysize, &maxkeysize);
7232 			alg->sadb_alg_minbits = _BITS(minkeysize);
7233 			alg->sadb_alg_maxbits = _BITS(maxkeysize);
7234 			off += PFKEY_ALIGN8(sizeof(*alg));
7235 		}
7236 	}
7237 
7238 	/* for encryption algorithm */
7239 	if (elen) {
7240 		sup = (struct sadb_supported *)(mtod(n, caddr_t) + off);
7241 		sup->sadb_supported_len = PFKEY_UNIT64(elen);
7242 		sup->sadb_supported_exttype = SADB_EXT_SUPPORTED_ENCRYPT;
7243 		off += PFKEY_ALIGN8(sizeof(*sup));
7244 
7245 		for (i = 1; i <= SADB_EALG_MAX; i++) {
7246 			const struct enc_xform *ealgo;
7247 
7248 			ealgo = enc_algorithm_lookup(i);
7249 			if (!ealgo)
7250 				continue;
7251 			alg = (struct sadb_alg *)(mtod(n, caddr_t) + off);
7252 			alg->sadb_alg_id = i;
7253 			alg->sadb_alg_ivlen = ealgo->ivsize;
7254 			alg->sadb_alg_minbits = _BITS(ealgo->minkey);
7255 			alg->sadb_alg_maxbits = _BITS(ealgo->maxkey);
7256 			off += PFKEY_ALIGN8(sizeof(struct sadb_alg));
7257 		}
7258 	}
7259 
7260 	IPSEC_ASSERT(off == len,
7261 		("length assumption failed (off %u len %u)", off, len));
7262 
7263 	m_freem(m);
7264 	return key_sendup_mbuf(so, n, KEY_SENDUP_REGISTERED);
7265     }
7266 }
7267 
7268 /*
7269  * free secreg entry registered.
7270  * XXX: I want to do free a socket marked done SADB_RESIGER to socket.
7271  */
7272 void
7273 key_freereg(struct socket *so)
7274 {
7275 	struct secreg *reg;
7276 	int i;
7277 
7278 	IPSEC_ASSERT(so != NULL, ("NULL so"));
7279 
7280 	/*
7281 	 * check whether existing or not.
7282 	 * check all type of SA, because there is a potential that
7283 	 * one socket is registered to multiple type of SA.
7284 	 */
7285 	REGTREE_LOCK();
7286 	for (i = 0; i <= SADB_SATYPE_MAX; i++) {
7287 		LIST_FOREACH(reg, &V_regtree[i], chain) {
7288 			if (reg->so == so && __LIST_CHAINED(reg)) {
7289 				LIST_REMOVE(reg, chain);
7290 				free(reg, M_IPSEC_SAR);
7291 				break;
7292 			}
7293 		}
7294 	}
7295 	REGTREE_UNLOCK();
7296 }
7297 
7298 /*
7299  * SADB_EXPIRE processing
7300  * send
7301  *   <base, SA, SA2, lifetime(C and one of HS), address(SD)>
7302  * to KMD by PF_KEY.
7303  * NOTE: We send only soft lifetime extension.
7304  *
7305  * OUT:	0	: succeed
7306  *	others	: error number
7307  */
7308 static int
7309 key_expire(struct secasvar *sav, int hard)
7310 {
7311 	struct mbuf *result = NULL, *m;
7312 	struct sadb_lifetime *lt;
7313 	uint32_t replay_count;
7314 	int error, len;
7315 	uint8_t satype;
7316 
7317 	SECASVAR_RLOCK_TRACKER;
7318 
7319 	IPSEC_ASSERT (sav != NULL, ("null sav"));
7320 	IPSEC_ASSERT (sav->sah != NULL, ("null sa header"));
7321 
7322 	KEYDBG(KEY_STAMP,
7323 	    printf("%s: SA(%p) expired %s lifetime\n", __func__,
7324 		sav, hard ? "hard": "soft"));
7325 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
7326 	/* set msg header */
7327 	satype = key_proto2satype(sav->sah->saidx.proto);
7328 	IPSEC_ASSERT(satype != 0, ("invalid proto, satype %u", satype));
7329 	m = key_setsadbmsg(SADB_EXPIRE, 0, satype, sav->seq, 0, sav->refcnt);
7330 	if (!m) {
7331 		error = ENOBUFS;
7332 		goto fail;
7333 	}
7334 	result = m;
7335 
7336 	/* create SA extension */
7337 	m = key_setsadbsa(sav);
7338 	if (!m) {
7339 		error = ENOBUFS;
7340 		goto fail;
7341 	}
7342 	m_cat(result, m);
7343 
7344 	/* create SA extension */
7345 	SECASVAR_RLOCK(sav);
7346 	replay_count = sav->replay ? sav->replay->count : 0;
7347 	SECASVAR_RUNLOCK(sav);
7348 
7349 	m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
7350 			sav->sah->saidx.reqid);
7351 	if (!m) {
7352 		error = ENOBUFS;
7353 		goto fail;
7354 	}
7355 	m_cat(result, m);
7356 
7357 	if (sav->replay && sav->replay->wsize > UINT8_MAX) {
7358 		m = key_setsadbxsareplay(sav->replay->wsize);
7359 		if (!m) {
7360 			error = ENOBUFS;
7361 			goto fail;
7362 		}
7363 		m_cat(result, m);
7364 	}
7365 
7366 	/* create lifetime extension (current and soft) */
7367 	len = PFKEY_ALIGN8(sizeof(*lt)) * 2;
7368 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
7369 	if (m == NULL) {
7370 		error = ENOBUFS;
7371 		goto fail;
7372 	}
7373 	m_align(m, len);
7374 	m->m_len = len;
7375 	bzero(mtod(m, caddr_t), len);
7376 	lt = mtod(m, struct sadb_lifetime *);
7377 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
7378 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
7379 	lt->sadb_lifetime_allocations =
7380 	    (uint32_t)counter_u64_fetch(sav->lft_c_allocations);
7381 	lt->sadb_lifetime_bytes =
7382 	    counter_u64_fetch(sav->lft_c_bytes);
7383 	lt->sadb_lifetime_addtime = sav->created;
7384 	lt->sadb_lifetime_usetime = sav->firstused;
7385 	lt = (struct sadb_lifetime *)(mtod(m, caddr_t) + len / 2);
7386 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
7387 	if (hard) {
7388 		lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
7389 		lt->sadb_lifetime_allocations = sav->lft_h->allocations;
7390 		lt->sadb_lifetime_bytes = sav->lft_h->bytes;
7391 		lt->sadb_lifetime_addtime = sav->lft_h->addtime;
7392 		lt->sadb_lifetime_usetime = sav->lft_h->usetime;
7393 	} else {
7394 		lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT;
7395 		lt->sadb_lifetime_allocations = sav->lft_s->allocations;
7396 		lt->sadb_lifetime_bytes = sav->lft_s->bytes;
7397 		lt->sadb_lifetime_addtime = sav->lft_s->addtime;
7398 		lt->sadb_lifetime_usetime = sav->lft_s->usetime;
7399 	}
7400 	m_cat(result, m);
7401 
7402 	/* set sadb_address for source */
7403 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
7404 	    &sav->sah->saidx.src.sa,
7405 	    FULLMASK, IPSEC_ULPROTO_ANY);
7406 	if (!m) {
7407 		error = ENOBUFS;
7408 		goto fail;
7409 	}
7410 	m_cat(result, m);
7411 
7412 	/* set sadb_address for destination */
7413 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
7414 	    &sav->sah->saidx.dst.sa,
7415 	    FULLMASK, IPSEC_ULPROTO_ANY);
7416 	if (!m) {
7417 		error = ENOBUFS;
7418 		goto fail;
7419 	}
7420 	m_cat(result, m);
7421 
7422 	/*
7423 	 * XXX-BZ Handle NAT-T extensions here.
7424 	 * XXXAE: it doesn't seem quite useful. IKEs should not depend on
7425 	 * this information, we report only significant SA fields.
7426 	 */
7427 
7428 	if ((result->m_flags & M_PKTHDR) == 0) {
7429 		error = EINVAL;
7430 		goto fail;
7431 	}
7432 
7433 	if (result->m_len < sizeof(struct sadb_msg)) {
7434 		result = m_pullup(result, sizeof(struct sadb_msg));
7435 		if (result == NULL) {
7436 			error = ENOBUFS;
7437 			goto fail;
7438 		}
7439 	}
7440 
7441 	result->m_pkthdr.len = 0;
7442 	for (m = result; m; m = m->m_next)
7443 		result->m_pkthdr.len += m->m_len;
7444 
7445 	mtod(result, struct sadb_msg *)->sadb_msg_len =
7446 	    PFKEY_UNIT64(result->m_pkthdr.len);
7447 
7448 	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
7449 
7450  fail:
7451 	if (result)
7452 		m_freem(result);
7453 	return error;
7454 }
7455 
7456 static void
7457 key_freesah_flushed(struct secashead_queue *flushq)
7458 {
7459 	struct secashead *sah, *nextsah;
7460 	struct secasvar *sav, *nextsav;
7461 
7462 	sah = TAILQ_FIRST(flushq);
7463 	while (sah != NULL) {
7464 		sav = TAILQ_FIRST(&sah->savtree_larval);
7465 		while (sav != NULL) {
7466 			nextsav = TAILQ_NEXT(sav, chain);
7467 			TAILQ_REMOVE(&sah->savtree_larval, sav, chain);
7468 			key_freesav(&sav); /* release last reference */
7469 			key_freesah(&sah); /* release reference from SAV */
7470 			sav = nextsav;
7471 		}
7472 		sav = TAILQ_FIRST(&sah->savtree_alive);
7473 		while (sav != NULL) {
7474 			nextsav = TAILQ_NEXT(sav, chain);
7475 			TAILQ_REMOVE(&sah->savtree_alive, sav, chain);
7476 			key_freesav(&sav); /* release last reference */
7477 			key_freesah(&sah); /* release reference from SAV */
7478 			sav = nextsav;
7479 		}
7480 		nextsah = TAILQ_NEXT(sah, chain);
7481 		key_freesah(&sah);	/* release last reference */
7482 		sah = nextsah;
7483 	}
7484 }
7485 
7486 /*
7487  * SADB_FLUSH processing
7488  * receive
7489  *   <base>
7490  * from the ikmpd, and free all entries in secastree.
7491  * and send,
7492  *   <base>
7493  * to the ikmpd.
7494  * NOTE: to do is only marking SADB_SASTATE_DEAD.
7495  *
7496  * m will always be freed.
7497  */
7498 static int
7499 key_flush(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7500 {
7501 	struct secashead_queue flushq;
7502 	struct sadb_msg *newmsg;
7503 	struct secashead *sah, *nextsah;
7504 	struct secasvar *sav;
7505 	uint8_t proto;
7506 	int i;
7507 
7508 	IPSEC_ASSERT(so != NULL, ("null socket"));
7509 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7510 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7511 
7512 	/* map satype to proto */
7513 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
7514 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
7515 			__func__));
7516 		return key_senderror(so, m, EINVAL);
7517 	}
7518 	KEYDBG(KEY_STAMP,
7519 	    printf("%s: proto %u\n", __func__, proto));
7520 
7521 	TAILQ_INIT(&flushq);
7522 	if (proto == IPSEC_PROTO_ANY) {
7523 		/* no SATYPE specified, i.e. flushing all SA. */
7524 		SAHTREE_WLOCK();
7525 		/* Move all SAHs into flushq */
7526 		TAILQ_CONCAT(&flushq, &V_sahtree, chain);
7527 		/* Flush all buckets in SPI hash */
7528 		for (i = 0; i < V_savhash_mask + 1; i++)
7529 			LIST_INIT(&V_savhashtbl[i]);
7530 		/* Flush all buckets in SAHADDRHASH */
7531 		for (i = 0; i < V_sahaddrhash_mask + 1; i++)
7532 			LIST_INIT(&V_sahaddrhashtbl[i]);
7533 		/* Mark all SAHs as unlinked */
7534 		TAILQ_FOREACH(sah, &flushq, chain) {
7535 			sah->state = SADB_SASTATE_DEAD;
7536 			/*
7537 			 * Callout handler makes its job using
7538 			 * RLOCK and drain queues. In case, when this
7539 			 * function will be called just before it
7540 			 * acquires WLOCK, we need to mark SAs as
7541 			 * unlinked to prevent second unlink.
7542 			 */
7543 			TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7544 				sav->state = SADB_SASTATE_DEAD;
7545 			}
7546 			TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7547 				sav->state = SADB_SASTATE_DEAD;
7548 			}
7549 		}
7550 		SAHTREE_WUNLOCK();
7551 	} else {
7552 		SAHTREE_WLOCK();
7553 		sah = TAILQ_FIRST(&V_sahtree);
7554 		while (sah != NULL) {
7555 			IPSEC_ASSERT(sah->state != SADB_SASTATE_DEAD,
7556 			    ("DEAD SAH %p in SADB_FLUSH", sah));
7557 			nextsah = TAILQ_NEXT(sah, chain);
7558 			if (sah->saidx.proto != proto) {
7559 				sah = nextsah;
7560 				continue;
7561 			}
7562 			sah->state = SADB_SASTATE_DEAD;
7563 			TAILQ_REMOVE(&V_sahtree, sah, chain);
7564 			LIST_REMOVE(sah, addrhash);
7565 			/* Unlink all SAs from SPI hash */
7566 			TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7567 				LIST_REMOVE(sav, spihash);
7568 				sav->state = SADB_SASTATE_DEAD;
7569 			}
7570 			TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7571 				LIST_REMOVE(sav, spihash);
7572 				sav->state = SADB_SASTATE_DEAD;
7573 			}
7574 			/* Add SAH into flushq */
7575 			TAILQ_INSERT_HEAD(&flushq, sah, chain);
7576 			sah = nextsah;
7577 		}
7578 		SAHTREE_WUNLOCK();
7579 	}
7580 
7581 	key_freesah_flushed(&flushq);
7582 	/* Free all queued SAs and SAHs */
7583 	if (m->m_len < sizeof(struct sadb_msg) ||
7584 	    sizeof(struct sadb_msg) > m->m_len + M_TRAILINGSPACE(m)) {
7585 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
7586 		return key_senderror(so, m, ENOBUFS);
7587 	}
7588 
7589 	if (m->m_next)
7590 		m_freem(m->m_next);
7591 	m->m_next = NULL;
7592 	m->m_pkthdr.len = m->m_len = sizeof(struct sadb_msg);
7593 	newmsg = mtod(m, struct sadb_msg *);
7594 	newmsg->sadb_msg_errno = 0;
7595 	newmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
7596 
7597 	return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
7598 }
7599 
7600 /*
7601  * SADB_DUMP processing
7602  * dump all entries including status of DEAD in SAD.
7603  * receive
7604  *   <base>
7605  * from the ikmpd, and dump all secasvar leaves
7606  * and send,
7607  *   <base> .....
7608  * to the ikmpd.
7609  *
7610  * m will always be freed.
7611  */
7612 static int
7613 key_dump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7614 {
7615 	SAHTREE_RLOCK_TRACKER;
7616 	struct secashead *sah;
7617 	struct secasvar *sav;
7618 	struct mbuf *n;
7619 	uint32_t cnt;
7620 	uint8_t proto, satype;
7621 
7622 	IPSEC_ASSERT(so != NULL, ("null socket"));
7623 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7624 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7625 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7626 
7627 	/* map satype to proto */
7628 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
7629 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
7630 		    __func__));
7631 		return key_senderror(so, m, EINVAL);
7632 	}
7633 
7634 	/* count sav entries to be sent to the userland. */
7635 	cnt = 0;
7636 	SAHTREE_RLOCK();
7637 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
7638 		if (mhp->msg->sadb_msg_satype != SADB_SATYPE_UNSPEC &&
7639 		    proto != sah->saidx.proto)
7640 			continue;
7641 
7642 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain)
7643 			cnt++;
7644 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain)
7645 			cnt++;
7646 	}
7647 
7648 	if (cnt == 0) {
7649 		SAHTREE_RUNLOCK();
7650 		return key_senderror(so, m, ENOENT);
7651 	}
7652 
7653 	/* send this to the userland, one at a time. */
7654 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
7655 		if (mhp->msg->sadb_msg_satype != SADB_SATYPE_UNSPEC &&
7656 		    proto != sah->saidx.proto)
7657 			continue;
7658 
7659 		/* map proto to satype */
7660 		if ((satype = key_proto2satype(sah->saidx.proto)) == 0) {
7661 			SAHTREE_RUNLOCK();
7662 			ipseclog((LOG_DEBUG, "%s: there was invalid proto in "
7663 			    "SAD.\n", __func__));
7664 			return key_senderror(so, m, EINVAL);
7665 		}
7666 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7667 			n = key_setdumpsa(sav, SADB_DUMP, satype,
7668 			    --cnt, mhp->msg->sadb_msg_pid);
7669 			if (n == NULL) {
7670 				SAHTREE_RUNLOCK();
7671 				return key_senderror(so, m, ENOBUFS);
7672 			}
7673 			key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
7674 		}
7675 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7676 			n = key_setdumpsa(sav, SADB_DUMP, satype,
7677 			    --cnt, mhp->msg->sadb_msg_pid);
7678 			if (n == NULL) {
7679 				SAHTREE_RUNLOCK();
7680 				return key_senderror(so, m, ENOBUFS);
7681 			}
7682 			key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
7683 		}
7684 	}
7685 	SAHTREE_RUNLOCK();
7686 	m_freem(m);
7687 	return (0);
7688 }
7689 /*
7690  * SADB_X_PROMISC processing
7691  *
7692  * m will always be freed.
7693  */
7694 static int
7695 key_promisc(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7696 {
7697 	int olen;
7698 
7699 	IPSEC_ASSERT(so != NULL, ("null socket"));
7700 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7701 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7702 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7703 
7704 	olen = PFKEY_UNUNIT64(mhp->msg->sadb_msg_len);
7705 
7706 	if (olen < sizeof(struct sadb_msg)) {
7707 #if 1
7708 		return key_senderror(so, m, EINVAL);
7709 #else
7710 		m_freem(m);
7711 		return 0;
7712 #endif
7713 	} else if (olen == sizeof(struct sadb_msg)) {
7714 		/* enable/disable promisc mode */
7715 		struct keycb *kp;
7716 
7717 		if ((kp = so->so_pcb) == NULL)
7718 			return key_senderror(so, m, EINVAL);
7719 		mhp->msg->sadb_msg_errno = 0;
7720 		switch (mhp->msg->sadb_msg_satype) {
7721 		case 0:
7722 		case 1:
7723 			kp->kp_promisc = mhp->msg->sadb_msg_satype;
7724 			break;
7725 		default:
7726 			return key_senderror(so, m, EINVAL);
7727 		}
7728 
7729 		/* send the original message back to everyone */
7730 		mhp->msg->sadb_msg_errno = 0;
7731 		return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
7732 	} else {
7733 		/* send packet as is */
7734 
7735 		m_adj(m, PFKEY_ALIGN8(sizeof(struct sadb_msg)));
7736 
7737 		/* TODO: if sadb_msg_seq is specified, send to specific pid */
7738 		return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
7739 	}
7740 }
7741 
7742 static int (*key_typesw[])(struct socket *, struct mbuf *,
7743 		const struct sadb_msghdr *) = {
7744 	NULL,		/* SADB_RESERVED */
7745 	key_getspi,	/* SADB_GETSPI */
7746 	key_update,	/* SADB_UPDATE */
7747 	key_add,	/* SADB_ADD */
7748 	key_delete,	/* SADB_DELETE */
7749 	key_get,	/* SADB_GET */
7750 	key_acquire2,	/* SADB_ACQUIRE */
7751 	key_register,	/* SADB_REGISTER */
7752 	NULL,		/* SADB_EXPIRE */
7753 	key_flush,	/* SADB_FLUSH */
7754 	key_dump,	/* SADB_DUMP */
7755 	key_promisc,	/* SADB_X_PROMISC */
7756 	NULL,		/* SADB_X_PCHANGE */
7757 	key_spdadd,	/* SADB_X_SPDUPDATE */
7758 	key_spdadd,	/* SADB_X_SPDADD */
7759 	key_spddelete,	/* SADB_X_SPDDELETE */
7760 	key_spdget,	/* SADB_X_SPDGET */
7761 	NULL,		/* SADB_X_SPDACQUIRE */
7762 	key_spddump,	/* SADB_X_SPDDUMP */
7763 	key_spdflush,	/* SADB_X_SPDFLUSH */
7764 	key_spdadd,	/* SADB_X_SPDSETIDX */
7765 	NULL,		/* SADB_X_SPDEXPIRE */
7766 	key_spddelete2,	/* SADB_X_SPDDELETE2 */
7767 };
7768 
7769 /*
7770  * parse sadb_msg buffer to process PFKEYv2,
7771  * and create a data to response if needed.
7772  * I think to be dealed with mbuf directly.
7773  * IN:
7774  *     msgp  : pointer to pointer to a received buffer pulluped.
7775  *             This is rewrited to response.
7776  *     so    : pointer to socket.
7777  * OUT:
7778  *    length for buffer to send to user process.
7779  */
7780 int
7781 key_parse(struct mbuf *m, struct socket *so)
7782 {
7783 	struct sadb_msg *msg;
7784 	struct sadb_msghdr mh;
7785 	u_int orglen;
7786 	int error;
7787 	int target;
7788 
7789 	IPSEC_ASSERT(so != NULL, ("null socket"));
7790 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7791 
7792 	if (m->m_len < sizeof(struct sadb_msg)) {
7793 		m = m_pullup(m, sizeof(struct sadb_msg));
7794 		if (!m)
7795 			return ENOBUFS;
7796 	}
7797 	msg = mtod(m, struct sadb_msg *);
7798 	orglen = PFKEY_UNUNIT64(msg->sadb_msg_len);
7799 	target = KEY_SENDUP_ONE;
7800 
7801 	if ((m->m_flags & M_PKTHDR) == 0 || m->m_pkthdr.len != orglen) {
7802 		ipseclog((LOG_DEBUG, "%s: invalid message length.\n",__func__));
7803 		PFKEYSTAT_INC(out_invlen);
7804 		error = EINVAL;
7805 		goto senderror;
7806 	}
7807 
7808 	if (msg->sadb_msg_version != PF_KEY_V2) {
7809 		ipseclog((LOG_DEBUG, "%s: PF_KEY version %u is mismatched.\n",
7810 		    __func__, msg->sadb_msg_version));
7811 		PFKEYSTAT_INC(out_invver);
7812 		error = EINVAL;
7813 		goto senderror;
7814 	}
7815 
7816 	if (msg->sadb_msg_type > SADB_MAX) {
7817 		ipseclog((LOG_DEBUG, "%s: invalid type %u is passed.\n",
7818 		    __func__, msg->sadb_msg_type));
7819 		PFKEYSTAT_INC(out_invmsgtype);
7820 		error = EINVAL;
7821 		goto senderror;
7822 	}
7823 
7824 	/* for old-fashioned code - should be nuked */
7825 	if (m->m_pkthdr.len > MCLBYTES) {
7826 		m_freem(m);
7827 		return ENOBUFS;
7828 	}
7829 	if (m->m_next) {
7830 		struct mbuf *n;
7831 
7832 		MGETHDR(n, M_NOWAIT, MT_DATA);
7833 		if (n && m->m_pkthdr.len > MHLEN) {
7834 			if (!(MCLGET(n, M_NOWAIT))) {
7835 				m_free(n);
7836 				n = NULL;
7837 			}
7838 		}
7839 		if (!n) {
7840 			m_freem(m);
7841 			return ENOBUFS;
7842 		}
7843 		m_copydata(m, 0, m->m_pkthdr.len, mtod(n, caddr_t));
7844 		n->m_pkthdr.len = n->m_len = m->m_pkthdr.len;
7845 		n->m_next = NULL;
7846 		m_freem(m);
7847 		m = n;
7848 	}
7849 
7850 	/* align the mbuf chain so that extensions are in contiguous region. */
7851 	error = key_align(m, &mh);
7852 	if (error)
7853 		return error;
7854 
7855 	msg = mh.msg;
7856 
7857 	/* We use satype as scope mask for spddump */
7858 	if (msg->sadb_msg_type == SADB_X_SPDDUMP) {
7859 		switch (msg->sadb_msg_satype) {
7860 		case IPSEC_POLICYSCOPE_ANY:
7861 		case IPSEC_POLICYSCOPE_GLOBAL:
7862 		case IPSEC_POLICYSCOPE_IFNET:
7863 		case IPSEC_POLICYSCOPE_PCB:
7864 			break;
7865 		default:
7866 			ipseclog((LOG_DEBUG, "%s: illegal satype=%u\n",
7867 			    __func__, msg->sadb_msg_type));
7868 			PFKEYSTAT_INC(out_invsatype);
7869 			error = EINVAL;
7870 			goto senderror;
7871 		}
7872 	} else {
7873 		switch (msg->sadb_msg_satype) { /* check SA type */
7874 		case SADB_SATYPE_UNSPEC:
7875 			switch (msg->sadb_msg_type) {
7876 			case SADB_GETSPI:
7877 			case SADB_UPDATE:
7878 			case SADB_ADD:
7879 			case SADB_DELETE:
7880 			case SADB_GET:
7881 			case SADB_ACQUIRE:
7882 			case SADB_EXPIRE:
7883 				ipseclog((LOG_DEBUG, "%s: must specify satype "
7884 				    "when msg type=%u.\n", __func__,
7885 				    msg->sadb_msg_type));
7886 				PFKEYSTAT_INC(out_invsatype);
7887 				error = EINVAL;
7888 				goto senderror;
7889 			}
7890 			break;
7891 		case SADB_SATYPE_AH:
7892 		case SADB_SATYPE_ESP:
7893 		case SADB_X_SATYPE_IPCOMP:
7894 		case SADB_X_SATYPE_TCPSIGNATURE:
7895 			switch (msg->sadb_msg_type) {
7896 			case SADB_X_SPDADD:
7897 			case SADB_X_SPDDELETE:
7898 			case SADB_X_SPDGET:
7899 			case SADB_X_SPDFLUSH:
7900 			case SADB_X_SPDSETIDX:
7901 			case SADB_X_SPDUPDATE:
7902 			case SADB_X_SPDDELETE2:
7903 				ipseclog((LOG_DEBUG, "%s: illegal satype=%u\n",
7904 				    __func__, msg->sadb_msg_type));
7905 				PFKEYSTAT_INC(out_invsatype);
7906 				error = EINVAL;
7907 				goto senderror;
7908 			}
7909 			break;
7910 		case SADB_SATYPE_RSVP:
7911 		case SADB_SATYPE_OSPFV2:
7912 		case SADB_SATYPE_RIPV2:
7913 		case SADB_SATYPE_MIP:
7914 			ipseclog((LOG_DEBUG, "%s: type %u isn't supported.\n",
7915 			    __func__, msg->sadb_msg_satype));
7916 			PFKEYSTAT_INC(out_invsatype);
7917 			error = EOPNOTSUPP;
7918 			goto senderror;
7919 		case 1:	/* XXX: What does it do? */
7920 			if (msg->sadb_msg_type == SADB_X_PROMISC)
7921 				break;
7922 			/*FALLTHROUGH*/
7923 		default:
7924 			ipseclog((LOG_DEBUG, "%s: invalid type %u is passed.\n",
7925 			    __func__, msg->sadb_msg_satype));
7926 			PFKEYSTAT_INC(out_invsatype);
7927 			error = EINVAL;
7928 			goto senderror;
7929 		}
7930 	}
7931 
7932 	/* check field of upper layer protocol and address family */
7933 	if (mh.ext[SADB_EXT_ADDRESS_SRC] != NULL
7934 	 && mh.ext[SADB_EXT_ADDRESS_DST] != NULL) {
7935 		struct sadb_address *src0, *dst0;
7936 		u_int plen;
7937 
7938 		src0 = (struct sadb_address *)(mh.ext[SADB_EXT_ADDRESS_SRC]);
7939 		dst0 = (struct sadb_address *)(mh.ext[SADB_EXT_ADDRESS_DST]);
7940 
7941 		/* check upper layer protocol */
7942 		if (src0->sadb_address_proto != dst0->sadb_address_proto) {
7943 			ipseclog((LOG_DEBUG, "%s: upper layer protocol "
7944 				"mismatched.\n", __func__));
7945 			PFKEYSTAT_INC(out_invaddr);
7946 			error = EINVAL;
7947 			goto senderror;
7948 		}
7949 
7950 		/* check family */
7951 		if (PFKEY_ADDR_SADDR(src0)->sa_family !=
7952 		    PFKEY_ADDR_SADDR(dst0)->sa_family) {
7953 			ipseclog((LOG_DEBUG, "%s: address family mismatched.\n",
7954 				__func__));
7955 			PFKEYSTAT_INC(out_invaddr);
7956 			error = EINVAL;
7957 			goto senderror;
7958 		}
7959 		if (PFKEY_ADDR_SADDR(src0)->sa_len !=
7960 		    PFKEY_ADDR_SADDR(dst0)->sa_len) {
7961 			ipseclog((LOG_DEBUG, "%s: address struct size "
7962 				"mismatched.\n", __func__));
7963 			PFKEYSTAT_INC(out_invaddr);
7964 			error = EINVAL;
7965 			goto senderror;
7966 		}
7967 
7968 		switch (PFKEY_ADDR_SADDR(src0)->sa_family) {
7969 		case AF_INET:
7970 			if (PFKEY_ADDR_SADDR(src0)->sa_len !=
7971 			    sizeof(struct sockaddr_in)) {
7972 				PFKEYSTAT_INC(out_invaddr);
7973 				error = EINVAL;
7974 				goto senderror;
7975 			}
7976 			break;
7977 		case AF_INET6:
7978 			if (PFKEY_ADDR_SADDR(src0)->sa_len !=
7979 			    sizeof(struct sockaddr_in6)) {
7980 				PFKEYSTAT_INC(out_invaddr);
7981 				error = EINVAL;
7982 				goto senderror;
7983 			}
7984 			break;
7985 		default:
7986 			ipseclog((LOG_DEBUG, "%s: unsupported address family\n",
7987 				__func__));
7988 			PFKEYSTAT_INC(out_invaddr);
7989 			error = EAFNOSUPPORT;
7990 			goto senderror;
7991 		}
7992 
7993 		switch (PFKEY_ADDR_SADDR(src0)->sa_family) {
7994 		case AF_INET:
7995 			plen = sizeof(struct in_addr) << 3;
7996 			break;
7997 		case AF_INET6:
7998 			plen = sizeof(struct in6_addr) << 3;
7999 			break;
8000 		default:
8001 			plen = 0;	/*fool gcc*/
8002 			break;
8003 		}
8004 
8005 		/* check max prefix length */
8006 		if (src0->sadb_address_prefixlen > plen ||
8007 		    dst0->sadb_address_prefixlen > plen) {
8008 			ipseclog((LOG_DEBUG, "%s: illegal prefixlen.\n",
8009 				__func__));
8010 			PFKEYSTAT_INC(out_invaddr);
8011 			error = EINVAL;
8012 			goto senderror;
8013 		}
8014 
8015 		/*
8016 		 * prefixlen == 0 is valid because there can be a case when
8017 		 * all addresses are matched.
8018 		 */
8019 	}
8020 
8021 	if (msg->sadb_msg_type >= nitems(key_typesw) ||
8022 	    key_typesw[msg->sadb_msg_type] == NULL) {
8023 		PFKEYSTAT_INC(out_invmsgtype);
8024 		error = EINVAL;
8025 		goto senderror;
8026 	}
8027 
8028 	return (*key_typesw[msg->sadb_msg_type])(so, m, &mh);
8029 
8030 senderror:
8031 	msg->sadb_msg_errno = error;
8032 	return key_sendup_mbuf(so, m, target);
8033 }
8034 
8035 static int
8036 key_senderror(struct socket *so, struct mbuf *m, int code)
8037 {
8038 	struct sadb_msg *msg;
8039 
8040 	IPSEC_ASSERT(m->m_len >= sizeof(struct sadb_msg),
8041 		("mbuf too small, len %u", m->m_len));
8042 
8043 	msg = mtod(m, struct sadb_msg *);
8044 	msg->sadb_msg_errno = code;
8045 	return key_sendup_mbuf(so, m, KEY_SENDUP_ONE);
8046 }
8047 
8048 /*
8049  * set the pointer to each header into message buffer.
8050  * m will be freed on error.
8051  * XXX larger-than-MCLBYTES extension?
8052  */
8053 static int
8054 key_align(struct mbuf *m, struct sadb_msghdr *mhp)
8055 {
8056 	struct mbuf *n;
8057 	struct sadb_ext *ext;
8058 	size_t off, end;
8059 	int extlen;
8060 	int toff;
8061 
8062 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
8063 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
8064 	IPSEC_ASSERT(m->m_len >= sizeof(struct sadb_msg),
8065 		("mbuf too small, len %u", m->m_len));
8066 
8067 	/* initialize */
8068 	bzero(mhp, sizeof(*mhp));
8069 
8070 	mhp->msg = mtod(m, struct sadb_msg *);
8071 	mhp->ext[0] = (struct sadb_ext *)mhp->msg;	/*XXX backward compat */
8072 
8073 	end = PFKEY_UNUNIT64(mhp->msg->sadb_msg_len);
8074 	extlen = end;	/*just in case extlen is not updated*/
8075 	for (off = sizeof(struct sadb_msg); off < end; off += extlen) {
8076 		n = m_pulldown(m, off, sizeof(struct sadb_ext), &toff);
8077 		if (!n) {
8078 			/* m is already freed */
8079 			return ENOBUFS;
8080 		}
8081 		ext = (struct sadb_ext *)(mtod(n, caddr_t) + toff);
8082 
8083 		/* set pointer */
8084 		switch (ext->sadb_ext_type) {
8085 		case SADB_EXT_SA:
8086 		case SADB_EXT_ADDRESS_SRC:
8087 		case SADB_EXT_ADDRESS_DST:
8088 		case SADB_EXT_ADDRESS_PROXY:
8089 		case SADB_EXT_LIFETIME_CURRENT:
8090 		case SADB_EXT_LIFETIME_HARD:
8091 		case SADB_EXT_LIFETIME_SOFT:
8092 		case SADB_EXT_KEY_AUTH:
8093 		case SADB_EXT_KEY_ENCRYPT:
8094 		case SADB_EXT_IDENTITY_SRC:
8095 		case SADB_EXT_IDENTITY_DST:
8096 		case SADB_EXT_SENSITIVITY:
8097 		case SADB_EXT_PROPOSAL:
8098 		case SADB_EXT_SUPPORTED_AUTH:
8099 		case SADB_EXT_SUPPORTED_ENCRYPT:
8100 		case SADB_EXT_SPIRANGE:
8101 		case SADB_X_EXT_POLICY:
8102 		case SADB_X_EXT_SA2:
8103 		case SADB_X_EXT_NAT_T_TYPE:
8104 		case SADB_X_EXT_NAT_T_SPORT:
8105 		case SADB_X_EXT_NAT_T_DPORT:
8106 		case SADB_X_EXT_NAT_T_OAI:
8107 		case SADB_X_EXT_NAT_T_OAR:
8108 		case SADB_X_EXT_NAT_T_FRAG:
8109 		case SADB_X_EXT_SA_REPLAY:
8110 		case SADB_X_EXT_NEW_ADDRESS_SRC:
8111 		case SADB_X_EXT_NEW_ADDRESS_DST:
8112 			/* duplicate check */
8113 			/*
8114 			 * XXX Are there duplication payloads of either
8115 			 * KEY_AUTH or KEY_ENCRYPT ?
8116 			 */
8117 			if (mhp->ext[ext->sadb_ext_type] != NULL) {
8118 				ipseclog((LOG_DEBUG, "%s: duplicate ext_type "
8119 					"%u\n", __func__, ext->sadb_ext_type));
8120 				m_freem(m);
8121 				PFKEYSTAT_INC(out_dupext);
8122 				return EINVAL;
8123 			}
8124 			break;
8125 		default:
8126 			ipseclog((LOG_DEBUG, "%s: invalid ext_type %u\n",
8127 				__func__, ext->sadb_ext_type));
8128 			m_freem(m);
8129 			PFKEYSTAT_INC(out_invexttype);
8130 			return EINVAL;
8131 		}
8132 
8133 		extlen = PFKEY_UNUNIT64(ext->sadb_ext_len);
8134 
8135 		if (key_validate_ext(ext, extlen)) {
8136 			m_freem(m);
8137 			PFKEYSTAT_INC(out_invlen);
8138 			return EINVAL;
8139 		}
8140 
8141 		n = m_pulldown(m, off, extlen, &toff);
8142 		if (!n) {
8143 			/* m is already freed */
8144 			return ENOBUFS;
8145 		}
8146 		ext = (struct sadb_ext *)(mtod(n, caddr_t) + toff);
8147 
8148 		mhp->ext[ext->sadb_ext_type] = ext;
8149 		mhp->extoff[ext->sadb_ext_type] = off;
8150 		mhp->extlen[ext->sadb_ext_type] = extlen;
8151 	}
8152 
8153 	if (off != end) {
8154 		m_freem(m);
8155 		PFKEYSTAT_INC(out_invlen);
8156 		return EINVAL;
8157 	}
8158 
8159 	return 0;
8160 }
8161 
8162 static int
8163 key_validate_ext(const struct sadb_ext *ext, int len)
8164 {
8165 	const struct sockaddr *sa;
8166 	enum { NONE, ADDR } checktype = NONE;
8167 	int baselen = 0;
8168 	const int sal = offsetof(struct sockaddr, sa_len) + sizeof(sa->sa_len);
8169 
8170 	if (len != PFKEY_UNUNIT64(ext->sadb_ext_len))
8171 		return EINVAL;
8172 
8173 	/* if it does not match minimum/maximum length, bail */
8174 	if (ext->sadb_ext_type >= nitems(minsize) ||
8175 	    ext->sadb_ext_type >= nitems(maxsize))
8176 		return EINVAL;
8177 	if (!minsize[ext->sadb_ext_type] || len < minsize[ext->sadb_ext_type])
8178 		return EINVAL;
8179 	if (maxsize[ext->sadb_ext_type] && len > maxsize[ext->sadb_ext_type])
8180 		return EINVAL;
8181 
8182 	/* more checks based on sadb_ext_type XXX need more */
8183 	switch (ext->sadb_ext_type) {
8184 	case SADB_EXT_ADDRESS_SRC:
8185 	case SADB_EXT_ADDRESS_DST:
8186 	case SADB_EXT_ADDRESS_PROXY:
8187 	case SADB_X_EXT_NAT_T_OAI:
8188 	case SADB_X_EXT_NAT_T_OAR:
8189 	case SADB_X_EXT_NEW_ADDRESS_SRC:
8190 	case SADB_X_EXT_NEW_ADDRESS_DST:
8191 		baselen = PFKEY_ALIGN8(sizeof(struct sadb_address));
8192 		checktype = ADDR;
8193 		break;
8194 	case SADB_EXT_IDENTITY_SRC:
8195 	case SADB_EXT_IDENTITY_DST:
8196 		if (((const struct sadb_ident *)ext)->sadb_ident_type ==
8197 		    SADB_X_IDENTTYPE_ADDR) {
8198 			baselen = PFKEY_ALIGN8(sizeof(struct sadb_ident));
8199 			checktype = ADDR;
8200 		} else
8201 			checktype = NONE;
8202 		break;
8203 	default:
8204 		checktype = NONE;
8205 		break;
8206 	}
8207 
8208 	switch (checktype) {
8209 	case NONE:
8210 		break;
8211 	case ADDR:
8212 		sa = (const struct sockaddr *)(((const u_int8_t*)ext)+baselen);
8213 		if (len < baselen + sal)
8214 			return EINVAL;
8215 		if (baselen + PFKEY_ALIGN8(sa->sa_len) != len)
8216 			return EINVAL;
8217 		break;
8218 	}
8219 
8220 	return 0;
8221 }
8222 
8223 void
8224 spdcache_init(void)
8225 {
8226 	int i;
8227 
8228 	TUNABLE_INT_FETCH("net.key.spdcache.maxentries",
8229 	    &V_key_spdcache_maxentries);
8230 	TUNABLE_INT_FETCH("net.key.spdcache.threshold",
8231 	    &V_key_spdcache_threshold);
8232 
8233 	if (V_key_spdcache_maxentries) {
8234 		V_key_spdcache_maxentries = MAX(V_key_spdcache_maxentries,
8235 		    SPDCACHE_MAX_ENTRIES_PER_HASH);
8236 		V_spdcachehashtbl = hashinit(V_key_spdcache_maxentries /
8237 		    SPDCACHE_MAX_ENTRIES_PER_HASH,
8238 		    M_IPSEC_SPDCACHE, &V_spdcachehash_mask);
8239 		V_key_spdcache_maxentries = (V_spdcachehash_mask + 1)
8240 		    * SPDCACHE_MAX_ENTRIES_PER_HASH;
8241 
8242 		V_spdcache_lock = malloc(sizeof(struct mtx) *
8243 		    (V_spdcachehash_mask + 1),
8244 		    M_IPSEC_SPDCACHE, M_WAITOK|M_ZERO);
8245 
8246 		for (i = 0; i < V_spdcachehash_mask + 1; ++i)
8247 			SPDCACHE_LOCK_INIT(i);
8248 	}
8249 }
8250 
8251 struct spdcache_entry *
8252 spdcache_entry_alloc(const struct secpolicyindex *spidx, struct secpolicy *sp)
8253 {
8254 	struct spdcache_entry *entry;
8255 
8256 	entry = malloc(sizeof(struct spdcache_entry),
8257 		    M_IPSEC_SPDCACHE, M_NOWAIT|M_ZERO);
8258 	if (entry == NULL)
8259 		return NULL;
8260 
8261 	if (sp != NULL)
8262 		SP_ADDREF(sp);
8263 
8264 	entry->spidx = *spidx;
8265 	entry->sp = sp;
8266 
8267 	return (entry);
8268 }
8269 
8270 void
8271 spdcache_entry_free(struct spdcache_entry *entry)
8272 {
8273 
8274 	if (entry->sp != NULL)
8275 		key_freesp(&entry->sp);
8276 	free(entry, M_IPSEC_SPDCACHE);
8277 }
8278 
8279 void
8280 spdcache_clear(void)
8281 {
8282 	struct spdcache_entry *entry;
8283 	int i;
8284 
8285 	for (i = 0; i < V_spdcachehash_mask + 1; ++i) {
8286 		SPDCACHE_LOCK(i);
8287 		while (!LIST_EMPTY(&V_spdcachehashtbl[i])) {
8288 			entry = LIST_FIRST(&V_spdcachehashtbl[i]);
8289 			LIST_REMOVE(entry, chain);
8290 			spdcache_entry_free(entry);
8291 		}
8292 		SPDCACHE_UNLOCK(i);
8293 	}
8294 }
8295 
8296 #ifdef VIMAGE
8297 void
8298 spdcache_destroy(void)
8299 {
8300 	int i;
8301 
8302 	if (SPDCACHE_ENABLED()) {
8303 		spdcache_clear();
8304 		hashdestroy(V_spdcachehashtbl, M_IPSEC_SPDCACHE, V_spdcachehash_mask);
8305 
8306 		for (i = 0; i < V_spdcachehash_mask + 1; ++i)
8307 			SPDCACHE_LOCK_DESTROY(i);
8308 
8309 		free(V_spdcache_lock, M_IPSEC_SPDCACHE);
8310 	}
8311 }
8312 #endif
8313 
8314 static void
8315 key_vnet_init(void *arg __unused)
8316 {
8317 	int i;
8318 
8319 	for (i = 0; i < IPSEC_DIR_MAX; i++) {
8320 		TAILQ_INIT(&V_sptree[i]);
8321 		TAILQ_INIT(&V_sptree_ifnet[i]);
8322 	}
8323 
8324 	TAILQ_INIT(&V_sahtree);
8325 	V_sphashtbl = hashinit(SPHASH_NHASH, M_IPSEC_SP, &V_sphash_mask);
8326 	V_savhashtbl = hashinit(SAVHASH_NHASH, M_IPSEC_SA, &V_savhash_mask);
8327 	V_sahaddrhashtbl = hashinit(SAHHASH_NHASH, M_IPSEC_SAH,
8328 	    &V_sahaddrhash_mask);
8329 	V_acqaddrhashtbl = hashinit(ACQHASH_NHASH, M_IPSEC_SAQ,
8330 	    &V_acqaddrhash_mask);
8331 	V_acqseqhashtbl = hashinit(ACQHASH_NHASH, M_IPSEC_SAQ,
8332 	    &V_acqseqhash_mask);
8333 
8334 	spdcache_init();
8335 
8336 	for (i = 0; i <= SADB_SATYPE_MAX; i++)
8337 		LIST_INIT(&V_regtree[i]);
8338 
8339 	LIST_INIT(&V_acqtree);
8340 	LIST_INIT(&V_spacqtree);
8341 }
8342 VNET_SYSINIT(key_vnet_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_SECOND,
8343     key_vnet_init, NULL);
8344 
8345 static void
8346 key_init(void *arg __unused)
8347 {
8348 
8349 	ipsec_key_lft_zone = uma_zcreate("IPsec SA lft_c",
8350 	    sizeof(uint64_t) * 2, NULL, NULL, NULL, NULL,
8351 	    UMA_ALIGN_PTR, UMA_ZONE_PCPU);
8352 
8353 	SPTREE_LOCK_INIT();
8354 	REGTREE_LOCK_INIT();
8355 	SAHTREE_LOCK_INIT();
8356 	ACQ_LOCK_INIT();
8357 	SPACQ_LOCK_INIT();
8358 	SPI_ALLOC_LOCK_INIT();
8359 
8360 #ifndef IPSEC_DEBUG2
8361 	callout_init(&key_timer, 1);
8362 	callout_reset(&key_timer, hz, key_timehandler, NULL);
8363 #endif /*IPSEC_DEBUG2*/
8364 
8365 	/* initialize key statistics */
8366 	keystat.getspi_count = 1;
8367 
8368 	if (bootverbose)
8369 		printf("IPsec: Initialized Security Association Processing.\n");
8370 }
8371 SYSINIT(key_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_FIRST, key_init, NULL);
8372 
8373 #ifdef VIMAGE
8374 static void
8375 key_vnet_destroy(void *arg __unused)
8376 {
8377 	struct secashead_queue sahdrainq;
8378 	struct secpolicy_queue drainq;
8379 	struct secpolicy *sp, *nextsp;
8380 	struct secacq *acq, *nextacq;
8381 	struct secspacq *spacq, *nextspacq;
8382 	struct secashead *sah;
8383 	struct secasvar *sav;
8384 	struct secreg *reg;
8385 	int i;
8386 
8387 	/*
8388 	 * XXX: can we just call free() for each object without
8389 	 * walking through safe way with releasing references?
8390 	 */
8391 	TAILQ_INIT(&drainq);
8392 	SPTREE_WLOCK();
8393 	for (i = 0; i < IPSEC_DIR_MAX; i++) {
8394 		TAILQ_CONCAT(&drainq, &V_sptree[i], chain);
8395 		TAILQ_CONCAT(&drainq, &V_sptree_ifnet[i], chain);
8396 	}
8397 	for (i = 0; i < V_sphash_mask + 1; i++)
8398 		LIST_INIT(&V_sphashtbl[i]);
8399 	SPTREE_WUNLOCK();
8400 	spdcache_destroy();
8401 
8402 	sp = TAILQ_FIRST(&drainq);
8403 	while (sp != NULL) {
8404 		nextsp = TAILQ_NEXT(sp, chain);
8405 		key_freesp(&sp);
8406 		sp = nextsp;
8407 	}
8408 
8409 	TAILQ_INIT(&sahdrainq);
8410 	SAHTREE_WLOCK();
8411 	TAILQ_CONCAT(&sahdrainq, &V_sahtree, chain);
8412 	for (i = 0; i < V_savhash_mask + 1; i++)
8413 		LIST_INIT(&V_savhashtbl[i]);
8414 	for (i = 0; i < V_sahaddrhash_mask + 1; i++)
8415 		LIST_INIT(&V_sahaddrhashtbl[i]);
8416 	TAILQ_FOREACH(sah, &sahdrainq, chain) {
8417 		sah->state = SADB_SASTATE_DEAD;
8418 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
8419 			sav->state = SADB_SASTATE_DEAD;
8420 		}
8421 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
8422 			sav->state = SADB_SASTATE_DEAD;
8423 		}
8424 	}
8425 	SAHTREE_WUNLOCK();
8426 
8427 	key_freesah_flushed(&sahdrainq);
8428 	hashdestroy(V_sphashtbl, M_IPSEC_SP, V_sphash_mask);
8429 	hashdestroy(V_savhashtbl, M_IPSEC_SA, V_savhash_mask);
8430 	hashdestroy(V_sahaddrhashtbl, M_IPSEC_SAH, V_sahaddrhash_mask);
8431 
8432 	REGTREE_LOCK();
8433 	for (i = 0; i <= SADB_SATYPE_MAX; i++) {
8434 		LIST_FOREACH(reg, &V_regtree[i], chain) {
8435 			if (__LIST_CHAINED(reg)) {
8436 				LIST_REMOVE(reg, chain);
8437 				free(reg, M_IPSEC_SAR);
8438 				break;
8439 			}
8440 		}
8441 	}
8442 	REGTREE_UNLOCK();
8443 
8444 	ACQ_LOCK();
8445 	acq = LIST_FIRST(&V_acqtree);
8446 	while (acq != NULL) {
8447 		nextacq = LIST_NEXT(acq, chain);
8448 		LIST_REMOVE(acq, chain);
8449 		free(acq, M_IPSEC_SAQ);
8450 		acq = nextacq;
8451 	}
8452 	for (i = 0; i < V_acqaddrhash_mask + 1; i++)
8453 		LIST_INIT(&V_acqaddrhashtbl[i]);
8454 	for (i = 0; i < V_acqseqhash_mask + 1; i++)
8455 		LIST_INIT(&V_acqseqhashtbl[i]);
8456 	ACQ_UNLOCK();
8457 
8458 	SPACQ_LOCK();
8459 	for (spacq = LIST_FIRST(&V_spacqtree); spacq != NULL;
8460 	    spacq = nextspacq) {
8461 		nextspacq = LIST_NEXT(spacq, chain);
8462 		if (__LIST_CHAINED(spacq)) {
8463 			LIST_REMOVE(spacq, chain);
8464 			free(spacq, M_IPSEC_SAQ);
8465 		}
8466 	}
8467 	SPACQ_UNLOCK();
8468 	hashdestroy(V_acqaddrhashtbl, M_IPSEC_SAQ, V_acqaddrhash_mask);
8469 	hashdestroy(V_acqseqhashtbl, M_IPSEC_SAQ, V_acqseqhash_mask);
8470 }
8471 VNET_SYSUNINIT(key_vnet_destroy, SI_SUB_PROTO_DOMAIN, SI_ORDER_SECOND,
8472     key_vnet_destroy, NULL);
8473 #endif
8474 
8475 /*
8476  * XXX: as long as domains are not unloadable, this function is never called,
8477  * provided for consistensy and future unload support.
8478  */
8479 static void
8480 key_destroy(void *arg __unused)
8481 {
8482 	uma_zdestroy(ipsec_key_lft_zone);
8483 
8484 #ifndef IPSEC_DEBUG2
8485 	callout_drain(&key_timer);
8486 #endif
8487 	SPTREE_LOCK_DESTROY();
8488 	REGTREE_LOCK_DESTROY();
8489 	SAHTREE_LOCK_DESTROY();
8490 	ACQ_LOCK_DESTROY();
8491 	SPACQ_LOCK_DESTROY();
8492 	SPI_ALLOC_LOCK_DESTROY();
8493 }
8494 SYSUNINIT(key_destroy, SI_SUB_PROTO_DOMAIN, SI_ORDER_FIRST, key_destroy, NULL);
8495 
8496 /* record data transfer on SA, and update timestamps */
8497 void
8498 key_sa_recordxfer(struct secasvar *sav, struct mbuf *m)
8499 {
8500 	IPSEC_ASSERT(sav != NULL, ("Null secasvar"));
8501 	IPSEC_ASSERT(m != NULL, ("Null mbuf"));
8502 
8503 	/*
8504 	 * XXX Currently, there is a difference of bytes size
8505 	 * between inbound and outbound processing.
8506 	 */
8507 	counter_u64_add(sav->lft_c_bytes, m->m_pkthdr.len);
8508 
8509 	/*
8510 	 * We use the number of packets as the unit of
8511 	 * allocations.  We increment the variable
8512 	 * whenever {esp,ah}_{in,out}put is called.
8513 	 */
8514 	counter_u64_add(sav->lft_c_allocations, 1);
8515 
8516 	/*
8517 	 * NOTE: We record CURRENT usetime by using wall clock,
8518 	 * in seconds.  HARD and SOFT lifetime are measured by the time
8519 	 * difference (again in seconds) from usetime.
8520 	 *
8521 	 *	usetime
8522 	 *	v     expire   expire
8523 	 * -----+-----+--------+---> t
8524 	 *	<--------------> HARD
8525 	 *	<-----> SOFT
8526 	 */
8527 	if (sav->firstused == 0)
8528 		sav->firstused = time_second;
8529 }
8530 
8531 /*
8532  * Take one of the kernel's security keys and convert it into a PF_KEY
8533  * structure within an mbuf, suitable for sending up to a waiting
8534  * application in user land.
8535  *
8536  * IN:
8537  *    src: A pointer to a kernel security key.
8538  *    exttype: Which type of key this is. Refer to the PF_KEY data structures.
8539  * OUT:
8540  *    a valid mbuf or NULL indicating an error
8541  *
8542  */
8543 
8544 static struct mbuf *
8545 key_setkey(struct seckey *src, uint16_t exttype)
8546 {
8547 	struct mbuf *m;
8548 	struct sadb_key *p;
8549 	int len;
8550 
8551 	if (src == NULL)
8552 		return NULL;
8553 
8554 	len = PFKEY_ALIGN8(sizeof(struct sadb_key) + _KEYLEN(src));
8555 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
8556 	if (m == NULL)
8557 		return NULL;
8558 	m_align(m, len);
8559 	m->m_len = len;
8560 	p = mtod(m, struct sadb_key *);
8561 	bzero(p, len);
8562 	p->sadb_key_len = PFKEY_UNIT64(len);
8563 	p->sadb_key_exttype = exttype;
8564 	p->sadb_key_bits = src->bits;
8565 	bcopy(src->key_data, _KEYBUF(p), _KEYLEN(src));
8566 
8567 	return m;
8568 }
8569 
8570 /*
8571  * Take one of the kernel's lifetime data structures and convert it
8572  * into a PF_KEY structure within an mbuf, suitable for sending up to
8573  * a waiting application in user land.
8574  *
8575  * IN:
8576  *    src: A pointer to a kernel lifetime structure.
8577  *    exttype: Which type of lifetime this is. Refer to the PF_KEY
8578  *             data structures for more information.
8579  * OUT:
8580  *    a valid mbuf or NULL indicating an error
8581  *
8582  */
8583 
8584 static struct mbuf *
8585 key_setlifetime(struct seclifetime *src, uint16_t exttype)
8586 {
8587 	struct mbuf *m = NULL;
8588 	struct sadb_lifetime *p;
8589 	int len = PFKEY_ALIGN8(sizeof(struct sadb_lifetime));
8590 
8591 	if (src == NULL)
8592 		return NULL;
8593 
8594 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
8595 	if (m == NULL)
8596 		return m;
8597 	m_align(m, len);
8598 	m->m_len = len;
8599 	p = mtod(m, struct sadb_lifetime *);
8600 
8601 	bzero(p, len);
8602 	p->sadb_lifetime_len = PFKEY_UNIT64(len);
8603 	p->sadb_lifetime_exttype = exttype;
8604 	p->sadb_lifetime_allocations = src->allocations;
8605 	p->sadb_lifetime_bytes = src->bytes;
8606 	p->sadb_lifetime_addtime = src->addtime;
8607 	p->sadb_lifetime_usetime = src->usetime;
8608 
8609 	return m;
8610 
8611 }
8612 
8613 const struct enc_xform *
8614 enc_algorithm_lookup(int alg)
8615 {
8616 	int i;
8617 
8618 	for (i = 0; i < nitems(supported_ealgs); i++)
8619 		if (alg == supported_ealgs[i].sadb_alg)
8620 			return (supported_ealgs[i].xform);
8621 	return (NULL);
8622 }
8623 
8624 const struct auth_hash *
8625 auth_algorithm_lookup(int alg)
8626 {
8627 	int i;
8628 
8629 	for (i = 0; i < nitems(supported_aalgs); i++)
8630 		if (alg == supported_aalgs[i].sadb_alg)
8631 			return (supported_aalgs[i].xform);
8632 	return (NULL);
8633 }
8634 
8635 const struct comp_algo *
8636 comp_algorithm_lookup(int alg)
8637 {
8638 	int i;
8639 
8640 	for (i = 0; i < nitems(supported_calgs); i++)
8641 		if (alg == supported_calgs[i].sadb_alg)
8642 			return (supported_calgs[i].xform);
8643 	return (NULL);
8644 }
8645