xref: /freebsd/sys/netipsec/key.c (revision 5def4c47d4bd90b209b9b4a4ba9faec15846d8fd)
1 /*	$FreeBSD$	*/
2 /*	$KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $	*/
3 
4 /*-
5  * SPDX-License-Identifier: BSD-3-Clause
6  *
7  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
8  * All rights reserved.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of the project nor the names of its contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  */
34 
35 /*
36  * This code is referd to RFC 2367
37  */
38 
39 #include "opt_inet.h"
40 #include "opt_inet6.h"
41 #include "opt_ipsec.h"
42 
43 #include <sys/types.h>
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/kernel.h>
47 #include <sys/fnv_hash.h>
48 #include <sys/lock.h>
49 #include <sys/mutex.h>
50 #include <sys/mbuf.h>
51 #include <sys/domain.h>
52 #include <sys/protosw.h>
53 #include <sys/malloc.h>
54 #include <sys/rmlock.h>
55 #include <sys/socket.h>
56 #include <sys/socketvar.h>
57 #include <sys/sysctl.h>
58 #include <sys/errno.h>
59 #include <sys/proc.h>
60 #include <sys/queue.h>
61 #include <sys/refcount.h>
62 #include <sys/syslog.h>
63 
64 #include <vm/uma.h>
65 
66 #include <net/if.h>
67 #include <net/if_var.h>
68 #include <net/vnet.h>
69 #include <net/raw_cb.h>
70 
71 #include <netinet/in.h>
72 #include <netinet/in_systm.h>
73 #include <netinet/ip.h>
74 #include <netinet/in_var.h>
75 #include <netinet/udp.h>
76 
77 #ifdef INET6
78 #include <netinet/ip6.h>
79 #include <netinet6/in6_var.h>
80 #include <netinet6/ip6_var.h>
81 #endif /* INET6 */
82 
83 #include <net/pfkeyv2.h>
84 #include <netipsec/keydb.h>
85 #include <netipsec/key.h>
86 #include <netipsec/keysock.h>
87 #include <netipsec/key_debug.h>
88 
89 #include <netipsec/ipsec.h>
90 #ifdef INET6
91 #include <netipsec/ipsec6.h>
92 #endif
93 
94 #include <netipsec/xform.h>
95 #include <machine/in_cksum.h>
96 #include <machine/stdarg.h>
97 
98 /* randomness */
99 #include <sys/random.h>
100 
101 #define FULLMASK	0xff
102 #define	_BITS(bytes)	((bytes) << 3)
103 
104 #define	UINT32_80PCT	0xcccccccc
105 /*
106  * Note on SA reference counting:
107  * - SAs that are not in DEAD state will have (total external reference + 1)
108  *   following value in reference count field.  they cannot be freed and are
109  *   referenced from SA header.
110  * - SAs that are in DEAD state will have (total external reference)
111  *   in reference count field.  they are ready to be freed.  reference from
112  *   SA header will be removed in key_delsav(), when the reference count
113  *   field hits 0 (= no external reference other than from SA header.
114  */
115 
116 VNET_DEFINE(u_int32_t, key_debug_level) = 0;
117 VNET_DEFINE_STATIC(u_int, key_spi_trycnt) = 1000;
118 VNET_DEFINE_STATIC(u_int32_t, key_spi_minval) = 0x100;
119 VNET_DEFINE_STATIC(u_int32_t, key_spi_maxval) = 0x0fffffff;	/* XXX */
120 VNET_DEFINE_STATIC(u_int32_t, policy_id) = 0;
121 /*interval to initialize randseed,1(m)*/
122 VNET_DEFINE_STATIC(u_int, key_int_random) = 60;
123 /* interval to expire acquiring, 30(s)*/
124 VNET_DEFINE_STATIC(u_int, key_larval_lifetime) = 30;
125 /* counter for blocking SADB_ACQUIRE.*/
126 VNET_DEFINE_STATIC(int, key_blockacq_count) = 10;
127 /* lifetime for blocking SADB_ACQUIRE.*/
128 VNET_DEFINE_STATIC(int, key_blockacq_lifetime) = 20;
129 /* preferred old sa rather than new sa.*/
130 VNET_DEFINE_STATIC(int, key_preferred_oldsa) = 1;
131 #define	V_key_spi_trycnt	VNET(key_spi_trycnt)
132 #define	V_key_spi_minval	VNET(key_spi_minval)
133 #define	V_key_spi_maxval	VNET(key_spi_maxval)
134 #define	V_policy_id		VNET(policy_id)
135 #define	V_key_int_random	VNET(key_int_random)
136 #define	V_key_larval_lifetime	VNET(key_larval_lifetime)
137 #define	V_key_blockacq_count	VNET(key_blockacq_count)
138 #define	V_key_blockacq_lifetime	VNET(key_blockacq_lifetime)
139 #define	V_key_preferred_oldsa	VNET(key_preferred_oldsa)
140 
141 VNET_DEFINE_STATIC(u_int32_t, acq_seq) = 0;
142 #define	V_acq_seq		VNET(acq_seq)
143 
144 VNET_DEFINE_STATIC(uint32_t, sp_genid) = 0;
145 #define	V_sp_genid		VNET(sp_genid)
146 
147 /* SPD */
148 TAILQ_HEAD(secpolicy_queue, secpolicy);
149 LIST_HEAD(secpolicy_list, secpolicy);
150 VNET_DEFINE_STATIC(struct secpolicy_queue, sptree[IPSEC_DIR_MAX]);
151 VNET_DEFINE_STATIC(struct secpolicy_queue, sptree_ifnet[IPSEC_DIR_MAX]);
152 static struct rmlock sptree_lock;
153 #define	V_sptree		VNET(sptree)
154 #define	V_sptree_ifnet		VNET(sptree_ifnet)
155 #define	SPTREE_LOCK_INIT()      rm_init(&sptree_lock, "sptree")
156 #define	SPTREE_LOCK_DESTROY()   rm_destroy(&sptree_lock)
157 #define	SPTREE_RLOCK_TRACKER    struct rm_priotracker sptree_tracker
158 #define	SPTREE_RLOCK()          rm_rlock(&sptree_lock, &sptree_tracker)
159 #define	SPTREE_RUNLOCK()        rm_runlock(&sptree_lock, &sptree_tracker)
160 #define	SPTREE_RLOCK_ASSERT()   rm_assert(&sptree_lock, RA_RLOCKED)
161 #define	SPTREE_WLOCK()          rm_wlock(&sptree_lock)
162 #define	SPTREE_WUNLOCK()        rm_wunlock(&sptree_lock)
163 #define	SPTREE_WLOCK_ASSERT()   rm_assert(&sptree_lock, RA_WLOCKED)
164 #define	SPTREE_UNLOCK_ASSERT()  rm_assert(&sptree_lock, RA_UNLOCKED)
165 
166 /* Hash table for lookup SP using unique id */
167 VNET_DEFINE_STATIC(struct secpolicy_list *, sphashtbl);
168 VNET_DEFINE_STATIC(u_long, sphash_mask);
169 #define	V_sphashtbl		VNET(sphashtbl)
170 #define	V_sphash_mask		VNET(sphash_mask)
171 
172 #define	SPHASH_NHASH_LOG2	7
173 #define	SPHASH_NHASH		(1 << SPHASH_NHASH_LOG2)
174 #define	SPHASH_HASHVAL(id)	(key_u32hash(id) & V_sphash_mask)
175 #define	SPHASH_HASH(id)		&V_sphashtbl[SPHASH_HASHVAL(id)]
176 
177 /* SPD cache */
178 struct spdcache_entry {
179    struct secpolicyindex spidx;	/* secpolicyindex */
180    struct secpolicy *sp;	/* cached policy to be used */
181 
182    LIST_ENTRY(spdcache_entry) chain;
183 };
184 LIST_HEAD(spdcache_entry_list, spdcache_entry);
185 
186 #define	SPDCACHE_MAX_ENTRIES_PER_HASH	8
187 
188 VNET_DEFINE_STATIC(u_int, key_spdcache_maxentries) = 0;
189 #define	V_key_spdcache_maxentries	VNET(key_spdcache_maxentries)
190 VNET_DEFINE_STATIC(u_int, key_spdcache_threshold) = 32;
191 #define	V_key_spdcache_threshold	VNET(key_spdcache_threshold)
192 VNET_DEFINE_STATIC(unsigned long, spd_size) = 0;
193 #define	V_spd_size		VNET(spd_size)
194 
195 #define SPDCACHE_ENABLED()	(V_key_spdcache_maxentries != 0)
196 #define SPDCACHE_ACTIVE() \
197 	(SPDCACHE_ENABLED() && V_spd_size >= V_key_spdcache_threshold)
198 
199 VNET_DEFINE_STATIC(struct spdcache_entry_list *, spdcachehashtbl);
200 VNET_DEFINE_STATIC(u_long, spdcachehash_mask);
201 #define	V_spdcachehashtbl	VNET(spdcachehashtbl)
202 #define	V_spdcachehash_mask	VNET(spdcachehash_mask)
203 
204 #define	SPDCACHE_HASHVAL(idx) \
205 	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->ul_proto) &  \
206 	    V_spdcachehash_mask)
207 
208 /* Each cache line is protected by a mutex */
209 VNET_DEFINE_STATIC(struct mtx *, spdcache_lock);
210 #define	V_spdcache_lock		VNET(spdcache_lock)
211 
212 #define	SPDCACHE_LOCK_INIT(a) \
213 	mtx_init(&V_spdcache_lock[a], "spdcache", \
214 	    "fast ipsec SPD cache", MTX_DEF|MTX_DUPOK)
215 #define	SPDCACHE_LOCK_DESTROY(a)	mtx_destroy(&V_spdcache_lock[a])
216 #define	SPDCACHE_LOCK(a)		mtx_lock(&V_spdcache_lock[a]);
217 #define	SPDCACHE_UNLOCK(a)		mtx_unlock(&V_spdcache_lock[a]);
218 
219 /* SAD */
220 TAILQ_HEAD(secashead_queue, secashead);
221 LIST_HEAD(secashead_list, secashead);
222 VNET_DEFINE_STATIC(struct secashead_queue, sahtree);
223 static struct rmlock sahtree_lock;
224 #define	V_sahtree		VNET(sahtree)
225 #define	SAHTREE_LOCK_INIT()	rm_init(&sahtree_lock, "sahtree")
226 #define	SAHTREE_LOCK_DESTROY()	rm_destroy(&sahtree_lock)
227 #define	SAHTREE_RLOCK_TRACKER	struct rm_priotracker sahtree_tracker
228 #define	SAHTREE_RLOCK()		rm_rlock(&sahtree_lock, &sahtree_tracker)
229 #define	SAHTREE_RUNLOCK()	rm_runlock(&sahtree_lock, &sahtree_tracker)
230 #define	SAHTREE_RLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_RLOCKED)
231 #define	SAHTREE_WLOCK()		rm_wlock(&sahtree_lock)
232 #define	SAHTREE_WUNLOCK()	rm_wunlock(&sahtree_lock)
233 #define	SAHTREE_WLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_WLOCKED)
234 #define	SAHTREE_UNLOCK_ASSERT()	rm_assert(&sahtree_lock, RA_UNLOCKED)
235 
236 /* Hash table for lookup in SAD using SA addresses */
237 VNET_DEFINE_STATIC(struct secashead_list *, sahaddrhashtbl);
238 VNET_DEFINE_STATIC(u_long, sahaddrhash_mask);
239 #define	V_sahaddrhashtbl	VNET(sahaddrhashtbl)
240 #define	V_sahaddrhash_mask	VNET(sahaddrhash_mask)
241 
242 #define	SAHHASH_NHASH_LOG2	7
243 #define	SAHHASH_NHASH		(1 << SAHHASH_NHASH_LOG2)
244 #define	SAHADDRHASH_HASHVAL(idx)	\
245 	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->proto) & \
246 	    V_sahaddrhash_mask)
247 #define	SAHADDRHASH_HASH(saidx)		\
248     &V_sahaddrhashtbl[SAHADDRHASH_HASHVAL(saidx)]
249 
250 /* Hash table for lookup in SAD using SPI */
251 LIST_HEAD(secasvar_list, secasvar);
252 VNET_DEFINE_STATIC(struct secasvar_list *, savhashtbl);
253 VNET_DEFINE_STATIC(u_long, savhash_mask);
254 #define	V_savhashtbl		VNET(savhashtbl)
255 #define	V_savhash_mask		VNET(savhash_mask)
256 #define	SAVHASH_NHASH_LOG2	7
257 #define	SAVHASH_NHASH		(1 << SAVHASH_NHASH_LOG2)
258 #define	SAVHASH_HASHVAL(spi)	(key_u32hash(spi) & V_savhash_mask)
259 #define	SAVHASH_HASH(spi)	&V_savhashtbl[SAVHASH_HASHVAL(spi)]
260 
261 static uint32_t
262 key_addrprotohash(const union sockaddr_union *src,
263     const union sockaddr_union *dst, const uint8_t *proto)
264 {
265 	uint32_t hval;
266 
267 	hval = fnv_32_buf(proto, sizeof(*proto),
268 	    FNV1_32_INIT);
269 	switch (dst->sa.sa_family) {
270 #ifdef INET
271 	case AF_INET:
272 		hval = fnv_32_buf(&src->sin.sin_addr,
273 		    sizeof(in_addr_t), hval);
274 		hval = fnv_32_buf(&dst->sin.sin_addr,
275 		    sizeof(in_addr_t), hval);
276 		break;
277 #endif
278 #ifdef INET6
279 	case AF_INET6:
280 		hval = fnv_32_buf(&src->sin6.sin6_addr,
281 		    sizeof(struct in6_addr), hval);
282 		hval = fnv_32_buf(&dst->sin6.sin6_addr,
283 		    sizeof(struct in6_addr), hval);
284 		break;
285 #endif
286 	default:
287 		hval = 0;
288 		ipseclog((LOG_DEBUG, "%s: unknown address family %d\n",
289 		    __func__, dst->sa.sa_family));
290 	}
291 	return (hval);
292 }
293 
294 static uint32_t
295 key_u32hash(uint32_t val)
296 {
297 
298 	return (fnv_32_buf(&val, sizeof(val), FNV1_32_INIT));
299 }
300 
301 							/* registed list */
302 VNET_DEFINE_STATIC(LIST_HEAD(_regtree, secreg), regtree[SADB_SATYPE_MAX + 1]);
303 #define	V_regtree		VNET(regtree)
304 static struct mtx regtree_lock;
305 #define	REGTREE_LOCK_INIT() \
306 	mtx_init(&regtree_lock, "regtree", "fast ipsec regtree", MTX_DEF)
307 #define	REGTREE_LOCK_DESTROY()	mtx_destroy(&regtree_lock)
308 #define	REGTREE_LOCK()		mtx_lock(&regtree_lock)
309 #define	REGTREE_UNLOCK()	mtx_unlock(&regtree_lock)
310 #define	REGTREE_LOCK_ASSERT()	mtx_assert(&regtree_lock, MA_OWNED)
311 
312 /* Acquiring list */
313 LIST_HEAD(secacq_list, secacq);
314 VNET_DEFINE_STATIC(struct secacq_list, acqtree);
315 #define	V_acqtree		VNET(acqtree)
316 static struct mtx acq_lock;
317 #define	ACQ_LOCK_INIT() \
318     mtx_init(&acq_lock, "acqtree", "ipsec SA acquiring list", MTX_DEF)
319 #define	ACQ_LOCK_DESTROY()	mtx_destroy(&acq_lock)
320 #define	ACQ_LOCK()		mtx_lock(&acq_lock)
321 #define	ACQ_UNLOCK()		mtx_unlock(&acq_lock)
322 #define	ACQ_LOCK_ASSERT()	mtx_assert(&acq_lock, MA_OWNED)
323 
324 /* Hash table for lookup in ACQ list using SA addresses */
325 VNET_DEFINE_STATIC(struct secacq_list *, acqaddrhashtbl);
326 VNET_DEFINE_STATIC(u_long, acqaddrhash_mask);
327 #define	V_acqaddrhashtbl	VNET(acqaddrhashtbl)
328 #define	V_acqaddrhash_mask	VNET(acqaddrhash_mask)
329 
330 /* Hash table for lookup in ACQ list using SEQ number */
331 VNET_DEFINE_STATIC(struct secacq_list *, acqseqhashtbl);
332 VNET_DEFINE_STATIC(u_long, acqseqhash_mask);
333 #define	V_acqseqhashtbl		VNET(acqseqhashtbl)
334 #define	V_acqseqhash_mask	VNET(acqseqhash_mask)
335 
336 #define	ACQHASH_NHASH_LOG2	7
337 #define	ACQHASH_NHASH		(1 << ACQHASH_NHASH_LOG2)
338 #define	ACQADDRHASH_HASHVAL(idx)	\
339 	(key_addrprotohash(&(idx)->src, &(idx)->dst, &(idx)->proto) & \
340 	    V_acqaddrhash_mask)
341 #define	ACQSEQHASH_HASHVAL(seq)		\
342     (key_u32hash(seq) & V_acqseqhash_mask)
343 #define	ACQADDRHASH_HASH(saidx)	\
344     &V_acqaddrhashtbl[ACQADDRHASH_HASHVAL(saidx)]
345 #define	ACQSEQHASH_HASH(seq)	\
346     &V_acqseqhashtbl[ACQSEQHASH_HASHVAL(seq)]
347 							/* SP acquiring list */
348 VNET_DEFINE_STATIC(LIST_HEAD(_spacqtree, secspacq), spacqtree);
349 #define	V_spacqtree		VNET(spacqtree)
350 static struct mtx spacq_lock;
351 #define	SPACQ_LOCK_INIT() \
352 	mtx_init(&spacq_lock, "spacqtree", \
353 		"fast ipsec security policy acquire list", MTX_DEF)
354 #define	SPACQ_LOCK_DESTROY()	mtx_destroy(&spacq_lock)
355 #define	SPACQ_LOCK()		mtx_lock(&spacq_lock)
356 #define	SPACQ_UNLOCK()		mtx_unlock(&spacq_lock)
357 #define	SPACQ_LOCK_ASSERT()	mtx_assert(&spacq_lock, MA_OWNED)
358 
359 static const int minsize[] = {
360 	sizeof(struct sadb_msg),	/* SADB_EXT_RESERVED */
361 	sizeof(struct sadb_sa),		/* SADB_EXT_SA */
362 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_CURRENT */
363 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_HARD */
364 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_SOFT */
365 	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_SRC */
366 	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_DST */
367 	sizeof(struct sadb_address),	/* SADB_EXT_ADDRESS_PROXY */
368 	sizeof(struct sadb_key),	/* SADB_EXT_KEY_AUTH */
369 	sizeof(struct sadb_key),	/* SADB_EXT_KEY_ENCRYPT */
370 	sizeof(struct sadb_ident),	/* SADB_EXT_IDENTITY_SRC */
371 	sizeof(struct sadb_ident),	/* SADB_EXT_IDENTITY_DST */
372 	sizeof(struct sadb_sens),	/* SADB_EXT_SENSITIVITY */
373 	sizeof(struct sadb_prop),	/* SADB_EXT_PROPOSAL */
374 	sizeof(struct sadb_supported),	/* SADB_EXT_SUPPORTED_AUTH */
375 	sizeof(struct sadb_supported),	/* SADB_EXT_SUPPORTED_ENCRYPT */
376 	sizeof(struct sadb_spirange),	/* SADB_EXT_SPIRANGE */
377 	0,				/* SADB_X_EXT_KMPRIVATE */
378 	sizeof(struct sadb_x_policy),	/* SADB_X_EXT_POLICY */
379 	sizeof(struct sadb_x_sa2),	/* SADB_X_SA2 */
380 	sizeof(struct sadb_x_nat_t_type),/* SADB_X_EXT_NAT_T_TYPE */
381 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */
382 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */
383 	sizeof(struct sadb_address),	/* SADB_X_EXT_NAT_T_OAI */
384 	sizeof(struct sadb_address),	/* SADB_X_EXT_NAT_T_OAR */
385 	sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
386 	sizeof(struct sadb_x_sa_replay), /* SADB_X_EXT_SA_REPLAY */
387 	sizeof(struct sadb_address),	/* SADB_X_EXT_NEW_ADDRESS_SRC */
388 	sizeof(struct sadb_address),	/* SADB_X_EXT_NEW_ADDRESS_DST */
389 };
390 _Static_assert(sizeof(minsize)/sizeof(int) == SADB_EXT_MAX + 1, "minsize size mismatch");
391 
392 static const int maxsize[] = {
393 	sizeof(struct sadb_msg),	/* SADB_EXT_RESERVED */
394 	sizeof(struct sadb_sa),		/* SADB_EXT_SA */
395 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_CURRENT */
396 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_HARD */
397 	sizeof(struct sadb_lifetime),	/* SADB_EXT_LIFETIME_SOFT */
398 	0,				/* SADB_EXT_ADDRESS_SRC */
399 	0,				/* SADB_EXT_ADDRESS_DST */
400 	0,				/* SADB_EXT_ADDRESS_PROXY */
401 	0,				/* SADB_EXT_KEY_AUTH */
402 	0,				/* SADB_EXT_KEY_ENCRYPT */
403 	0,				/* SADB_EXT_IDENTITY_SRC */
404 	0,				/* SADB_EXT_IDENTITY_DST */
405 	0,				/* SADB_EXT_SENSITIVITY */
406 	0,				/* SADB_EXT_PROPOSAL */
407 	0,				/* SADB_EXT_SUPPORTED_AUTH */
408 	0,				/* SADB_EXT_SUPPORTED_ENCRYPT */
409 	sizeof(struct sadb_spirange),	/* SADB_EXT_SPIRANGE */
410 	0,				/* SADB_X_EXT_KMPRIVATE */
411 	0,				/* SADB_X_EXT_POLICY */
412 	sizeof(struct sadb_x_sa2),	/* SADB_X_SA2 */
413 	sizeof(struct sadb_x_nat_t_type),/* SADB_X_EXT_NAT_T_TYPE */
414 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */
415 	sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */
416 	0,				/* SADB_X_EXT_NAT_T_OAI */
417 	0,				/* SADB_X_EXT_NAT_T_OAR */
418 	sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
419 	sizeof(struct sadb_x_sa_replay), /* SADB_X_EXT_SA_REPLAY */
420 	0,				/* SADB_X_EXT_NEW_ADDRESS_SRC */
421 	0,				/* SADB_X_EXT_NEW_ADDRESS_DST */
422 };
423 _Static_assert(sizeof(maxsize)/sizeof(int) == SADB_EXT_MAX + 1, "minsize size mismatch");
424 
425 /*
426  * Internal values for SA flags:
427  * SADB_X_EXT_F_CLONED means that SA was cloned by key_updateaddresses,
428  *	thus we will not free the most of SA content in key_delsav().
429  */
430 #define	SADB_X_EXT_F_CLONED	0x80000000
431 
432 #define	SADB_CHECKLEN(_mhp, _ext)			\
433     ((_mhp)->extlen[(_ext)] < minsize[(_ext)] || (maxsize[(_ext)] != 0 && \
434 	((_mhp)->extlen[(_ext)] > maxsize[(_ext)])))
435 #define	SADB_CHECKHDR(_mhp, _ext)	((_mhp)->ext[(_ext)] == NULL)
436 
437 VNET_DEFINE_STATIC(int, ipsec_esp_keymin) = 256;
438 VNET_DEFINE_STATIC(int, ipsec_esp_auth) = 0;
439 VNET_DEFINE_STATIC(int, ipsec_ah_keymin) = 128;
440 
441 #define	V_ipsec_esp_keymin	VNET(ipsec_esp_keymin)
442 #define	V_ipsec_esp_auth	VNET(ipsec_esp_auth)
443 #define	V_ipsec_ah_keymin	VNET(ipsec_ah_keymin)
444 
445 #ifdef IPSEC_DEBUG
446 VNET_DEFINE(int, ipsec_debug) = 1;
447 #else
448 VNET_DEFINE(int, ipsec_debug) = 0;
449 #endif
450 
451 #ifdef INET
452 SYSCTL_DECL(_net_inet_ipsec);
453 SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEBUG, debug,
454     CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0,
455     "Enable IPsec debugging output when set.");
456 #endif
457 #ifdef INET6
458 SYSCTL_DECL(_net_inet6_ipsec6);
459 SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_DEBUG, debug,
460     CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0,
461     "Enable IPsec debugging output when set.");
462 #endif
463 
464 SYSCTL_DECL(_net_key);
465 SYSCTL_INT(_net_key, KEYCTL_DEBUG_LEVEL,	debug,
466 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_debug_level), 0, "");
467 
468 /* max count of trial for the decision of spi value */
469 SYSCTL_INT(_net_key, KEYCTL_SPI_TRY, spi_trycnt,
470 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_trycnt), 0, "");
471 
472 /* minimum spi value to allocate automatically. */
473 SYSCTL_INT(_net_key, KEYCTL_SPI_MIN_VALUE, spi_minval,
474 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_minval), 0, "");
475 
476 /* maximun spi value to allocate automatically. */
477 SYSCTL_INT(_net_key, KEYCTL_SPI_MAX_VALUE, spi_maxval,
478 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_maxval), 0, "");
479 
480 /* interval to initialize randseed */
481 SYSCTL_INT(_net_key, KEYCTL_RANDOM_INT, int_random,
482 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_int_random), 0, "");
483 
484 /* lifetime for larval SA */
485 SYSCTL_INT(_net_key, KEYCTL_LARVAL_LIFETIME, larval_lifetime,
486 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_larval_lifetime), 0, "");
487 
488 /* counter for blocking to send SADB_ACQUIRE to IKEd */
489 SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_COUNT, blockacq_count,
490 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_count), 0, "");
491 
492 /* lifetime for blocking to send SADB_ACQUIRE to IKEd */
493 SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_LIFETIME, blockacq_lifetime,
494 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_lifetime), 0, "");
495 
496 /* ESP auth */
497 SYSCTL_INT(_net_key, KEYCTL_ESP_AUTH, esp_auth,
498 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_auth), 0, "");
499 
500 /* minimum ESP key length */
501 SYSCTL_INT(_net_key, KEYCTL_ESP_KEYMIN, esp_keymin,
502 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_keymin), 0, "");
503 
504 /* minimum AH key length */
505 SYSCTL_INT(_net_key, KEYCTL_AH_KEYMIN, ah_keymin,
506 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_ah_keymin), 0, "");
507 
508 /* perfered old SA rather than new SA */
509 SYSCTL_INT(_net_key, KEYCTL_PREFERED_OLDSA, preferred_oldsa,
510 	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_preferred_oldsa), 0, "");
511 
512 static SYSCTL_NODE(_net_key, OID_AUTO, spdcache,
513     CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
514     "SPD cache");
515 
516 SYSCTL_UINT(_net_key_spdcache, OID_AUTO, maxentries,
517 	CTLFLAG_VNET | CTLFLAG_RDTUN, &VNET_NAME(key_spdcache_maxentries), 0,
518 	"Maximum number of entries in the SPD cache"
519 	" (power of 2, 0 to disable)");
520 
521 SYSCTL_UINT(_net_key_spdcache, OID_AUTO, threshold,
522 	CTLFLAG_VNET | CTLFLAG_RDTUN, &VNET_NAME(key_spdcache_threshold), 0,
523 	"Number of SPs that make the SPD cache active");
524 
525 #define __LIST_CHAINED(elm) \
526 	(!((elm)->chain.le_next == NULL && (elm)->chain.le_prev == NULL))
527 
528 MALLOC_DEFINE(M_IPSEC_SA, "secasvar", "ipsec security association");
529 MALLOC_DEFINE(M_IPSEC_SAH, "sahead", "ipsec sa head");
530 MALLOC_DEFINE(M_IPSEC_SP, "ipsecpolicy", "ipsec security policy");
531 MALLOC_DEFINE(M_IPSEC_SR, "ipsecrequest", "ipsec security request");
532 MALLOC_DEFINE(M_IPSEC_MISC, "ipsec-misc", "ipsec miscellaneous");
533 MALLOC_DEFINE(M_IPSEC_SAQ, "ipsec-saq", "ipsec sa acquire");
534 MALLOC_DEFINE(M_IPSEC_SAR, "ipsec-reg", "ipsec sa acquire");
535 MALLOC_DEFINE(M_IPSEC_SPDCACHE, "ipsec-spdcache", "ipsec SPD cache");
536 
537 static uma_zone_t __read_mostly ipsec_key_lft_zone;
538 
539 /*
540  * set parameters into secpolicyindex buffer.
541  * Must allocate secpolicyindex buffer passed to this function.
542  */
543 #define KEY_SETSECSPIDX(_dir, s, d, ps, pd, ulp, idx) \
544 do { \
545 	bzero((idx), sizeof(struct secpolicyindex));                         \
546 	(idx)->dir = (_dir);                                                 \
547 	(idx)->prefs = (ps);                                                 \
548 	(idx)->prefd = (pd);                                                 \
549 	(idx)->ul_proto = (ulp);                                             \
550 	bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len);     \
551 	bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len);     \
552 } while (0)
553 
554 /*
555  * set parameters into secasindex buffer.
556  * Must allocate secasindex buffer before calling this function.
557  */
558 #define KEY_SETSECASIDX(p, m, r, s, d, idx) \
559 do { \
560 	bzero((idx), sizeof(struct secasindex));                             \
561 	(idx)->proto = (p);                                                  \
562 	(idx)->mode = (m);                                                   \
563 	(idx)->reqid = (r);                                                  \
564 	bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len);     \
565 	bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len);     \
566 	key_porttosaddr(&(idx)->src.sa, 0);				     \
567 	key_porttosaddr(&(idx)->dst.sa, 0);				     \
568 } while (0)
569 
570 /* key statistics */
571 struct _keystat {
572 	u_long getspi_count; /* the avarage of count to try to get new SPI */
573 } keystat;
574 
575 struct sadb_msghdr {
576 	struct sadb_msg *msg;
577 	struct sadb_ext *ext[SADB_EXT_MAX + 1];
578 	int extoff[SADB_EXT_MAX + 1];
579 	int extlen[SADB_EXT_MAX + 1];
580 };
581 
582 static struct supported_ealgs {
583 	int sadb_alg;
584 	const struct enc_xform *xform;
585 } supported_ealgs[] = {
586 	{ SADB_X_EALG_AES,		&enc_xform_rijndael128 },
587 	{ SADB_EALG_NULL,		&enc_xform_null },
588 	{ SADB_X_EALG_AESCTR,		&enc_xform_aes_icm },
589 	{ SADB_X_EALG_AESGCM16,		&enc_xform_aes_nist_gcm },
590 	{ SADB_X_EALG_AESGMAC,		&enc_xform_aes_nist_gmac },
591 };
592 
593 static struct supported_aalgs {
594 	int sadb_alg;
595 	const struct auth_hash *xform;
596 } supported_aalgs[] = {
597 	{ SADB_X_AALG_NULL,		&auth_hash_null },
598 	{ SADB_AALG_SHA1HMAC,		&auth_hash_hmac_sha1 },
599 	{ SADB_X_AALG_SHA2_256,		&auth_hash_hmac_sha2_256 },
600 	{ SADB_X_AALG_SHA2_384,		&auth_hash_hmac_sha2_384 },
601 	{ SADB_X_AALG_SHA2_512,		&auth_hash_hmac_sha2_512 },
602 	{ SADB_X_AALG_AES128GMAC,	&auth_hash_nist_gmac_aes_128 },
603 	{ SADB_X_AALG_AES192GMAC,	&auth_hash_nist_gmac_aes_192 },
604 	{ SADB_X_AALG_AES256GMAC,	&auth_hash_nist_gmac_aes_256 },
605 };
606 
607 static struct supported_calgs {
608 	int sadb_alg;
609 	const struct comp_algo *xform;
610 } supported_calgs[] = {
611 	{ SADB_X_CALG_DEFLATE,		&comp_algo_deflate },
612 };
613 
614 #ifndef IPSEC_DEBUG2
615 static struct callout key_timer;
616 #endif
617 
618 static void key_unlink(struct secpolicy *);
619 static struct secpolicy *key_do_allocsp(struct secpolicyindex *spidx, u_int dir);
620 static struct secpolicy *key_getsp(struct secpolicyindex *);
621 static struct secpolicy *key_getspbyid(u_int32_t);
622 static struct mbuf *key_gather_mbuf(struct mbuf *,
623 	const struct sadb_msghdr *, int, int, ...);
624 static int key_spdadd(struct socket *, struct mbuf *,
625 	const struct sadb_msghdr *);
626 static uint32_t key_getnewspid(void);
627 static int key_spddelete(struct socket *, struct mbuf *,
628 	const struct sadb_msghdr *);
629 static int key_spddelete2(struct socket *, struct mbuf *,
630 	const struct sadb_msghdr *);
631 static int key_spdget(struct socket *, struct mbuf *,
632 	const struct sadb_msghdr *);
633 static int key_spdflush(struct socket *, struct mbuf *,
634 	const struct sadb_msghdr *);
635 static int key_spddump(struct socket *, struct mbuf *,
636 	const struct sadb_msghdr *);
637 static struct mbuf *key_setdumpsp(struct secpolicy *,
638 	u_int8_t, u_int32_t, u_int32_t);
639 static struct mbuf *key_sp2mbuf(struct secpolicy *);
640 static size_t key_getspreqmsglen(struct secpolicy *);
641 static int key_spdexpire(struct secpolicy *);
642 static struct secashead *key_newsah(struct secasindex *);
643 static void key_freesah(struct secashead **);
644 static void key_delsah(struct secashead *);
645 static struct secasvar *key_newsav(const struct sadb_msghdr *,
646     struct secasindex *, uint32_t, int *);
647 static void key_delsav(struct secasvar *);
648 static void key_unlinksav(struct secasvar *);
649 static struct secashead *key_getsah(struct secasindex *);
650 static int key_checkspidup(uint32_t);
651 static struct secasvar *key_getsavbyspi(uint32_t);
652 static int key_setnatt(struct secasvar *, const struct sadb_msghdr *);
653 static int key_setsaval(struct secasvar *, const struct sadb_msghdr *);
654 static int key_updatelifetimes(struct secasvar *, const struct sadb_msghdr *);
655 static int key_updateaddresses(struct socket *, struct mbuf *,
656     const struct sadb_msghdr *, struct secasvar *, struct secasindex *);
657 
658 static struct mbuf *key_setdumpsa(struct secasvar *, u_int8_t,
659 	u_int8_t, u_int32_t, u_int32_t);
660 static struct mbuf *key_setsadbmsg(u_int8_t, u_int16_t, u_int8_t,
661 	u_int32_t, pid_t, u_int16_t);
662 static struct mbuf *key_setsadbsa(struct secasvar *);
663 static struct mbuf *key_setsadbaddr(u_int16_t,
664 	const struct sockaddr *, u_int8_t, u_int16_t);
665 static struct mbuf *key_setsadbxport(u_int16_t, u_int16_t);
666 static struct mbuf *key_setsadbxtype(u_int16_t);
667 static struct mbuf *key_setsadbxsa2(u_int8_t, u_int32_t, u_int32_t);
668 static struct mbuf *key_setsadbxsareplay(u_int32_t);
669 static struct mbuf *key_setsadbxpolicy(u_int16_t, u_int8_t,
670 	u_int32_t, u_int32_t);
671 static struct seckey *key_dup_keymsg(const struct sadb_key *, size_t,
672     struct malloc_type *);
673 static struct seclifetime *key_dup_lifemsg(const struct sadb_lifetime *src,
674     struct malloc_type *);
675 
676 /* flags for key_cmpsaidx() */
677 #define CMP_HEAD	1	/* protocol, addresses. */
678 #define CMP_MODE_REQID	2	/* additionally HEAD, reqid, mode. */
679 #define CMP_REQID	3	/* additionally HEAD, reaid. */
680 #define CMP_EXACTLY	4	/* all elements. */
681 static int key_cmpsaidx(const struct secasindex *,
682     const struct secasindex *, int);
683 static int key_cmpspidx_exactly(struct secpolicyindex *,
684     struct secpolicyindex *);
685 static int key_cmpspidx_withmask(struct secpolicyindex *,
686     struct secpolicyindex *);
687 static int key_bbcmp(const void *, const void *, u_int);
688 static uint8_t key_satype2proto(uint8_t);
689 static uint8_t key_proto2satype(uint8_t);
690 
691 static int key_getspi(struct socket *, struct mbuf *,
692 	const struct sadb_msghdr *);
693 static uint32_t key_do_getnewspi(struct sadb_spirange *, struct secasindex *);
694 static int key_update(struct socket *, struct mbuf *,
695 	const struct sadb_msghdr *);
696 static int key_add(struct socket *, struct mbuf *,
697 	const struct sadb_msghdr *);
698 static int key_setident(struct secashead *, const struct sadb_msghdr *);
699 static struct mbuf *key_getmsgbuf_x1(struct mbuf *,
700 	const struct sadb_msghdr *);
701 static int key_delete(struct socket *, struct mbuf *,
702 	const struct sadb_msghdr *);
703 static int key_delete_all(struct socket *, struct mbuf *,
704 	const struct sadb_msghdr *, struct secasindex *);
705 static int key_get(struct socket *, struct mbuf *,
706 	const struct sadb_msghdr *);
707 
708 static void key_getcomb_setlifetime(struct sadb_comb *);
709 static struct mbuf *key_getcomb_ealg(void);
710 static struct mbuf *key_getcomb_ah(void);
711 static struct mbuf *key_getcomb_ipcomp(void);
712 static struct mbuf *key_getprop(const struct secasindex *);
713 
714 static int key_acquire(const struct secasindex *, struct secpolicy *);
715 static uint32_t key_newacq(const struct secasindex *, int *);
716 static uint32_t key_getacq(const struct secasindex *, int *);
717 static int key_acqdone(const struct secasindex *, uint32_t);
718 static int key_acqreset(uint32_t);
719 static struct secspacq *key_newspacq(struct secpolicyindex *);
720 static struct secspacq *key_getspacq(struct secpolicyindex *);
721 static int key_acquire2(struct socket *, struct mbuf *,
722 	const struct sadb_msghdr *);
723 static int key_register(struct socket *, struct mbuf *,
724 	const struct sadb_msghdr *);
725 static int key_expire(struct secasvar *, int);
726 static int key_flush(struct socket *, struct mbuf *,
727 	const struct sadb_msghdr *);
728 static int key_dump(struct socket *, struct mbuf *,
729 	const struct sadb_msghdr *);
730 static int key_promisc(struct socket *, struct mbuf *,
731 	const struct sadb_msghdr *);
732 static int key_senderror(struct socket *, struct mbuf *, int);
733 static int key_validate_ext(const struct sadb_ext *, int);
734 static int key_align(struct mbuf *, struct sadb_msghdr *);
735 static struct mbuf *key_setlifetime(struct seclifetime *, uint16_t);
736 static struct mbuf *key_setkey(struct seckey *, uint16_t);
737 
738 static void spdcache_init(void);
739 static void spdcache_clear(void);
740 static struct spdcache_entry *spdcache_entry_alloc(
741 	const struct secpolicyindex *spidx,
742 	struct secpolicy *policy);
743 static void spdcache_entry_free(struct spdcache_entry *entry);
744 #ifdef VIMAGE
745 static void spdcache_destroy(void);
746 #endif
747 
748 #define	DBG_IPSEC_INITREF(t, p)	do {				\
749 	refcount_init(&(p)->refcnt, 1);				\
750 	KEYDBG(KEY_STAMP,					\
751 	    printf("%s: Initialize refcnt %s(%p) = %u\n",	\
752 	    __func__, #t, (p), (p)->refcnt));			\
753 } while (0)
754 #define	DBG_IPSEC_ADDREF(t, p)	do {				\
755 	refcount_acquire(&(p)->refcnt);				\
756 	KEYDBG(KEY_STAMP,					\
757 	    printf("%s: Acquire refcnt %s(%p) -> %u\n",		\
758 	    __func__, #t, (p), (p)->refcnt));			\
759 } while (0)
760 #define	DBG_IPSEC_DELREF(t, p)	do {				\
761 	KEYDBG(KEY_STAMP,					\
762 	    printf("%s: Release refcnt %s(%p) -> %u\n",		\
763 	    __func__, #t, (p), (p)->refcnt - 1));		\
764 	refcount_release(&(p)->refcnt);				\
765 } while (0)
766 
767 #define	IPSEC_INITREF(t, p)	refcount_init(&(p)->refcnt, 1)
768 #define	IPSEC_ADDREF(t, p)	refcount_acquire(&(p)->refcnt)
769 #define	IPSEC_DELREF(t, p)	refcount_release(&(p)->refcnt)
770 
771 #define	SP_INITREF(p)	IPSEC_INITREF(SP, p)
772 #define	SP_ADDREF(p)	IPSEC_ADDREF(SP, p)
773 #define	SP_DELREF(p)	IPSEC_DELREF(SP, p)
774 
775 #define	SAH_INITREF(p)	IPSEC_INITREF(SAH, p)
776 #define	SAH_ADDREF(p)	IPSEC_ADDREF(SAH, p)
777 #define	SAH_DELREF(p)	IPSEC_DELREF(SAH, p)
778 
779 #define	SAV_INITREF(p)	IPSEC_INITREF(SAV, p)
780 #define	SAV_ADDREF(p)	IPSEC_ADDREF(SAV, p)
781 #define	SAV_DELREF(p)	IPSEC_DELREF(SAV, p)
782 
783 /*
784  * Update the refcnt while holding the SPTREE lock.
785  */
786 void
787 key_addref(struct secpolicy *sp)
788 {
789 
790 	SP_ADDREF(sp);
791 }
792 
793 /*
794  * Return 0 when there are known to be no SP's for the specified
795  * direction.  Otherwise return 1.  This is used by IPsec code
796  * to optimize performance.
797  */
798 int
799 key_havesp(u_int dir)
800 {
801 
802 	return (dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND ?
803 		TAILQ_FIRST(&V_sptree[dir]) != NULL : 1);
804 }
805 
806 /* %%% IPsec policy management */
807 /*
808  * Return current SPDB generation.
809  */
810 uint32_t
811 key_getspgen(void)
812 {
813 
814 	return (V_sp_genid);
815 }
816 
817 void
818 key_bumpspgen(void)
819 {
820 
821 	V_sp_genid++;
822 }
823 
824 static int
825 key_checksockaddrs(struct sockaddr *src, struct sockaddr *dst)
826 {
827 
828 	/* family match */
829 	if (src->sa_family != dst->sa_family)
830 		return (EINVAL);
831 	/* sa_len match */
832 	if (src->sa_len != dst->sa_len)
833 		return (EINVAL);
834 	switch (src->sa_family) {
835 #ifdef INET
836 	case AF_INET:
837 		if (src->sa_len != sizeof(struct sockaddr_in))
838 			return (EINVAL);
839 		break;
840 #endif
841 #ifdef INET6
842 	case AF_INET6:
843 		if (src->sa_len != sizeof(struct sockaddr_in6))
844 			return (EINVAL);
845 		break;
846 #endif
847 	default:
848 		return (EAFNOSUPPORT);
849 	}
850 	return (0);
851 }
852 
853 struct secpolicy *
854 key_do_allocsp(struct secpolicyindex *spidx, u_int dir)
855 {
856 	SPTREE_RLOCK_TRACKER;
857 	struct secpolicy *sp;
858 
859 	IPSEC_ASSERT(spidx != NULL, ("null spidx"));
860 	IPSEC_ASSERT(dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND,
861 		("invalid direction %u", dir));
862 
863 	SPTREE_RLOCK();
864 	TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
865 		if (key_cmpspidx_withmask(&sp->spidx, spidx)) {
866 			SP_ADDREF(sp);
867 			break;
868 		}
869 	}
870 	SPTREE_RUNLOCK();
871 	return (sp);
872 }
873 
874 /*
875  * allocating a SP for OUTBOUND or INBOUND packet.
876  * Must call key_freesp() later.
877  * OUT:	NULL:	not found
878  *	others:	found and return the pointer.
879  */
880 struct secpolicy *
881 key_allocsp(struct secpolicyindex *spidx, u_int dir)
882 {
883 	struct spdcache_entry *entry, *lastentry, *tmpentry;
884 	struct secpolicy *sp;
885 	uint32_t hashv;
886 	int nb_entries;
887 
888 	if (!SPDCACHE_ACTIVE()) {
889 		sp = key_do_allocsp(spidx, dir);
890 		goto out;
891 	}
892 
893 	hashv = SPDCACHE_HASHVAL(spidx);
894 	SPDCACHE_LOCK(hashv);
895 	nb_entries = 0;
896 	LIST_FOREACH_SAFE(entry, &V_spdcachehashtbl[hashv], chain, tmpentry) {
897 		/* Removed outdated entries */
898 		if (entry->sp != NULL &&
899 		    entry->sp->state == IPSEC_SPSTATE_DEAD) {
900 			LIST_REMOVE(entry, chain);
901 			spdcache_entry_free(entry);
902 			continue;
903 		}
904 
905 		nb_entries++;
906 		if (!key_cmpspidx_exactly(&entry->spidx, spidx)) {
907 			lastentry = entry;
908 			continue;
909 		}
910 
911 		sp = entry->sp;
912 		if (entry->sp != NULL)
913 			SP_ADDREF(sp);
914 
915 		/* IPSECSTAT_INC(ips_spdcache_hits); */
916 
917 		SPDCACHE_UNLOCK(hashv);
918 		goto out;
919 	}
920 
921 	/* IPSECSTAT_INC(ips_spdcache_misses); */
922 
923 	sp = key_do_allocsp(spidx, dir);
924 	entry = spdcache_entry_alloc(spidx, sp);
925 	if (entry != NULL) {
926 		if (nb_entries >= SPDCACHE_MAX_ENTRIES_PER_HASH) {
927 			LIST_REMOVE(lastentry, chain);
928 			spdcache_entry_free(lastentry);
929 		}
930 
931 		LIST_INSERT_HEAD(&V_spdcachehashtbl[hashv], entry, chain);
932 	}
933 
934 	SPDCACHE_UNLOCK(hashv);
935 
936 out:
937 	if (sp != NULL) {	/* found a SPD entry */
938 		sp->lastused = time_second;
939 		KEYDBG(IPSEC_STAMP,
940 		    printf("%s: return SP(%p)\n", __func__, sp));
941 		KEYDBG(IPSEC_DATA, kdebug_secpolicy(sp));
942 	} else {
943 		KEYDBG(IPSEC_DATA,
944 		    printf("%s: lookup failed for ", __func__);
945 		    kdebug_secpolicyindex(spidx, NULL));
946 	}
947 	return (sp);
948 }
949 
950 /*
951  * Allocating an SA entry for an *INBOUND* or *OUTBOUND* TCP packet, signed
952  * or should be signed by MD5 signature.
953  * We don't use key_allocsa() for such lookups, because we don't know SPI.
954  * Unlike ESP and AH protocols, SPI isn't transmitted in the TCP header with
955  * signed packet. We use SADB only as storage for password.
956  * OUT:	positive:	corresponding SA for given saidx found.
957  *	NULL:		SA not found
958  */
959 struct secasvar *
960 key_allocsa_tcpmd5(struct secasindex *saidx)
961 {
962 	SAHTREE_RLOCK_TRACKER;
963 	struct secashead *sah;
964 	struct secasvar *sav;
965 
966 	IPSEC_ASSERT(saidx->proto == IPPROTO_TCP,
967 	    ("unexpected security protocol %u", saidx->proto));
968 	IPSEC_ASSERT(saidx->mode == IPSEC_MODE_TCPMD5,
969 	    ("unexpected mode %u", saidx->mode));
970 
971 	SAHTREE_RLOCK();
972 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
973 		KEYDBG(IPSEC_DUMP,
974 		    printf("%s: checking SAH\n", __func__);
975 		    kdebug_secash(sah, "  "));
976 		if (sah->saidx.proto != IPPROTO_TCP)
977 			continue;
978 		if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
979 		    !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
980 			break;
981 	}
982 	if (sah != NULL) {
983 		if (V_key_preferred_oldsa)
984 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
985 		else
986 			sav = TAILQ_FIRST(&sah->savtree_alive);
987 		if (sav != NULL)
988 			SAV_ADDREF(sav);
989 	} else
990 		sav = NULL;
991 	SAHTREE_RUNLOCK();
992 
993 	if (sav != NULL) {
994 		KEYDBG(IPSEC_STAMP,
995 		    printf("%s: return SA(%p)\n", __func__, sav));
996 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
997 	} else {
998 		KEYDBG(IPSEC_STAMP,
999 		    printf("%s: SA not found\n", __func__));
1000 		KEYDBG(IPSEC_DATA, kdebug_secasindex(saidx, NULL));
1001 	}
1002 	return (sav);
1003 }
1004 
1005 /*
1006  * Allocating an SA entry for an *OUTBOUND* packet.
1007  * OUT:	positive:	corresponding SA for given saidx found.
1008  *	NULL:		SA not found, but will be acquired, check *error
1009  *			for acquiring status.
1010  */
1011 struct secasvar *
1012 key_allocsa_policy(struct secpolicy *sp, const struct secasindex *saidx,
1013     int *error)
1014 {
1015 	SAHTREE_RLOCK_TRACKER;
1016 	struct secashead *sah;
1017 	struct secasvar *sav;
1018 
1019 	IPSEC_ASSERT(saidx != NULL, ("null saidx"));
1020 	IPSEC_ASSERT(saidx->mode == IPSEC_MODE_TRANSPORT ||
1021 		saidx->mode == IPSEC_MODE_TUNNEL,
1022 		("unexpected policy %u", saidx->mode));
1023 
1024 	/*
1025 	 * We check new SA in the IPsec request because a different
1026 	 * SA may be involved each time this request is checked, either
1027 	 * because new SAs are being configured, or this request is
1028 	 * associated with an unconnected datagram socket, or this request
1029 	 * is associated with a system default policy.
1030 	 */
1031 	SAHTREE_RLOCK();
1032 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
1033 		KEYDBG(IPSEC_DUMP,
1034 		    printf("%s: checking SAH\n", __func__);
1035 		    kdebug_secash(sah, "  "));
1036 		if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID))
1037 			break;
1038 	}
1039 	if (sah != NULL) {
1040 		/*
1041 		 * Allocate the oldest SA available according to
1042 		 * draft-jenkins-ipsec-rekeying-03.
1043 		 */
1044 		if (V_key_preferred_oldsa)
1045 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1046 		else
1047 			sav = TAILQ_FIRST(&sah->savtree_alive);
1048 		if (sav != NULL)
1049 			SAV_ADDREF(sav);
1050 	} else
1051 		sav = NULL;
1052 	SAHTREE_RUNLOCK();
1053 
1054 	if (sav != NULL) {
1055 		*error = 0;
1056 		KEYDBG(IPSEC_STAMP,
1057 		    printf("%s: chosen SA(%p) for SP(%p)\n", __func__,
1058 			sav, sp));
1059 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1060 		return (sav); /* return referenced SA */
1061 	}
1062 
1063 	/* there is no SA */
1064 	*error = key_acquire(saidx, sp);
1065 	if ((*error) != 0)
1066 		ipseclog((LOG_DEBUG,
1067 		    "%s: error %d returned from key_acquire()\n",
1068 			__func__, *error));
1069 	KEYDBG(IPSEC_STAMP,
1070 	    printf("%s: acquire SA for SP(%p), error %d\n",
1071 		__func__, sp, *error));
1072 	KEYDBG(IPSEC_DATA, kdebug_secasindex(saidx, NULL));
1073 	return (NULL);
1074 }
1075 
1076 /*
1077  * allocating a usable SA entry for a *INBOUND* packet.
1078  * Must call key_freesav() later.
1079  * OUT: positive:	pointer to a usable sav (i.e. MATURE or DYING state).
1080  *	NULL:		not found, or error occurred.
1081  *
1082  * According to RFC 2401 SA is uniquely identified by a triple SPI,
1083  * destination address, and security protocol. But according to RFC 4301,
1084  * SPI by itself suffices to specify an SA.
1085  *
1086  * Note that, however, we do need to keep source address in IPsec SA.
1087  * IKE specification and PF_KEY specification do assume that we
1088  * keep source address in IPsec SA.  We see a tricky situation here.
1089  */
1090 struct secasvar *
1091 key_allocsa(union sockaddr_union *dst, uint8_t proto, uint32_t spi)
1092 {
1093 	SAHTREE_RLOCK_TRACKER;
1094 	struct secasvar *sav;
1095 
1096 	IPSEC_ASSERT(proto == IPPROTO_ESP || proto == IPPROTO_AH ||
1097 	    proto == IPPROTO_IPCOMP, ("unexpected security protocol %u",
1098 	    proto));
1099 
1100 	SAHTREE_RLOCK();
1101 	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
1102 		if (sav->spi == spi)
1103 			break;
1104 	}
1105 	/*
1106 	 * We use single SPI namespace for all protocols, so it is
1107 	 * impossible to have SPI duplicates in the SAVHASH.
1108 	 */
1109 	if (sav != NULL) {
1110 		if (sav->state != SADB_SASTATE_LARVAL &&
1111 		    sav->sah->saidx.proto == proto &&
1112 		    key_sockaddrcmp(&dst->sa,
1113 			&sav->sah->saidx.dst.sa, 0) == 0)
1114 			SAV_ADDREF(sav);
1115 		else
1116 			sav = NULL;
1117 	}
1118 	SAHTREE_RUNLOCK();
1119 
1120 	if (sav == NULL) {
1121 		KEYDBG(IPSEC_STAMP,
1122 		    char buf[IPSEC_ADDRSTRLEN];
1123 		    printf("%s: SA not found for spi %u proto %u dst %s\n",
1124 			__func__, ntohl(spi), proto, ipsec_address(dst, buf,
1125 			sizeof(buf))));
1126 	} else {
1127 		KEYDBG(IPSEC_STAMP,
1128 		    printf("%s: return SA(%p)\n", __func__, sav));
1129 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1130 	}
1131 	return (sav);
1132 }
1133 
1134 struct secasvar *
1135 key_allocsa_tunnel(union sockaddr_union *src, union sockaddr_union *dst,
1136     uint8_t proto)
1137 {
1138 	SAHTREE_RLOCK_TRACKER;
1139 	struct secasindex saidx;
1140 	struct secashead *sah;
1141 	struct secasvar *sav;
1142 
1143 	IPSEC_ASSERT(src != NULL, ("null src address"));
1144 	IPSEC_ASSERT(dst != NULL, ("null dst address"));
1145 
1146 	KEY_SETSECASIDX(proto, IPSEC_MODE_TUNNEL, 0, &src->sa,
1147 	    &dst->sa, &saidx);
1148 
1149 	sav = NULL;
1150 	SAHTREE_RLOCK();
1151 	LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
1152 		if (IPSEC_MODE_TUNNEL != sah->saidx.mode)
1153 			continue;
1154 		if (proto != sah->saidx.proto)
1155 			continue;
1156 		if (key_sockaddrcmp(&src->sa, &sah->saidx.src.sa, 0) != 0)
1157 			continue;
1158 		if (key_sockaddrcmp(&dst->sa, &sah->saidx.dst.sa, 0) != 0)
1159 			continue;
1160 		/* XXXAE: is key_preferred_oldsa reasonably?*/
1161 		if (V_key_preferred_oldsa)
1162 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1163 		else
1164 			sav = TAILQ_FIRST(&sah->savtree_alive);
1165 		if (sav != NULL) {
1166 			SAV_ADDREF(sav);
1167 			break;
1168 		}
1169 	}
1170 	SAHTREE_RUNLOCK();
1171 	KEYDBG(IPSEC_STAMP,
1172 	    printf("%s: return SA(%p)\n", __func__, sav));
1173 	if (sav != NULL)
1174 		KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
1175 	return (sav);
1176 }
1177 
1178 /*
1179  * Must be called after calling key_allocsp().
1180  */
1181 void
1182 key_freesp(struct secpolicy **spp)
1183 {
1184 	struct secpolicy *sp = *spp;
1185 
1186 	IPSEC_ASSERT(sp != NULL, ("null sp"));
1187 	if (SP_DELREF(sp) == 0)
1188 		return;
1189 
1190 	KEYDBG(IPSEC_STAMP,
1191 	    printf("%s: last reference to SP(%p)\n", __func__, sp));
1192 	KEYDBG(IPSEC_DATA, kdebug_secpolicy(sp));
1193 
1194 	*spp = NULL;
1195 	while (sp->tcount > 0)
1196 		ipsec_delisr(sp->req[--sp->tcount]);
1197 	free(sp, M_IPSEC_SP);
1198 }
1199 
1200 static void
1201 key_unlink(struct secpolicy *sp)
1202 {
1203 
1204 	IPSEC_ASSERT(sp->spidx.dir == IPSEC_DIR_INBOUND ||
1205 	    sp->spidx.dir == IPSEC_DIR_OUTBOUND,
1206 	    ("invalid direction %u", sp->spidx.dir));
1207 	SPTREE_UNLOCK_ASSERT();
1208 
1209 	KEYDBG(KEY_STAMP,
1210 	    printf("%s: SP(%p)\n", __func__, sp));
1211 	SPTREE_WLOCK();
1212 	if (sp->state != IPSEC_SPSTATE_ALIVE) {
1213 		/* SP is already unlinked */
1214 		SPTREE_WUNLOCK();
1215 		return;
1216 	}
1217 	sp->state = IPSEC_SPSTATE_DEAD;
1218 	TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain);
1219 	V_spd_size--;
1220 	LIST_REMOVE(sp, idhash);
1221 	V_sp_genid++;
1222 	SPTREE_WUNLOCK();
1223 	if (SPDCACHE_ENABLED())
1224 		spdcache_clear();
1225 	key_freesp(&sp);
1226 }
1227 
1228 /*
1229  * insert a secpolicy into the SP database. Lower priorities first
1230  */
1231 static void
1232 key_insertsp(struct secpolicy *newsp)
1233 {
1234 	struct secpolicy *sp;
1235 
1236 	SPTREE_WLOCK_ASSERT();
1237 	TAILQ_FOREACH(sp, &V_sptree[newsp->spidx.dir], chain) {
1238 		if (newsp->priority < sp->priority) {
1239 			TAILQ_INSERT_BEFORE(sp, newsp, chain);
1240 			goto done;
1241 		}
1242 	}
1243 	TAILQ_INSERT_TAIL(&V_sptree[newsp->spidx.dir], newsp, chain);
1244 done:
1245 	LIST_INSERT_HEAD(SPHASH_HASH(newsp->id), newsp, idhash);
1246 	newsp->state = IPSEC_SPSTATE_ALIVE;
1247 	V_spd_size++;
1248 	V_sp_genid++;
1249 }
1250 
1251 /*
1252  * Insert a bunch of VTI secpolicies into the SPDB.
1253  * We keep VTI policies in the separate list due to following reasons:
1254  * 1) they should be immutable to user's or some deamon's attempts to
1255  *    delete. The only way delete such policies - destroy or unconfigure
1256  *    corresponding virtual inteface.
1257  * 2) such policies have traffic selector that matches all traffic per
1258  *    address family.
1259  * Since all VTI policies have the same priority, we don't care about
1260  * policies order.
1261  */
1262 int
1263 key_register_ifnet(struct secpolicy **spp, u_int count)
1264 {
1265 	struct mbuf *m;
1266 	u_int i;
1267 
1268 	SPTREE_WLOCK();
1269 	/*
1270 	 * First of try to acquire id for each SP.
1271 	 */
1272 	for (i = 0; i < count; i++) {
1273 		IPSEC_ASSERT(spp[i]->spidx.dir == IPSEC_DIR_INBOUND ||
1274 		    spp[i]->spidx.dir == IPSEC_DIR_OUTBOUND,
1275 		    ("invalid direction %u", spp[i]->spidx.dir));
1276 
1277 		if ((spp[i]->id = key_getnewspid()) == 0) {
1278 			SPTREE_WUNLOCK();
1279 			return (EAGAIN);
1280 		}
1281 	}
1282 	for (i = 0; i < count; i++) {
1283 		TAILQ_INSERT_TAIL(&V_sptree_ifnet[spp[i]->spidx.dir],
1284 		    spp[i], chain);
1285 		/*
1286 		 * NOTE: despite the fact that we keep VTI SP in the
1287 		 * separate list, SPHASH contains policies from both
1288 		 * sources. Thus SADB_X_SPDGET will correctly return
1289 		 * SP by id, because it uses SPHASH for lookups.
1290 		 */
1291 		LIST_INSERT_HEAD(SPHASH_HASH(spp[i]->id), spp[i], idhash);
1292 		spp[i]->state = IPSEC_SPSTATE_IFNET;
1293 	}
1294 	SPTREE_WUNLOCK();
1295 	/*
1296 	 * Notify user processes about new SP.
1297 	 */
1298 	for (i = 0; i < count; i++) {
1299 		m = key_setdumpsp(spp[i], SADB_X_SPDADD, 0, 0);
1300 		if (m != NULL)
1301 			key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL);
1302 	}
1303 	return (0);
1304 }
1305 
1306 void
1307 key_unregister_ifnet(struct secpolicy **spp, u_int count)
1308 {
1309 	struct mbuf *m;
1310 	u_int i;
1311 
1312 	SPTREE_WLOCK();
1313 	for (i = 0; i < count; i++) {
1314 		IPSEC_ASSERT(spp[i]->spidx.dir == IPSEC_DIR_INBOUND ||
1315 		    spp[i]->spidx.dir == IPSEC_DIR_OUTBOUND,
1316 		    ("invalid direction %u", spp[i]->spidx.dir));
1317 
1318 		if (spp[i]->state != IPSEC_SPSTATE_IFNET)
1319 			continue;
1320 		spp[i]->state = IPSEC_SPSTATE_DEAD;
1321 		TAILQ_REMOVE(&V_sptree_ifnet[spp[i]->spidx.dir],
1322 		    spp[i], chain);
1323 		V_spd_size--;
1324 		LIST_REMOVE(spp[i], idhash);
1325 	}
1326 	SPTREE_WUNLOCK();
1327 	if (SPDCACHE_ENABLED())
1328 		spdcache_clear();
1329 
1330 	for (i = 0; i < count; i++) {
1331 		m = key_setdumpsp(spp[i], SADB_X_SPDDELETE, 0, 0);
1332 		if (m != NULL)
1333 			key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL);
1334 	}
1335 }
1336 
1337 /*
1338  * Must be called after calling key_allocsa().
1339  * This function is called by key_freesp() to free some SA allocated
1340  * for a policy.
1341  */
1342 void
1343 key_freesav(struct secasvar **psav)
1344 {
1345 	struct secasvar *sav = *psav;
1346 
1347 	IPSEC_ASSERT(sav != NULL, ("null sav"));
1348 	if (SAV_DELREF(sav) == 0)
1349 		return;
1350 
1351 	KEYDBG(IPSEC_STAMP,
1352 	    printf("%s: last reference to SA(%p)\n", __func__, sav));
1353 
1354 	*psav = NULL;
1355 	key_delsav(sav);
1356 }
1357 
1358 /*
1359  * Unlink SA from SAH and SPI hash under SAHTREE_WLOCK.
1360  * Expect that SA has extra reference due to lookup.
1361  * Release this references, also release SAH reference after unlink.
1362  */
1363 static void
1364 key_unlinksav(struct secasvar *sav)
1365 {
1366 	struct secashead *sah;
1367 
1368 	KEYDBG(KEY_STAMP,
1369 	    printf("%s: SA(%p)\n", __func__, sav));
1370 
1371 	SAHTREE_UNLOCK_ASSERT();
1372 	SAHTREE_WLOCK();
1373 	if (sav->state == SADB_SASTATE_DEAD) {
1374 		/* SA is already unlinked */
1375 		SAHTREE_WUNLOCK();
1376 		return;
1377 	}
1378 	/* Unlink from SAH */
1379 	if (sav->state == SADB_SASTATE_LARVAL)
1380 		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
1381 	else
1382 		TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
1383 	/* Unlink from SPI hash */
1384 	LIST_REMOVE(sav, spihash);
1385 	sav->state = SADB_SASTATE_DEAD;
1386 	sah = sav->sah;
1387 	SAHTREE_WUNLOCK();
1388 	key_freesav(&sav);
1389 	/* Since we are unlinked, release reference to SAH */
1390 	key_freesah(&sah);
1391 }
1392 
1393 /* %%% SPD management */
1394 /*
1395  * search SPD
1396  * OUT:	NULL	: not found
1397  *	others	: found, pointer to a SP.
1398  */
1399 static struct secpolicy *
1400 key_getsp(struct secpolicyindex *spidx)
1401 {
1402 	SPTREE_RLOCK_TRACKER;
1403 	struct secpolicy *sp;
1404 
1405 	IPSEC_ASSERT(spidx != NULL, ("null spidx"));
1406 
1407 	SPTREE_RLOCK();
1408 	TAILQ_FOREACH(sp, &V_sptree[spidx->dir], chain) {
1409 		if (key_cmpspidx_exactly(spidx, &sp->spidx)) {
1410 			SP_ADDREF(sp);
1411 			break;
1412 		}
1413 	}
1414 	SPTREE_RUNLOCK();
1415 
1416 	return sp;
1417 }
1418 
1419 /*
1420  * get SP by index.
1421  * OUT:	NULL	: not found
1422  *	others	: found, pointer to referenced SP.
1423  */
1424 static struct secpolicy *
1425 key_getspbyid(uint32_t id)
1426 {
1427 	SPTREE_RLOCK_TRACKER;
1428 	struct secpolicy *sp;
1429 
1430 	SPTREE_RLOCK();
1431 	LIST_FOREACH(sp, SPHASH_HASH(id), idhash) {
1432 		if (sp->id == id) {
1433 			SP_ADDREF(sp);
1434 			break;
1435 		}
1436 	}
1437 	SPTREE_RUNLOCK();
1438 	return (sp);
1439 }
1440 
1441 struct secpolicy *
1442 key_newsp(void)
1443 {
1444 	struct secpolicy *sp;
1445 
1446 	sp = malloc(sizeof(*sp), M_IPSEC_SP, M_NOWAIT | M_ZERO);
1447 	if (sp != NULL)
1448 		SP_INITREF(sp);
1449 	return (sp);
1450 }
1451 
1452 struct ipsecrequest *
1453 ipsec_newisr(void)
1454 {
1455 
1456 	return (malloc(sizeof(struct ipsecrequest), M_IPSEC_SR,
1457 	    M_NOWAIT | M_ZERO));
1458 }
1459 
1460 void
1461 ipsec_delisr(struct ipsecrequest *p)
1462 {
1463 
1464 	free(p, M_IPSEC_SR);
1465 }
1466 
1467 /*
1468  * create secpolicy structure from sadb_x_policy structure.
1469  * NOTE: `state', `secpolicyindex' and 'id' in secpolicy structure
1470  * are not set, so must be set properly later.
1471  */
1472 struct secpolicy *
1473 key_msg2sp(struct sadb_x_policy *xpl0, size_t len, int *error)
1474 {
1475 	struct secpolicy *newsp;
1476 
1477 	IPSEC_ASSERT(xpl0 != NULL, ("null xpl0"));
1478 	IPSEC_ASSERT(len >= sizeof(*xpl0), ("policy too short: %zu", len));
1479 
1480 	if (len != PFKEY_EXTLEN(xpl0)) {
1481 		ipseclog((LOG_DEBUG, "%s: Invalid msg length.\n", __func__));
1482 		*error = EINVAL;
1483 		return NULL;
1484 	}
1485 
1486 	if ((newsp = key_newsp()) == NULL) {
1487 		*error = ENOBUFS;
1488 		return NULL;
1489 	}
1490 
1491 	newsp->spidx.dir = xpl0->sadb_x_policy_dir;
1492 	newsp->policy = xpl0->sadb_x_policy_type;
1493 	newsp->priority = xpl0->sadb_x_policy_priority;
1494 	newsp->tcount = 0;
1495 
1496 	/* check policy */
1497 	switch (xpl0->sadb_x_policy_type) {
1498 	case IPSEC_POLICY_DISCARD:
1499 	case IPSEC_POLICY_NONE:
1500 	case IPSEC_POLICY_ENTRUST:
1501 	case IPSEC_POLICY_BYPASS:
1502 		break;
1503 
1504 	case IPSEC_POLICY_IPSEC:
1505 	    {
1506 		struct sadb_x_ipsecrequest *xisr;
1507 		struct ipsecrequest *isr;
1508 		int tlen;
1509 
1510 		/* validity check */
1511 		if (PFKEY_EXTLEN(xpl0) < sizeof(*xpl0)) {
1512 			ipseclog((LOG_DEBUG, "%s: Invalid msg length.\n",
1513 				__func__));
1514 			key_freesp(&newsp);
1515 			*error = EINVAL;
1516 			return NULL;
1517 		}
1518 
1519 		tlen = PFKEY_EXTLEN(xpl0) - sizeof(*xpl0);
1520 		xisr = (struct sadb_x_ipsecrequest *)(xpl0 + 1);
1521 
1522 		while (tlen > 0) {
1523 			/* length check */
1524 			if (xisr->sadb_x_ipsecrequest_len < sizeof(*xisr) ||
1525 			    xisr->sadb_x_ipsecrequest_len > tlen) {
1526 				ipseclog((LOG_DEBUG, "%s: invalid ipsecrequest "
1527 					"length.\n", __func__));
1528 				key_freesp(&newsp);
1529 				*error = EINVAL;
1530 				return NULL;
1531 			}
1532 
1533 			if (newsp->tcount >= IPSEC_MAXREQ) {
1534 				ipseclog((LOG_DEBUG,
1535 				    "%s: too many ipsecrequests.\n",
1536 				    __func__));
1537 				key_freesp(&newsp);
1538 				*error = EINVAL;
1539 				return (NULL);
1540 			}
1541 
1542 			/* allocate request buffer */
1543 			/* NB: data structure is zero'd */
1544 			isr = ipsec_newisr();
1545 			if (isr == NULL) {
1546 				ipseclog((LOG_DEBUG,
1547 				    "%s: No more memory.\n", __func__));
1548 				key_freesp(&newsp);
1549 				*error = ENOBUFS;
1550 				return NULL;
1551 			}
1552 
1553 			newsp->req[newsp->tcount++] = isr;
1554 
1555 			/* set values */
1556 			switch (xisr->sadb_x_ipsecrequest_proto) {
1557 			case IPPROTO_ESP:
1558 			case IPPROTO_AH:
1559 			case IPPROTO_IPCOMP:
1560 				break;
1561 			default:
1562 				ipseclog((LOG_DEBUG,
1563 				    "%s: invalid proto type=%u\n", __func__,
1564 				    xisr->sadb_x_ipsecrequest_proto));
1565 				key_freesp(&newsp);
1566 				*error = EPROTONOSUPPORT;
1567 				return NULL;
1568 			}
1569 			isr->saidx.proto =
1570 			    (uint8_t)xisr->sadb_x_ipsecrequest_proto;
1571 
1572 			switch (xisr->sadb_x_ipsecrequest_mode) {
1573 			case IPSEC_MODE_TRANSPORT:
1574 			case IPSEC_MODE_TUNNEL:
1575 				break;
1576 			case IPSEC_MODE_ANY:
1577 			default:
1578 				ipseclog((LOG_DEBUG,
1579 				    "%s: invalid mode=%u\n", __func__,
1580 				    xisr->sadb_x_ipsecrequest_mode));
1581 				key_freesp(&newsp);
1582 				*error = EINVAL;
1583 				return NULL;
1584 			}
1585 			isr->saidx.mode = xisr->sadb_x_ipsecrequest_mode;
1586 
1587 			switch (xisr->sadb_x_ipsecrequest_level) {
1588 			case IPSEC_LEVEL_DEFAULT:
1589 			case IPSEC_LEVEL_USE:
1590 			case IPSEC_LEVEL_REQUIRE:
1591 				break;
1592 			case IPSEC_LEVEL_UNIQUE:
1593 				/* validity check */
1594 				/*
1595 				 * If range violation of reqid, kernel will
1596 				 * update it, don't refuse it.
1597 				 */
1598 				if (xisr->sadb_x_ipsecrequest_reqid
1599 						> IPSEC_MANUAL_REQID_MAX) {
1600 					ipseclog((LOG_DEBUG,
1601 					    "%s: reqid=%d range "
1602 					    "violation, updated by kernel.\n",
1603 					    __func__,
1604 					    xisr->sadb_x_ipsecrequest_reqid));
1605 					xisr->sadb_x_ipsecrequest_reqid = 0;
1606 				}
1607 
1608 				/* allocate new reqid id if reqid is zero. */
1609 				if (xisr->sadb_x_ipsecrequest_reqid == 0) {
1610 					u_int32_t reqid;
1611 					if ((reqid = key_newreqid()) == 0) {
1612 						key_freesp(&newsp);
1613 						*error = ENOBUFS;
1614 						return NULL;
1615 					}
1616 					isr->saidx.reqid = reqid;
1617 					xisr->sadb_x_ipsecrequest_reqid = reqid;
1618 				} else {
1619 				/* set it for manual keying. */
1620 					isr->saidx.reqid =
1621 					    xisr->sadb_x_ipsecrequest_reqid;
1622 				}
1623 				break;
1624 
1625 			default:
1626 				ipseclog((LOG_DEBUG, "%s: invalid level=%u\n",
1627 					__func__,
1628 					xisr->sadb_x_ipsecrequest_level));
1629 				key_freesp(&newsp);
1630 				*error = EINVAL;
1631 				return NULL;
1632 			}
1633 			isr->level = xisr->sadb_x_ipsecrequest_level;
1634 
1635 			/* set IP addresses if there */
1636 			if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
1637 				struct sockaddr *paddr;
1638 
1639 				len = tlen - sizeof(*xisr);
1640 				paddr = (struct sockaddr *)(xisr + 1);
1641 				/* validity check */
1642 				if (len < sizeof(struct sockaddr) ||
1643 				    len < 2 * paddr->sa_len ||
1644 				    paddr->sa_len > sizeof(isr->saidx.src)) {
1645 					ipseclog((LOG_DEBUG, "%s: invalid "
1646 						"request address length.\n",
1647 						__func__));
1648 					key_freesp(&newsp);
1649 					*error = EINVAL;
1650 					return NULL;
1651 				}
1652 				/*
1653 				 * Request length should be enough to keep
1654 				 * source and destination addresses.
1655 				 */
1656 				if (xisr->sadb_x_ipsecrequest_len <
1657 				    sizeof(*xisr) + 2 * paddr->sa_len) {
1658 					ipseclog((LOG_DEBUG, "%s: invalid "
1659 					    "ipsecrequest length.\n",
1660 					    __func__));
1661 					key_freesp(&newsp);
1662 					*error = EINVAL;
1663 					return (NULL);
1664 				}
1665 				bcopy(paddr, &isr->saidx.src, paddr->sa_len);
1666 				paddr = (struct sockaddr *)((caddr_t)paddr +
1667 				    paddr->sa_len);
1668 
1669 				/* validity check */
1670 				if (paddr->sa_len !=
1671 				    isr->saidx.src.sa.sa_len) {
1672 					ipseclog((LOG_DEBUG, "%s: invalid "
1673 						"request address length.\n",
1674 						__func__));
1675 					key_freesp(&newsp);
1676 					*error = EINVAL;
1677 					return NULL;
1678 				}
1679 				/* AF family should match */
1680 				if (paddr->sa_family !=
1681 				    isr->saidx.src.sa.sa_family) {
1682 					ipseclog((LOG_DEBUG, "%s: address "
1683 					    "family doesn't match.\n",
1684 						__func__));
1685 					key_freesp(&newsp);
1686 					*error = EINVAL;
1687 					return (NULL);
1688 				}
1689 				bcopy(paddr, &isr->saidx.dst, paddr->sa_len);
1690 			} else {
1691 				/*
1692 				 * Addresses for TUNNEL mode requests are
1693 				 * mandatory.
1694 				 */
1695 				if (isr->saidx.mode == IPSEC_MODE_TUNNEL) {
1696 					ipseclog((LOG_DEBUG, "%s: missing "
1697 					    "request addresses.\n", __func__));
1698 					key_freesp(&newsp);
1699 					*error = EINVAL;
1700 					return (NULL);
1701 				}
1702 			}
1703 			tlen -= xisr->sadb_x_ipsecrequest_len;
1704 
1705 			/* validity check */
1706 			if (tlen < 0) {
1707 				ipseclog((LOG_DEBUG, "%s: becoming tlen < 0.\n",
1708 					__func__));
1709 				key_freesp(&newsp);
1710 				*error = EINVAL;
1711 				return NULL;
1712 			}
1713 
1714 			xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr
1715 			                 + xisr->sadb_x_ipsecrequest_len);
1716 		}
1717 		/* XXXAE: LARVAL SP */
1718 		if (newsp->tcount < 1) {
1719 			ipseclog((LOG_DEBUG, "%s: valid IPSEC transforms "
1720 			    "not found.\n", __func__));
1721 			key_freesp(&newsp);
1722 			*error = EINVAL;
1723 			return (NULL);
1724 		}
1725 	    }
1726 		break;
1727 	default:
1728 		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
1729 		key_freesp(&newsp);
1730 		*error = EINVAL;
1731 		return NULL;
1732 	}
1733 
1734 	*error = 0;
1735 	return (newsp);
1736 }
1737 
1738 uint32_t
1739 key_newreqid(void)
1740 {
1741 	static uint32_t auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1742 
1743 	if (auto_reqid == ~0)
1744 		auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1745 	else
1746 		auto_reqid++;
1747 
1748 	/* XXX should be unique check */
1749 	return (auto_reqid);
1750 }
1751 
1752 /*
1753  * copy secpolicy struct to sadb_x_policy structure indicated.
1754  */
1755 static struct mbuf *
1756 key_sp2mbuf(struct secpolicy *sp)
1757 {
1758 	struct mbuf *m;
1759 	size_t tlen;
1760 
1761 	tlen = key_getspreqmsglen(sp);
1762 	m = m_get2(tlen, M_NOWAIT, MT_DATA, 0);
1763 	if (m == NULL)
1764 		return (NULL);
1765 	m_align(m, tlen);
1766 	m->m_len = tlen;
1767 	if (key_sp2msg(sp, m->m_data, &tlen) != 0) {
1768 		m_freem(m);
1769 		return (NULL);
1770 	}
1771 	return (m);
1772 }
1773 
1774 int
1775 key_sp2msg(struct secpolicy *sp, void *request, size_t *len)
1776 {
1777 	struct sadb_x_ipsecrequest *xisr;
1778 	struct sadb_x_policy *xpl;
1779 	struct ipsecrequest *isr;
1780 	size_t xlen, ilen;
1781 	caddr_t p;
1782 	int error, i;
1783 
1784 	IPSEC_ASSERT(sp != NULL, ("null policy"));
1785 
1786 	xlen = sizeof(*xpl);
1787 	if (*len < xlen)
1788 		return (EINVAL);
1789 
1790 	error = 0;
1791 	bzero(request, *len);
1792 	xpl = (struct sadb_x_policy *)request;
1793 	xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
1794 	xpl->sadb_x_policy_type = sp->policy;
1795 	xpl->sadb_x_policy_dir = sp->spidx.dir;
1796 	xpl->sadb_x_policy_id = sp->id;
1797 	xpl->sadb_x_policy_priority = sp->priority;
1798 	switch (sp->state) {
1799 	case IPSEC_SPSTATE_IFNET:
1800 		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_IFNET;
1801 		break;
1802 	case IPSEC_SPSTATE_PCB:
1803 		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_PCB;
1804 		break;
1805 	default:
1806 		xpl->sadb_x_policy_scope = IPSEC_POLICYSCOPE_GLOBAL;
1807 	}
1808 
1809 	/* if is the policy for ipsec ? */
1810 	if (sp->policy == IPSEC_POLICY_IPSEC) {
1811 		p = (caddr_t)xpl + sizeof(*xpl);
1812 		for (i = 0; i < sp->tcount; i++) {
1813 			isr = sp->req[i];
1814 			ilen = PFKEY_ALIGN8(sizeof(*xisr) +
1815 			    isr->saidx.src.sa.sa_len +
1816 			    isr->saidx.dst.sa.sa_len);
1817 			xlen += ilen;
1818 			if (xlen > *len) {
1819 				error = ENOBUFS;
1820 				/* Calculate needed size */
1821 				continue;
1822 			}
1823 			xisr = (struct sadb_x_ipsecrequest *)p;
1824 			xisr->sadb_x_ipsecrequest_len = ilen;
1825 			xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto;
1826 			xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode;
1827 			xisr->sadb_x_ipsecrequest_level = isr->level;
1828 			xisr->sadb_x_ipsecrequest_reqid = isr->saidx.reqid;
1829 
1830 			p += sizeof(*xisr);
1831 			bcopy(&isr->saidx.src, p, isr->saidx.src.sa.sa_len);
1832 			p += isr->saidx.src.sa.sa_len;
1833 			bcopy(&isr->saidx.dst, p, isr->saidx.dst.sa.sa_len);
1834 			p += isr->saidx.dst.sa.sa_len;
1835 		}
1836 	}
1837 	xpl->sadb_x_policy_len = PFKEY_UNIT64(xlen);
1838 	if (error == 0)
1839 		*len = xlen;
1840 	else
1841 		*len = sizeof(*xpl);
1842 	return (error);
1843 }
1844 
1845 /* m will not be freed nor modified */
1846 static struct mbuf *
1847 key_gather_mbuf(struct mbuf *m, const struct sadb_msghdr *mhp,
1848     int ndeep, int nitem, ...)
1849 {
1850 	va_list ap;
1851 	int idx;
1852 	int i;
1853 	struct mbuf *result = NULL, *n;
1854 	int len;
1855 
1856 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
1857 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
1858 
1859 	va_start(ap, nitem);
1860 	for (i = 0; i < nitem; i++) {
1861 		idx = va_arg(ap, int);
1862 		if (idx < 0 || idx > SADB_EXT_MAX)
1863 			goto fail;
1864 		/* don't attempt to pull empty extension */
1865 		if (idx == SADB_EXT_RESERVED && mhp->msg == NULL)
1866 			continue;
1867 		if (idx != SADB_EXT_RESERVED  &&
1868 		    (mhp->ext[idx] == NULL || mhp->extlen[idx] == 0))
1869 			continue;
1870 
1871 		if (idx == SADB_EXT_RESERVED) {
1872 			len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
1873 
1874 			IPSEC_ASSERT(len <= MHLEN, ("header too big %u", len));
1875 
1876 			MGETHDR(n, M_NOWAIT, MT_DATA);
1877 			if (!n)
1878 				goto fail;
1879 			n->m_len = len;
1880 			n->m_next = NULL;
1881 			m_copydata(m, 0, sizeof(struct sadb_msg),
1882 			    mtod(n, caddr_t));
1883 		} else if (i < ndeep) {
1884 			len = mhp->extlen[idx];
1885 			n = m_get2(len, M_NOWAIT, MT_DATA, 0);
1886 			if (n == NULL)
1887 				goto fail;
1888 			m_align(n, len);
1889 			n->m_len = len;
1890 			m_copydata(m, mhp->extoff[idx], mhp->extlen[idx],
1891 			    mtod(n, caddr_t));
1892 		} else {
1893 			n = m_copym(m, mhp->extoff[idx], mhp->extlen[idx],
1894 			    M_NOWAIT);
1895 		}
1896 		if (n == NULL)
1897 			goto fail;
1898 
1899 		if (result)
1900 			m_cat(result, n);
1901 		else
1902 			result = n;
1903 	}
1904 	va_end(ap);
1905 
1906 	if ((result->m_flags & M_PKTHDR) != 0) {
1907 		result->m_pkthdr.len = 0;
1908 		for (n = result; n; n = n->m_next)
1909 			result->m_pkthdr.len += n->m_len;
1910 	}
1911 
1912 	return result;
1913 
1914 fail:
1915 	m_freem(result);
1916 	va_end(ap);
1917 	return NULL;
1918 }
1919 
1920 /*
1921  * SADB_X_SPDADD, SADB_X_SPDSETIDX or SADB_X_SPDUPDATE processing
1922  * add an entry to SP database, when received
1923  *   <base, address(SD), (lifetime(H),) policy>
1924  * from the user(?).
1925  * Adding to SP database,
1926  * and send
1927  *   <base, address(SD), (lifetime(H),) policy>
1928  * to the socket which was send.
1929  *
1930  * SPDADD set a unique policy entry.
1931  * SPDSETIDX like SPDADD without a part of policy requests.
1932  * SPDUPDATE replace a unique policy entry.
1933  *
1934  * XXXAE: serialize this in PF_KEY to avoid races.
1935  * m will always be freed.
1936  */
1937 static int
1938 key_spdadd(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
1939 {
1940 	struct secpolicyindex spidx;
1941 	struct sadb_address *src0, *dst0;
1942 	struct sadb_x_policy *xpl0, *xpl;
1943 	struct sadb_lifetime *lft = NULL;
1944 	struct secpolicy *newsp;
1945 	int error;
1946 
1947 	IPSEC_ASSERT(so != NULL, ("null socket"));
1948 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
1949 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
1950 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
1951 
1952 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
1953 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
1954 	    SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY)) {
1955 		ipseclog((LOG_DEBUG,
1956 		    "%s: invalid message: missing required header.\n",
1957 		    __func__));
1958 		return key_senderror(so, m, EINVAL);
1959 	}
1960 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
1961 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
1962 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
1963 		ipseclog((LOG_DEBUG,
1964 		    "%s: invalid message: wrong header size.\n", __func__));
1965 		return key_senderror(so, m, EINVAL);
1966 	}
1967 	if (!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD)) {
1968 		if (SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_HARD)) {
1969 			ipseclog((LOG_DEBUG,
1970 			    "%s: invalid message: wrong header size.\n",
1971 			    __func__));
1972 			return key_senderror(so, m, EINVAL);
1973 		}
1974 		lft = (struct sadb_lifetime *)mhp->ext[SADB_EXT_LIFETIME_HARD];
1975 	}
1976 
1977 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
1978 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
1979 	xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
1980 
1981 	/* check the direciton */
1982 	switch (xpl0->sadb_x_policy_dir) {
1983 	case IPSEC_DIR_INBOUND:
1984 	case IPSEC_DIR_OUTBOUND:
1985 		break;
1986 	default:
1987 		ipseclog((LOG_DEBUG, "%s: invalid SP direction.\n", __func__));
1988 		return key_senderror(so, m, EINVAL);
1989 	}
1990 	/* key_spdadd() accepts DISCARD, NONE and IPSEC. */
1991 	if (xpl0->sadb_x_policy_type != IPSEC_POLICY_DISCARD &&
1992 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_NONE &&
1993 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
1994 		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
1995 		return key_senderror(so, m, EINVAL);
1996 	}
1997 
1998 	/* policy requests are mandatory when action is ipsec. */
1999 	if (xpl0->sadb_x_policy_type == IPSEC_POLICY_IPSEC &&
2000 	    mhp->extlen[SADB_X_EXT_POLICY] <= sizeof(*xpl0)) {
2001 		ipseclog((LOG_DEBUG,
2002 		    "%s: policy requests required.\n", __func__));
2003 		return key_senderror(so, m, EINVAL);
2004 	}
2005 
2006 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
2007 	    (struct sockaddr *)(dst0 + 1));
2008 	if (error != 0 ||
2009 	    src0->sadb_address_proto != dst0->sadb_address_proto) {
2010 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
2011 		return key_senderror(so, m, error);
2012 	}
2013 	/* make secindex */
2014 	KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
2015 	                src0 + 1,
2016 	                dst0 + 1,
2017 	                src0->sadb_address_prefixlen,
2018 	                dst0->sadb_address_prefixlen,
2019 	                src0->sadb_address_proto,
2020 	                &spidx);
2021 	/* Checking there is SP already or not. */
2022 	newsp = key_getsp(&spidx);
2023 	if (newsp != NULL) {
2024 		if (mhp->msg->sadb_msg_type == SADB_X_SPDUPDATE) {
2025 			KEYDBG(KEY_STAMP,
2026 			    printf("%s: unlink SP(%p) for SPDUPDATE\n",
2027 				__func__, newsp));
2028 			KEYDBG(KEY_DATA, kdebug_secpolicy(newsp));
2029 			key_unlink(newsp);
2030 			key_freesp(&newsp);
2031 		} else {
2032 			key_freesp(&newsp);
2033 			ipseclog((LOG_DEBUG,
2034 			    "%s: a SP entry exists already.\n", __func__));
2035 			return (key_senderror(so, m, EEXIST));
2036 		}
2037 	}
2038 
2039 	/* allocate new SP entry */
2040 	if ((newsp = key_msg2sp(xpl0, PFKEY_EXTLEN(xpl0), &error)) == NULL) {
2041 		return key_senderror(so, m, error);
2042 	}
2043 
2044 	newsp->lastused = newsp->created = time_second;
2045 	newsp->lifetime = lft ? lft->sadb_lifetime_addtime : 0;
2046 	newsp->validtime = lft ? lft->sadb_lifetime_usetime : 0;
2047 	bcopy(&spidx, &newsp->spidx, sizeof(spidx));
2048 
2049 	/* XXXAE: there is race between key_getsp() and key_insertsp() */
2050 	SPTREE_WLOCK();
2051 	if ((newsp->id = key_getnewspid()) == 0) {
2052 		SPTREE_WUNLOCK();
2053 		key_freesp(&newsp);
2054 		return key_senderror(so, m, ENOBUFS);
2055 	}
2056 	key_insertsp(newsp);
2057 	SPTREE_WUNLOCK();
2058 	if (SPDCACHE_ENABLED())
2059 		spdcache_clear();
2060 
2061 	KEYDBG(KEY_STAMP,
2062 	    printf("%s: SP(%p)\n", __func__, newsp));
2063 	KEYDBG(KEY_DATA, kdebug_secpolicy(newsp));
2064 
2065     {
2066 	struct mbuf *n, *mpolicy;
2067 	struct sadb_msg *newmsg;
2068 	int off;
2069 
2070 	/* create new sadb_msg to reply. */
2071 	if (lft) {
2072 		n = key_gather_mbuf(m, mhp, 2, 5, SADB_EXT_RESERVED,
2073 		    SADB_X_EXT_POLICY, SADB_EXT_LIFETIME_HARD,
2074 		    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2075 	} else {
2076 		n = key_gather_mbuf(m, mhp, 2, 4, SADB_EXT_RESERVED,
2077 		    SADB_X_EXT_POLICY,
2078 		    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2079 	}
2080 	if (!n)
2081 		return key_senderror(so, m, ENOBUFS);
2082 
2083 	if (n->m_len < sizeof(*newmsg)) {
2084 		n = m_pullup(n, sizeof(*newmsg));
2085 		if (!n)
2086 			return key_senderror(so, m, ENOBUFS);
2087 	}
2088 	newmsg = mtod(n, struct sadb_msg *);
2089 	newmsg->sadb_msg_errno = 0;
2090 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2091 
2092 	off = 0;
2093 	mpolicy = m_pulldown(n, PFKEY_ALIGN8(sizeof(struct sadb_msg)),
2094 	    sizeof(*xpl), &off);
2095 	if (mpolicy == NULL) {
2096 		/* n is already freed */
2097 		return key_senderror(so, m, ENOBUFS);
2098 	}
2099 	xpl = (struct sadb_x_policy *)(mtod(mpolicy, caddr_t) + off);
2100 	if (xpl->sadb_x_policy_exttype != SADB_X_EXT_POLICY) {
2101 		m_freem(n);
2102 		return key_senderror(so, m, EINVAL);
2103 	}
2104 	xpl->sadb_x_policy_id = newsp->id;
2105 
2106 	m_freem(m);
2107 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2108     }
2109 }
2110 
2111 /*
2112  * get new policy id.
2113  * OUT:
2114  *	0:	failure.
2115  *	others: success.
2116  */
2117 static uint32_t
2118 key_getnewspid(void)
2119 {
2120 	struct secpolicy *sp;
2121 	uint32_t newid = 0;
2122 	int count = V_key_spi_trycnt;	/* XXX */
2123 
2124 	SPTREE_WLOCK_ASSERT();
2125 	while (count--) {
2126 		if (V_policy_id == ~0) /* overflowed */
2127 			newid = V_policy_id = 1;
2128 		else
2129 			newid = ++V_policy_id;
2130 		LIST_FOREACH(sp, SPHASH_HASH(newid), idhash) {
2131 			if (sp->id == newid)
2132 				break;
2133 		}
2134 		if (sp == NULL)
2135 			break;
2136 	}
2137 	if (count == 0 || newid == 0) {
2138 		ipseclog((LOG_DEBUG, "%s: failed to allocate policy id.\n",
2139 		    __func__));
2140 		return (0);
2141 	}
2142 	return (newid);
2143 }
2144 
2145 /*
2146  * SADB_SPDDELETE processing
2147  * receive
2148  *   <base, address(SD), policy(*)>
2149  * from the user(?), and set SADB_SASTATE_DEAD,
2150  * and send,
2151  *   <base, address(SD), policy(*)>
2152  * to the ikmpd.
2153  * policy(*) including direction of policy.
2154  *
2155  * m will always be freed.
2156  */
2157 static int
2158 key_spddelete(struct socket *so, struct mbuf *m,
2159     const struct sadb_msghdr *mhp)
2160 {
2161 	struct secpolicyindex spidx;
2162 	struct sadb_address *src0, *dst0;
2163 	struct sadb_x_policy *xpl0;
2164 	struct secpolicy *sp;
2165 
2166 	IPSEC_ASSERT(so != NULL, ("null so"));
2167 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2168 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2169 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2170 
2171 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
2172 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
2173 	    SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY)) {
2174 		ipseclog((LOG_DEBUG,
2175 		    "%s: invalid message: missing required header.\n",
2176 		    __func__));
2177 		return key_senderror(so, m, EINVAL);
2178 	}
2179 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
2180 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
2181 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2182 		ipseclog((LOG_DEBUG,
2183 		    "%s: invalid message: wrong header size.\n", __func__));
2184 		return key_senderror(so, m, EINVAL);
2185 	}
2186 
2187 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
2188 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
2189 	xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
2190 
2191 	/* check the direciton */
2192 	switch (xpl0->sadb_x_policy_dir) {
2193 	case IPSEC_DIR_INBOUND:
2194 	case IPSEC_DIR_OUTBOUND:
2195 		break;
2196 	default:
2197 		ipseclog((LOG_DEBUG, "%s: invalid SP direction.\n", __func__));
2198 		return key_senderror(so, m, EINVAL);
2199 	}
2200 	/* Only DISCARD, NONE and IPSEC are allowed */
2201 	if (xpl0->sadb_x_policy_type != IPSEC_POLICY_DISCARD &&
2202 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_NONE &&
2203 	    xpl0->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
2204 		ipseclog((LOG_DEBUG, "%s: invalid policy type.\n", __func__));
2205 		return key_senderror(so, m, EINVAL);
2206 	}
2207 	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
2208 	    (struct sockaddr *)(dst0 + 1)) != 0 ||
2209 	    src0->sadb_address_proto != dst0->sadb_address_proto) {
2210 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
2211 		return key_senderror(so, m, EINVAL);
2212 	}
2213 	/* make secindex */
2214 	KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
2215 	                src0 + 1,
2216 	                dst0 + 1,
2217 	                src0->sadb_address_prefixlen,
2218 	                dst0->sadb_address_prefixlen,
2219 	                src0->sadb_address_proto,
2220 	                &spidx);
2221 
2222 	/* Is there SP in SPD ? */
2223 	if ((sp = key_getsp(&spidx)) == NULL) {
2224 		ipseclog((LOG_DEBUG, "%s: no SP found.\n", __func__));
2225 		return key_senderror(so, m, EINVAL);
2226 	}
2227 
2228 	/* save policy id to buffer to be returned. */
2229 	xpl0->sadb_x_policy_id = sp->id;
2230 
2231 	KEYDBG(KEY_STAMP,
2232 	    printf("%s: SP(%p)\n", __func__, sp));
2233 	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2234 	key_unlink(sp);
2235 	key_freesp(&sp);
2236 
2237     {
2238 	struct mbuf *n;
2239 	struct sadb_msg *newmsg;
2240 
2241 	/* create new sadb_msg to reply. */
2242 	n = key_gather_mbuf(m, mhp, 1, 4, SADB_EXT_RESERVED,
2243 	    SADB_X_EXT_POLICY, SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
2244 	if (!n)
2245 		return key_senderror(so, m, ENOBUFS);
2246 
2247 	newmsg = mtod(n, struct sadb_msg *);
2248 	newmsg->sadb_msg_errno = 0;
2249 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2250 
2251 	m_freem(m);
2252 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2253     }
2254 }
2255 
2256 /*
2257  * SADB_SPDDELETE2 processing
2258  * receive
2259  *   <base, policy(*)>
2260  * from the user(?), and set SADB_SASTATE_DEAD,
2261  * and send,
2262  *   <base, policy(*)>
2263  * to the ikmpd.
2264  * policy(*) including direction of policy.
2265  *
2266  * m will always be freed.
2267  */
2268 static int
2269 key_spddelete2(struct socket *so, struct mbuf *m,
2270     const struct sadb_msghdr *mhp)
2271 {
2272 	struct secpolicy *sp;
2273 	uint32_t id;
2274 
2275 	IPSEC_ASSERT(so != NULL, ("null socket"));
2276 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2277 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2278 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2279 
2280 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY) ||
2281 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2282 		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
2283 		    __func__));
2284 		return key_senderror(so, m, EINVAL);
2285 	}
2286 
2287 	id = ((struct sadb_x_policy *)
2288 	    mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
2289 
2290 	/* Is there SP in SPD ? */
2291 	if ((sp = key_getspbyid(id)) == NULL) {
2292 		ipseclog((LOG_DEBUG, "%s: no SP found for id %u.\n",
2293 		    __func__, id));
2294 		return key_senderror(so, m, EINVAL);
2295 	}
2296 
2297 	KEYDBG(KEY_STAMP,
2298 	    printf("%s: SP(%p)\n", __func__, sp));
2299 	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2300 	key_unlink(sp);
2301 	if (sp->state != IPSEC_SPSTATE_DEAD) {
2302 		ipseclog((LOG_DEBUG, "%s: failed to delete SP with id %u.\n",
2303 		    __func__, id));
2304 		key_freesp(&sp);
2305 		return (key_senderror(so, m, EACCES));
2306 	}
2307 	key_freesp(&sp);
2308 
2309     {
2310 	struct mbuf *n, *nn;
2311 	struct sadb_msg *newmsg;
2312 	int off, len;
2313 
2314 	/* create new sadb_msg to reply. */
2315 	len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
2316 
2317 	MGETHDR(n, M_NOWAIT, MT_DATA);
2318 	if (n && len > MHLEN) {
2319 		if (!(MCLGET(n, M_NOWAIT))) {
2320 			m_freem(n);
2321 			n = NULL;
2322 		}
2323 	}
2324 	if (!n)
2325 		return key_senderror(so, m, ENOBUFS);
2326 
2327 	n->m_len = len;
2328 	n->m_next = NULL;
2329 	off = 0;
2330 
2331 	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
2332 	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
2333 
2334 	IPSEC_ASSERT(off == len, ("length inconsistency (off %u len %u)",
2335 		off, len));
2336 
2337 	n->m_next = m_copym(m, mhp->extoff[SADB_X_EXT_POLICY],
2338 	    mhp->extlen[SADB_X_EXT_POLICY], M_NOWAIT);
2339 	if (!n->m_next) {
2340 		m_freem(n);
2341 		return key_senderror(so, m, ENOBUFS);
2342 	}
2343 
2344 	n->m_pkthdr.len = 0;
2345 	for (nn = n; nn; nn = nn->m_next)
2346 		n->m_pkthdr.len += nn->m_len;
2347 
2348 	newmsg = mtod(n, struct sadb_msg *);
2349 	newmsg->sadb_msg_errno = 0;
2350 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
2351 
2352 	m_freem(m);
2353 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
2354     }
2355 }
2356 
2357 /*
2358  * SADB_X_SPDGET processing
2359  * receive
2360  *   <base, policy(*)>
2361  * from the user(?),
2362  * and send,
2363  *   <base, address(SD), policy>
2364  * to the ikmpd.
2365  * policy(*) including direction of policy.
2366  *
2367  * m will always be freed.
2368  */
2369 static int
2370 key_spdget(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2371 {
2372 	struct secpolicy *sp;
2373 	struct mbuf *n;
2374 	uint32_t id;
2375 
2376 	IPSEC_ASSERT(so != NULL, ("null socket"));
2377 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2378 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2379 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2380 
2381 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_POLICY) ||
2382 	    SADB_CHECKLEN(mhp, SADB_X_EXT_POLICY)) {
2383 		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
2384 		    __func__));
2385 		return key_senderror(so, m, EINVAL);
2386 	}
2387 
2388 	id = ((struct sadb_x_policy *)
2389 	    mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
2390 
2391 	/* Is there SP in SPD ? */
2392 	if ((sp = key_getspbyid(id)) == NULL) {
2393 		ipseclog((LOG_DEBUG, "%s: no SP found for id %u.\n",
2394 		    __func__, id));
2395 		return key_senderror(so, m, ENOENT);
2396 	}
2397 
2398 	n = key_setdumpsp(sp, SADB_X_SPDGET, mhp->msg->sadb_msg_seq,
2399 	    mhp->msg->sadb_msg_pid);
2400 	key_freesp(&sp);
2401 	if (n != NULL) {
2402 		m_freem(m);
2403 		return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2404 	} else
2405 		return key_senderror(so, m, ENOBUFS);
2406 }
2407 
2408 /*
2409  * SADB_X_SPDACQUIRE processing.
2410  * Acquire policy and SA(s) for a *OUTBOUND* packet.
2411  * send
2412  *   <base, policy(*)>
2413  * to KMD, and expect to receive
2414  *   <base> with SADB_X_SPDACQUIRE if error occurred,
2415  * or
2416  *   <base, policy>
2417  * with SADB_X_SPDUPDATE from KMD by PF_KEY.
2418  * policy(*) is without policy requests.
2419  *
2420  *    0     : succeed
2421  *    others: error number
2422  */
2423 int
2424 key_spdacquire(struct secpolicy *sp)
2425 {
2426 	struct mbuf *result = NULL, *m;
2427 	struct secspacq *newspacq;
2428 
2429 	IPSEC_ASSERT(sp != NULL, ("null secpolicy"));
2430 	IPSEC_ASSERT(sp->req == NULL, ("policy exists"));
2431 	IPSEC_ASSERT(sp->policy == IPSEC_POLICY_IPSEC,
2432 		("policy not IPSEC %u", sp->policy));
2433 
2434 	/* Get an entry to check whether sent message or not. */
2435 	newspacq = key_getspacq(&sp->spidx);
2436 	if (newspacq != NULL) {
2437 		if (V_key_blockacq_count < newspacq->count) {
2438 			/* reset counter and do send message. */
2439 			newspacq->count = 0;
2440 		} else {
2441 			/* increment counter and do nothing. */
2442 			newspacq->count++;
2443 			SPACQ_UNLOCK();
2444 			return (0);
2445 		}
2446 		SPACQ_UNLOCK();
2447 	} else {
2448 		/* make new entry for blocking to send SADB_ACQUIRE. */
2449 		newspacq = key_newspacq(&sp->spidx);
2450 		if (newspacq == NULL)
2451 			return ENOBUFS;
2452 	}
2453 
2454 	/* create new sadb_msg to reply. */
2455 	m = key_setsadbmsg(SADB_X_SPDACQUIRE, 0, 0, 0, 0, 0);
2456 	if (!m)
2457 		return ENOBUFS;
2458 
2459 	result = m;
2460 
2461 	result->m_pkthdr.len = 0;
2462 	for (m = result; m; m = m->m_next)
2463 		result->m_pkthdr.len += m->m_len;
2464 
2465 	mtod(result, struct sadb_msg *)->sadb_msg_len =
2466 	    PFKEY_UNIT64(result->m_pkthdr.len);
2467 
2468 	return key_sendup_mbuf(NULL, m, KEY_SENDUP_REGISTERED);
2469 }
2470 
2471 /*
2472  * SADB_SPDFLUSH processing
2473  * receive
2474  *   <base>
2475  * from the user, and free all entries in secpctree.
2476  * and send,
2477  *   <base>
2478  * to the user.
2479  * NOTE: what to do is only marking SADB_SASTATE_DEAD.
2480  *
2481  * m will always be freed.
2482  */
2483 static int
2484 key_spdflush(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2485 {
2486 	struct secpolicy_queue drainq;
2487 	struct sadb_msg *newmsg;
2488 	struct secpolicy *sp, *nextsp;
2489 	u_int dir;
2490 
2491 	IPSEC_ASSERT(so != NULL, ("null socket"));
2492 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2493 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2494 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2495 
2496 	if (m->m_len != PFKEY_ALIGN8(sizeof(struct sadb_msg)))
2497 		return key_senderror(so, m, EINVAL);
2498 
2499 	TAILQ_INIT(&drainq);
2500 	SPTREE_WLOCK();
2501 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2502 		TAILQ_CONCAT(&drainq, &V_sptree[dir], chain);
2503 	}
2504 	/*
2505 	 * We need to set state to DEAD for each policy to be sure,
2506 	 * that another thread won't try to unlink it.
2507 	 * Also remove SP from sphash.
2508 	 */
2509 	TAILQ_FOREACH(sp, &drainq, chain) {
2510 		sp->state = IPSEC_SPSTATE_DEAD;
2511 		LIST_REMOVE(sp, idhash);
2512 	}
2513 	V_sp_genid++;
2514 	V_spd_size = 0;
2515 	SPTREE_WUNLOCK();
2516 	if (SPDCACHE_ENABLED())
2517 		spdcache_clear();
2518 	sp = TAILQ_FIRST(&drainq);
2519 	while (sp != NULL) {
2520 		nextsp = TAILQ_NEXT(sp, chain);
2521 		key_freesp(&sp);
2522 		sp = nextsp;
2523 	}
2524 
2525 	if (sizeof(struct sadb_msg) > m->m_len + M_TRAILINGSPACE(m)) {
2526 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
2527 		return key_senderror(so, m, ENOBUFS);
2528 	}
2529 
2530 	if (m->m_next)
2531 		m_freem(m->m_next);
2532 	m->m_next = NULL;
2533 	m->m_pkthdr.len = m->m_len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
2534 	newmsg = mtod(m, struct sadb_msg *);
2535 	newmsg->sadb_msg_errno = 0;
2536 	newmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
2537 
2538 	return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
2539 }
2540 
2541 static uint8_t
2542 key_satype2scopemask(uint8_t satype)
2543 {
2544 
2545 	if (satype == IPSEC_POLICYSCOPE_ANY)
2546 		return (0xff);
2547 	return (satype);
2548 }
2549 /*
2550  * SADB_SPDDUMP processing
2551  * receive
2552  *   <base>
2553  * from the user, and dump all SP leaves and send,
2554  *   <base> .....
2555  * to the ikmpd.
2556  *
2557  * NOTE:
2558  *   sadb_msg_satype is considered as mask of policy scopes.
2559  *   m will always be freed.
2560  */
2561 static int
2562 key_spddump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
2563 {
2564 	SPTREE_RLOCK_TRACKER;
2565 	struct secpolicy *sp;
2566 	struct mbuf *n;
2567 	int cnt;
2568 	u_int dir, scope;
2569 
2570 	IPSEC_ASSERT(so != NULL, ("null socket"));
2571 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
2572 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2573 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2574 
2575 	/* search SPD entry and get buffer size. */
2576 	cnt = 0;
2577 	scope = key_satype2scopemask(mhp->msg->sadb_msg_satype);
2578 	SPTREE_RLOCK();
2579 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2580 		if (scope & IPSEC_POLICYSCOPE_GLOBAL) {
2581 			TAILQ_FOREACH(sp, &V_sptree[dir], chain)
2582 				cnt++;
2583 		}
2584 		if (scope & IPSEC_POLICYSCOPE_IFNET) {
2585 			TAILQ_FOREACH(sp, &V_sptree_ifnet[dir], chain)
2586 				cnt++;
2587 		}
2588 	}
2589 
2590 	if (cnt == 0) {
2591 		SPTREE_RUNLOCK();
2592 		return key_senderror(so, m, ENOENT);
2593 	}
2594 
2595 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2596 		if (scope & IPSEC_POLICYSCOPE_GLOBAL) {
2597 			TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
2598 				--cnt;
2599 				n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt,
2600 				    mhp->msg->sadb_msg_pid);
2601 
2602 				if (n != NULL)
2603 					key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2604 			}
2605 		}
2606 		if (scope & IPSEC_POLICYSCOPE_IFNET) {
2607 			TAILQ_FOREACH(sp, &V_sptree_ifnet[dir], chain) {
2608 				--cnt;
2609 				n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt,
2610 				    mhp->msg->sadb_msg_pid);
2611 
2612 				if (n != NULL)
2613 					key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
2614 			}
2615 		}
2616 	}
2617 
2618 	SPTREE_RUNLOCK();
2619 	m_freem(m);
2620 	return (0);
2621 }
2622 
2623 static struct mbuf *
2624 key_setdumpsp(struct secpolicy *sp, u_int8_t type, u_int32_t seq,
2625     u_int32_t pid)
2626 {
2627 	struct mbuf *result = NULL, *m;
2628 	struct seclifetime lt;
2629 
2630 	m = key_setsadbmsg(type, 0, SADB_SATYPE_UNSPEC, seq, pid, sp->refcnt);
2631 	if (!m)
2632 		goto fail;
2633 	result = m;
2634 
2635 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
2636 	    &sp->spidx.src.sa, sp->spidx.prefs,
2637 	    sp->spidx.ul_proto);
2638 	if (!m)
2639 		goto fail;
2640 	m_cat(result, m);
2641 
2642 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
2643 	    &sp->spidx.dst.sa, sp->spidx.prefd,
2644 	    sp->spidx.ul_proto);
2645 	if (!m)
2646 		goto fail;
2647 	m_cat(result, m);
2648 
2649 	m = key_sp2mbuf(sp);
2650 	if (!m)
2651 		goto fail;
2652 	m_cat(result, m);
2653 
2654 	if(sp->lifetime){
2655 		lt.addtime=sp->created;
2656 		lt.usetime= sp->lastused;
2657 		m = key_setlifetime(&lt, SADB_EXT_LIFETIME_CURRENT);
2658 		if (!m)
2659 			goto fail;
2660 		m_cat(result, m);
2661 
2662 		lt.addtime=sp->lifetime;
2663 		lt.usetime= sp->validtime;
2664 		m = key_setlifetime(&lt, SADB_EXT_LIFETIME_HARD);
2665 		if (!m)
2666 			goto fail;
2667 		m_cat(result, m);
2668 	}
2669 
2670 	if ((result->m_flags & M_PKTHDR) == 0)
2671 		goto fail;
2672 
2673 	if (result->m_len < sizeof(struct sadb_msg)) {
2674 		result = m_pullup(result, sizeof(struct sadb_msg));
2675 		if (result == NULL)
2676 			goto fail;
2677 	}
2678 
2679 	result->m_pkthdr.len = 0;
2680 	for (m = result; m; m = m->m_next)
2681 		result->m_pkthdr.len += m->m_len;
2682 
2683 	mtod(result, struct sadb_msg *)->sadb_msg_len =
2684 	    PFKEY_UNIT64(result->m_pkthdr.len);
2685 
2686 	return result;
2687 
2688 fail:
2689 	m_freem(result);
2690 	return NULL;
2691 }
2692 /*
2693  * get PFKEY message length for security policy and request.
2694  */
2695 static size_t
2696 key_getspreqmsglen(struct secpolicy *sp)
2697 {
2698 	size_t tlen, len;
2699 	int i;
2700 
2701 	tlen = sizeof(struct sadb_x_policy);
2702 	/* if is the policy for ipsec ? */
2703 	if (sp->policy != IPSEC_POLICY_IPSEC)
2704 		return (tlen);
2705 
2706 	/* get length of ipsec requests */
2707 	for (i = 0; i < sp->tcount; i++) {
2708 		len = sizeof(struct sadb_x_ipsecrequest)
2709 			+ sp->req[i]->saidx.src.sa.sa_len
2710 			+ sp->req[i]->saidx.dst.sa.sa_len;
2711 
2712 		tlen += PFKEY_ALIGN8(len);
2713 	}
2714 	return (tlen);
2715 }
2716 
2717 /*
2718  * SADB_SPDEXPIRE processing
2719  * send
2720  *   <base, address(SD), lifetime(CH), policy>
2721  * to KMD by PF_KEY.
2722  *
2723  * OUT:	0	: succeed
2724  *	others	: error number
2725  */
2726 static int
2727 key_spdexpire(struct secpolicy *sp)
2728 {
2729 	struct sadb_lifetime *lt;
2730 	struct mbuf *result = NULL, *m;
2731 	int len, error = -1;
2732 
2733 	IPSEC_ASSERT(sp != NULL, ("null secpolicy"));
2734 
2735 	KEYDBG(KEY_STAMP,
2736 	    printf("%s: SP(%p)\n", __func__, sp));
2737 	KEYDBG(KEY_DATA, kdebug_secpolicy(sp));
2738 
2739 	/* set msg header */
2740 	m = key_setsadbmsg(SADB_X_SPDEXPIRE, 0, 0, 0, 0, 0);
2741 	if (!m) {
2742 		error = ENOBUFS;
2743 		goto fail;
2744 	}
2745 	result = m;
2746 
2747 	/* create lifetime extension (current and hard) */
2748 	len = PFKEY_ALIGN8(sizeof(*lt)) * 2;
2749 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
2750 	if (m == NULL) {
2751 		error = ENOBUFS;
2752 		goto fail;
2753 	}
2754 	m_align(m, len);
2755 	m->m_len = len;
2756 	bzero(mtod(m, caddr_t), len);
2757 	lt = mtod(m, struct sadb_lifetime *);
2758 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2759 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
2760 	lt->sadb_lifetime_allocations = 0;
2761 	lt->sadb_lifetime_bytes = 0;
2762 	lt->sadb_lifetime_addtime = sp->created;
2763 	lt->sadb_lifetime_usetime = sp->lastused;
2764 	lt = (struct sadb_lifetime *)(mtod(m, caddr_t) + len / 2);
2765 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2766 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
2767 	lt->sadb_lifetime_allocations = 0;
2768 	lt->sadb_lifetime_bytes = 0;
2769 	lt->sadb_lifetime_addtime = sp->lifetime;
2770 	lt->sadb_lifetime_usetime = sp->validtime;
2771 	m_cat(result, m);
2772 
2773 	/* set sadb_address for source */
2774 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
2775 	    &sp->spidx.src.sa,
2776 	    sp->spidx.prefs, sp->spidx.ul_proto);
2777 	if (!m) {
2778 		error = ENOBUFS;
2779 		goto fail;
2780 	}
2781 	m_cat(result, m);
2782 
2783 	/* set sadb_address for destination */
2784 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
2785 	    &sp->spidx.dst.sa,
2786 	    sp->spidx.prefd, sp->spidx.ul_proto);
2787 	if (!m) {
2788 		error = ENOBUFS;
2789 		goto fail;
2790 	}
2791 	m_cat(result, m);
2792 
2793 	/* set secpolicy */
2794 	m = key_sp2mbuf(sp);
2795 	if (!m) {
2796 		error = ENOBUFS;
2797 		goto fail;
2798 	}
2799 	m_cat(result, m);
2800 
2801 	if ((result->m_flags & M_PKTHDR) == 0) {
2802 		error = EINVAL;
2803 		goto fail;
2804 	}
2805 
2806 	if (result->m_len < sizeof(struct sadb_msg)) {
2807 		result = m_pullup(result, sizeof(struct sadb_msg));
2808 		if (result == NULL) {
2809 			error = ENOBUFS;
2810 			goto fail;
2811 		}
2812 	}
2813 
2814 	result->m_pkthdr.len = 0;
2815 	for (m = result; m; m = m->m_next)
2816 		result->m_pkthdr.len += m->m_len;
2817 
2818 	mtod(result, struct sadb_msg *)->sadb_msg_len =
2819 	    PFKEY_UNIT64(result->m_pkthdr.len);
2820 
2821 	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
2822 
2823  fail:
2824 	if (result)
2825 		m_freem(result);
2826 	return error;
2827 }
2828 
2829 /* %%% SAD management */
2830 /*
2831  * allocating and initialize new SA head.
2832  * OUT:	NULL	: failure due to the lack of memory.
2833  *	others	: pointer to new SA head.
2834  */
2835 static struct secashead *
2836 key_newsah(struct secasindex *saidx)
2837 {
2838 	struct secashead *sah;
2839 
2840 	sah = malloc(sizeof(struct secashead), M_IPSEC_SAH,
2841 	    M_NOWAIT | M_ZERO);
2842 	if (sah == NULL) {
2843 		PFKEYSTAT_INC(in_nomem);
2844 		return (NULL);
2845 	}
2846 	TAILQ_INIT(&sah->savtree_larval);
2847 	TAILQ_INIT(&sah->savtree_alive);
2848 	sah->saidx = *saidx;
2849 	sah->state = SADB_SASTATE_DEAD;
2850 	SAH_INITREF(sah);
2851 
2852 	KEYDBG(KEY_STAMP,
2853 	    printf("%s: SAH(%p)\n", __func__, sah));
2854 	KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2855 	return (sah);
2856 }
2857 
2858 static void
2859 key_freesah(struct secashead **psah)
2860 {
2861 	struct secashead *sah = *psah;
2862 
2863 	if (SAH_DELREF(sah) == 0)
2864 		return;
2865 
2866 	KEYDBG(KEY_STAMP,
2867 	    printf("%s: last reference to SAH(%p)\n", __func__, sah));
2868 	KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2869 
2870 	*psah = NULL;
2871 	key_delsah(sah);
2872 }
2873 
2874 static void
2875 key_delsah(struct secashead *sah)
2876 {
2877 	IPSEC_ASSERT(sah != NULL, ("NULL sah"));
2878 	IPSEC_ASSERT(sah->state == SADB_SASTATE_DEAD,
2879 	    ("Attempt to free non DEAD SAH %p", sah));
2880 	IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_larval),
2881 	    ("Attempt to free SAH %p with LARVAL SA", sah));
2882 	IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_alive),
2883 	    ("Attempt to free SAH %p with ALIVE SA", sah));
2884 
2885 	free(sah, M_IPSEC_SAH);
2886 }
2887 
2888 /*
2889  * allocating a new SA for key_add() and key_getspi() call,
2890  * and copy the values of mhp into new buffer.
2891  * When SAD message type is SADB_GETSPI set SA state to LARVAL.
2892  * For SADB_ADD create and initialize SA with MATURE state.
2893  * OUT:	NULL	: fail
2894  *	others	: pointer to new secasvar.
2895  */
2896 static struct secasvar *
2897 key_newsav(const struct sadb_msghdr *mhp, struct secasindex *saidx,
2898     uint32_t spi, int *errp)
2899 {
2900 	struct secashead *sah;
2901 	struct secasvar *sav;
2902 	int isnew;
2903 
2904 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
2905 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
2906 	IPSEC_ASSERT(mhp->msg->sadb_msg_type == SADB_GETSPI ||
2907 	    mhp->msg->sadb_msg_type == SADB_ADD, ("wrong message type"));
2908 
2909 	sav = NULL;
2910 	sah = NULL;
2911 	/* check SPI value */
2912 	switch (saidx->proto) {
2913 	case IPPROTO_ESP:
2914 	case IPPROTO_AH:
2915 		/*
2916 		 * RFC 4302, 2.4. Security Parameters Index (SPI), SPI values
2917 		 * 1-255 reserved by IANA for future use,
2918 		 * 0 for implementation specific, local use.
2919 		 */
2920 		if (ntohl(spi) <= 255) {
2921 			ipseclog((LOG_DEBUG, "%s: illegal range of SPI %u.\n",
2922 			    __func__, ntohl(spi)));
2923 			*errp = EINVAL;
2924 			goto done;
2925 		}
2926 		break;
2927 	}
2928 
2929 	sav = malloc(sizeof(struct secasvar), M_IPSEC_SA, M_NOWAIT | M_ZERO);
2930 	if (sav == NULL) {
2931 		*errp = ENOBUFS;
2932 		goto done;
2933 	}
2934 	sav->lock = malloc(sizeof(struct mtx), M_IPSEC_MISC,
2935 	    M_NOWAIT | M_ZERO);
2936 	if (sav->lock == NULL) {
2937 		*errp = ENOBUFS;
2938 		goto done;
2939 	}
2940 	mtx_init(sav->lock, "ipsec association", NULL, MTX_DEF);
2941 	sav->lft_c = uma_zalloc_pcpu(ipsec_key_lft_zone, M_NOWAIT | M_ZERO);
2942 	if (sav->lft_c == NULL) {
2943 		*errp = ENOBUFS;
2944 		goto done;
2945 	}
2946 
2947 	sav->spi = spi;
2948 	sav->seq = mhp->msg->sadb_msg_seq;
2949 	sav->state = SADB_SASTATE_LARVAL;
2950 	sav->pid = (pid_t)mhp->msg->sadb_msg_pid;
2951 	SAV_INITREF(sav);
2952 again:
2953 	sah = key_getsah(saidx);
2954 	if (sah == NULL) {
2955 		/* create a new SA index */
2956 		sah = key_newsah(saidx);
2957 		if (sah == NULL) {
2958 			ipseclog((LOG_DEBUG,
2959 			    "%s: No more memory.\n", __func__));
2960 			*errp = ENOBUFS;
2961 			goto done;
2962 		}
2963 		isnew = 1;
2964 	} else
2965 		isnew = 0;
2966 
2967 	sav->sah = sah;
2968 	if (mhp->msg->sadb_msg_type == SADB_GETSPI) {
2969 		sav->created = time_second;
2970 	} else if (sav->state == SADB_SASTATE_LARVAL) {
2971 		/*
2972 		 * Do not call key_setsaval() second time in case
2973 		 * of `goto again`. We will have MATURE state.
2974 		 */
2975 		*errp = key_setsaval(sav, mhp);
2976 		if (*errp != 0)
2977 			goto done;
2978 		sav->state = SADB_SASTATE_MATURE;
2979 	}
2980 
2981 	SAHTREE_WLOCK();
2982 	/*
2983 	 * Check that existing SAH wasn't unlinked.
2984 	 * Since we didn't hold the SAHTREE lock, it is possible,
2985 	 * that callout handler or key_flush() or key_delete() could
2986 	 * unlink this SAH.
2987 	 */
2988 	if (isnew == 0 && sah->state == SADB_SASTATE_DEAD) {
2989 		SAHTREE_WUNLOCK();
2990 		key_freesah(&sah);	/* reference from key_getsah() */
2991 		goto again;
2992 	}
2993 	if (isnew != 0) {
2994 		/*
2995 		 * Add new SAH into SADB.
2996 		 *
2997 		 * XXXAE: we can serialize key_add and key_getspi calls, so
2998 		 * several threads will not fight in the race.
2999 		 * Otherwise we should check under SAHTREE lock, that this
3000 		 * SAH would not added twice.
3001 		 */
3002 		TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
3003 		/* Add new SAH into hash by addresses */
3004 		LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
3005 		/* Now we are linked in the chain */
3006 		sah->state = SADB_SASTATE_MATURE;
3007 		/*
3008 		 * SAV references this new SAH.
3009 		 * In case of existing SAH we reuse reference
3010 		 * from key_getsah().
3011 		 */
3012 		SAH_ADDREF(sah);
3013 	}
3014 	/* Link SAV with SAH */
3015 	if (sav->state == SADB_SASTATE_MATURE)
3016 		TAILQ_INSERT_HEAD(&sah->savtree_alive, sav, chain);
3017 	else
3018 		TAILQ_INSERT_HEAD(&sah->savtree_larval, sav, chain);
3019 	/* Add SAV into SPI hash */
3020 	LIST_INSERT_HEAD(SAVHASH_HASH(sav->spi), sav, spihash);
3021 	SAHTREE_WUNLOCK();
3022 	*errp = 0;	/* success */
3023 done:
3024 	if (*errp != 0) {
3025 		if (sav != NULL) {
3026 			if (sav->lock != NULL) {
3027 				mtx_destroy(sav->lock);
3028 				free(sav->lock, M_IPSEC_MISC);
3029 			}
3030 			if (sav->lft_c != NULL)
3031 				uma_zfree_pcpu(ipsec_key_lft_zone, sav->lft_c);
3032 			free(sav, M_IPSEC_SA), sav = NULL;
3033 		}
3034 		if (sah != NULL)
3035 			key_freesah(&sah);
3036 		if (*errp == ENOBUFS) {
3037 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3038 			    __func__));
3039 			PFKEYSTAT_INC(in_nomem);
3040 		}
3041 	}
3042 	return (sav);
3043 }
3044 
3045 /*
3046  * free() SA variable entry.
3047  */
3048 static void
3049 key_cleansav(struct secasvar *sav)
3050 {
3051 
3052 	if (sav->natt != NULL) {
3053 		free(sav->natt, M_IPSEC_MISC);
3054 		sav->natt = NULL;
3055 	}
3056 	if (sav->flags & SADB_X_EXT_F_CLONED)
3057 		return;
3058 	if (sav->tdb_xform != NULL) {
3059 		sav->tdb_xform->xf_cleanup(sav);
3060 		sav->tdb_xform = NULL;
3061 	}
3062 	if (sav->key_auth != NULL) {
3063 		zfree(sav->key_auth->key_data, M_IPSEC_MISC);
3064 		free(sav->key_auth, M_IPSEC_MISC);
3065 		sav->key_auth = NULL;
3066 	}
3067 	if (sav->key_enc != NULL) {
3068 		zfree(sav->key_enc->key_data, M_IPSEC_MISC);
3069 		free(sav->key_enc, M_IPSEC_MISC);
3070 		sav->key_enc = NULL;
3071 	}
3072 	if (sav->replay != NULL) {
3073 		if (sav->replay->bitmap != NULL)
3074 			free(sav->replay->bitmap, M_IPSEC_MISC);
3075 		free(sav->replay, M_IPSEC_MISC);
3076 		sav->replay = NULL;
3077 	}
3078 	if (sav->lft_h != NULL) {
3079 		free(sav->lft_h, M_IPSEC_MISC);
3080 		sav->lft_h = NULL;
3081 	}
3082 	if (sav->lft_s != NULL) {
3083 		free(sav->lft_s, M_IPSEC_MISC);
3084 		sav->lft_s = NULL;
3085 	}
3086 }
3087 
3088 /*
3089  * free() SA variable entry.
3090  */
3091 static void
3092 key_delsav(struct secasvar *sav)
3093 {
3094 	IPSEC_ASSERT(sav != NULL, ("null sav"));
3095 	IPSEC_ASSERT(sav->state == SADB_SASTATE_DEAD,
3096 	    ("attempt to free non DEAD SA %p", sav));
3097 	IPSEC_ASSERT(sav->refcnt == 0, ("reference count %u > 0",
3098 	    sav->refcnt));
3099 
3100 	/*
3101 	 * SA must be unlinked from the chain and hashtbl.
3102 	 * If SA was cloned, we leave all fields untouched,
3103 	 * except NAT-T config.
3104 	 */
3105 	key_cleansav(sav);
3106 	if ((sav->flags & SADB_X_EXT_F_CLONED) == 0) {
3107 		mtx_destroy(sav->lock);
3108 		free(sav->lock, M_IPSEC_MISC);
3109 		uma_zfree_pcpu(ipsec_key_lft_zone, sav->lft_c);
3110 	}
3111 	free(sav, M_IPSEC_SA);
3112 }
3113 
3114 /*
3115  * search SAH.
3116  * OUT:
3117  *	NULL	: not found
3118  *	others	: found, referenced pointer to a SAH.
3119  */
3120 static struct secashead *
3121 key_getsah(struct secasindex *saidx)
3122 {
3123 	SAHTREE_RLOCK_TRACKER;
3124 	struct secashead *sah;
3125 
3126 	SAHTREE_RLOCK();
3127 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
3128 	    if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID) != 0) {
3129 		    SAH_ADDREF(sah);
3130 		    break;
3131 	    }
3132 	}
3133 	SAHTREE_RUNLOCK();
3134 	return (sah);
3135 }
3136 
3137 /*
3138  * Check not to be duplicated SPI.
3139  * OUT:
3140  *	0	: not found
3141  *	1	: found SA with given SPI.
3142  */
3143 static int
3144 key_checkspidup(uint32_t spi)
3145 {
3146 	SAHTREE_RLOCK_TRACKER;
3147 	struct secasvar *sav;
3148 
3149 	/* Assume SPI is in network byte order */
3150 	SAHTREE_RLOCK();
3151 	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
3152 		if (sav->spi == spi)
3153 			break;
3154 	}
3155 	SAHTREE_RUNLOCK();
3156 	return (sav != NULL);
3157 }
3158 
3159 /*
3160  * Search SA by SPI.
3161  * OUT:
3162  *	NULL	: not found
3163  *	others	: found, referenced pointer to a SA.
3164  */
3165 static struct secasvar *
3166 key_getsavbyspi(uint32_t spi)
3167 {
3168 	SAHTREE_RLOCK_TRACKER;
3169 	struct secasvar *sav;
3170 
3171 	/* Assume SPI is in network byte order */
3172 	SAHTREE_RLOCK();
3173 	LIST_FOREACH(sav, SAVHASH_HASH(spi), spihash) {
3174 		if (sav->spi != spi)
3175 			continue;
3176 		SAV_ADDREF(sav);
3177 		break;
3178 	}
3179 	SAHTREE_RUNLOCK();
3180 	return (sav);
3181 }
3182 
3183 static int
3184 key_updatelifetimes(struct secasvar *sav, const struct sadb_msghdr *mhp)
3185 {
3186 	struct seclifetime *lft_h, *lft_s, *tmp;
3187 
3188 	/* Lifetime extension is optional, check that it is present. */
3189 	if (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
3190 	    SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) {
3191 		/*
3192 		 * In case of SADB_UPDATE we may need to change
3193 		 * existing lifetimes.
3194 		 */
3195 		if (sav->state == SADB_SASTATE_MATURE) {
3196 			lft_h = lft_s = NULL;
3197 			goto reset;
3198 		}
3199 		return (0);
3200 	}
3201 	/* Both HARD and SOFT extensions must present */
3202 	if ((SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
3203 	    !SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
3204 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
3205 	    !SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
3206 		ipseclog((LOG_DEBUG,
3207 		    "%s: invalid message: missing required header.\n",
3208 		    __func__));
3209 		return (EINVAL);
3210 	}
3211 	if (SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_HARD) ||
3212 	    SADB_CHECKLEN(mhp, SADB_EXT_LIFETIME_SOFT)) {
3213 		ipseclog((LOG_DEBUG,
3214 		    "%s: invalid message: wrong header size.\n", __func__));
3215 		return (EINVAL);
3216 	}
3217 	lft_h = key_dup_lifemsg((const struct sadb_lifetime *)
3218 	    mhp->ext[SADB_EXT_LIFETIME_HARD], M_IPSEC_MISC);
3219 	if (lft_h == NULL) {
3220 		PFKEYSTAT_INC(in_nomem);
3221 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3222 		return (ENOBUFS);
3223 	}
3224 	lft_s = key_dup_lifemsg((const struct sadb_lifetime *)
3225 	    mhp->ext[SADB_EXT_LIFETIME_SOFT], M_IPSEC_MISC);
3226 	if (lft_s == NULL) {
3227 		PFKEYSTAT_INC(in_nomem);
3228 		free(lft_h, M_IPSEC_MISC);
3229 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
3230 		return (ENOBUFS);
3231 	}
3232 reset:
3233 	if (sav->state != SADB_SASTATE_LARVAL) {
3234 		/*
3235 		 * key_update() holds reference to this SA,
3236 		 * so it won't be deleted in meanwhile.
3237 		 */
3238 		SECASVAR_LOCK(sav);
3239 		tmp = sav->lft_h;
3240 		sav->lft_h = lft_h;
3241 		lft_h = tmp;
3242 
3243 		tmp = sav->lft_s;
3244 		sav->lft_s = lft_s;
3245 		lft_s = tmp;
3246 		SECASVAR_UNLOCK(sav);
3247 		if (lft_h != NULL)
3248 			free(lft_h, M_IPSEC_MISC);
3249 		if (lft_s != NULL)
3250 			free(lft_s, M_IPSEC_MISC);
3251 		return (0);
3252 	}
3253 	/* We can update lifetime without holding a lock */
3254 	IPSEC_ASSERT(sav->lft_h == NULL, ("lft_h is already initialized\n"));
3255 	IPSEC_ASSERT(sav->lft_s == NULL, ("lft_s is already initialized\n"));
3256 	sav->lft_h = lft_h;
3257 	sav->lft_s = lft_s;
3258 	return (0);
3259 }
3260 
3261 /*
3262  * copy SA values from PF_KEY message except *SPI, SEQ, PID and TYPE*.
3263  * You must update these if need. Expects only LARVAL SAs.
3264  * OUT:	0:	success.
3265  *	!0:	failure.
3266  */
3267 static int
3268 key_setsaval(struct secasvar *sav, const struct sadb_msghdr *mhp)
3269 {
3270 	const struct sadb_sa *sa0;
3271 	const struct sadb_key *key0;
3272 	uint32_t replay;
3273 	size_t len;
3274 	int error;
3275 
3276 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
3277 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
3278 	IPSEC_ASSERT(sav->state == SADB_SASTATE_LARVAL,
3279 	    ("Attempt to update non LARVAL SA"));
3280 
3281 	/* XXX rewrite */
3282 	error = key_setident(sav->sah, mhp);
3283 	if (error != 0)
3284 		goto fail;
3285 
3286 	/* SA */
3287 	if (!SADB_CHECKHDR(mhp, SADB_EXT_SA)) {
3288 		if (SADB_CHECKLEN(mhp, SADB_EXT_SA)) {
3289 			error = EINVAL;
3290 			goto fail;
3291 		}
3292 		sa0 = (const struct sadb_sa *)mhp->ext[SADB_EXT_SA];
3293 		sav->alg_auth = sa0->sadb_sa_auth;
3294 		sav->alg_enc = sa0->sadb_sa_encrypt;
3295 		sav->flags = sa0->sadb_sa_flags;
3296 		if ((sav->flags & SADB_KEY_FLAGS_MAX) != sav->flags) {
3297 			ipseclog((LOG_DEBUG,
3298 			    "%s: invalid sa_flags 0x%08x.\n", __func__,
3299 			    sav->flags));
3300 			error = EINVAL;
3301 			goto fail;
3302 		}
3303 
3304 		/* Optional replay window */
3305 		replay = 0;
3306 		if ((sa0->sadb_sa_flags & SADB_X_EXT_OLD) == 0)
3307 			replay = sa0->sadb_sa_replay;
3308 		if (!SADB_CHECKHDR(mhp, SADB_X_EXT_SA_REPLAY)) {
3309 			if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA_REPLAY)) {
3310 				error = EINVAL;
3311 				goto fail;
3312 			}
3313 			replay = ((const struct sadb_x_sa_replay *)
3314 			    mhp->ext[SADB_X_EXT_SA_REPLAY])->sadb_x_sa_replay_replay;
3315 
3316 			if (replay > UINT32_MAX - 32) {
3317 				ipseclog((LOG_DEBUG,
3318 				    "%s: replay window too big.\n", __func__));
3319 				error = EINVAL;
3320 				goto fail;
3321 			}
3322 
3323 			replay = (replay + 7) >> 3;
3324 		}
3325 
3326 		sav->replay = malloc(sizeof(struct secreplay), M_IPSEC_MISC,
3327 		    M_NOWAIT | M_ZERO);
3328 		if (sav->replay == NULL) {
3329 			PFKEYSTAT_INC(in_nomem);
3330 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3331 			    __func__));
3332 			error = ENOBUFS;
3333 			goto fail;
3334 		}
3335 
3336 		if (replay != 0) {
3337 			/* number of 32b blocks to be allocated */
3338 			uint32_t bitmap_size;
3339 
3340 			/* RFC 6479:
3341 			 * - the allocated replay window size must be
3342 			 *   a power of two.
3343 			 * - use an extra 32b block as a redundant window.
3344 			 */
3345 			bitmap_size = 1;
3346 			while (replay + 4 > bitmap_size)
3347 				bitmap_size <<= 1;
3348 			bitmap_size = bitmap_size / 4;
3349 
3350 			sav->replay->bitmap = malloc(
3351 			    bitmap_size * sizeof(uint32_t), M_IPSEC_MISC,
3352 			    M_NOWAIT | M_ZERO);
3353 			if (sav->replay->bitmap == NULL) {
3354 				PFKEYSTAT_INC(in_nomem);
3355 				ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3356 					__func__));
3357 				error = ENOBUFS;
3358 				goto fail;
3359 			}
3360 			sav->replay->bitmap_size = bitmap_size;
3361 			sav->replay->wsize = replay;
3362 		}
3363 	}
3364 
3365 	/* Authentication keys */
3366 	if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH)) {
3367 		if (SADB_CHECKLEN(mhp, SADB_EXT_KEY_AUTH)) {
3368 			error = EINVAL;
3369 			goto fail;
3370 		}
3371 		error = 0;
3372 		key0 = (const struct sadb_key *)mhp->ext[SADB_EXT_KEY_AUTH];
3373 		len = mhp->extlen[SADB_EXT_KEY_AUTH];
3374 		switch (mhp->msg->sadb_msg_satype) {
3375 		case SADB_SATYPE_AH:
3376 		case SADB_SATYPE_ESP:
3377 		case SADB_X_SATYPE_TCPSIGNATURE:
3378 			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
3379 			    sav->alg_auth != SADB_X_AALG_NULL)
3380 				error = EINVAL;
3381 			break;
3382 		case SADB_X_SATYPE_IPCOMP:
3383 		default:
3384 			error = EINVAL;
3385 			break;
3386 		}
3387 		if (error) {
3388 			ipseclog((LOG_DEBUG, "%s: invalid key_auth values.\n",
3389 				__func__));
3390 			goto fail;
3391 		}
3392 
3393 		sav->key_auth = key_dup_keymsg(key0, len, M_IPSEC_MISC);
3394 		if (sav->key_auth == NULL ) {
3395 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3396 				  __func__));
3397 			PFKEYSTAT_INC(in_nomem);
3398 			error = ENOBUFS;
3399 			goto fail;
3400 		}
3401 	}
3402 
3403 	/* Encryption key */
3404 	if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT)) {
3405 		if (SADB_CHECKLEN(mhp, SADB_EXT_KEY_ENCRYPT)) {
3406 			error = EINVAL;
3407 			goto fail;
3408 		}
3409 		error = 0;
3410 		key0 = (const struct sadb_key *)mhp->ext[SADB_EXT_KEY_ENCRYPT];
3411 		len = mhp->extlen[SADB_EXT_KEY_ENCRYPT];
3412 		switch (mhp->msg->sadb_msg_satype) {
3413 		case SADB_SATYPE_ESP:
3414 			if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) &&
3415 			    sav->alg_enc != SADB_EALG_NULL) {
3416 				error = EINVAL;
3417 				break;
3418 			}
3419 			sav->key_enc = key_dup_keymsg(key0, len, M_IPSEC_MISC);
3420 			if (sav->key_enc == NULL) {
3421 				ipseclog((LOG_DEBUG, "%s: No more memory.\n",
3422 					__func__));
3423 				PFKEYSTAT_INC(in_nomem);
3424 				error = ENOBUFS;
3425 				goto fail;
3426 			}
3427 			break;
3428 		case SADB_X_SATYPE_IPCOMP:
3429 			if (len != PFKEY_ALIGN8(sizeof(struct sadb_key)))
3430 				error = EINVAL;
3431 			sav->key_enc = NULL;	/*just in case*/
3432 			break;
3433 		case SADB_SATYPE_AH:
3434 		case SADB_X_SATYPE_TCPSIGNATURE:
3435 		default:
3436 			error = EINVAL;
3437 			break;
3438 		}
3439 		if (error) {
3440 			ipseclog((LOG_DEBUG, "%s: invalid key_enc value.\n",
3441 				__func__));
3442 			goto fail;
3443 		}
3444 	}
3445 
3446 	/* set iv */
3447 	sav->ivlen = 0;
3448 	switch (mhp->msg->sadb_msg_satype) {
3449 	case SADB_SATYPE_AH:
3450 		if (sav->flags & SADB_X_EXT_DERIV) {
3451 			ipseclog((LOG_DEBUG, "%s: invalid flag (derived) "
3452 			    "given to AH SA.\n", __func__));
3453 			error = EINVAL;
3454 			goto fail;
3455 		}
3456 		if (sav->alg_enc != SADB_EALG_NONE) {
3457 			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3458 			    "mismated.\n", __func__));
3459 			error = EINVAL;
3460 			goto fail;
3461 		}
3462 		error = xform_init(sav, XF_AH);
3463 		break;
3464 	case SADB_SATYPE_ESP:
3465 		if ((sav->flags & (SADB_X_EXT_OLD | SADB_X_EXT_DERIV)) ==
3466 		    (SADB_X_EXT_OLD | SADB_X_EXT_DERIV)) {
3467 			ipseclog((LOG_DEBUG, "%s: invalid flag (derived) "
3468 			    "given to old-esp.\n", __func__));
3469 			error = EINVAL;
3470 			goto fail;
3471 		}
3472 		error = xform_init(sav, XF_ESP);
3473 		break;
3474 	case SADB_X_SATYPE_IPCOMP:
3475 		if (sav->alg_auth != SADB_AALG_NONE) {
3476 			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3477 			    "mismated.\n", __func__));
3478 			error = EINVAL;
3479 			goto fail;
3480 		}
3481 		if ((sav->flags & SADB_X_EXT_RAWCPI) == 0 &&
3482 		    ntohl(sav->spi) >= 0x10000) {
3483 			ipseclog((LOG_DEBUG, "%s: invalid cpi for IPComp.\n",
3484 			    __func__));
3485 			error = EINVAL;
3486 			goto fail;
3487 		}
3488 		error = xform_init(sav, XF_IPCOMP);
3489 		break;
3490 	case SADB_X_SATYPE_TCPSIGNATURE:
3491 		if (sav->alg_enc != SADB_EALG_NONE) {
3492 			ipseclog((LOG_DEBUG, "%s: protocol and algorithm "
3493 			    "mismated.\n", __func__));
3494 			error = EINVAL;
3495 			goto fail;
3496 		}
3497 		error = xform_init(sav, XF_TCPSIGNATURE);
3498 		break;
3499 	default:
3500 		ipseclog((LOG_DEBUG, "%s: Invalid satype.\n", __func__));
3501 		error = EPROTONOSUPPORT;
3502 		goto fail;
3503 	}
3504 	if (error) {
3505 		ipseclog((LOG_DEBUG, "%s: unable to initialize SA type %u.\n",
3506 		    __func__, mhp->msg->sadb_msg_satype));
3507 		goto fail;
3508 	}
3509 
3510 	/* Handle NAT-T headers */
3511 	error = key_setnatt(sav, mhp);
3512 	if (error != 0)
3513 		goto fail;
3514 
3515 	/* Initialize lifetime for CURRENT */
3516 	sav->firstused = 0;
3517 	sav->created = time_second;
3518 
3519 	/* lifetimes for HARD and SOFT */
3520 	error = key_updatelifetimes(sav, mhp);
3521 	if (error == 0)
3522 		return (0);
3523 fail:
3524 	key_cleansav(sav);
3525 	return (error);
3526 }
3527 
3528 /*
3529  * subroutine for SADB_GET and SADB_DUMP.
3530  */
3531 static struct mbuf *
3532 key_setdumpsa(struct secasvar *sav, uint8_t type, uint8_t satype,
3533     uint32_t seq, uint32_t pid)
3534 {
3535 	struct seclifetime lft_c;
3536 	struct mbuf *result = NULL, *tres = NULL, *m;
3537 	int i, dumporder[] = {
3538 		SADB_EXT_SA, SADB_X_EXT_SA2, SADB_X_EXT_SA_REPLAY,
3539 		SADB_EXT_LIFETIME_HARD, SADB_EXT_LIFETIME_SOFT,
3540 		SADB_EXT_LIFETIME_CURRENT, SADB_EXT_ADDRESS_SRC,
3541 		SADB_EXT_ADDRESS_DST, SADB_EXT_ADDRESS_PROXY,
3542 		SADB_EXT_KEY_AUTH, SADB_EXT_KEY_ENCRYPT,
3543 		SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST,
3544 		SADB_EXT_SENSITIVITY,
3545 		SADB_X_EXT_NAT_T_TYPE,
3546 		SADB_X_EXT_NAT_T_SPORT, SADB_X_EXT_NAT_T_DPORT,
3547 		SADB_X_EXT_NAT_T_OAI, SADB_X_EXT_NAT_T_OAR,
3548 		SADB_X_EXT_NAT_T_FRAG,
3549 	};
3550 	uint32_t replay_count;
3551 
3552 	m = key_setsadbmsg(type, 0, satype, seq, pid, sav->refcnt);
3553 	if (m == NULL)
3554 		goto fail;
3555 	result = m;
3556 
3557 	for (i = nitems(dumporder) - 1; i >= 0; i--) {
3558 		m = NULL;
3559 		switch (dumporder[i]) {
3560 		case SADB_EXT_SA:
3561 			m = key_setsadbsa(sav);
3562 			if (!m)
3563 				goto fail;
3564 			break;
3565 
3566 		case SADB_X_EXT_SA2:
3567 			SECASVAR_LOCK(sav);
3568 			replay_count = sav->replay ? sav->replay->count : 0;
3569 			SECASVAR_UNLOCK(sav);
3570 			m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
3571 					sav->sah->saidx.reqid);
3572 			if (!m)
3573 				goto fail;
3574 			break;
3575 
3576 		case SADB_X_EXT_SA_REPLAY:
3577 			if (sav->replay == NULL ||
3578 			    sav->replay->wsize <= UINT8_MAX)
3579 				continue;
3580 
3581 			m = key_setsadbxsareplay(sav->replay->wsize);
3582 			if (!m)
3583 				goto fail;
3584 			break;
3585 
3586 		case SADB_EXT_ADDRESS_SRC:
3587 			m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
3588 			    &sav->sah->saidx.src.sa,
3589 			    FULLMASK, IPSEC_ULPROTO_ANY);
3590 			if (!m)
3591 				goto fail;
3592 			break;
3593 
3594 		case SADB_EXT_ADDRESS_DST:
3595 			m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
3596 			    &sav->sah->saidx.dst.sa,
3597 			    FULLMASK, IPSEC_ULPROTO_ANY);
3598 			if (!m)
3599 				goto fail;
3600 			break;
3601 
3602 		case SADB_EXT_KEY_AUTH:
3603 			if (!sav->key_auth)
3604 				continue;
3605 			m = key_setkey(sav->key_auth, SADB_EXT_KEY_AUTH);
3606 			if (!m)
3607 				goto fail;
3608 			break;
3609 
3610 		case SADB_EXT_KEY_ENCRYPT:
3611 			if (!sav->key_enc)
3612 				continue;
3613 			m = key_setkey(sav->key_enc, SADB_EXT_KEY_ENCRYPT);
3614 			if (!m)
3615 				goto fail;
3616 			break;
3617 
3618 		case SADB_EXT_LIFETIME_CURRENT:
3619 			lft_c.addtime = sav->created;
3620 			lft_c.allocations = (uint32_t)counter_u64_fetch(
3621 			    sav->lft_c_allocations);
3622 			lft_c.bytes = counter_u64_fetch(sav->lft_c_bytes);
3623 			lft_c.usetime = sav->firstused;
3624 			m = key_setlifetime(&lft_c, SADB_EXT_LIFETIME_CURRENT);
3625 			if (!m)
3626 				goto fail;
3627 			break;
3628 
3629 		case SADB_EXT_LIFETIME_HARD:
3630 			if (!sav->lft_h)
3631 				continue;
3632 			m = key_setlifetime(sav->lft_h,
3633 					    SADB_EXT_LIFETIME_HARD);
3634 			if (!m)
3635 				goto fail;
3636 			break;
3637 
3638 		case SADB_EXT_LIFETIME_SOFT:
3639 			if (!sav->lft_s)
3640 				continue;
3641 			m = key_setlifetime(sav->lft_s,
3642 					    SADB_EXT_LIFETIME_SOFT);
3643 
3644 			if (!m)
3645 				goto fail;
3646 			break;
3647 
3648 		case SADB_X_EXT_NAT_T_TYPE:
3649 			if (sav->natt == NULL)
3650 				continue;
3651 			m = key_setsadbxtype(UDP_ENCAP_ESPINUDP);
3652 			if (!m)
3653 				goto fail;
3654 			break;
3655 
3656 		case SADB_X_EXT_NAT_T_DPORT:
3657 			if (sav->natt == NULL)
3658 				continue;
3659 			m = key_setsadbxport(sav->natt->dport,
3660 			    SADB_X_EXT_NAT_T_DPORT);
3661 			if (!m)
3662 				goto fail;
3663 			break;
3664 
3665 		case SADB_X_EXT_NAT_T_SPORT:
3666 			if (sav->natt == NULL)
3667 				continue;
3668 			m = key_setsadbxport(sav->natt->sport,
3669 			    SADB_X_EXT_NAT_T_SPORT);
3670 			if (!m)
3671 				goto fail;
3672 			break;
3673 
3674 		case SADB_X_EXT_NAT_T_OAI:
3675 			if (sav->natt == NULL ||
3676 			    (sav->natt->flags & IPSEC_NATT_F_OAI) == 0)
3677 				continue;
3678 			m = key_setsadbaddr(SADB_X_EXT_NAT_T_OAI,
3679 			    &sav->natt->oai.sa, FULLMASK, IPSEC_ULPROTO_ANY);
3680 			if (!m)
3681 				goto fail;
3682 			break;
3683 		case SADB_X_EXT_NAT_T_OAR:
3684 			if (sav->natt == NULL ||
3685 			    (sav->natt->flags & IPSEC_NATT_F_OAR) == 0)
3686 				continue;
3687 			m = key_setsadbaddr(SADB_X_EXT_NAT_T_OAR,
3688 			    &sav->natt->oar.sa, FULLMASK, IPSEC_ULPROTO_ANY);
3689 			if (!m)
3690 				goto fail;
3691 			break;
3692 		case SADB_X_EXT_NAT_T_FRAG:
3693 			/* We do not (yet) support those. */
3694 			continue;
3695 
3696 		case SADB_EXT_ADDRESS_PROXY:
3697 		case SADB_EXT_IDENTITY_SRC:
3698 		case SADB_EXT_IDENTITY_DST:
3699 			/* XXX: should we brought from SPD ? */
3700 		case SADB_EXT_SENSITIVITY:
3701 		default:
3702 			continue;
3703 		}
3704 
3705 		if (!m)
3706 			goto fail;
3707 		if (tres)
3708 			m_cat(m, tres);
3709 		tres = m;
3710 	}
3711 
3712 	m_cat(result, tres);
3713 	tres = NULL;
3714 	if (result->m_len < sizeof(struct sadb_msg)) {
3715 		result = m_pullup(result, sizeof(struct sadb_msg));
3716 		if (result == NULL)
3717 			goto fail;
3718 	}
3719 
3720 	result->m_pkthdr.len = 0;
3721 	for (m = result; m; m = m->m_next)
3722 		result->m_pkthdr.len += m->m_len;
3723 
3724 	mtod(result, struct sadb_msg *)->sadb_msg_len =
3725 	    PFKEY_UNIT64(result->m_pkthdr.len);
3726 
3727 	return result;
3728 
3729 fail:
3730 	m_freem(result);
3731 	m_freem(tres);
3732 	return NULL;
3733 }
3734 
3735 /*
3736  * set data into sadb_msg.
3737  */
3738 static struct mbuf *
3739 key_setsadbmsg(u_int8_t type, u_int16_t tlen, u_int8_t satype, u_int32_t seq,
3740     pid_t pid, u_int16_t reserved)
3741 {
3742 	struct mbuf *m;
3743 	struct sadb_msg *p;
3744 	int len;
3745 
3746 	len = PFKEY_ALIGN8(sizeof(struct sadb_msg));
3747 	if (len > MCLBYTES)
3748 		return NULL;
3749 	MGETHDR(m, M_NOWAIT, MT_DATA);
3750 	if (m && len > MHLEN) {
3751 		if (!(MCLGET(m, M_NOWAIT))) {
3752 			m_freem(m);
3753 			m = NULL;
3754 		}
3755 	}
3756 	if (!m)
3757 		return NULL;
3758 	m->m_pkthdr.len = m->m_len = len;
3759 	m->m_next = NULL;
3760 
3761 	p = mtod(m, struct sadb_msg *);
3762 
3763 	bzero(p, len);
3764 	p->sadb_msg_version = PF_KEY_V2;
3765 	p->sadb_msg_type = type;
3766 	p->sadb_msg_errno = 0;
3767 	p->sadb_msg_satype = satype;
3768 	p->sadb_msg_len = PFKEY_UNIT64(tlen);
3769 	p->sadb_msg_reserved = reserved;
3770 	p->sadb_msg_seq = seq;
3771 	p->sadb_msg_pid = (u_int32_t)pid;
3772 
3773 	return m;
3774 }
3775 
3776 /*
3777  * copy secasvar data into sadb_address.
3778  */
3779 static struct mbuf *
3780 key_setsadbsa(struct secasvar *sav)
3781 {
3782 	struct mbuf *m;
3783 	struct sadb_sa *p;
3784 	int len;
3785 
3786 	len = PFKEY_ALIGN8(sizeof(struct sadb_sa));
3787 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3788 	if (m == NULL)
3789 		return (NULL);
3790 	m_align(m, len);
3791 	m->m_len = len;
3792 	p = mtod(m, struct sadb_sa *);
3793 	bzero(p, len);
3794 	p->sadb_sa_len = PFKEY_UNIT64(len);
3795 	p->sadb_sa_exttype = SADB_EXT_SA;
3796 	p->sadb_sa_spi = sav->spi;
3797 	p->sadb_sa_replay = sav->replay ?
3798 	    (sav->replay->wsize > UINT8_MAX ? UINT8_MAX :
3799 		sav->replay->wsize): 0;
3800 	p->sadb_sa_state = sav->state;
3801 	p->sadb_sa_auth = sav->alg_auth;
3802 	p->sadb_sa_encrypt = sav->alg_enc;
3803 	p->sadb_sa_flags = sav->flags & SADB_KEY_FLAGS_MAX;
3804 	return (m);
3805 }
3806 
3807 /*
3808  * set data into sadb_address.
3809  */
3810 static struct mbuf *
3811 key_setsadbaddr(u_int16_t exttype, const struct sockaddr *saddr,
3812     u_int8_t prefixlen, u_int16_t ul_proto)
3813 {
3814 	struct mbuf *m;
3815 	struct sadb_address *p;
3816 	size_t len;
3817 
3818 	len = PFKEY_ALIGN8(sizeof(struct sadb_address)) +
3819 	    PFKEY_ALIGN8(saddr->sa_len);
3820 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3821 	if (m == NULL)
3822 		return (NULL);
3823 	m_align(m, len);
3824 	m->m_len = len;
3825 	p = mtod(m, struct sadb_address *);
3826 
3827 	bzero(p, len);
3828 	p->sadb_address_len = PFKEY_UNIT64(len);
3829 	p->sadb_address_exttype = exttype;
3830 	p->sadb_address_proto = ul_proto;
3831 	if (prefixlen == FULLMASK) {
3832 		switch (saddr->sa_family) {
3833 		case AF_INET:
3834 			prefixlen = sizeof(struct in_addr) << 3;
3835 			break;
3836 		case AF_INET6:
3837 			prefixlen = sizeof(struct in6_addr) << 3;
3838 			break;
3839 		default:
3840 			; /*XXX*/
3841 		}
3842 	}
3843 	p->sadb_address_prefixlen = prefixlen;
3844 	p->sadb_address_reserved = 0;
3845 
3846 	bcopy(saddr,
3847 	    mtod(m, caddr_t) + PFKEY_ALIGN8(sizeof(struct sadb_address)),
3848 	    saddr->sa_len);
3849 
3850 	return m;
3851 }
3852 
3853 /*
3854  * set data into sadb_x_sa2.
3855  */
3856 static struct mbuf *
3857 key_setsadbxsa2(u_int8_t mode, u_int32_t seq, u_int32_t reqid)
3858 {
3859 	struct mbuf *m;
3860 	struct sadb_x_sa2 *p;
3861 	size_t len;
3862 
3863 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa2));
3864 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3865 	if (m == NULL)
3866 		return (NULL);
3867 	m_align(m, len);
3868 	m->m_len = len;
3869 	p = mtod(m, struct sadb_x_sa2 *);
3870 
3871 	bzero(p, len);
3872 	p->sadb_x_sa2_len = PFKEY_UNIT64(len);
3873 	p->sadb_x_sa2_exttype = SADB_X_EXT_SA2;
3874 	p->sadb_x_sa2_mode = mode;
3875 	p->sadb_x_sa2_reserved1 = 0;
3876 	p->sadb_x_sa2_reserved2 = 0;
3877 	p->sadb_x_sa2_sequence = seq;
3878 	p->sadb_x_sa2_reqid = reqid;
3879 
3880 	return m;
3881 }
3882 
3883 /*
3884  * Set data into sadb_x_sa_replay.
3885  */
3886 static struct mbuf *
3887 key_setsadbxsareplay(u_int32_t replay)
3888 {
3889 	struct mbuf *m;
3890 	struct sadb_x_sa_replay *p;
3891 	size_t len;
3892 
3893 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa_replay));
3894 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3895 	if (m == NULL)
3896 		return (NULL);
3897 	m_align(m, len);
3898 	m->m_len = len;
3899 	p = mtod(m, struct sadb_x_sa_replay *);
3900 
3901 	bzero(p, len);
3902 	p->sadb_x_sa_replay_len = PFKEY_UNIT64(len);
3903 	p->sadb_x_sa_replay_exttype = SADB_X_EXT_SA_REPLAY;
3904 	p->sadb_x_sa_replay_replay = (replay << 3);
3905 
3906 	return m;
3907 }
3908 
3909 /*
3910  * Set a type in sadb_x_nat_t_type.
3911  */
3912 static struct mbuf *
3913 key_setsadbxtype(u_int16_t type)
3914 {
3915 	struct mbuf *m;
3916 	size_t len;
3917 	struct sadb_x_nat_t_type *p;
3918 
3919 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_type));
3920 
3921 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3922 	if (m == NULL)
3923 		return (NULL);
3924 	m_align(m, len);
3925 	m->m_len = len;
3926 	p = mtod(m, struct sadb_x_nat_t_type *);
3927 
3928 	bzero(p, len);
3929 	p->sadb_x_nat_t_type_len = PFKEY_UNIT64(len);
3930 	p->sadb_x_nat_t_type_exttype = SADB_X_EXT_NAT_T_TYPE;
3931 	p->sadb_x_nat_t_type_type = type;
3932 
3933 	return (m);
3934 }
3935 /*
3936  * Set a port in sadb_x_nat_t_port.
3937  * In contrast to default RFC 2367 behaviour, port is in network byte order.
3938  */
3939 static struct mbuf *
3940 key_setsadbxport(u_int16_t port, u_int16_t type)
3941 {
3942 	struct mbuf *m;
3943 	size_t len;
3944 	struct sadb_x_nat_t_port *p;
3945 
3946 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_port));
3947 
3948 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
3949 	if (m == NULL)
3950 		return (NULL);
3951 	m_align(m, len);
3952 	m->m_len = len;
3953 	p = mtod(m, struct sadb_x_nat_t_port *);
3954 
3955 	bzero(p, len);
3956 	p->sadb_x_nat_t_port_len = PFKEY_UNIT64(len);
3957 	p->sadb_x_nat_t_port_exttype = type;
3958 	p->sadb_x_nat_t_port_port = port;
3959 
3960 	return (m);
3961 }
3962 
3963 /*
3964  * Get port from sockaddr. Port is in network byte order.
3965  */
3966 uint16_t
3967 key_portfromsaddr(struct sockaddr *sa)
3968 {
3969 
3970 	switch (sa->sa_family) {
3971 #ifdef INET
3972 	case AF_INET:
3973 		return ((struct sockaddr_in *)sa)->sin_port;
3974 #endif
3975 #ifdef INET6
3976 	case AF_INET6:
3977 		return ((struct sockaddr_in6 *)sa)->sin6_port;
3978 #endif
3979 	}
3980 	return (0);
3981 }
3982 
3983 /*
3984  * Set port in struct sockaddr. Port is in network byte order.
3985  */
3986 void
3987 key_porttosaddr(struct sockaddr *sa, uint16_t port)
3988 {
3989 
3990 	switch (sa->sa_family) {
3991 #ifdef INET
3992 	case AF_INET:
3993 		((struct sockaddr_in *)sa)->sin_port = port;
3994 		break;
3995 #endif
3996 #ifdef INET6
3997 	case AF_INET6:
3998 		((struct sockaddr_in6 *)sa)->sin6_port = port;
3999 		break;
4000 #endif
4001 	default:
4002 		ipseclog((LOG_DEBUG, "%s: unexpected address family %d.\n",
4003 			__func__, sa->sa_family));
4004 		break;
4005 	}
4006 }
4007 
4008 /*
4009  * set data into sadb_x_policy
4010  */
4011 static struct mbuf *
4012 key_setsadbxpolicy(u_int16_t type, u_int8_t dir, u_int32_t id, u_int32_t priority)
4013 {
4014 	struct mbuf *m;
4015 	struct sadb_x_policy *p;
4016 	size_t len;
4017 
4018 	len = PFKEY_ALIGN8(sizeof(struct sadb_x_policy));
4019 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
4020 	if (m == NULL)
4021 		return (NULL);
4022 	m_align(m, len);
4023 	m->m_len = len;
4024 	p = mtod(m, struct sadb_x_policy *);
4025 
4026 	bzero(p, len);
4027 	p->sadb_x_policy_len = PFKEY_UNIT64(len);
4028 	p->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
4029 	p->sadb_x_policy_type = type;
4030 	p->sadb_x_policy_dir = dir;
4031 	p->sadb_x_policy_id = id;
4032 	p->sadb_x_policy_priority = priority;
4033 
4034 	return m;
4035 }
4036 
4037 /* %%% utilities */
4038 /* Take a key message (sadb_key) from the socket and turn it into one
4039  * of the kernel's key structures (seckey).
4040  *
4041  * IN: pointer to the src
4042  * OUT: NULL no more memory
4043  */
4044 struct seckey *
4045 key_dup_keymsg(const struct sadb_key *src, size_t len,
4046     struct malloc_type *type)
4047 {
4048 	struct seckey *dst;
4049 
4050 	dst = malloc(sizeof(*dst), type, M_NOWAIT);
4051 	if (dst != NULL) {
4052 		dst->bits = src->sadb_key_bits;
4053 		dst->key_data = malloc(len, type, M_NOWAIT);
4054 		if (dst->key_data != NULL) {
4055 			bcopy((const char *)(src + 1), dst->key_data, len);
4056 		} else {
4057 			ipseclog((LOG_DEBUG, "%s: No more memory.\n",
4058 			    __func__));
4059 			free(dst, type);
4060 			dst = NULL;
4061 		}
4062 	} else {
4063 		ipseclog((LOG_DEBUG, "%s: No more memory.\n",
4064 		    __func__));
4065 	}
4066 	return (dst);
4067 }
4068 
4069 /* Take a lifetime message (sadb_lifetime) passed in on a socket and
4070  * turn it into one of the kernel's lifetime structures (seclifetime).
4071  *
4072  * IN: pointer to the destination, source and malloc type
4073  * OUT: NULL, no more memory
4074  */
4075 
4076 static struct seclifetime *
4077 key_dup_lifemsg(const struct sadb_lifetime *src, struct malloc_type *type)
4078 {
4079 	struct seclifetime *dst;
4080 
4081 	dst = malloc(sizeof(*dst), type, M_NOWAIT);
4082 	if (dst == NULL) {
4083 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
4084 		return (NULL);
4085 	}
4086 	dst->allocations = src->sadb_lifetime_allocations;
4087 	dst->bytes = src->sadb_lifetime_bytes;
4088 	dst->addtime = src->sadb_lifetime_addtime;
4089 	dst->usetime = src->sadb_lifetime_usetime;
4090 	return (dst);
4091 }
4092 
4093 /*
4094  * compare two secasindex structure.
4095  * flag can specify to compare 2 saidxes.
4096  * compare two secasindex structure without both mode and reqid.
4097  * don't compare port.
4098  * IN:
4099  *      saidx0: source, it can be in SAD.
4100  *      saidx1: object.
4101  * OUT:
4102  *      1 : equal
4103  *      0 : not equal
4104  */
4105 static int
4106 key_cmpsaidx(const struct secasindex *saidx0, const struct secasindex *saidx1,
4107     int flag)
4108 {
4109 
4110 	/* sanity */
4111 	if (saidx0 == NULL && saidx1 == NULL)
4112 		return 1;
4113 
4114 	if (saidx0 == NULL || saidx1 == NULL)
4115 		return 0;
4116 
4117 	if (saidx0->proto != saidx1->proto)
4118 		return 0;
4119 
4120 	if (flag == CMP_EXACTLY) {
4121 		if (saidx0->mode != saidx1->mode)
4122 			return 0;
4123 		if (saidx0->reqid != saidx1->reqid)
4124 			return 0;
4125 		if (bcmp(&saidx0->src, &saidx1->src,
4126 		    saidx0->src.sa.sa_len) != 0 ||
4127 		    bcmp(&saidx0->dst, &saidx1->dst,
4128 		    saidx0->dst.sa.sa_len) != 0)
4129 			return 0;
4130 	} else {
4131 		/* CMP_MODE_REQID, CMP_REQID, CMP_HEAD */
4132 		if (flag == CMP_MODE_REQID || flag == CMP_REQID) {
4133 			/*
4134 			 * If reqid of SPD is non-zero, unique SA is required.
4135 			 * The result must be of same reqid in this case.
4136 			 */
4137 			if (saidx1->reqid != 0 &&
4138 			    saidx0->reqid != saidx1->reqid)
4139 				return 0;
4140 		}
4141 
4142 		if (flag == CMP_MODE_REQID) {
4143 			if (saidx0->mode != IPSEC_MODE_ANY
4144 			 && saidx0->mode != saidx1->mode)
4145 				return 0;
4146 		}
4147 
4148 		if (key_sockaddrcmp(&saidx0->src.sa, &saidx1->src.sa, 0) != 0)
4149 			return 0;
4150 		if (key_sockaddrcmp(&saidx0->dst.sa, &saidx1->dst.sa, 0) != 0)
4151 			return 0;
4152 	}
4153 
4154 	return 1;
4155 }
4156 
4157 /*
4158  * compare two secindex structure exactly.
4159  * IN:
4160  *	spidx0: source, it is often in SPD.
4161  *	spidx1: object, it is often from PFKEY message.
4162  * OUT:
4163  *	1 : equal
4164  *	0 : not equal
4165  */
4166 static int
4167 key_cmpspidx_exactly(struct secpolicyindex *spidx0,
4168     struct secpolicyindex *spidx1)
4169 {
4170 	/* sanity */
4171 	if (spidx0 == NULL && spidx1 == NULL)
4172 		return 1;
4173 
4174 	if (spidx0 == NULL || spidx1 == NULL)
4175 		return 0;
4176 
4177 	if (spidx0->prefs != spidx1->prefs
4178 	 || spidx0->prefd != spidx1->prefd
4179 	 || spidx0->ul_proto != spidx1->ul_proto
4180 	 || spidx0->dir != spidx1->dir)
4181 		return 0;
4182 
4183 	return key_sockaddrcmp(&spidx0->src.sa, &spidx1->src.sa, 1) == 0 &&
4184 	       key_sockaddrcmp(&spidx0->dst.sa, &spidx1->dst.sa, 1) == 0;
4185 }
4186 
4187 /*
4188  * compare two secindex structure with mask.
4189  * IN:
4190  *	spidx0: source, it is often in SPD.
4191  *	spidx1: object, it is often from IP header.
4192  * OUT:
4193  *	1 : equal
4194  *	0 : not equal
4195  */
4196 static int
4197 key_cmpspidx_withmask(struct secpolicyindex *spidx0,
4198     struct secpolicyindex *spidx1)
4199 {
4200 	/* sanity */
4201 	if (spidx0 == NULL && spidx1 == NULL)
4202 		return 1;
4203 
4204 	if (spidx0 == NULL || spidx1 == NULL)
4205 		return 0;
4206 
4207 	if (spidx0->src.sa.sa_family != spidx1->src.sa.sa_family ||
4208 	    spidx0->dst.sa.sa_family != spidx1->dst.sa.sa_family ||
4209 	    spidx0->src.sa.sa_len != spidx1->src.sa.sa_len ||
4210 	    spidx0->dst.sa.sa_len != spidx1->dst.sa.sa_len)
4211 		return 0;
4212 
4213 	/* if spidx.ul_proto == IPSEC_ULPROTO_ANY, ignore. */
4214 	if (spidx0->ul_proto != (u_int16_t)IPSEC_ULPROTO_ANY
4215 	 && spidx0->ul_proto != spidx1->ul_proto)
4216 		return 0;
4217 
4218 	switch (spidx0->src.sa.sa_family) {
4219 	case AF_INET:
4220 		if (spidx0->src.sin.sin_port != IPSEC_PORT_ANY
4221 		 && spidx0->src.sin.sin_port != spidx1->src.sin.sin_port)
4222 			return 0;
4223 		if (!key_bbcmp(&spidx0->src.sin.sin_addr,
4224 		    &spidx1->src.sin.sin_addr, spidx0->prefs))
4225 			return 0;
4226 		break;
4227 	case AF_INET6:
4228 		if (spidx0->src.sin6.sin6_port != IPSEC_PORT_ANY
4229 		 && spidx0->src.sin6.sin6_port != spidx1->src.sin6.sin6_port)
4230 			return 0;
4231 		/*
4232 		 * scope_id check. if sin6_scope_id is 0, we regard it
4233 		 * as a wildcard scope, which matches any scope zone ID.
4234 		 */
4235 		if (spidx0->src.sin6.sin6_scope_id &&
4236 		    spidx1->src.sin6.sin6_scope_id &&
4237 		    spidx0->src.sin6.sin6_scope_id != spidx1->src.sin6.sin6_scope_id)
4238 			return 0;
4239 		if (!key_bbcmp(&spidx0->src.sin6.sin6_addr,
4240 		    &spidx1->src.sin6.sin6_addr, spidx0->prefs))
4241 			return 0;
4242 		break;
4243 	default:
4244 		/* XXX */
4245 		if (bcmp(&spidx0->src, &spidx1->src, spidx0->src.sa.sa_len) != 0)
4246 			return 0;
4247 		break;
4248 	}
4249 
4250 	switch (spidx0->dst.sa.sa_family) {
4251 	case AF_INET:
4252 		if (spidx0->dst.sin.sin_port != IPSEC_PORT_ANY
4253 		 && spidx0->dst.sin.sin_port != spidx1->dst.sin.sin_port)
4254 			return 0;
4255 		if (!key_bbcmp(&spidx0->dst.sin.sin_addr,
4256 		    &spidx1->dst.sin.sin_addr, spidx0->prefd))
4257 			return 0;
4258 		break;
4259 	case AF_INET6:
4260 		if (spidx0->dst.sin6.sin6_port != IPSEC_PORT_ANY
4261 		 && spidx0->dst.sin6.sin6_port != spidx1->dst.sin6.sin6_port)
4262 			return 0;
4263 		/*
4264 		 * scope_id check. if sin6_scope_id is 0, we regard it
4265 		 * as a wildcard scope, which matches any scope zone ID.
4266 		 */
4267 		if (spidx0->dst.sin6.sin6_scope_id &&
4268 		    spidx1->dst.sin6.sin6_scope_id &&
4269 		    spidx0->dst.sin6.sin6_scope_id != spidx1->dst.sin6.sin6_scope_id)
4270 			return 0;
4271 		if (!key_bbcmp(&spidx0->dst.sin6.sin6_addr,
4272 		    &spidx1->dst.sin6.sin6_addr, spidx0->prefd))
4273 			return 0;
4274 		break;
4275 	default:
4276 		/* XXX */
4277 		if (bcmp(&spidx0->dst, &spidx1->dst, spidx0->dst.sa.sa_len) != 0)
4278 			return 0;
4279 		break;
4280 	}
4281 
4282 	/* XXX Do we check other field ?  e.g. flowinfo */
4283 
4284 	return 1;
4285 }
4286 
4287 #ifdef satosin
4288 #undef satosin
4289 #endif
4290 #define satosin(s) ((const struct sockaddr_in *)s)
4291 #ifdef satosin6
4292 #undef satosin6
4293 #endif
4294 #define satosin6(s) ((const struct sockaddr_in6 *)s)
4295 /* returns 0 on match */
4296 int
4297 key_sockaddrcmp(const struct sockaddr *sa1, const struct sockaddr *sa2,
4298     int port)
4299 {
4300 	if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
4301 		return 1;
4302 
4303 	switch (sa1->sa_family) {
4304 #ifdef INET
4305 	case AF_INET:
4306 		if (sa1->sa_len != sizeof(struct sockaddr_in))
4307 			return 1;
4308 		if (satosin(sa1)->sin_addr.s_addr !=
4309 		    satosin(sa2)->sin_addr.s_addr) {
4310 			return 1;
4311 		}
4312 		if (port && satosin(sa1)->sin_port != satosin(sa2)->sin_port)
4313 			return 1;
4314 		break;
4315 #endif
4316 #ifdef INET6
4317 	case AF_INET6:
4318 		if (sa1->sa_len != sizeof(struct sockaddr_in6))
4319 			return 1;	/*EINVAL*/
4320 		if (satosin6(sa1)->sin6_scope_id !=
4321 		    satosin6(sa2)->sin6_scope_id) {
4322 			return 1;
4323 		}
4324 		if (!IN6_ARE_ADDR_EQUAL(&satosin6(sa1)->sin6_addr,
4325 		    &satosin6(sa2)->sin6_addr)) {
4326 			return 1;
4327 		}
4328 		if (port &&
4329 		    satosin6(sa1)->sin6_port != satosin6(sa2)->sin6_port) {
4330 			return 1;
4331 		}
4332 		break;
4333 #endif
4334 	default:
4335 		if (bcmp(sa1, sa2, sa1->sa_len) != 0)
4336 			return 1;
4337 		break;
4338 	}
4339 
4340 	return 0;
4341 }
4342 
4343 /* returns 0 on match */
4344 int
4345 key_sockaddrcmp_withmask(const struct sockaddr *sa1,
4346     const struct sockaddr *sa2, size_t mask)
4347 {
4348 	if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
4349 		return (1);
4350 
4351 	switch (sa1->sa_family) {
4352 #ifdef INET
4353 	case AF_INET:
4354 		return (!key_bbcmp(&satosin(sa1)->sin_addr,
4355 		    &satosin(sa2)->sin_addr, mask));
4356 #endif
4357 #ifdef INET6
4358 	case AF_INET6:
4359 		if (satosin6(sa1)->sin6_scope_id !=
4360 		    satosin6(sa2)->sin6_scope_id)
4361 			return (1);
4362 		return (!key_bbcmp(&satosin6(sa1)->sin6_addr,
4363 		    &satosin6(sa2)->sin6_addr, mask));
4364 #endif
4365 	}
4366 	return (1);
4367 }
4368 #undef satosin
4369 #undef satosin6
4370 
4371 /*
4372  * compare two buffers with mask.
4373  * IN:
4374  *	addr1: source
4375  *	addr2: object
4376  *	bits:  Number of bits to compare
4377  * OUT:
4378  *	1 : equal
4379  *	0 : not equal
4380  */
4381 static int
4382 key_bbcmp(const void *a1, const void *a2, u_int bits)
4383 {
4384 	const unsigned char *p1 = a1;
4385 	const unsigned char *p2 = a2;
4386 
4387 	/* XXX: This could be considerably faster if we compare a word
4388 	 * at a time, but it is complicated on LSB Endian machines */
4389 
4390 	/* Handle null pointers */
4391 	if (p1 == NULL || p2 == NULL)
4392 		return (p1 == p2);
4393 
4394 	while (bits >= 8) {
4395 		if (*p1++ != *p2++)
4396 			return 0;
4397 		bits -= 8;
4398 	}
4399 
4400 	if (bits > 0) {
4401 		u_int8_t mask = ~((1<<(8-bits))-1);
4402 		if ((*p1 & mask) != (*p2 & mask))
4403 			return 0;
4404 	}
4405 	return 1;	/* Match! */
4406 }
4407 
4408 static void
4409 key_flush_spd(time_t now)
4410 {
4411 	SPTREE_RLOCK_TRACKER;
4412 	struct secpolicy_list drainq;
4413 	struct secpolicy *sp, *nextsp;
4414 	u_int dir;
4415 
4416 	LIST_INIT(&drainq);
4417 	SPTREE_RLOCK();
4418 	for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
4419 		TAILQ_FOREACH(sp, &V_sptree[dir], chain) {
4420 			if (sp->lifetime == 0 && sp->validtime == 0)
4421 				continue;
4422 			if ((sp->lifetime &&
4423 			    now - sp->created > sp->lifetime) ||
4424 			    (sp->validtime &&
4425 			    now - sp->lastused > sp->validtime)) {
4426 				/* Hold extra reference to send SPDEXPIRE */
4427 				SP_ADDREF(sp);
4428 				LIST_INSERT_HEAD(&drainq, sp, drainq);
4429 			}
4430 		}
4431 	}
4432 	SPTREE_RUNLOCK();
4433 	if (LIST_EMPTY(&drainq))
4434 		return;
4435 
4436 	SPTREE_WLOCK();
4437 	sp = LIST_FIRST(&drainq);
4438 	while (sp != NULL) {
4439 		nextsp = LIST_NEXT(sp, drainq);
4440 		/* Check that SP is still linked */
4441 		if (sp->state != IPSEC_SPSTATE_ALIVE) {
4442 			LIST_REMOVE(sp, drainq);
4443 			key_freesp(&sp); /* release extra reference */
4444 			sp = nextsp;
4445 			continue;
4446 		}
4447 		TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain);
4448 		V_spd_size--;
4449 		LIST_REMOVE(sp, idhash);
4450 		sp->state = IPSEC_SPSTATE_DEAD;
4451 		sp = nextsp;
4452 	}
4453 	V_sp_genid++;
4454 	SPTREE_WUNLOCK();
4455 	if (SPDCACHE_ENABLED())
4456 		spdcache_clear();
4457 
4458 	sp = LIST_FIRST(&drainq);
4459 	while (sp != NULL) {
4460 		nextsp = LIST_NEXT(sp, drainq);
4461 		key_spdexpire(sp);
4462 		key_freesp(&sp); /* release extra reference */
4463 		key_freesp(&sp); /* release last reference */
4464 		sp = nextsp;
4465 	}
4466 }
4467 
4468 static void
4469 key_flush_sad(time_t now)
4470 {
4471 	SAHTREE_RLOCK_TRACKER;
4472 	struct secashead_list emptyq;
4473 	struct secasvar_list drainq, hexpireq, sexpireq, freeq;
4474 	struct secashead *sah, *nextsah;
4475 	struct secasvar *sav, *nextsav;
4476 
4477 	LIST_INIT(&drainq);
4478 	LIST_INIT(&hexpireq);
4479 	LIST_INIT(&sexpireq);
4480 	LIST_INIT(&emptyq);
4481 
4482 	SAHTREE_RLOCK();
4483 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
4484 		/* Check for empty SAH */
4485 		if (TAILQ_EMPTY(&sah->savtree_larval) &&
4486 		    TAILQ_EMPTY(&sah->savtree_alive)) {
4487 			SAH_ADDREF(sah);
4488 			LIST_INSERT_HEAD(&emptyq, sah, drainq);
4489 			continue;
4490 		}
4491 		/* Add all stale LARVAL SAs into drainq */
4492 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
4493 			if (now - sav->created < V_key_larval_lifetime)
4494 				continue;
4495 			SAV_ADDREF(sav);
4496 			LIST_INSERT_HEAD(&drainq, sav, drainq);
4497 		}
4498 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
4499 			/* lifetimes aren't specified */
4500 			if (sav->lft_h == NULL)
4501 				continue;
4502 			SECASVAR_LOCK(sav);
4503 			/*
4504 			 * Check again with lock held, because it may
4505 			 * be updated by SADB_UPDATE.
4506 			 */
4507 			if (sav->lft_h == NULL) {
4508 				SECASVAR_UNLOCK(sav);
4509 				continue;
4510 			}
4511 			/*
4512 			 * RFC 2367:
4513 			 * HARD lifetimes MUST take precedence over SOFT
4514 			 * lifetimes, meaning if the HARD and SOFT lifetimes
4515 			 * are the same, the HARD lifetime will appear on the
4516 			 * EXPIRE message.
4517 			 */
4518 			/* check HARD lifetime */
4519 			if ((sav->lft_h->addtime != 0 &&
4520 			    now - sav->created > sav->lft_h->addtime) ||
4521 			    (sav->lft_h->usetime != 0 && sav->firstused &&
4522 			    now - sav->firstused > sav->lft_h->usetime) ||
4523 			    (sav->lft_h->bytes != 0 && counter_u64_fetch(
4524 			        sav->lft_c_bytes) > sav->lft_h->bytes)) {
4525 				SECASVAR_UNLOCK(sav);
4526 				SAV_ADDREF(sav);
4527 				LIST_INSERT_HEAD(&hexpireq, sav, drainq);
4528 				continue;
4529 			}
4530 			/* check SOFT lifetime (only for MATURE SAs) */
4531 			if (sav->state == SADB_SASTATE_MATURE && (
4532 			    (sav->lft_s->addtime != 0 &&
4533 			    now - sav->created > sav->lft_s->addtime) ||
4534 			    (sav->lft_s->usetime != 0 && sav->firstused &&
4535 			    now - sav->firstused > sav->lft_s->usetime) ||
4536 			    (sav->lft_s->bytes != 0 && counter_u64_fetch(
4537 				sav->lft_c_bytes) > sav->lft_s->bytes) ||
4538 			    (!(sav->flags & SADB_X_SAFLAGS_ESN) &&
4539 			    (sav->replay != NULL) && (
4540 			    (sav->replay->count > UINT32_80PCT) ||
4541 			    (sav->replay->last > UINT32_80PCT))))) {
4542 				SECASVAR_UNLOCK(sav);
4543 				SAV_ADDREF(sav);
4544 				LIST_INSERT_HEAD(&sexpireq, sav, drainq);
4545 				continue;
4546 			}
4547 			SECASVAR_UNLOCK(sav);
4548 		}
4549 	}
4550 	SAHTREE_RUNLOCK();
4551 
4552 	if (LIST_EMPTY(&emptyq) && LIST_EMPTY(&drainq) &&
4553 	    LIST_EMPTY(&hexpireq) && LIST_EMPTY(&sexpireq))
4554 		return;
4555 
4556 	LIST_INIT(&freeq);
4557 	SAHTREE_WLOCK();
4558 	/* Unlink stale LARVAL SAs */
4559 	sav = LIST_FIRST(&drainq);
4560 	while (sav != NULL) {
4561 		nextsav = LIST_NEXT(sav, drainq);
4562 		/* Check that SA is still LARVAL */
4563 		if (sav->state != SADB_SASTATE_LARVAL) {
4564 			LIST_REMOVE(sav, drainq);
4565 			LIST_INSERT_HEAD(&freeq, sav, drainq);
4566 			sav = nextsav;
4567 			continue;
4568 		}
4569 		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
4570 		LIST_REMOVE(sav, spihash);
4571 		sav->state = SADB_SASTATE_DEAD;
4572 		sav = nextsav;
4573 	}
4574 	/* Unlink all SAs with expired HARD lifetime */
4575 	sav = LIST_FIRST(&hexpireq);
4576 	while (sav != NULL) {
4577 		nextsav = LIST_NEXT(sav, drainq);
4578 		/* Check that SA is not unlinked */
4579 		if (sav->state == SADB_SASTATE_DEAD) {
4580 			LIST_REMOVE(sav, drainq);
4581 			LIST_INSERT_HEAD(&freeq, sav, drainq);
4582 			sav = nextsav;
4583 			continue;
4584 		}
4585 		TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
4586 		LIST_REMOVE(sav, spihash);
4587 		sav->state = SADB_SASTATE_DEAD;
4588 		sav = nextsav;
4589 	}
4590 	/* Mark all SAs with expired SOFT lifetime as DYING */
4591 	sav = LIST_FIRST(&sexpireq);
4592 	while (sav != NULL) {
4593 		nextsav = LIST_NEXT(sav, drainq);
4594 		/* Check that SA is not unlinked */
4595 		if (sav->state == SADB_SASTATE_DEAD) {
4596 			LIST_REMOVE(sav, drainq);
4597 			LIST_INSERT_HEAD(&freeq, sav, drainq);
4598 			sav = nextsav;
4599 			continue;
4600 		}
4601 		/*
4602 		 * NOTE: this doesn't change SA order in the chain.
4603 		 */
4604 		sav->state = SADB_SASTATE_DYING;
4605 		sav = nextsav;
4606 	}
4607 	/* Unlink empty SAHs */
4608 	sah = LIST_FIRST(&emptyq);
4609 	while (sah != NULL) {
4610 		nextsah = LIST_NEXT(sah, drainq);
4611 		/* Check that SAH is still empty and not unlinked */
4612 		if (sah->state == SADB_SASTATE_DEAD ||
4613 		    !TAILQ_EMPTY(&sah->savtree_larval) ||
4614 		    !TAILQ_EMPTY(&sah->savtree_alive)) {
4615 			LIST_REMOVE(sah, drainq);
4616 			key_freesah(&sah); /* release extra reference */
4617 			sah = nextsah;
4618 			continue;
4619 		}
4620 		TAILQ_REMOVE(&V_sahtree, sah, chain);
4621 		LIST_REMOVE(sah, addrhash);
4622 		sah->state = SADB_SASTATE_DEAD;
4623 		sah = nextsah;
4624 	}
4625 	SAHTREE_WUNLOCK();
4626 
4627 	/* Send SPDEXPIRE messages */
4628 	sav = LIST_FIRST(&hexpireq);
4629 	while (sav != NULL) {
4630 		nextsav = LIST_NEXT(sav, drainq);
4631 		key_expire(sav, 1);
4632 		key_freesah(&sav->sah); /* release reference from SAV */
4633 		key_freesav(&sav); /* release extra reference */
4634 		key_freesav(&sav); /* release last reference */
4635 		sav = nextsav;
4636 	}
4637 	sav = LIST_FIRST(&sexpireq);
4638 	while (sav != NULL) {
4639 		nextsav = LIST_NEXT(sav, drainq);
4640 		key_expire(sav, 0);
4641 		key_freesav(&sav); /* release extra reference */
4642 		sav = nextsav;
4643 	}
4644 	/* Free stale LARVAL SAs */
4645 	sav = LIST_FIRST(&drainq);
4646 	while (sav != NULL) {
4647 		nextsav = LIST_NEXT(sav, drainq);
4648 		key_freesah(&sav->sah); /* release reference from SAV */
4649 		key_freesav(&sav); /* release extra reference */
4650 		key_freesav(&sav); /* release last reference */
4651 		sav = nextsav;
4652 	}
4653 	/* Free SAs that were unlinked/changed by someone else */
4654 	sav = LIST_FIRST(&freeq);
4655 	while (sav != NULL) {
4656 		nextsav = LIST_NEXT(sav, drainq);
4657 		key_freesav(&sav); /* release extra reference */
4658 		sav = nextsav;
4659 	}
4660 	/* Free empty SAH */
4661 	sah = LIST_FIRST(&emptyq);
4662 	while (sah != NULL) {
4663 		nextsah = LIST_NEXT(sah, drainq);
4664 		key_freesah(&sah); /* release extra reference */
4665 		key_freesah(&sah); /* release last reference */
4666 		sah = nextsah;
4667 	}
4668 }
4669 
4670 static void
4671 key_flush_acq(time_t now)
4672 {
4673 	struct secacq *acq, *nextacq;
4674 
4675 	/* ACQ tree */
4676 	ACQ_LOCK();
4677 	acq = LIST_FIRST(&V_acqtree);
4678 	while (acq != NULL) {
4679 		nextacq = LIST_NEXT(acq, chain);
4680 		if (now - acq->created > V_key_blockacq_lifetime) {
4681 			LIST_REMOVE(acq, chain);
4682 			LIST_REMOVE(acq, addrhash);
4683 			LIST_REMOVE(acq, seqhash);
4684 			free(acq, M_IPSEC_SAQ);
4685 		}
4686 		acq = nextacq;
4687 	}
4688 	ACQ_UNLOCK();
4689 }
4690 
4691 static void
4692 key_flush_spacq(time_t now)
4693 {
4694 	struct secspacq *acq, *nextacq;
4695 
4696 	/* SP ACQ tree */
4697 	SPACQ_LOCK();
4698 	for (acq = LIST_FIRST(&V_spacqtree); acq != NULL; acq = nextacq) {
4699 		nextacq = LIST_NEXT(acq, chain);
4700 		if (now - acq->created > V_key_blockacq_lifetime
4701 		 && __LIST_CHAINED(acq)) {
4702 			LIST_REMOVE(acq, chain);
4703 			free(acq, M_IPSEC_SAQ);
4704 		}
4705 	}
4706 	SPACQ_UNLOCK();
4707 }
4708 
4709 /*
4710  * time handler.
4711  * scanning SPD and SAD to check status for each entries,
4712  * and do to remove or to expire.
4713  * XXX: year 2038 problem may remain.
4714  */
4715 static void
4716 key_timehandler(void *arg)
4717 {
4718 	VNET_ITERATOR_DECL(vnet_iter);
4719 	time_t now = time_second;
4720 
4721 	VNET_LIST_RLOCK_NOSLEEP();
4722 	VNET_FOREACH(vnet_iter) {
4723 		CURVNET_SET(vnet_iter);
4724 		key_flush_spd(now);
4725 		key_flush_sad(now);
4726 		key_flush_acq(now);
4727 		key_flush_spacq(now);
4728 		CURVNET_RESTORE();
4729 	}
4730 	VNET_LIST_RUNLOCK_NOSLEEP();
4731 
4732 #ifndef IPSEC_DEBUG2
4733 	/* do exchange to tick time !! */
4734 	callout_schedule(&key_timer, hz);
4735 #endif /* IPSEC_DEBUG2 */
4736 }
4737 
4738 u_long
4739 key_random()
4740 {
4741 	u_long value;
4742 
4743 	arc4random_buf(&value, sizeof(value));
4744 	return value;
4745 }
4746 
4747 /*
4748  * map SADB_SATYPE_* to IPPROTO_*.
4749  * if satype == SADB_SATYPE then satype is mapped to ~0.
4750  * OUT:
4751  *	0: invalid satype.
4752  */
4753 static uint8_t
4754 key_satype2proto(uint8_t satype)
4755 {
4756 	switch (satype) {
4757 	case SADB_SATYPE_UNSPEC:
4758 		return IPSEC_PROTO_ANY;
4759 	case SADB_SATYPE_AH:
4760 		return IPPROTO_AH;
4761 	case SADB_SATYPE_ESP:
4762 		return IPPROTO_ESP;
4763 	case SADB_X_SATYPE_IPCOMP:
4764 		return IPPROTO_IPCOMP;
4765 	case SADB_X_SATYPE_TCPSIGNATURE:
4766 		return IPPROTO_TCP;
4767 	default:
4768 		return 0;
4769 	}
4770 	/* NOTREACHED */
4771 }
4772 
4773 /*
4774  * map IPPROTO_* to SADB_SATYPE_*
4775  * OUT:
4776  *	0: invalid protocol type.
4777  */
4778 static uint8_t
4779 key_proto2satype(uint8_t proto)
4780 {
4781 	switch (proto) {
4782 	case IPPROTO_AH:
4783 		return SADB_SATYPE_AH;
4784 	case IPPROTO_ESP:
4785 		return SADB_SATYPE_ESP;
4786 	case IPPROTO_IPCOMP:
4787 		return SADB_X_SATYPE_IPCOMP;
4788 	case IPPROTO_TCP:
4789 		return SADB_X_SATYPE_TCPSIGNATURE;
4790 	default:
4791 		return 0;
4792 	}
4793 	/* NOTREACHED */
4794 }
4795 
4796 /* %%% PF_KEY */
4797 /*
4798  * SADB_GETSPI processing is to receive
4799  *	<base, (SA2), src address, dst address, (SPI range)>
4800  * from the IKMPd, to assign a unique spi value, to hang on the INBOUND
4801  * tree with the status of LARVAL, and send
4802  *	<base, SA(*), address(SD)>
4803  * to the IKMPd.
4804  *
4805  * IN:	mhp: pointer to the pointer to each header.
4806  * OUT:	NULL if fail.
4807  *	other if success, return pointer to the message to send.
4808  */
4809 static int
4810 key_getspi(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
4811 {
4812 	struct secasindex saidx;
4813 	struct sadb_address *src0, *dst0;
4814 	struct secasvar *sav;
4815 	uint32_t reqid, spi;
4816 	int error;
4817 	uint8_t mode, proto;
4818 
4819 	IPSEC_ASSERT(so != NULL, ("null socket"));
4820 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
4821 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
4822 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
4823 
4824 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
4825 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST)
4826 #ifdef PFKEY_STRICT_CHECKS
4827 	    || SADB_CHECKHDR(mhp, SADB_EXT_SPIRANGE)
4828 #endif
4829 	    ) {
4830 		ipseclog((LOG_DEBUG,
4831 		    "%s: invalid message: missing required header.\n",
4832 		    __func__));
4833 		error = EINVAL;
4834 		goto fail;
4835 	}
4836 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
4837 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)
4838 #ifdef PFKEY_STRICT_CHECKS
4839 	    || SADB_CHECKLEN(mhp, SADB_EXT_SPIRANGE)
4840 #endif
4841 	    ) {
4842 		ipseclog((LOG_DEBUG,
4843 		    "%s: invalid message: wrong header size.\n", __func__));
4844 		error = EINVAL;
4845 		goto fail;
4846 	}
4847 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
4848 		mode = IPSEC_MODE_ANY;
4849 		reqid = 0;
4850 	} else {
4851 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
4852 			ipseclog((LOG_DEBUG,
4853 			    "%s: invalid message: wrong header size.\n",
4854 			    __func__));
4855 			error = EINVAL;
4856 			goto fail;
4857 		}
4858 		mode = ((struct sadb_x_sa2 *)
4859 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
4860 		reqid = ((struct sadb_x_sa2 *)
4861 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
4862 	}
4863 
4864 	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
4865 	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
4866 
4867 	/* map satype to proto */
4868 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
4869 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
4870 			__func__));
4871 		error = EINVAL;
4872 		goto fail;
4873 	}
4874 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
4875 	    (struct sockaddr *)(dst0 + 1));
4876 	if (error != 0) {
4877 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
4878 		error = EINVAL;
4879 		goto fail;
4880 	}
4881 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
4882 
4883 	/* SPI allocation */
4884 	spi = key_do_getnewspi(
4885 	    (struct sadb_spirange *)mhp->ext[SADB_EXT_SPIRANGE], &saidx);
4886 	if (spi == 0) {
4887 		/*
4888 		 * Requested SPI or SPI range is not available or
4889 		 * already used.
4890 		 */
4891 		error = EEXIST;
4892 		goto fail;
4893 	}
4894 	sav = key_newsav(mhp, &saidx, spi, &error);
4895 	if (sav == NULL)
4896 		goto fail;
4897 
4898 	if (sav->seq != 0) {
4899 		/*
4900 		 * RFC2367:
4901 		 * If the SADB_GETSPI message is in response to a
4902 		 * kernel-generated SADB_ACQUIRE, the sadb_msg_seq
4903 		 * MUST be the same as the SADB_ACQUIRE message.
4904 		 *
4905 		 * XXXAE: However it doesn't definethe behaviour how to
4906 		 * check this and what to do if it doesn't match.
4907 		 * Also what we should do if it matches?
4908 		 *
4909 		 * We can compare saidx used in SADB_ACQUIRE with saidx
4910 		 * used in SADB_GETSPI, but this probably can break
4911 		 * existing software. For now just warn if it doesn't match.
4912 		 *
4913 		 * XXXAE: anyway it looks useless.
4914 		 */
4915 		key_acqdone(&saidx, sav->seq);
4916 	}
4917 	KEYDBG(KEY_STAMP,
4918 	    printf("%s: SA(%p)\n", __func__, sav));
4919 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
4920 
4921     {
4922 	struct mbuf *n, *nn;
4923 	struct sadb_sa *m_sa;
4924 	struct sadb_msg *newmsg;
4925 	int off, len;
4926 
4927 	/* create new sadb_msg to reply. */
4928 	len = PFKEY_ALIGN8(sizeof(struct sadb_msg)) +
4929 	    PFKEY_ALIGN8(sizeof(struct sadb_sa));
4930 
4931 	MGETHDR(n, M_NOWAIT, MT_DATA);
4932 	if (len > MHLEN) {
4933 		if (!(MCLGET(n, M_NOWAIT))) {
4934 			m_freem(n);
4935 			n = NULL;
4936 		}
4937 	}
4938 	if (!n) {
4939 		error = ENOBUFS;
4940 		goto fail;
4941 	}
4942 
4943 	n->m_len = len;
4944 	n->m_next = NULL;
4945 	off = 0;
4946 
4947 	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
4948 	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
4949 
4950 	m_sa = (struct sadb_sa *)(mtod(n, caddr_t) + off);
4951 	m_sa->sadb_sa_len = PFKEY_UNIT64(sizeof(struct sadb_sa));
4952 	m_sa->sadb_sa_exttype = SADB_EXT_SA;
4953 	m_sa->sadb_sa_spi = spi; /* SPI is already in network byte order */
4954 	off += PFKEY_ALIGN8(sizeof(struct sadb_sa));
4955 
4956 	IPSEC_ASSERT(off == len,
4957 		("length inconsistency (off %u len %u)", off, len));
4958 
4959 	n->m_next = key_gather_mbuf(m, mhp, 0, 2, SADB_EXT_ADDRESS_SRC,
4960 	    SADB_EXT_ADDRESS_DST);
4961 	if (!n->m_next) {
4962 		m_freem(n);
4963 		error = ENOBUFS;
4964 		goto fail;
4965 	}
4966 
4967 	if (n->m_len < sizeof(struct sadb_msg)) {
4968 		n = m_pullup(n, sizeof(struct sadb_msg));
4969 		if (n == NULL)
4970 			return key_sendup_mbuf(so, m, KEY_SENDUP_ONE);
4971 	}
4972 
4973 	n->m_pkthdr.len = 0;
4974 	for (nn = n; nn; nn = nn->m_next)
4975 		n->m_pkthdr.len += nn->m_len;
4976 
4977 	newmsg = mtod(n, struct sadb_msg *);
4978 	newmsg->sadb_msg_seq = sav->seq;
4979 	newmsg->sadb_msg_errno = 0;
4980 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
4981 
4982 	m_freem(m);
4983 	return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
4984     }
4985 
4986 fail:
4987 	return (key_senderror(so, m, error));
4988 }
4989 
4990 /*
4991  * allocating new SPI
4992  * called by key_getspi().
4993  * OUT:
4994  *	0:	failure.
4995  *	others: success, SPI in network byte order.
4996  */
4997 static uint32_t
4998 key_do_getnewspi(struct sadb_spirange *spirange, struct secasindex *saidx)
4999 {
5000 	uint32_t min, max, newspi, t;
5001 	int count = V_key_spi_trycnt;
5002 
5003 	/* set spi range to allocate */
5004 	if (spirange != NULL) {
5005 		min = spirange->sadb_spirange_min;
5006 		max = spirange->sadb_spirange_max;
5007 	} else {
5008 		min = V_key_spi_minval;
5009 		max = V_key_spi_maxval;
5010 	}
5011 	/* IPCOMP needs 2-byte SPI */
5012 	if (saidx->proto == IPPROTO_IPCOMP) {
5013 		if (min >= 0x10000)
5014 			min = 0xffff;
5015 		if (max >= 0x10000)
5016 			max = 0xffff;
5017 		if (min > max) {
5018 			t = min; min = max; max = t;
5019 		}
5020 	}
5021 
5022 	if (min == max) {
5023 		if (!key_checkspidup(htonl(min))) {
5024 			ipseclog((LOG_DEBUG, "%s: SPI %u exists already.\n",
5025 			    __func__, min));
5026 			return 0;
5027 		}
5028 
5029 		count--; /* taking one cost. */
5030 		newspi = min;
5031 	} else {
5032 		/* init SPI */
5033 		newspi = 0;
5034 
5035 		/* when requesting to allocate spi ranged */
5036 		while (count--) {
5037 			/* generate pseudo-random SPI value ranged. */
5038 			newspi = min + (key_random() % (max - min + 1));
5039 			if (!key_checkspidup(htonl(newspi)))
5040 				break;
5041 		}
5042 
5043 		if (count == 0 || newspi == 0) {
5044 			ipseclog((LOG_DEBUG,
5045 			    "%s: failed to allocate SPI.\n", __func__));
5046 			return 0;
5047 		}
5048 	}
5049 
5050 	/* statistics */
5051 	keystat.getspi_count =
5052 	    (keystat.getspi_count + V_key_spi_trycnt - count) / 2;
5053 
5054 	return (htonl(newspi));
5055 }
5056 
5057 /*
5058  * Find TCP-MD5 SA with corresponding secasindex.
5059  * If not found, return NULL and fill SPI with usable value if needed.
5060  */
5061 static struct secasvar *
5062 key_getsav_tcpmd5(struct secasindex *saidx, uint32_t *spi)
5063 {
5064 	SAHTREE_RLOCK_TRACKER;
5065 	struct secashead *sah;
5066 	struct secasvar *sav;
5067 
5068 	IPSEC_ASSERT(saidx->proto == IPPROTO_TCP, ("wrong proto"));
5069 	SAHTREE_RLOCK();
5070 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
5071 		if (sah->saidx.proto != IPPROTO_TCP)
5072 			continue;
5073 		if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
5074 		    !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
5075 			break;
5076 	}
5077 	if (sah != NULL) {
5078 		if (V_key_preferred_oldsa)
5079 			sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
5080 		else
5081 			sav = TAILQ_FIRST(&sah->savtree_alive);
5082 		if (sav != NULL) {
5083 			SAV_ADDREF(sav);
5084 			SAHTREE_RUNLOCK();
5085 			return (sav);
5086 		}
5087 	}
5088 	if (spi == NULL) {
5089 		/* No SPI required */
5090 		SAHTREE_RUNLOCK();
5091 		return (NULL);
5092 	}
5093 	/* Check that SPI is unique */
5094 	LIST_FOREACH(sav, SAVHASH_HASH(*spi), spihash) {
5095 		if (sav->spi == *spi)
5096 			break;
5097 	}
5098 	if (sav == NULL) {
5099 		SAHTREE_RUNLOCK();
5100 		/* SPI is already unique */
5101 		return (NULL);
5102 	}
5103 	SAHTREE_RUNLOCK();
5104 	/* XXX: not optimal */
5105 	*spi = key_do_getnewspi(NULL, saidx);
5106 	return (NULL);
5107 }
5108 
5109 static int
5110 key_updateaddresses(struct socket *so, struct mbuf *m,
5111     const struct sadb_msghdr *mhp, struct secasvar *sav,
5112     struct secasindex *saidx)
5113 {
5114 	struct sockaddr *newaddr;
5115 	struct secashead *sah;
5116 	struct secasvar *newsav, *tmp;
5117 	struct mbuf *n;
5118 	int error, isnew;
5119 
5120 	/* Check that we need to change SAH */
5121 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC)) {
5122 		newaddr = (struct sockaddr *)(
5123 		    ((struct sadb_address *)
5124 		    mhp->ext[SADB_X_EXT_NEW_ADDRESS_SRC]) + 1);
5125 		bcopy(newaddr, &saidx->src, newaddr->sa_len);
5126 		key_porttosaddr(&saidx->src.sa, 0);
5127 	}
5128 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST)) {
5129 		newaddr = (struct sockaddr *)(
5130 		    ((struct sadb_address *)
5131 		    mhp->ext[SADB_X_EXT_NEW_ADDRESS_DST]) + 1);
5132 		bcopy(newaddr, &saidx->dst, newaddr->sa_len);
5133 		key_porttosaddr(&saidx->dst.sa, 0);
5134 	}
5135 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC) ||
5136 	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST)) {
5137 		error = key_checksockaddrs(&saidx->src.sa, &saidx->dst.sa);
5138 		if (error != 0) {
5139 			ipseclog((LOG_DEBUG, "%s: invalid new sockaddr.\n",
5140 			    __func__));
5141 			return (error);
5142 		}
5143 
5144 		sah = key_getsah(saidx);
5145 		if (sah == NULL) {
5146 			/* create a new SA index */
5147 			sah = key_newsah(saidx);
5148 			if (sah == NULL) {
5149 				ipseclog((LOG_DEBUG,
5150 				    "%s: No more memory.\n", __func__));
5151 				return (ENOBUFS);
5152 			}
5153 			isnew = 2; /* SAH is new */
5154 		} else
5155 			isnew = 1; /* existing SAH is referenced */
5156 	} else {
5157 		/*
5158 		 * src and dst addresses are still the same.
5159 		 * Do we want to change NAT-T config?
5160 		 */
5161 		if (sav->sah->saidx.proto != IPPROTO_ESP ||
5162 		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5163 		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_SPORT) ||
5164 		    SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5165 			ipseclog((LOG_DEBUG,
5166 			    "%s: invalid message: missing required header.\n",
5167 			    __func__));
5168 			return (EINVAL);
5169 		}
5170 		/* We hold reference to SA, thus SAH will be referenced too. */
5171 		sah = sav->sah;
5172 		isnew = 0;
5173 	}
5174 
5175 	newsav = malloc(sizeof(struct secasvar), M_IPSEC_SA,
5176 	    M_NOWAIT | M_ZERO);
5177 	if (newsav == NULL) {
5178 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5179 		error = ENOBUFS;
5180 		goto fail;
5181 	}
5182 
5183 	/* Clone SA's content into newsav */
5184 	SAV_INITREF(newsav);
5185 	bcopy(sav, newsav, offsetof(struct secasvar, chain));
5186 	/*
5187 	 * We create new NAT-T config if it is needed.
5188 	 * Old NAT-T config will be freed by key_cleansav() when
5189 	 * last reference to SA will be released.
5190 	 */
5191 	newsav->natt = NULL;
5192 	newsav->sah = sah;
5193 	newsav->state = SADB_SASTATE_MATURE;
5194 	error = key_setnatt(newsav, mhp);
5195 	if (error != 0)
5196 		goto fail;
5197 
5198 	SAHTREE_WLOCK();
5199 	/* Check that SA is still alive */
5200 	if (sav->state == SADB_SASTATE_DEAD) {
5201 		/* SA was unlinked */
5202 		SAHTREE_WUNLOCK();
5203 		error = ESRCH;
5204 		goto fail;
5205 	}
5206 
5207 	/* Unlink SA from SAH and SPI hash */
5208 	IPSEC_ASSERT((sav->flags & SADB_X_EXT_F_CLONED) == 0,
5209 	    ("SA is already cloned"));
5210 	IPSEC_ASSERT(sav->state == SADB_SASTATE_MATURE ||
5211 	    sav->state == SADB_SASTATE_DYING,
5212 	    ("Wrong SA state %u\n", sav->state));
5213 	TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
5214 	LIST_REMOVE(sav, spihash);
5215 	sav->state = SADB_SASTATE_DEAD;
5216 
5217 	/*
5218 	 * Link new SA with SAH. Keep SAs ordered by
5219 	 * create time (newer are first).
5220 	 */
5221 	TAILQ_FOREACH(tmp, &sah->savtree_alive, chain) {
5222 		if (newsav->created > tmp->created) {
5223 			TAILQ_INSERT_BEFORE(tmp, newsav, chain);
5224 			break;
5225 		}
5226 	}
5227 	if (tmp == NULL)
5228 		TAILQ_INSERT_TAIL(&sah->savtree_alive, newsav, chain);
5229 
5230 	/* Add new SA into SPI hash. */
5231 	LIST_INSERT_HEAD(SAVHASH_HASH(newsav->spi), newsav, spihash);
5232 
5233 	/* Add new SAH into SADB. */
5234 	if (isnew == 2) {
5235 		TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
5236 		LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
5237 		sah->state = SADB_SASTATE_MATURE;
5238 		SAH_ADDREF(sah); /* newsav references new SAH */
5239 	}
5240 	/*
5241 	 * isnew == 1 -> @sah was referenced by key_getsah().
5242 	 * isnew == 0 -> we use the same @sah, that was used by @sav,
5243 	 *	and we use its reference for @newsav.
5244 	 */
5245 	SECASVAR_LOCK(sav);
5246 	/* XXX: replace cntr with pointer? */
5247 	newsav->cntr = sav->cntr;
5248 	sav->flags |= SADB_X_EXT_F_CLONED;
5249 	SECASVAR_UNLOCK(sav);
5250 
5251 	SAHTREE_WUNLOCK();
5252 
5253 	KEYDBG(KEY_STAMP,
5254 	    printf("%s: SA(%p) cloned into SA(%p)\n",
5255 	    __func__, sav, newsav));
5256 	KEYDBG(KEY_DATA, kdebug_secasv(newsav));
5257 
5258 	key_freesav(&sav); /* release last reference */
5259 
5260 	/* set msg buf from mhp */
5261 	n = key_getmsgbuf_x1(m, mhp);
5262 	if (n == NULL) {
5263 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5264 		return (ENOBUFS);
5265 	}
5266 	m_freem(m);
5267 	key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5268 	return (0);
5269 fail:
5270 	if (isnew != 0)
5271 		key_freesah(&sah);
5272 	if (newsav != NULL) {
5273 		if (newsav->natt != NULL)
5274 			free(newsav->natt, M_IPSEC_MISC);
5275 		free(newsav, M_IPSEC_SA);
5276 	}
5277 	return (error);
5278 }
5279 
5280 /*
5281  * SADB_UPDATE processing
5282  * receive
5283  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5284  *       key(AE), (identity(SD),) (sensitivity)>
5285  * from the ikmpd, and update a secasvar entry whose status is SADB_SASTATE_LARVAL.
5286  * and send
5287  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5288  *       (identity(SD),) (sensitivity)>
5289  * to the ikmpd.
5290  *
5291  * m will always be freed.
5292  */
5293 static int
5294 key_update(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5295 {
5296 	struct secasindex saidx;
5297 	struct sadb_address *src0, *dst0;
5298 	struct sadb_sa *sa0;
5299 	struct secasvar *sav;
5300 	uint32_t reqid;
5301 	int error;
5302 	uint8_t mode, proto;
5303 
5304 	IPSEC_ASSERT(so != NULL, ("null socket"));
5305 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5306 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5307 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5308 
5309 	/* map satype to proto */
5310 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5311 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5312 		    __func__));
5313 		return key_senderror(so, m, EINVAL);
5314 	}
5315 
5316 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
5317 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5318 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5319 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
5320 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
5321 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
5322 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
5323 		ipseclog((LOG_DEBUG,
5324 		    "%s: invalid message: missing required header.\n",
5325 		    __func__));
5326 		return key_senderror(so, m, EINVAL);
5327 	}
5328 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
5329 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5330 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5331 		ipseclog((LOG_DEBUG,
5332 		    "%s: invalid message: wrong header size.\n", __func__));
5333 		return key_senderror(so, m, EINVAL);
5334 	}
5335 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
5336 		mode = IPSEC_MODE_ANY;
5337 		reqid = 0;
5338 	} else {
5339 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
5340 			ipseclog((LOG_DEBUG,
5341 			    "%s: invalid message: wrong header size.\n",
5342 			    __func__));
5343 			return key_senderror(so, m, EINVAL);
5344 		}
5345 		mode = ((struct sadb_x_sa2 *)
5346 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
5347 		reqid = ((struct sadb_x_sa2 *)
5348 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
5349 	}
5350 
5351 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5352 	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
5353 	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
5354 
5355 	/*
5356 	 * Only SADB_SASTATE_MATURE SAs may be submitted in an
5357 	 * SADB_UPDATE message.
5358 	 */
5359 	if (sa0->sadb_sa_state != SADB_SASTATE_MATURE) {
5360 		ipseclog((LOG_DEBUG, "%s: invalid state.\n", __func__));
5361 #ifdef PFKEY_STRICT_CHECKS
5362 		return key_senderror(so, m, EINVAL);
5363 #endif
5364 	}
5365 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
5366 	    (struct sockaddr *)(dst0 + 1));
5367 	if (error != 0) {
5368 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5369 		return key_senderror(so, m, error);
5370 	}
5371 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
5372 	sav = key_getsavbyspi(sa0->sadb_sa_spi);
5373 	if (sav == NULL) {
5374 		ipseclog((LOG_DEBUG, "%s: no SA found for SPI %u\n",
5375 		    __func__, ntohl(sa0->sadb_sa_spi)));
5376 		return key_senderror(so, m, EINVAL);
5377 	}
5378 	/*
5379 	 * Check that SADB_UPDATE issued by the same process that did
5380 	 * SADB_GETSPI or SADB_ADD.
5381 	 */
5382 	if (sav->pid != mhp->msg->sadb_msg_pid) {
5383 		ipseclog((LOG_DEBUG,
5384 		    "%s: pid mismatched (SPI %u, pid %u vs. %u)\n", __func__,
5385 		    ntohl(sav->spi), sav->pid, mhp->msg->sadb_msg_pid));
5386 		key_freesav(&sav);
5387 		return key_senderror(so, m, EINVAL);
5388 	}
5389 	/* saidx should match with SA. */
5390 	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_MODE_REQID) == 0) {
5391 		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u\n",
5392 		    __func__, ntohl(sav->spi)));
5393 		key_freesav(&sav);
5394 		return key_senderror(so, m, ESRCH);
5395 	}
5396 
5397 	if (sav->state == SADB_SASTATE_LARVAL) {
5398 		if ((mhp->msg->sadb_msg_satype == SADB_SATYPE_ESP &&
5399 		    SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT)) ||
5400 		    (mhp->msg->sadb_msg_satype == SADB_SATYPE_AH &&
5401 		    SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH))) {
5402 			ipseclog((LOG_DEBUG,
5403 			    "%s: invalid message: missing required header.\n",
5404 			    __func__));
5405 			key_freesav(&sav);
5406 			return key_senderror(so, m, EINVAL);
5407 		}
5408 		/*
5409 		 * We can set any values except src, dst and SPI.
5410 		 */
5411 		error = key_setsaval(sav, mhp);
5412 		if (error != 0) {
5413 			key_freesav(&sav);
5414 			return (key_senderror(so, m, error));
5415 		}
5416 		/* Change SA state to MATURE */
5417 		SAHTREE_WLOCK();
5418 		if (sav->state != SADB_SASTATE_LARVAL) {
5419 			/* SA was deleted or another thread made it MATURE. */
5420 			SAHTREE_WUNLOCK();
5421 			key_freesav(&sav);
5422 			return (key_senderror(so, m, ESRCH));
5423 		}
5424 		/*
5425 		 * NOTE: we keep SAs in savtree_alive ordered by created
5426 		 * time. When SA's state changed from LARVAL to MATURE,
5427 		 * we update its created time in key_setsaval() and move
5428 		 * it into head of savtree_alive.
5429 		 */
5430 		TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
5431 		TAILQ_INSERT_HEAD(&sav->sah->savtree_alive, sav, chain);
5432 		sav->state = SADB_SASTATE_MATURE;
5433 		SAHTREE_WUNLOCK();
5434 	} else {
5435 		/*
5436 		 * For DYING and MATURE SA we can change only state
5437 		 * and lifetimes. Report EINVAL if something else attempted
5438 		 * to change.
5439 		 */
5440 		if (!SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT) ||
5441 		    !SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH)) {
5442 			key_freesav(&sav);
5443 			return (key_senderror(so, m, EINVAL));
5444 		}
5445 		error = key_updatelifetimes(sav, mhp);
5446 		if (error != 0) {
5447 			key_freesav(&sav);
5448 			return (key_senderror(so, m, error));
5449 		}
5450 		/*
5451 		 * This is FreeBSD extension to RFC2367.
5452 		 * IKEd can specify SADB_X_EXT_NEW_ADDRESS_SRC and/or
5453 		 * SADB_X_EXT_NEW_ADDRESS_DST when it wants to change
5454 		 * SA addresses (for example to implement MOBIKE protocol
5455 		 * as described in RFC4555). Also we allow to change
5456 		 * NAT-T config.
5457 		 */
5458 		if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_SRC) ||
5459 		    !SADB_CHECKHDR(mhp, SADB_X_EXT_NEW_ADDRESS_DST) ||
5460 		    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5461 		    sav->natt != NULL) {
5462 			error = key_updateaddresses(so, m, mhp, sav, &saidx);
5463 			key_freesav(&sav);
5464 			if (error != 0)
5465 				return (key_senderror(so, m, error));
5466 			return (0);
5467 		}
5468 		/* Check that SA is still alive */
5469 		SAHTREE_WLOCK();
5470 		if (sav->state == SADB_SASTATE_DEAD) {
5471 			/* SA was unlinked */
5472 			SAHTREE_WUNLOCK();
5473 			key_freesav(&sav);
5474 			return (key_senderror(so, m, ESRCH));
5475 		}
5476 		/*
5477 		 * NOTE: there is possible state moving from DYING to MATURE,
5478 		 * but this doesn't change created time, so we won't reorder
5479 		 * this SA.
5480 		 */
5481 		sav->state = SADB_SASTATE_MATURE;
5482 		SAHTREE_WUNLOCK();
5483 	}
5484 	KEYDBG(KEY_STAMP,
5485 	    printf("%s: SA(%p)\n", __func__, sav));
5486 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5487 	key_freesav(&sav);
5488 
5489     {
5490 	struct mbuf *n;
5491 
5492 	/* set msg buf from mhp */
5493 	n = key_getmsgbuf_x1(m, mhp);
5494 	if (n == NULL) {
5495 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5496 		return key_senderror(so, m, ENOBUFS);
5497 	}
5498 
5499 	m_freem(m);
5500 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5501     }
5502 }
5503 
5504 /*
5505  * SADB_ADD processing
5506  * add an entry to SA database, when received
5507  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5508  *       key(AE), (identity(SD),) (sensitivity)>
5509  * from the ikmpd,
5510  * and send
5511  *   <base, SA, (SA2), (lifetime(HSC),) address(SD), (address(P),)
5512  *       (identity(SD),) (sensitivity)>
5513  * to the ikmpd.
5514  *
5515  * IGNORE identity and sensitivity messages.
5516  *
5517  * m will always be freed.
5518  */
5519 static int
5520 key_add(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5521 {
5522 	struct secasindex saidx;
5523 	struct sadb_address *src0, *dst0;
5524 	struct sadb_sa *sa0;
5525 	struct secasvar *sav;
5526 	uint32_t reqid, spi;
5527 	uint8_t mode, proto;
5528 	int error;
5529 
5530 	IPSEC_ASSERT(so != NULL, ("null socket"));
5531 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5532 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5533 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5534 
5535 	/* map satype to proto */
5536 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5537 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5538 		    __func__));
5539 		return key_senderror(so, m, EINVAL);
5540 	}
5541 
5542 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
5543 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5544 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5545 	    (mhp->msg->sadb_msg_satype == SADB_SATYPE_ESP && (
5546 		SADB_CHECKHDR(mhp, SADB_EXT_KEY_ENCRYPT) ||
5547 		SADB_CHECKLEN(mhp, SADB_EXT_KEY_ENCRYPT))) ||
5548 	    (mhp->msg->sadb_msg_satype == SADB_SATYPE_AH && (
5549 		SADB_CHECKHDR(mhp, SADB_EXT_KEY_AUTH) ||
5550 		SADB_CHECKLEN(mhp, SADB_EXT_KEY_AUTH))) ||
5551 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD) &&
5552 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT)) ||
5553 	    (SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_SOFT) &&
5554 		!SADB_CHECKHDR(mhp, SADB_EXT_LIFETIME_HARD))) {
5555 		ipseclog((LOG_DEBUG,
5556 		    "%s: invalid message: missing required header.\n",
5557 		    __func__));
5558 		return key_senderror(so, m, EINVAL);
5559 	}
5560 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
5561 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5562 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5563 		ipseclog((LOG_DEBUG,
5564 		    "%s: invalid message: wrong header size.\n", __func__));
5565 		return key_senderror(so, m, EINVAL);
5566 	}
5567 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
5568 		mode = IPSEC_MODE_ANY;
5569 		reqid = 0;
5570 	} else {
5571 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
5572 			ipseclog((LOG_DEBUG,
5573 			    "%s: invalid message: wrong header size.\n",
5574 			    __func__));
5575 			return key_senderror(so, m, EINVAL);
5576 		}
5577 		mode = ((struct sadb_x_sa2 *)
5578 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
5579 		reqid = ((struct sadb_x_sa2 *)
5580 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
5581 	}
5582 
5583 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
5584 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
5585 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
5586 
5587 	/*
5588 	 * Only SADB_SASTATE_MATURE SAs may be submitted in an
5589 	 * SADB_ADD message.
5590 	 */
5591 	if (sa0->sadb_sa_state != SADB_SASTATE_MATURE) {
5592 		ipseclog((LOG_DEBUG, "%s: invalid state.\n", __func__));
5593 #ifdef PFKEY_STRICT_CHECKS
5594 		return key_senderror(so, m, EINVAL);
5595 #endif
5596 	}
5597 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
5598 	    (struct sockaddr *)(dst0 + 1));
5599 	if (error != 0) {
5600 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5601 		return key_senderror(so, m, error);
5602 	}
5603 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
5604 	spi = sa0->sadb_sa_spi;
5605 	/*
5606 	 * For TCP-MD5 SAs we don't use SPI. Check the uniqueness using
5607 	 * secasindex.
5608 	 * XXXAE: IPComp seems also doesn't use SPI.
5609 	 */
5610 	if (proto == IPPROTO_TCP) {
5611 		sav = key_getsav_tcpmd5(&saidx, &spi);
5612 		if (sav == NULL && spi == 0) {
5613 			/* Failed to allocate SPI */
5614 			ipseclog((LOG_DEBUG, "%s: SA already exists.\n",
5615 			    __func__));
5616 			return key_senderror(so, m, EEXIST);
5617 		}
5618 		/* XXX: SPI that we report back can have another value */
5619 	} else {
5620 		/* We can create new SA only if SPI is different. */
5621 		sav = key_getsavbyspi(spi);
5622 	}
5623 	if (sav != NULL) {
5624 		key_freesav(&sav);
5625 		ipseclog((LOG_DEBUG, "%s: SA already exists.\n", __func__));
5626 		return key_senderror(so, m, EEXIST);
5627 	}
5628 
5629 	sav = key_newsav(mhp, &saidx, spi, &error);
5630 	if (sav == NULL)
5631 		return key_senderror(so, m, error);
5632 	KEYDBG(KEY_STAMP,
5633 	    printf("%s: return SA(%p)\n", __func__, sav));
5634 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
5635 	/*
5636 	 * If SADB_ADD was in response to SADB_ACQUIRE, we need to schedule
5637 	 * ACQ for deletion.
5638 	 */
5639 	if (sav->seq != 0)
5640 		key_acqdone(&saidx, sav->seq);
5641 
5642     {
5643 	/*
5644 	 * Don't call key_freesav() on error here, as we would like to
5645 	 * keep the SA in the database.
5646 	 */
5647 	struct mbuf *n;
5648 
5649 	/* set msg buf from mhp */
5650 	n = key_getmsgbuf_x1(m, mhp);
5651 	if (n == NULL) {
5652 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5653 		return key_senderror(so, m, ENOBUFS);
5654 	}
5655 
5656 	m_freem(m);
5657 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
5658     }
5659 }
5660 
5661 /*
5662  * NAT-T support.
5663  * IKEd may request the use ESP in UDP encapsulation when it detects the
5664  * presence of NAT. It uses NAT-T extension headers for such SAs to specify
5665  * parameters needed for encapsulation and decapsulation. These PF_KEY
5666  * extension headers are not standardized, so this comment addresses our
5667  * implementation.
5668  * SADB_X_EXT_NAT_T_TYPE specifies type of encapsulation, we support only
5669  * UDP_ENCAP_ESPINUDP as described in RFC3948.
5670  * SADB_X_EXT_NAT_T_SPORT/DPORT specifies source and destination ports for
5671  * UDP header. We use these ports in UDP encapsulation procedure, also we
5672  * can check them in UDP decapsulation procedure.
5673  * SADB_X_EXT_NAT_T_OA[IR] specifies original address of initiator or
5674  * responder. These addresses can be used for transport mode to adjust
5675  * checksum after decapsulation and decryption. Since original IP addresses
5676  * used by peer usually different (we detected presence of NAT), TCP/UDP
5677  * pseudo header checksum and IP header checksum was calculated using original
5678  * addresses. After decapsulation and decryption we need to adjust checksum
5679  * to have correct datagram.
5680  *
5681  * We expect presence of NAT-T extension headers only in SADB_ADD and
5682  * SADB_UPDATE messages. We report NAT-T extension headers in replies
5683  * to SADB_ADD, SADB_UPDATE, SADB_GET, and SADB_DUMP messages.
5684  */
5685 static int
5686 key_setnatt(struct secasvar *sav, const struct sadb_msghdr *mhp)
5687 {
5688 	struct sadb_x_nat_t_port *port;
5689 	struct sadb_x_nat_t_type *type;
5690 	struct sadb_address *oai, *oar;
5691 	struct sockaddr *sa;
5692 	uint32_t addr;
5693 	uint16_t cksum;
5694 
5695 	IPSEC_ASSERT(sav->natt == NULL, ("natt is already initialized"));
5696 	/*
5697 	 * Ignore NAT-T headers if sproto isn't ESP.
5698 	 */
5699 	if (sav->sah->saidx.proto != IPPROTO_ESP)
5700 		return (0);
5701 
5702 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_TYPE) &&
5703 	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_SPORT) &&
5704 	    !SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5705 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_TYPE) ||
5706 		    SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_SPORT) ||
5707 		    SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_DPORT)) {
5708 			ipseclog((LOG_DEBUG,
5709 			    "%s: invalid message: wrong header size.\n",
5710 			    __func__));
5711 			return (EINVAL);
5712 		}
5713 	} else
5714 		return (0);
5715 
5716 	type = (struct sadb_x_nat_t_type *)mhp->ext[SADB_X_EXT_NAT_T_TYPE];
5717 	if (type->sadb_x_nat_t_type_type != UDP_ENCAP_ESPINUDP) {
5718 		ipseclog((LOG_DEBUG, "%s: unsupported NAT-T type %u.\n",
5719 		    __func__, type->sadb_x_nat_t_type_type));
5720 		return (EINVAL);
5721 	}
5722 	/*
5723 	 * Allocate storage for NAT-T config.
5724 	 * On error it will be released by key_cleansav().
5725 	 */
5726 	sav->natt = malloc(sizeof(struct secnatt), M_IPSEC_MISC,
5727 	    M_NOWAIT | M_ZERO);
5728 	if (sav->natt == NULL) {
5729 		PFKEYSTAT_INC(in_nomem);
5730 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5731 		return (ENOBUFS);
5732 	}
5733 	port = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_SPORT];
5734 	if (port->sadb_x_nat_t_port_port == 0) {
5735 		ipseclog((LOG_DEBUG, "%s: invalid NAT-T sport specified.\n",
5736 		    __func__));
5737 		return (EINVAL);
5738 	}
5739 	sav->natt->sport = port->sadb_x_nat_t_port_port;
5740 	port = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_DPORT];
5741 	if (port->sadb_x_nat_t_port_port == 0) {
5742 		ipseclog((LOG_DEBUG, "%s: invalid NAT-T dport specified.\n",
5743 		    __func__));
5744 		return (EINVAL);
5745 	}
5746 	sav->natt->dport = port->sadb_x_nat_t_port_port;
5747 
5748 	/*
5749 	 * SADB_X_EXT_NAT_T_OAI and SADB_X_EXT_NAT_T_OAR are optional
5750 	 * and needed only for transport mode IPsec.
5751 	 * Usually NAT translates only one address, but it is possible,
5752 	 * that both addresses could be translated.
5753 	 * NOTE: Value of SADB_X_EXT_NAT_T_OAI is equal to SADB_X_EXT_NAT_T_OA.
5754 	 */
5755 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_OAI)) {
5756 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_OAI)) {
5757 			ipseclog((LOG_DEBUG,
5758 			    "%s: invalid message: wrong header size.\n",
5759 			    __func__));
5760 			return (EINVAL);
5761 		}
5762 		oai = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAI];
5763 	} else
5764 		oai = NULL;
5765 	if (!SADB_CHECKHDR(mhp, SADB_X_EXT_NAT_T_OAR)) {
5766 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_NAT_T_OAR)) {
5767 			ipseclog((LOG_DEBUG,
5768 			    "%s: invalid message: wrong header size.\n",
5769 			    __func__));
5770 			return (EINVAL);
5771 		}
5772 		oar = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAR];
5773 	} else
5774 		oar = NULL;
5775 
5776 	/* Initialize addresses only for transport mode */
5777 	if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL) {
5778 		cksum = 0;
5779 		if (oai != NULL) {
5780 			/* Currently we support only AF_INET */
5781 			sa = (struct sockaddr *)(oai + 1);
5782 			if (sa->sa_family != AF_INET ||
5783 			    sa->sa_len != sizeof(struct sockaddr_in)) {
5784 				ipseclog((LOG_DEBUG,
5785 				    "%s: wrong NAT-OAi header.\n",
5786 				    __func__));
5787 				return (EINVAL);
5788 			}
5789 			/* Ignore address if it the same */
5790 			if (((struct sockaddr_in *)sa)->sin_addr.s_addr !=
5791 			    sav->sah->saidx.src.sin.sin_addr.s_addr) {
5792 				bcopy(sa, &sav->natt->oai.sa, sa->sa_len);
5793 				sav->natt->flags |= IPSEC_NATT_F_OAI;
5794 				/* Calculate checksum delta */
5795 				addr = sav->sah->saidx.src.sin.sin_addr.s_addr;
5796 				cksum = in_addword(cksum, ~addr >> 16);
5797 				cksum = in_addword(cksum, ~addr & 0xffff);
5798 				addr = sav->natt->oai.sin.sin_addr.s_addr;
5799 				cksum = in_addword(cksum, addr >> 16);
5800 				cksum = in_addword(cksum, addr & 0xffff);
5801 			}
5802 		}
5803 		if (oar != NULL) {
5804 			/* Currently we support only AF_INET */
5805 			sa = (struct sockaddr *)(oar + 1);
5806 			if (sa->sa_family != AF_INET ||
5807 			    sa->sa_len != sizeof(struct sockaddr_in)) {
5808 				ipseclog((LOG_DEBUG,
5809 				    "%s: wrong NAT-OAr header.\n",
5810 				    __func__));
5811 				return (EINVAL);
5812 			}
5813 			/* Ignore address if it the same */
5814 			if (((struct sockaddr_in *)sa)->sin_addr.s_addr !=
5815 			    sav->sah->saidx.dst.sin.sin_addr.s_addr) {
5816 				bcopy(sa, &sav->natt->oar.sa, sa->sa_len);
5817 				sav->natt->flags |= IPSEC_NATT_F_OAR;
5818 				/* Calculate checksum delta */
5819 				addr = sav->sah->saidx.dst.sin.sin_addr.s_addr;
5820 				cksum = in_addword(cksum, ~addr >> 16);
5821 				cksum = in_addword(cksum, ~addr & 0xffff);
5822 				addr = sav->natt->oar.sin.sin_addr.s_addr;
5823 				cksum = in_addword(cksum, addr >> 16);
5824 				cksum = in_addword(cksum, addr & 0xffff);
5825 			}
5826 		}
5827 		sav->natt->cksum = cksum;
5828 	}
5829 	return (0);
5830 }
5831 
5832 static int
5833 key_setident(struct secashead *sah, const struct sadb_msghdr *mhp)
5834 {
5835 	const struct sadb_ident *idsrc, *iddst;
5836 
5837 	IPSEC_ASSERT(sah != NULL, ("null secashead"));
5838 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5839 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5840 
5841 	/* don't make buffer if not there */
5842 	if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) &&
5843 	    SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) {
5844 		sah->idents = NULL;
5845 		sah->identd = NULL;
5846 		return (0);
5847 	}
5848 
5849 	if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) ||
5850 	    SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) {
5851 		ipseclog((LOG_DEBUG, "%s: invalid identity.\n", __func__));
5852 		return (EINVAL);
5853 	}
5854 
5855 	idsrc = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_SRC];
5856 	iddst = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_DST];
5857 
5858 	/* validity check */
5859 	if (idsrc->sadb_ident_type != iddst->sadb_ident_type) {
5860 		ipseclog((LOG_DEBUG, "%s: ident type mismatch.\n", __func__));
5861 		return EINVAL;
5862 	}
5863 
5864 	switch (idsrc->sadb_ident_type) {
5865 	case SADB_IDENTTYPE_PREFIX:
5866 	case SADB_IDENTTYPE_FQDN:
5867 	case SADB_IDENTTYPE_USERFQDN:
5868 	default:
5869 		/* XXX do nothing */
5870 		sah->idents = NULL;
5871 		sah->identd = NULL;
5872 	 	return 0;
5873 	}
5874 
5875 	/* make structure */
5876 	sah->idents = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5877 	if (sah->idents == NULL) {
5878 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5879 		return ENOBUFS;
5880 	}
5881 	sah->identd = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5882 	if (sah->identd == NULL) {
5883 		free(sah->idents, M_IPSEC_MISC);
5884 		sah->idents = NULL;
5885 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
5886 		return ENOBUFS;
5887 	}
5888 	sah->idents->type = idsrc->sadb_ident_type;
5889 	sah->idents->id = idsrc->sadb_ident_id;
5890 
5891 	sah->identd->type = iddst->sadb_ident_type;
5892 	sah->identd->id = iddst->sadb_ident_id;
5893 
5894 	return 0;
5895 }
5896 
5897 /*
5898  * m will not be freed on return.
5899  * it is caller's responsibility to free the result.
5900  *
5901  * Called from SADB_ADD and SADB_UPDATE. Reply will contain headers
5902  * from the request in defined order.
5903  */
5904 static struct mbuf *
5905 key_getmsgbuf_x1(struct mbuf *m, const struct sadb_msghdr *mhp)
5906 {
5907 	struct mbuf *n;
5908 
5909 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5910 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5911 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5912 
5913 	/* create new sadb_msg to reply. */
5914 	n = key_gather_mbuf(m, mhp, 1, 16, SADB_EXT_RESERVED,
5915 	    SADB_EXT_SA, SADB_X_EXT_SA2,
5916 	    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST,
5917 	    SADB_EXT_LIFETIME_HARD, SADB_EXT_LIFETIME_SOFT,
5918 	    SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST,
5919 	    SADB_X_EXT_NAT_T_TYPE, SADB_X_EXT_NAT_T_SPORT,
5920 	    SADB_X_EXT_NAT_T_DPORT, SADB_X_EXT_NAT_T_OAI,
5921 	    SADB_X_EXT_NAT_T_OAR, SADB_X_EXT_NEW_ADDRESS_SRC,
5922 	    SADB_X_EXT_NEW_ADDRESS_DST);
5923 	if (!n)
5924 		return NULL;
5925 
5926 	if (n->m_len < sizeof(struct sadb_msg)) {
5927 		n = m_pullup(n, sizeof(struct sadb_msg));
5928 		if (n == NULL)
5929 			return NULL;
5930 	}
5931 	mtod(n, struct sadb_msg *)->sadb_msg_errno = 0;
5932 	mtod(n, struct sadb_msg *)->sadb_msg_len =
5933 	    PFKEY_UNIT64(n->m_pkthdr.len);
5934 
5935 	return n;
5936 }
5937 
5938 /*
5939  * SADB_DELETE processing
5940  * receive
5941  *   <base, SA(*), address(SD)>
5942  * from the ikmpd, and set SADB_SASTATE_DEAD,
5943  * and send,
5944  *   <base, SA(*), address(SD)>
5945  * to the ikmpd.
5946  *
5947  * m will always be freed.
5948  */
5949 static int
5950 key_delete(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
5951 {
5952 	struct secasindex saidx;
5953 	struct sadb_address *src0, *dst0;
5954 	struct secasvar *sav;
5955 	struct sadb_sa *sa0;
5956 	uint8_t proto;
5957 
5958 	IPSEC_ASSERT(so != NULL, ("null socket"));
5959 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
5960 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
5961 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
5962 
5963 	/* map satype to proto */
5964 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
5965 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
5966 		    __func__));
5967 		return key_senderror(so, m, EINVAL);
5968 	}
5969 
5970 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
5971 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
5972 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
5973 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
5974 		ipseclog((LOG_DEBUG, "%s: invalid message is passed.\n",
5975 		    __func__));
5976 		return key_senderror(so, m, EINVAL);
5977 	}
5978 
5979 	src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
5980 	dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
5981 
5982 	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
5983 	    (struct sockaddr *)(dst0 + 1)) != 0) {
5984 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
5985 		return (key_senderror(so, m, EINVAL));
5986 	}
5987 	KEY_SETSECASIDX(proto, IPSEC_MODE_ANY, 0, src0 + 1, dst0 + 1, &saidx);
5988 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA)) {
5989 		/*
5990 		 * Caller wants us to delete all non-LARVAL SAs
5991 		 * that match the src/dst.  This is used during
5992 		 * IKE INITIAL-CONTACT.
5993 		 * XXXAE: this looks like some extension to RFC2367.
5994 		 */
5995 		ipseclog((LOG_DEBUG, "%s: doing delete all.\n", __func__));
5996 		return (key_delete_all(so, m, mhp, &saidx));
5997 	}
5998 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA)) {
5999 		ipseclog((LOG_DEBUG,
6000 		    "%s: invalid message: wrong header size.\n", __func__));
6001 		return (key_senderror(so, m, EINVAL));
6002 	}
6003 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
6004 	if (proto == IPPROTO_TCP)
6005 		sav = key_getsav_tcpmd5(&saidx, NULL);
6006 	else
6007 		sav = key_getsavbyspi(sa0->sadb_sa_spi);
6008 	if (sav == NULL) {
6009 		ipseclog((LOG_DEBUG, "%s: no SA found for SPI %u.\n",
6010 		    __func__, ntohl(sa0->sadb_sa_spi)));
6011 		return (key_senderror(so, m, ESRCH));
6012 	}
6013 	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) {
6014 		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u.\n",
6015 		    __func__, ntohl(sav->spi)));
6016 		key_freesav(&sav);
6017 		return (key_senderror(so, m, ESRCH));
6018 	}
6019 	KEYDBG(KEY_STAMP,
6020 	    printf("%s: SA(%p)\n", __func__, sav));
6021 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
6022 	key_unlinksav(sav);
6023 	key_freesav(&sav);
6024 
6025     {
6026 	struct mbuf *n;
6027 	struct sadb_msg *newmsg;
6028 
6029 	/* create new sadb_msg to reply. */
6030 	n = key_gather_mbuf(m, mhp, 1, 4, SADB_EXT_RESERVED,
6031 	    SADB_EXT_SA, SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
6032 	if (!n)
6033 		return key_senderror(so, m, ENOBUFS);
6034 
6035 	if (n->m_len < sizeof(struct sadb_msg)) {
6036 		n = m_pullup(n, sizeof(struct sadb_msg));
6037 		if (n == NULL)
6038 			return key_senderror(so, m, ENOBUFS);
6039 	}
6040 	newmsg = mtod(n, struct sadb_msg *);
6041 	newmsg->sadb_msg_errno = 0;
6042 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
6043 
6044 	m_freem(m);
6045 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
6046     }
6047 }
6048 
6049 /*
6050  * delete all SAs for src/dst.  Called from key_delete().
6051  */
6052 static int
6053 key_delete_all(struct socket *so, struct mbuf *m,
6054     const struct sadb_msghdr *mhp, struct secasindex *saidx)
6055 {
6056 	struct secasvar_queue drainq;
6057 	struct secashead *sah;
6058 	struct secasvar *sav, *nextsav;
6059 
6060 	TAILQ_INIT(&drainq);
6061 	SAHTREE_WLOCK();
6062 	LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
6063 		if (key_cmpsaidx(&sah->saidx, saidx, CMP_HEAD) == 0)
6064 			continue;
6065 		/* Move all ALIVE SAs into drainq */
6066 		TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain);
6067 	}
6068 	/* Unlink all queued SAs from SPI hash */
6069 	TAILQ_FOREACH(sav, &drainq, chain) {
6070 		sav->state = SADB_SASTATE_DEAD;
6071 		LIST_REMOVE(sav, spihash);
6072 	}
6073 	SAHTREE_WUNLOCK();
6074 	/* Now we can release reference for all SAs in drainq */
6075 	sav = TAILQ_FIRST(&drainq);
6076 	while (sav != NULL) {
6077 		KEYDBG(KEY_STAMP,
6078 		    printf("%s: SA(%p)\n", __func__, sav));
6079 		KEYDBG(KEY_DATA, kdebug_secasv(sav));
6080 		nextsav = TAILQ_NEXT(sav, chain);
6081 		key_freesah(&sav->sah); /* release reference from SAV */
6082 		key_freesav(&sav); /* release last reference */
6083 		sav = nextsav;
6084 	}
6085 
6086     {
6087 	struct mbuf *n;
6088 	struct sadb_msg *newmsg;
6089 
6090 	/* create new sadb_msg to reply. */
6091 	n = key_gather_mbuf(m, mhp, 1, 3, SADB_EXT_RESERVED,
6092 	    SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST);
6093 	if (!n)
6094 		return key_senderror(so, m, ENOBUFS);
6095 
6096 	if (n->m_len < sizeof(struct sadb_msg)) {
6097 		n = m_pullup(n, sizeof(struct sadb_msg));
6098 		if (n == NULL)
6099 			return key_senderror(so, m, ENOBUFS);
6100 	}
6101 	newmsg = mtod(n, struct sadb_msg *);
6102 	newmsg->sadb_msg_errno = 0;
6103 	newmsg->sadb_msg_len = PFKEY_UNIT64(n->m_pkthdr.len);
6104 
6105 	m_freem(m);
6106 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
6107     }
6108 }
6109 
6110 /*
6111  * Delete all alive SAs for corresponding xform.
6112  * Larval SAs have not initialized tdb_xform, so it is safe to leave them
6113  * here when xform disappears.
6114  */
6115 void
6116 key_delete_xform(const struct xformsw *xsp)
6117 {
6118 	struct secasvar_queue drainq;
6119 	struct secashead *sah;
6120 	struct secasvar *sav, *nextsav;
6121 
6122 	TAILQ_INIT(&drainq);
6123 	SAHTREE_WLOCK();
6124 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
6125 		sav = TAILQ_FIRST(&sah->savtree_alive);
6126 		if (sav == NULL)
6127 			continue;
6128 		if (sav->tdb_xform != xsp)
6129 			continue;
6130 		/*
6131 		 * It is supposed that all SAs in the chain are related to
6132 		 * one xform.
6133 		 */
6134 		TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain);
6135 	}
6136 	/* Unlink all queued SAs from SPI hash */
6137 	TAILQ_FOREACH(sav, &drainq, chain) {
6138 		sav->state = SADB_SASTATE_DEAD;
6139 		LIST_REMOVE(sav, spihash);
6140 	}
6141 	SAHTREE_WUNLOCK();
6142 
6143 	/* Now we can release reference for all SAs in drainq */
6144 	sav = TAILQ_FIRST(&drainq);
6145 	while (sav != NULL) {
6146 		KEYDBG(KEY_STAMP,
6147 		    printf("%s: SA(%p)\n", __func__, sav));
6148 		KEYDBG(KEY_DATA, kdebug_secasv(sav));
6149 		nextsav = TAILQ_NEXT(sav, chain);
6150 		key_freesah(&sav->sah); /* release reference from SAV */
6151 		key_freesav(&sav); /* release last reference */
6152 		sav = nextsav;
6153 	}
6154 }
6155 
6156 /*
6157  * SADB_GET processing
6158  * receive
6159  *   <base, SA(*), address(SD)>
6160  * from the ikmpd, and get a SP and a SA to respond,
6161  * and send,
6162  *   <base, SA, (lifetime(HSC),) address(SD), (address(P),) key(AE),
6163  *       (identity(SD),) (sensitivity)>
6164  * to the ikmpd.
6165  *
6166  * m will always be freed.
6167  */
6168 static int
6169 key_get(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
6170 {
6171 	struct secasindex saidx;
6172 	struct sadb_address *src0, *dst0;
6173 	struct sadb_sa *sa0;
6174 	struct secasvar *sav;
6175 	uint8_t proto;
6176 
6177 	IPSEC_ASSERT(so != NULL, ("null socket"));
6178 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
6179 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
6180 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
6181 
6182 	/* map satype to proto */
6183 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
6184 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
6185 			__func__));
6186 		return key_senderror(so, m, EINVAL);
6187 	}
6188 
6189 	if (SADB_CHECKHDR(mhp, SADB_EXT_SA) ||
6190 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
6191 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST)) {
6192 		ipseclog((LOG_DEBUG,
6193 		    "%s: invalid message: missing required header.\n",
6194 		    __func__));
6195 		return key_senderror(so, m, EINVAL);
6196 	}
6197 	if (SADB_CHECKLEN(mhp, SADB_EXT_SA) ||
6198 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
6199 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST)) {
6200 		ipseclog((LOG_DEBUG,
6201 		    "%s: invalid message: wrong header size.\n", __func__));
6202 		return key_senderror(so, m, EINVAL);
6203 	}
6204 
6205 	sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
6206 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
6207 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
6208 
6209 	if (key_checksockaddrs((struct sockaddr *)(src0 + 1),
6210 	    (struct sockaddr *)(dst0 + 1)) != 0) {
6211 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
6212 		return key_senderror(so, m, EINVAL);
6213 	}
6214 	KEY_SETSECASIDX(proto, IPSEC_MODE_ANY, 0, src0 + 1, dst0 + 1, &saidx);
6215 
6216 	if (proto == IPPROTO_TCP)
6217 		sav = key_getsav_tcpmd5(&saidx, NULL);
6218 	else
6219 		sav = key_getsavbyspi(sa0->sadb_sa_spi);
6220 	if (sav == NULL) {
6221 		ipseclog((LOG_DEBUG, "%s: no SA found.\n", __func__));
6222 		return key_senderror(so, m, ESRCH);
6223 	}
6224 	if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) {
6225 		ipseclog((LOG_DEBUG, "%s: saidx mismatched for SPI %u.\n",
6226 		    __func__, ntohl(sa0->sadb_sa_spi)));
6227 		key_freesav(&sav);
6228 		return (key_senderror(so, m, ESRCH));
6229 	}
6230 
6231     {
6232 	struct mbuf *n;
6233 	uint8_t satype;
6234 
6235 	/* map proto to satype */
6236 	if ((satype = key_proto2satype(sav->sah->saidx.proto)) == 0) {
6237 		ipseclog((LOG_DEBUG, "%s: there was invalid proto in SAD.\n",
6238 		    __func__));
6239 		key_freesav(&sav);
6240 		return key_senderror(so, m, EINVAL);
6241 	}
6242 
6243 	/* create new sadb_msg to reply. */
6244 	n = key_setdumpsa(sav, SADB_GET, satype, mhp->msg->sadb_msg_seq,
6245 	    mhp->msg->sadb_msg_pid);
6246 
6247 	key_freesav(&sav);
6248 	if (!n)
6249 		return key_senderror(so, m, ENOBUFS);
6250 
6251 	m_freem(m);
6252 	return key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
6253     }
6254 }
6255 
6256 /* XXX make it sysctl-configurable? */
6257 static void
6258 key_getcomb_setlifetime(struct sadb_comb *comb)
6259 {
6260 
6261 	comb->sadb_comb_soft_allocations = 1;
6262 	comb->sadb_comb_hard_allocations = 1;
6263 	comb->sadb_comb_soft_bytes = 0;
6264 	comb->sadb_comb_hard_bytes = 0;
6265 	comb->sadb_comb_hard_addtime = 86400;	/* 1 day */
6266 	comb->sadb_comb_soft_addtime = comb->sadb_comb_soft_addtime * 80 / 100;
6267 	comb->sadb_comb_soft_usetime = 28800;	/* 8 hours */
6268 	comb->sadb_comb_hard_usetime = comb->sadb_comb_hard_usetime * 80 / 100;
6269 }
6270 
6271 /*
6272  * XXX reorder combinations by preference
6273  * XXX no idea if the user wants ESP authentication or not
6274  */
6275 static struct mbuf *
6276 key_getcomb_ealg(void)
6277 {
6278 	struct sadb_comb *comb;
6279 	const struct enc_xform *algo;
6280 	struct mbuf *result = NULL, *m, *n;
6281 	int encmin;
6282 	int i, off, o;
6283 	int totlen;
6284 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb));
6285 
6286 	m = NULL;
6287 	for (i = 1; i <= SADB_EALG_MAX; i++) {
6288 		algo = enc_algorithm_lookup(i);
6289 		if (algo == NULL)
6290 			continue;
6291 
6292 		/* discard algorithms with key size smaller than system min */
6293 		if (_BITS(algo->maxkey) < V_ipsec_esp_keymin)
6294 			continue;
6295 		if (_BITS(algo->minkey) < V_ipsec_esp_keymin)
6296 			encmin = V_ipsec_esp_keymin;
6297 		else
6298 			encmin = _BITS(algo->minkey);
6299 
6300 		if (V_ipsec_esp_auth)
6301 			m = key_getcomb_ah();
6302 		else {
6303 			IPSEC_ASSERT(l <= MLEN,
6304 				("l=%u > MLEN=%lu", l, (u_long) MLEN));
6305 			MGET(m, M_NOWAIT, MT_DATA);
6306 			if (m) {
6307 				M_ALIGN(m, l);
6308 				m->m_len = l;
6309 				m->m_next = NULL;
6310 				bzero(mtod(m, caddr_t), m->m_len);
6311 			}
6312 		}
6313 		if (!m)
6314 			goto fail;
6315 
6316 		totlen = 0;
6317 		for (n = m; n; n = n->m_next)
6318 			totlen += n->m_len;
6319 		IPSEC_ASSERT((totlen % l) == 0, ("totlen=%u, l=%u", totlen, l));
6320 
6321 		for (off = 0; off < totlen; off += l) {
6322 			n = m_pulldown(m, off, l, &o);
6323 			if (!n) {
6324 				/* m is already freed */
6325 				goto fail;
6326 			}
6327 			comb = (struct sadb_comb *)(mtod(n, caddr_t) + o);
6328 			bzero(comb, sizeof(*comb));
6329 			key_getcomb_setlifetime(comb);
6330 			comb->sadb_comb_encrypt = i;
6331 			comb->sadb_comb_encrypt_minbits = encmin;
6332 			comb->sadb_comb_encrypt_maxbits = _BITS(algo->maxkey);
6333 		}
6334 
6335 		if (!result)
6336 			result = m;
6337 		else
6338 			m_cat(result, m);
6339 	}
6340 
6341 	return result;
6342 
6343  fail:
6344 	if (result)
6345 		m_freem(result);
6346 	return NULL;
6347 }
6348 
6349 static void
6350 key_getsizes_ah(const struct auth_hash *ah, int alg, u_int16_t* min,
6351     u_int16_t* max)
6352 {
6353 
6354 	*min = *max = ah->hashsize;
6355 	if (ah->keysize == 0) {
6356 		/*
6357 		 * Transform takes arbitrary key size but algorithm
6358 		 * key size is restricted.  Enforce this here.
6359 		 */
6360 		switch (alg) {
6361 		case SADB_X_AALG_NULL:	*min = 1; *max = 256; break;
6362 		case SADB_X_AALG_SHA2_256: *min = *max = 32; break;
6363 		case SADB_X_AALG_SHA2_384: *min = *max = 48; break;
6364 		case SADB_X_AALG_SHA2_512: *min = *max = 64; break;
6365 		default:
6366 			DPRINTF(("%s: unknown AH algorithm %u\n",
6367 				__func__, alg));
6368 			break;
6369 		}
6370 	}
6371 }
6372 
6373 /*
6374  * XXX reorder combinations by preference
6375  */
6376 static struct mbuf *
6377 key_getcomb_ah()
6378 {
6379 	const struct auth_hash *algo;
6380 	struct sadb_comb *comb;
6381 	struct mbuf *m;
6382 	u_int16_t minkeysize, maxkeysize;
6383 	int i;
6384 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb));
6385 
6386 	m = NULL;
6387 	for (i = 1; i <= SADB_AALG_MAX; i++) {
6388 #if 1
6389 		/* we prefer HMAC algorithms, not old algorithms */
6390 		if (i != SADB_AALG_SHA1HMAC &&
6391 		    i != SADB_X_AALG_SHA2_256 &&
6392 		    i != SADB_X_AALG_SHA2_384 &&
6393 		    i != SADB_X_AALG_SHA2_512)
6394 			continue;
6395 #endif
6396 		algo = auth_algorithm_lookup(i);
6397 		if (!algo)
6398 			continue;
6399 		key_getsizes_ah(algo, i, &minkeysize, &maxkeysize);
6400 		/* discard algorithms with key size smaller than system min */
6401 		if (_BITS(minkeysize) < V_ipsec_ah_keymin)
6402 			continue;
6403 
6404 		if (!m) {
6405 			IPSEC_ASSERT(l <= MLEN,
6406 				("l=%u > MLEN=%lu", l, (u_long) MLEN));
6407 			MGET(m, M_NOWAIT, MT_DATA);
6408 			if (m) {
6409 				M_ALIGN(m, l);
6410 				m->m_len = l;
6411 				m->m_next = NULL;
6412 			}
6413 		} else
6414 			M_PREPEND(m, l, M_NOWAIT);
6415 		if (!m)
6416 			return NULL;
6417 
6418 		comb = mtod(m, struct sadb_comb *);
6419 		bzero(comb, sizeof(*comb));
6420 		key_getcomb_setlifetime(comb);
6421 		comb->sadb_comb_auth = i;
6422 		comb->sadb_comb_auth_minbits = _BITS(minkeysize);
6423 		comb->sadb_comb_auth_maxbits = _BITS(maxkeysize);
6424 	}
6425 
6426 	return m;
6427 }
6428 
6429 /*
6430  * not really an official behavior.  discussed in pf_key@inner.net in Sep2000.
6431  * XXX reorder combinations by preference
6432  */
6433 static struct mbuf *
6434 key_getcomb_ipcomp()
6435 {
6436 	const struct comp_algo *algo;
6437 	struct sadb_comb *comb;
6438 	struct mbuf *m;
6439 	int i;
6440 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb));
6441 
6442 	m = NULL;
6443 	for (i = 1; i <= SADB_X_CALG_MAX; i++) {
6444 		algo = comp_algorithm_lookup(i);
6445 		if (!algo)
6446 			continue;
6447 
6448 		if (!m) {
6449 			IPSEC_ASSERT(l <= MLEN,
6450 				("l=%u > MLEN=%lu", l, (u_long) MLEN));
6451 			MGET(m, M_NOWAIT, MT_DATA);
6452 			if (m) {
6453 				M_ALIGN(m, l);
6454 				m->m_len = l;
6455 				m->m_next = NULL;
6456 			}
6457 		} else
6458 			M_PREPEND(m, l, M_NOWAIT);
6459 		if (!m)
6460 			return NULL;
6461 
6462 		comb = mtod(m, struct sadb_comb *);
6463 		bzero(comb, sizeof(*comb));
6464 		key_getcomb_setlifetime(comb);
6465 		comb->sadb_comb_encrypt = i;
6466 		/* what should we set into sadb_comb_*_{min,max}bits? */
6467 	}
6468 
6469 	return m;
6470 }
6471 
6472 /*
6473  * XXX no way to pass mode (transport/tunnel) to userland
6474  * XXX replay checking?
6475  * XXX sysctl interface to ipsec_{ah,esp}_keymin
6476  */
6477 static struct mbuf *
6478 key_getprop(const struct secasindex *saidx)
6479 {
6480 	struct sadb_prop *prop;
6481 	struct mbuf *m, *n;
6482 	const int l = PFKEY_ALIGN8(sizeof(struct sadb_prop));
6483 	int totlen;
6484 
6485 	switch (saidx->proto)  {
6486 	case IPPROTO_ESP:
6487 		m = key_getcomb_ealg();
6488 		break;
6489 	case IPPROTO_AH:
6490 		m = key_getcomb_ah();
6491 		break;
6492 	case IPPROTO_IPCOMP:
6493 		m = key_getcomb_ipcomp();
6494 		break;
6495 	default:
6496 		return NULL;
6497 	}
6498 
6499 	if (!m)
6500 		return NULL;
6501 	M_PREPEND(m, l, M_NOWAIT);
6502 	if (!m)
6503 		return NULL;
6504 
6505 	totlen = 0;
6506 	for (n = m; n; n = n->m_next)
6507 		totlen += n->m_len;
6508 
6509 	prop = mtod(m, struct sadb_prop *);
6510 	bzero(prop, sizeof(*prop));
6511 	prop->sadb_prop_len = PFKEY_UNIT64(totlen);
6512 	prop->sadb_prop_exttype = SADB_EXT_PROPOSAL;
6513 	prop->sadb_prop_replay = 32;	/* XXX */
6514 
6515 	return m;
6516 }
6517 
6518 /*
6519  * SADB_ACQUIRE processing called by key_checkrequest() and key_acquire2().
6520  * send
6521  *   <base, SA, address(SD), (address(P)), x_policy,
6522  *       (identity(SD),) (sensitivity,) proposal>
6523  * to KMD, and expect to receive
6524  *   <base> with SADB_ACQUIRE if error occurred,
6525  * or
6526  *   <base, src address, dst address, (SPI range)> with SADB_GETSPI
6527  * from KMD by PF_KEY.
6528  *
6529  * XXX x_policy is outside of RFC2367 (KAME extension).
6530  * XXX sensitivity is not supported.
6531  * XXX for ipcomp, RFC2367 does not define how to fill in proposal.
6532  * see comment for key_getcomb_ipcomp().
6533  *
6534  * OUT:
6535  *    0     : succeed
6536  *    others: error number
6537  */
6538 static int
6539 key_acquire(const struct secasindex *saidx, struct secpolicy *sp)
6540 {
6541 	union sockaddr_union addr;
6542 	struct mbuf *result, *m;
6543 	uint32_t seq;
6544 	int error;
6545 	uint16_t ul_proto;
6546 	uint8_t mask, satype;
6547 
6548 	IPSEC_ASSERT(saidx != NULL, ("null saidx"));
6549 	satype = key_proto2satype(saidx->proto);
6550 	IPSEC_ASSERT(satype != 0, ("null satype, protocol %u", saidx->proto));
6551 
6552 	error = -1;
6553 	result = NULL;
6554 	ul_proto = IPSEC_ULPROTO_ANY;
6555 
6556 	/* Get seq number to check whether sending message or not. */
6557 	seq = key_getacq(saidx, &error);
6558 	if (seq == 0)
6559 		return (error);
6560 
6561 	m = key_setsadbmsg(SADB_ACQUIRE, 0, satype, seq, 0, 0);
6562 	if (!m) {
6563 		error = ENOBUFS;
6564 		goto fail;
6565 	}
6566 	result = m;
6567 
6568 	/*
6569 	 * set sadb_address for saidx's.
6570 	 *
6571 	 * Note that if sp is supplied, then we're being called from
6572 	 * key_allocsa_policy() and should supply port and protocol
6573 	 * information.
6574 	 * XXXAE: why only TCP and UDP? ICMP and SCTP looks applicable too.
6575 	 * XXXAE: probably we can handle this in the ipsec[46]_allocsa().
6576 	 * XXXAE: it looks like we should save this info in the ACQ entry.
6577 	 */
6578 	if (sp != NULL && (sp->spidx.ul_proto == IPPROTO_TCP ||
6579 	    sp->spidx.ul_proto == IPPROTO_UDP))
6580 		ul_proto = sp->spidx.ul_proto;
6581 
6582 	addr = saidx->src;
6583 	mask = FULLMASK;
6584 	if (ul_proto != IPSEC_ULPROTO_ANY) {
6585 		switch (sp->spidx.src.sa.sa_family) {
6586 		case AF_INET:
6587 			if (sp->spidx.src.sin.sin_port != IPSEC_PORT_ANY) {
6588 				addr.sin.sin_port = sp->spidx.src.sin.sin_port;
6589 				mask = sp->spidx.prefs;
6590 			}
6591 			break;
6592 		case AF_INET6:
6593 			if (sp->spidx.src.sin6.sin6_port != IPSEC_PORT_ANY) {
6594 				addr.sin6.sin6_port =
6595 				    sp->spidx.src.sin6.sin6_port;
6596 				mask = sp->spidx.prefs;
6597 			}
6598 			break;
6599 		default:
6600 			break;
6601 		}
6602 	}
6603 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, &addr.sa, mask, ul_proto);
6604 	if (!m) {
6605 		error = ENOBUFS;
6606 		goto fail;
6607 	}
6608 	m_cat(result, m);
6609 
6610 	addr = saidx->dst;
6611 	mask = FULLMASK;
6612 	if (ul_proto != IPSEC_ULPROTO_ANY) {
6613 		switch (sp->spidx.dst.sa.sa_family) {
6614 		case AF_INET:
6615 			if (sp->spidx.dst.sin.sin_port != IPSEC_PORT_ANY) {
6616 				addr.sin.sin_port = sp->spidx.dst.sin.sin_port;
6617 				mask = sp->spidx.prefd;
6618 			}
6619 			break;
6620 		case AF_INET6:
6621 			if (sp->spidx.dst.sin6.sin6_port != IPSEC_PORT_ANY) {
6622 				addr.sin6.sin6_port =
6623 				    sp->spidx.dst.sin6.sin6_port;
6624 				mask = sp->spidx.prefd;
6625 			}
6626 			break;
6627 		default:
6628 			break;
6629 		}
6630 	}
6631 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, &addr.sa, mask, ul_proto);
6632 	if (!m) {
6633 		error = ENOBUFS;
6634 		goto fail;
6635 	}
6636 	m_cat(result, m);
6637 
6638 	/* XXX proxy address (optional) */
6639 
6640 	/*
6641 	 * Set sadb_x_policy. This is KAME extension to RFC2367.
6642 	 */
6643 	if (sp != NULL) {
6644 		m = key_setsadbxpolicy(sp->policy, sp->spidx.dir, sp->id,
6645 		    sp->priority);
6646 		if (!m) {
6647 			error = ENOBUFS;
6648 			goto fail;
6649 		}
6650 		m_cat(result, m);
6651 	}
6652 
6653 	/*
6654 	 * Set sadb_x_sa2 extension if saidx->reqid is not zero.
6655 	 * This is FreeBSD extension to RFC2367.
6656 	 */
6657 	if (saidx->reqid != 0) {
6658 		m = key_setsadbxsa2(saidx->mode, 0, saidx->reqid);
6659 		if (m == NULL) {
6660 			error = ENOBUFS;
6661 			goto fail;
6662 		}
6663 		m_cat(result, m);
6664 	}
6665 	/* XXX identity (optional) */
6666 #if 0
6667 	if (idexttype && fqdn) {
6668 		/* create identity extension (FQDN) */
6669 		struct sadb_ident *id;
6670 		int fqdnlen;
6671 
6672 		fqdnlen = strlen(fqdn) + 1;	/* +1 for terminating-NUL */
6673 		id = (struct sadb_ident *)p;
6674 		bzero(id, sizeof(*id) + PFKEY_ALIGN8(fqdnlen));
6675 		id->sadb_ident_len = PFKEY_UNIT64(sizeof(*id) + PFKEY_ALIGN8(fqdnlen));
6676 		id->sadb_ident_exttype = idexttype;
6677 		id->sadb_ident_type = SADB_IDENTTYPE_FQDN;
6678 		bcopy(fqdn, id + 1, fqdnlen);
6679 		p += sizeof(struct sadb_ident) + PFKEY_ALIGN8(fqdnlen);
6680 	}
6681 
6682 	if (idexttype) {
6683 		/* create identity extension (USERFQDN) */
6684 		struct sadb_ident *id;
6685 		int userfqdnlen;
6686 
6687 		if (userfqdn) {
6688 			/* +1 for terminating-NUL */
6689 			userfqdnlen = strlen(userfqdn) + 1;
6690 		} else
6691 			userfqdnlen = 0;
6692 		id = (struct sadb_ident *)p;
6693 		bzero(id, sizeof(*id) + PFKEY_ALIGN8(userfqdnlen));
6694 		id->sadb_ident_len = PFKEY_UNIT64(sizeof(*id) + PFKEY_ALIGN8(userfqdnlen));
6695 		id->sadb_ident_exttype = idexttype;
6696 		id->sadb_ident_type = SADB_IDENTTYPE_USERFQDN;
6697 		/* XXX is it correct? */
6698 		if (curproc && curproc->p_cred)
6699 			id->sadb_ident_id = curproc->p_cred->p_ruid;
6700 		if (userfqdn && userfqdnlen)
6701 			bcopy(userfqdn, id + 1, userfqdnlen);
6702 		p += sizeof(struct sadb_ident) + PFKEY_ALIGN8(userfqdnlen);
6703 	}
6704 #endif
6705 
6706 	/* XXX sensitivity (optional) */
6707 
6708 	/* create proposal/combination extension */
6709 	m = key_getprop(saidx);
6710 #if 0
6711 	/*
6712 	 * spec conformant: always attach proposal/combination extension,
6713 	 * the problem is that we have no way to attach it for ipcomp,
6714 	 * due to the way sadb_comb is declared in RFC2367.
6715 	 */
6716 	if (!m) {
6717 		error = ENOBUFS;
6718 		goto fail;
6719 	}
6720 	m_cat(result, m);
6721 #else
6722 	/*
6723 	 * outside of spec; make proposal/combination extension optional.
6724 	 */
6725 	if (m)
6726 		m_cat(result, m);
6727 #endif
6728 
6729 	if ((result->m_flags & M_PKTHDR) == 0) {
6730 		error = EINVAL;
6731 		goto fail;
6732 	}
6733 
6734 	if (result->m_len < sizeof(struct sadb_msg)) {
6735 		result = m_pullup(result, sizeof(struct sadb_msg));
6736 		if (result == NULL) {
6737 			error = ENOBUFS;
6738 			goto fail;
6739 		}
6740 	}
6741 
6742 	result->m_pkthdr.len = 0;
6743 	for (m = result; m; m = m->m_next)
6744 		result->m_pkthdr.len += m->m_len;
6745 
6746 	mtod(result, struct sadb_msg *)->sadb_msg_len =
6747 	    PFKEY_UNIT64(result->m_pkthdr.len);
6748 
6749 	KEYDBG(KEY_STAMP,
6750 	    printf("%s: SP(%p)\n", __func__, sp));
6751 	KEYDBG(KEY_DATA, kdebug_secasindex(saidx, NULL));
6752 
6753 	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
6754 
6755  fail:
6756 	if (result)
6757 		m_freem(result);
6758 	return error;
6759 }
6760 
6761 static uint32_t
6762 key_newacq(const struct secasindex *saidx, int *perror)
6763 {
6764 	struct secacq *acq;
6765 	uint32_t seq;
6766 
6767 	acq = malloc(sizeof(*acq), M_IPSEC_SAQ, M_NOWAIT | M_ZERO);
6768 	if (acq == NULL) {
6769 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
6770 		*perror = ENOBUFS;
6771 		return (0);
6772 	}
6773 
6774 	/* copy secindex */
6775 	bcopy(saidx, &acq->saidx, sizeof(acq->saidx));
6776 	acq->created = time_second;
6777 	acq->count = 0;
6778 
6779 	/* add to acqtree */
6780 	ACQ_LOCK();
6781 	seq = acq->seq = (V_acq_seq == ~0 ? 1 : ++V_acq_seq);
6782 	LIST_INSERT_HEAD(&V_acqtree, acq, chain);
6783 	LIST_INSERT_HEAD(ACQADDRHASH_HASH(saidx), acq, addrhash);
6784 	LIST_INSERT_HEAD(ACQSEQHASH_HASH(seq), acq, seqhash);
6785 	ACQ_UNLOCK();
6786 	*perror = 0;
6787 	return (seq);
6788 }
6789 
6790 static uint32_t
6791 key_getacq(const struct secasindex *saidx, int *perror)
6792 {
6793 	struct secacq *acq;
6794 	uint32_t seq;
6795 
6796 	ACQ_LOCK();
6797 	LIST_FOREACH(acq, ACQADDRHASH_HASH(saidx), addrhash) {
6798 		if (key_cmpsaidx(&acq->saidx, saidx, CMP_EXACTLY)) {
6799 			if (acq->count > V_key_blockacq_count) {
6800 				/*
6801 				 * Reset counter and send message.
6802 				 * Also reset created time to keep ACQ for
6803 				 * this saidx.
6804 				 */
6805 				acq->created = time_second;
6806 				acq->count = 0;
6807 				seq = acq->seq;
6808 			} else {
6809 				/*
6810 				 * Increment counter and do nothing.
6811 				 * We send SADB_ACQUIRE message only
6812 				 * for each V_key_blockacq_count packet.
6813 				 */
6814 				acq->count++;
6815 				seq = 0;
6816 			}
6817 			break;
6818 		}
6819 	}
6820 	ACQ_UNLOCK();
6821 	if (acq != NULL) {
6822 		*perror = 0;
6823 		return (seq);
6824 	}
6825 	/* allocate new  entry */
6826 	return (key_newacq(saidx, perror));
6827 }
6828 
6829 static int
6830 key_acqreset(uint32_t seq)
6831 {
6832 	struct secacq *acq;
6833 
6834 	ACQ_LOCK();
6835 	LIST_FOREACH(acq, ACQSEQHASH_HASH(seq), seqhash) {
6836 		if (acq->seq == seq) {
6837 			acq->count = 0;
6838 			acq->created = time_second;
6839 			break;
6840 		}
6841 	}
6842 	ACQ_UNLOCK();
6843 	if (acq == NULL)
6844 		return (ESRCH);
6845 	return (0);
6846 }
6847 /*
6848  * Mark ACQ entry as stale to remove it in key_flush_acq().
6849  * Called after successful SADB_GETSPI message.
6850  */
6851 static int
6852 key_acqdone(const struct secasindex *saidx, uint32_t seq)
6853 {
6854 	struct secacq *acq;
6855 
6856 	ACQ_LOCK();
6857 	LIST_FOREACH(acq, ACQSEQHASH_HASH(seq), seqhash) {
6858 		if (acq->seq == seq)
6859 			break;
6860 	}
6861 	if (acq != NULL) {
6862 		if (key_cmpsaidx(&acq->saidx, saidx, CMP_EXACTLY) == 0) {
6863 			ipseclog((LOG_DEBUG,
6864 			    "%s: Mismatched saidx for ACQ %u\n", __func__, seq));
6865 			acq = NULL;
6866 		} else {
6867 			acq->created = 0;
6868 		}
6869 	} else {
6870 		ipseclog((LOG_DEBUG,
6871 		    "%s: ACQ %u is not found.\n", __func__, seq));
6872 	}
6873 	ACQ_UNLOCK();
6874 	if (acq == NULL)
6875 		return (ESRCH);
6876 	return (0);
6877 }
6878 
6879 static struct secspacq *
6880 key_newspacq(struct secpolicyindex *spidx)
6881 {
6882 	struct secspacq *acq;
6883 
6884 	/* get new entry */
6885 	acq = malloc(sizeof(struct secspacq), M_IPSEC_SAQ, M_NOWAIT|M_ZERO);
6886 	if (acq == NULL) {
6887 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
6888 		return NULL;
6889 	}
6890 
6891 	/* copy secindex */
6892 	bcopy(spidx, &acq->spidx, sizeof(acq->spidx));
6893 	acq->created = time_second;
6894 	acq->count = 0;
6895 
6896 	/* add to spacqtree */
6897 	SPACQ_LOCK();
6898 	LIST_INSERT_HEAD(&V_spacqtree, acq, chain);
6899 	SPACQ_UNLOCK();
6900 
6901 	return acq;
6902 }
6903 
6904 static struct secspacq *
6905 key_getspacq(struct secpolicyindex *spidx)
6906 {
6907 	struct secspacq *acq;
6908 
6909 	SPACQ_LOCK();
6910 	LIST_FOREACH(acq, &V_spacqtree, chain) {
6911 		if (key_cmpspidx_exactly(spidx, &acq->spidx)) {
6912 			/* NB: return holding spacq_lock */
6913 			return acq;
6914 		}
6915 	}
6916 	SPACQ_UNLOCK();
6917 
6918 	return NULL;
6919 }
6920 
6921 /*
6922  * SADB_ACQUIRE processing,
6923  * in first situation, is receiving
6924  *   <base>
6925  * from the ikmpd, and clear sequence of its secasvar entry.
6926  *
6927  * In second situation, is receiving
6928  *   <base, address(SD), (address(P),) (identity(SD),) (sensitivity,) proposal>
6929  * from a user land process, and return
6930  *   <base, address(SD), (address(P),) (identity(SD),) (sensitivity,) proposal>
6931  * to the socket.
6932  *
6933  * m will always be freed.
6934  */
6935 static int
6936 key_acquire2(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
6937 {
6938 	SAHTREE_RLOCK_TRACKER;
6939 	struct sadb_address *src0, *dst0;
6940 	struct secasindex saidx;
6941 	struct secashead *sah;
6942 	uint32_t reqid;
6943 	int error;
6944 	uint8_t mode, proto;
6945 
6946 	IPSEC_ASSERT(so != NULL, ("null socket"));
6947 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
6948 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
6949 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
6950 
6951 	/*
6952 	 * Error message from KMd.
6953 	 * We assume that if error was occurred in IKEd, the length of PFKEY
6954 	 * message is equal to the size of sadb_msg structure.
6955 	 * We do not raise error even if error occurred in this function.
6956 	 */
6957 	if (mhp->msg->sadb_msg_len == PFKEY_UNIT64(sizeof(struct sadb_msg))) {
6958 		/* check sequence number */
6959 		if (mhp->msg->sadb_msg_seq == 0 ||
6960 		    mhp->msg->sadb_msg_errno == 0) {
6961 			ipseclog((LOG_DEBUG, "%s: must specify sequence "
6962 				"number and errno.\n", __func__));
6963 		} else {
6964 			/*
6965 			 * IKEd reported that error occurred.
6966 			 * XXXAE: what it expects from the kernel?
6967 			 * Probably we should send SADB_ACQUIRE again?
6968 			 * If so, reset ACQ's state.
6969 			 * XXXAE: it looks useless.
6970 			 */
6971 			key_acqreset(mhp->msg->sadb_msg_seq);
6972 		}
6973 		m_freem(m);
6974 		return (0);
6975 	}
6976 
6977 	/*
6978 	 * This message is from user land.
6979 	 */
6980 
6981 	/* map satype to proto */
6982 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
6983 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
6984 		    __func__));
6985 		return key_senderror(so, m, EINVAL);
6986 	}
6987 
6988 	if (SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_SRC) ||
6989 	    SADB_CHECKHDR(mhp, SADB_EXT_ADDRESS_DST) ||
6990 	    SADB_CHECKHDR(mhp, SADB_EXT_PROPOSAL)) {
6991 		ipseclog((LOG_DEBUG,
6992 		    "%s: invalid message: missing required header.\n",
6993 		    __func__));
6994 		return key_senderror(so, m, EINVAL);
6995 	}
6996 	if (SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_SRC) ||
6997 	    SADB_CHECKLEN(mhp, SADB_EXT_ADDRESS_DST) ||
6998 	    SADB_CHECKLEN(mhp, SADB_EXT_PROPOSAL)) {
6999 		ipseclog((LOG_DEBUG,
7000 		    "%s: invalid message: wrong header size.\n", __func__));
7001 		return key_senderror(so, m, EINVAL);
7002 	}
7003 
7004 	if (SADB_CHECKHDR(mhp, SADB_X_EXT_SA2)) {
7005 		mode = IPSEC_MODE_ANY;
7006 		reqid = 0;
7007 	} else {
7008 		if (SADB_CHECKLEN(mhp, SADB_X_EXT_SA2)) {
7009 			ipseclog((LOG_DEBUG,
7010 			    "%s: invalid message: wrong header size.\n",
7011 			    __func__));
7012 			return key_senderror(so, m, EINVAL);
7013 		}
7014 		mode = ((struct sadb_x_sa2 *)
7015 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
7016 		reqid = ((struct sadb_x_sa2 *)
7017 		    mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
7018 	}
7019 
7020 	src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
7021 	dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
7022 
7023 	error = key_checksockaddrs((struct sockaddr *)(src0 + 1),
7024 	    (struct sockaddr *)(dst0 + 1));
7025 	if (error != 0) {
7026 		ipseclog((LOG_DEBUG, "%s: invalid sockaddr.\n", __func__));
7027 		return key_senderror(so, m, EINVAL);
7028 	}
7029 	KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
7030 
7031 	/* get a SA index */
7032 	SAHTREE_RLOCK();
7033 	LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
7034 		if (key_cmpsaidx(&sah->saidx, &saidx, CMP_MODE_REQID))
7035 			break;
7036 	}
7037 	SAHTREE_RUNLOCK();
7038 	if (sah != NULL) {
7039 		ipseclog((LOG_DEBUG, "%s: a SA exists already.\n", __func__));
7040 		return key_senderror(so, m, EEXIST);
7041 	}
7042 
7043 	error = key_acquire(&saidx, NULL);
7044 	if (error != 0) {
7045 		ipseclog((LOG_DEBUG,
7046 		    "%s: error %d returned from key_acquire()\n",
7047 			__func__, error));
7048 		return key_senderror(so, m, error);
7049 	}
7050 	m_freem(m);
7051 	return (0);
7052 }
7053 
7054 /*
7055  * SADB_REGISTER processing.
7056  * If SATYPE_UNSPEC has been passed as satype, only return sabd_supported.
7057  * receive
7058  *   <base>
7059  * from the ikmpd, and register a socket to send PF_KEY messages,
7060  * and send
7061  *   <base, supported>
7062  * to KMD by PF_KEY.
7063  * If socket is detached, must free from regnode.
7064  *
7065  * m will always be freed.
7066  */
7067 static int
7068 key_register(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7069 {
7070 	struct secreg *reg, *newreg = NULL;
7071 
7072 	IPSEC_ASSERT(so != NULL, ("null socket"));
7073 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7074 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7075 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7076 
7077 	/* check for invalid register message */
7078 	if (mhp->msg->sadb_msg_satype >= sizeof(V_regtree)/sizeof(V_regtree[0]))
7079 		return key_senderror(so, m, EINVAL);
7080 
7081 	/* When SATYPE_UNSPEC is specified, only return sabd_supported. */
7082 	if (mhp->msg->sadb_msg_satype == SADB_SATYPE_UNSPEC)
7083 		goto setmsg;
7084 
7085 	/* check whether existing or not */
7086 	REGTREE_LOCK();
7087 	LIST_FOREACH(reg, &V_regtree[mhp->msg->sadb_msg_satype], chain) {
7088 		if (reg->so == so) {
7089 			REGTREE_UNLOCK();
7090 			ipseclog((LOG_DEBUG, "%s: socket exists already.\n",
7091 				__func__));
7092 			return key_senderror(so, m, EEXIST);
7093 		}
7094 	}
7095 
7096 	/* create regnode */
7097 	newreg =  malloc(sizeof(struct secreg), M_IPSEC_SAR, M_NOWAIT|M_ZERO);
7098 	if (newreg == NULL) {
7099 		REGTREE_UNLOCK();
7100 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
7101 		return key_senderror(so, m, ENOBUFS);
7102 	}
7103 
7104 	newreg->so = so;
7105 	((struct keycb *)sotorawcb(so))->kp_registered++;
7106 
7107 	/* add regnode to regtree. */
7108 	LIST_INSERT_HEAD(&V_regtree[mhp->msg->sadb_msg_satype], newreg, chain);
7109 	REGTREE_UNLOCK();
7110 
7111   setmsg:
7112     {
7113 	struct mbuf *n;
7114 	struct sadb_msg *newmsg;
7115 	struct sadb_supported *sup;
7116 	u_int len, alen, elen;
7117 	int off;
7118 	int i;
7119 	struct sadb_alg *alg;
7120 
7121 	/* create new sadb_msg to reply. */
7122 	alen = 0;
7123 	for (i = 1; i <= SADB_AALG_MAX; i++) {
7124 		if (auth_algorithm_lookup(i))
7125 			alen += sizeof(struct sadb_alg);
7126 	}
7127 	if (alen)
7128 		alen += sizeof(struct sadb_supported);
7129 	elen = 0;
7130 	for (i = 1; i <= SADB_EALG_MAX; i++) {
7131 		if (enc_algorithm_lookup(i))
7132 			elen += sizeof(struct sadb_alg);
7133 	}
7134 	if (elen)
7135 		elen += sizeof(struct sadb_supported);
7136 
7137 	len = sizeof(struct sadb_msg) + alen + elen;
7138 
7139 	if (len > MCLBYTES)
7140 		return key_senderror(so, m, ENOBUFS);
7141 
7142 	MGETHDR(n, M_NOWAIT, MT_DATA);
7143 	if (n != NULL && len > MHLEN) {
7144 		if (!(MCLGET(n, M_NOWAIT))) {
7145 			m_freem(n);
7146 			n = NULL;
7147 		}
7148 	}
7149 	if (!n)
7150 		return key_senderror(so, m, ENOBUFS);
7151 
7152 	n->m_pkthdr.len = n->m_len = len;
7153 	n->m_next = NULL;
7154 	off = 0;
7155 
7156 	m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
7157 	newmsg = mtod(n, struct sadb_msg *);
7158 	newmsg->sadb_msg_errno = 0;
7159 	newmsg->sadb_msg_len = PFKEY_UNIT64(len);
7160 	off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
7161 
7162 	/* for authentication algorithm */
7163 	if (alen) {
7164 		sup = (struct sadb_supported *)(mtod(n, caddr_t) + off);
7165 		sup->sadb_supported_len = PFKEY_UNIT64(alen);
7166 		sup->sadb_supported_exttype = SADB_EXT_SUPPORTED_AUTH;
7167 		off += PFKEY_ALIGN8(sizeof(*sup));
7168 
7169 		for (i = 1; i <= SADB_AALG_MAX; i++) {
7170 			const struct auth_hash *aalgo;
7171 			u_int16_t minkeysize, maxkeysize;
7172 
7173 			aalgo = auth_algorithm_lookup(i);
7174 			if (!aalgo)
7175 				continue;
7176 			alg = (struct sadb_alg *)(mtod(n, caddr_t) + off);
7177 			alg->sadb_alg_id = i;
7178 			alg->sadb_alg_ivlen = 0;
7179 			key_getsizes_ah(aalgo, i, &minkeysize, &maxkeysize);
7180 			alg->sadb_alg_minbits = _BITS(minkeysize);
7181 			alg->sadb_alg_maxbits = _BITS(maxkeysize);
7182 			off += PFKEY_ALIGN8(sizeof(*alg));
7183 		}
7184 	}
7185 
7186 	/* for encryption algorithm */
7187 	if (elen) {
7188 		sup = (struct sadb_supported *)(mtod(n, caddr_t) + off);
7189 		sup->sadb_supported_len = PFKEY_UNIT64(elen);
7190 		sup->sadb_supported_exttype = SADB_EXT_SUPPORTED_ENCRYPT;
7191 		off += PFKEY_ALIGN8(sizeof(*sup));
7192 
7193 		for (i = 1; i <= SADB_EALG_MAX; i++) {
7194 			const struct enc_xform *ealgo;
7195 
7196 			ealgo = enc_algorithm_lookup(i);
7197 			if (!ealgo)
7198 				continue;
7199 			alg = (struct sadb_alg *)(mtod(n, caddr_t) + off);
7200 			alg->sadb_alg_id = i;
7201 			alg->sadb_alg_ivlen = ealgo->ivsize;
7202 			alg->sadb_alg_minbits = _BITS(ealgo->minkey);
7203 			alg->sadb_alg_maxbits = _BITS(ealgo->maxkey);
7204 			off += PFKEY_ALIGN8(sizeof(struct sadb_alg));
7205 		}
7206 	}
7207 
7208 	IPSEC_ASSERT(off == len,
7209 		("length assumption failed (off %u len %u)", off, len));
7210 
7211 	m_freem(m);
7212 	return key_sendup_mbuf(so, n, KEY_SENDUP_REGISTERED);
7213     }
7214 }
7215 
7216 /*
7217  * free secreg entry registered.
7218  * XXX: I want to do free a socket marked done SADB_RESIGER to socket.
7219  */
7220 void
7221 key_freereg(struct socket *so)
7222 {
7223 	struct secreg *reg;
7224 	int i;
7225 
7226 	IPSEC_ASSERT(so != NULL, ("NULL so"));
7227 
7228 	/*
7229 	 * check whether existing or not.
7230 	 * check all type of SA, because there is a potential that
7231 	 * one socket is registered to multiple type of SA.
7232 	 */
7233 	REGTREE_LOCK();
7234 	for (i = 0; i <= SADB_SATYPE_MAX; i++) {
7235 		LIST_FOREACH(reg, &V_regtree[i], chain) {
7236 			if (reg->so == so && __LIST_CHAINED(reg)) {
7237 				LIST_REMOVE(reg, chain);
7238 				free(reg, M_IPSEC_SAR);
7239 				break;
7240 			}
7241 		}
7242 	}
7243 	REGTREE_UNLOCK();
7244 }
7245 
7246 /*
7247  * SADB_EXPIRE processing
7248  * send
7249  *   <base, SA, SA2, lifetime(C and one of HS), address(SD)>
7250  * to KMD by PF_KEY.
7251  * NOTE: We send only soft lifetime extension.
7252  *
7253  * OUT:	0	: succeed
7254  *	others	: error number
7255  */
7256 static int
7257 key_expire(struct secasvar *sav, int hard)
7258 {
7259 	struct mbuf *result = NULL, *m;
7260 	struct sadb_lifetime *lt;
7261 	uint32_t replay_count;
7262 	int error, len;
7263 	uint8_t satype;
7264 
7265 	IPSEC_ASSERT (sav != NULL, ("null sav"));
7266 	IPSEC_ASSERT (sav->sah != NULL, ("null sa header"));
7267 
7268 	KEYDBG(KEY_STAMP,
7269 	    printf("%s: SA(%p) expired %s lifetime\n", __func__,
7270 		sav, hard ? "hard": "soft"));
7271 	KEYDBG(KEY_DATA, kdebug_secasv(sav));
7272 	/* set msg header */
7273 	satype = key_proto2satype(sav->sah->saidx.proto);
7274 	IPSEC_ASSERT(satype != 0, ("invalid proto, satype %u", satype));
7275 	m = key_setsadbmsg(SADB_EXPIRE, 0, satype, sav->seq, 0, sav->refcnt);
7276 	if (!m) {
7277 		error = ENOBUFS;
7278 		goto fail;
7279 	}
7280 	result = m;
7281 
7282 	/* create SA extension */
7283 	m = key_setsadbsa(sav);
7284 	if (!m) {
7285 		error = ENOBUFS;
7286 		goto fail;
7287 	}
7288 	m_cat(result, m);
7289 
7290 	/* create SA extension */
7291 	SECASVAR_LOCK(sav);
7292 	replay_count = sav->replay ? sav->replay->count : 0;
7293 	SECASVAR_UNLOCK(sav);
7294 
7295 	m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
7296 			sav->sah->saidx.reqid);
7297 	if (!m) {
7298 		error = ENOBUFS;
7299 		goto fail;
7300 	}
7301 	m_cat(result, m);
7302 
7303 	if (sav->replay && sav->replay->wsize > UINT8_MAX) {
7304 		m = key_setsadbxsareplay(sav->replay->wsize);
7305 		if (!m) {
7306 			error = ENOBUFS;
7307 			goto fail;
7308 		}
7309 		m_cat(result, m);
7310 	}
7311 
7312 	/* create lifetime extension (current and soft) */
7313 	len = PFKEY_ALIGN8(sizeof(*lt)) * 2;
7314 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
7315 	if (m == NULL) {
7316 		error = ENOBUFS;
7317 		goto fail;
7318 	}
7319 	m_align(m, len);
7320 	m->m_len = len;
7321 	bzero(mtod(m, caddr_t), len);
7322 	lt = mtod(m, struct sadb_lifetime *);
7323 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
7324 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
7325 	lt->sadb_lifetime_allocations =
7326 	    (uint32_t)counter_u64_fetch(sav->lft_c_allocations);
7327 	lt->sadb_lifetime_bytes =
7328 	    counter_u64_fetch(sav->lft_c_bytes);
7329 	lt->sadb_lifetime_addtime = sav->created;
7330 	lt->sadb_lifetime_usetime = sav->firstused;
7331 	lt = (struct sadb_lifetime *)(mtod(m, caddr_t) + len / 2);
7332 	lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
7333 	if (hard) {
7334 		lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
7335 		lt->sadb_lifetime_allocations = sav->lft_h->allocations;
7336 		lt->sadb_lifetime_bytes = sav->lft_h->bytes;
7337 		lt->sadb_lifetime_addtime = sav->lft_h->addtime;
7338 		lt->sadb_lifetime_usetime = sav->lft_h->usetime;
7339 	} else {
7340 		lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT;
7341 		lt->sadb_lifetime_allocations = sav->lft_s->allocations;
7342 		lt->sadb_lifetime_bytes = sav->lft_s->bytes;
7343 		lt->sadb_lifetime_addtime = sav->lft_s->addtime;
7344 		lt->sadb_lifetime_usetime = sav->lft_s->usetime;
7345 	}
7346 	m_cat(result, m);
7347 
7348 	/* set sadb_address for source */
7349 	m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
7350 	    &sav->sah->saidx.src.sa,
7351 	    FULLMASK, IPSEC_ULPROTO_ANY);
7352 	if (!m) {
7353 		error = ENOBUFS;
7354 		goto fail;
7355 	}
7356 	m_cat(result, m);
7357 
7358 	/* set sadb_address for destination */
7359 	m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
7360 	    &sav->sah->saidx.dst.sa,
7361 	    FULLMASK, IPSEC_ULPROTO_ANY);
7362 	if (!m) {
7363 		error = ENOBUFS;
7364 		goto fail;
7365 	}
7366 	m_cat(result, m);
7367 
7368 	/*
7369 	 * XXX-BZ Handle NAT-T extensions here.
7370 	 * XXXAE: it doesn't seem quite useful. IKEs should not depend on
7371 	 * this information, we report only significant SA fields.
7372 	 */
7373 
7374 	if ((result->m_flags & M_PKTHDR) == 0) {
7375 		error = EINVAL;
7376 		goto fail;
7377 	}
7378 
7379 	if (result->m_len < sizeof(struct sadb_msg)) {
7380 		result = m_pullup(result, sizeof(struct sadb_msg));
7381 		if (result == NULL) {
7382 			error = ENOBUFS;
7383 			goto fail;
7384 		}
7385 	}
7386 
7387 	result->m_pkthdr.len = 0;
7388 	for (m = result; m; m = m->m_next)
7389 		result->m_pkthdr.len += m->m_len;
7390 
7391 	mtod(result, struct sadb_msg *)->sadb_msg_len =
7392 	    PFKEY_UNIT64(result->m_pkthdr.len);
7393 
7394 	return key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED);
7395 
7396  fail:
7397 	if (result)
7398 		m_freem(result);
7399 	return error;
7400 }
7401 
7402 static void
7403 key_freesah_flushed(struct secashead_queue *flushq)
7404 {
7405 	struct secashead *sah, *nextsah;
7406 	struct secasvar *sav, *nextsav;
7407 
7408 	sah = TAILQ_FIRST(flushq);
7409 	while (sah != NULL) {
7410 		sav = TAILQ_FIRST(&sah->savtree_larval);
7411 		while (sav != NULL) {
7412 			nextsav = TAILQ_NEXT(sav, chain);
7413 			TAILQ_REMOVE(&sah->savtree_larval, sav, chain);
7414 			key_freesav(&sav); /* release last reference */
7415 			key_freesah(&sah); /* release reference from SAV */
7416 			sav = nextsav;
7417 		}
7418 		sav = TAILQ_FIRST(&sah->savtree_alive);
7419 		while (sav != NULL) {
7420 			nextsav = TAILQ_NEXT(sav, chain);
7421 			TAILQ_REMOVE(&sah->savtree_alive, sav, chain);
7422 			key_freesav(&sav); /* release last reference */
7423 			key_freesah(&sah); /* release reference from SAV */
7424 			sav = nextsav;
7425 		}
7426 		nextsah = TAILQ_NEXT(sah, chain);
7427 		key_freesah(&sah);	/* release last reference */
7428 		sah = nextsah;
7429 	}
7430 }
7431 
7432 /*
7433  * SADB_FLUSH processing
7434  * receive
7435  *   <base>
7436  * from the ikmpd, and free all entries in secastree.
7437  * and send,
7438  *   <base>
7439  * to the ikmpd.
7440  * NOTE: to do is only marking SADB_SASTATE_DEAD.
7441  *
7442  * m will always be freed.
7443  */
7444 static int
7445 key_flush(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7446 {
7447 	struct secashead_queue flushq;
7448 	struct sadb_msg *newmsg;
7449 	struct secashead *sah, *nextsah;
7450 	struct secasvar *sav;
7451 	uint8_t proto;
7452 	int i;
7453 
7454 	IPSEC_ASSERT(so != NULL, ("null socket"));
7455 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7456 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7457 
7458 	/* map satype to proto */
7459 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
7460 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
7461 			__func__));
7462 		return key_senderror(so, m, EINVAL);
7463 	}
7464 	KEYDBG(KEY_STAMP,
7465 	    printf("%s: proto %u\n", __func__, proto));
7466 
7467 	TAILQ_INIT(&flushq);
7468 	if (proto == IPSEC_PROTO_ANY) {
7469 		/* no SATYPE specified, i.e. flushing all SA. */
7470 		SAHTREE_WLOCK();
7471 		/* Move all SAHs into flushq */
7472 		TAILQ_CONCAT(&flushq, &V_sahtree, chain);
7473 		/* Flush all buckets in SPI hash */
7474 		for (i = 0; i < V_savhash_mask + 1; i++)
7475 			LIST_INIT(&V_savhashtbl[i]);
7476 		/* Flush all buckets in SAHADDRHASH */
7477 		for (i = 0; i < V_sahaddrhash_mask + 1; i++)
7478 			LIST_INIT(&V_sahaddrhashtbl[i]);
7479 		/* Mark all SAHs as unlinked */
7480 		TAILQ_FOREACH(sah, &flushq, chain) {
7481 			sah->state = SADB_SASTATE_DEAD;
7482 			/*
7483 			 * Callout handler makes its job using
7484 			 * RLOCK and drain queues. In case, when this
7485 			 * function will be called just before it
7486 			 * acquires WLOCK, we need to mark SAs as
7487 			 * unlinked to prevent second unlink.
7488 			 */
7489 			TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7490 				sav->state = SADB_SASTATE_DEAD;
7491 			}
7492 			TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7493 				sav->state = SADB_SASTATE_DEAD;
7494 			}
7495 		}
7496 		SAHTREE_WUNLOCK();
7497 	} else {
7498 		SAHTREE_WLOCK();
7499 		sah = TAILQ_FIRST(&V_sahtree);
7500 		while (sah != NULL) {
7501 			IPSEC_ASSERT(sah->state != SADB_SASTATE_DEAD,
7502 			    ("DEAD SAH %p in SADB_FLUSH", sah));
7503 			nextsah = TAILQ_NEXT(sah, chain);
7504 			if (sah->saidx.proto != proto) {
7505 				sah = nextsah;
7506 				continue;
7507 			}
7508 			sah->state = SADB_SASTATE_DEAD;
7509 			TAILQ_REMOVE(&V_sahtree, sah, chain);
7510 			LIST_REMOVE(sah, addrhash);
7511 			/* Unlink all SAs from SPI hash */
7512 			TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7513 				LIST_REMOVE(sav, spihash);
7514 				sav->state = SADB_SASTATE_DEAD;
7515 			}
7516 			TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7517 				LIST_REMOVE(sav, spihash);
7518 				sav->state = SADB_SASTATE_DEAD;
7519 			}
7520 			/* Add SAH into flushq */
7521 			TAILQ_INSERT_HEAD(&flushq, sah, chain);
7522 			sah = nextsah;
7523 		}
7524 		SAHTREE_WUNLOCK();
7525 	}
7526 
7527 	key_freesah_flushed(&flushq);
7528 	/* Free all queued SAs and SAHs */
7529 	if (m->m_len < sizeof(struct sadb_msg) ||
7530 	    sizeof(struct sadb_msg) > m->m_len + M_TRAILINGSPACE(m)) {
7531 		ipseclog((LOG_DEBUG, "%s: No more memory.\n", __func__));
7532 		return key_senderror(so, m, ENOBUFS);
7533 	}
7534 
7535 	if (m->m_next)
7536 		m_freem(m->m_next);
7537 	m->m_next = NULL;
7538 	m->m_pkthdr.len = m->m_len = sizeof(struct sadb_msg);
7539 	newmsg = mtod(m, struct sadb_msg *);
7540 	newmsg->sadb_msg_errno = 0;
7541 	newmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
7542 
7543 	return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
7544 }
7545 
7546 /*
7547  * SADB_DUMP processing
7548  * dump all entries including status of DEAD in SAD.
7549  * receive
7550  *   <base>
7551  * from the ikmpd, and dump all secasvar leaves
7552  * and send,
7553  *   <base> .....
7554  * to the ikmpd.
7555  *
7556  * m will always be freed.
7557  */
7558 static int
7559 key_dump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7560 {
7561 	SAHTREE_RLOCK_TRACKER;
7562 	struct secashead *sah;
7563 	struct secasvar *sav;
7564 	struct mbuf *n;
7565 	uint32_t cnt;
7566 	uint8_t proto, satype;
7567 
7568 	IPSEC_ASSERT(so != NULL, ("null socket"));
7569 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7570 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7571 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7572 
7573 	/* map satype to proto */
7574 	if ((proto = key_satype2proto(mhp->msg->sadb_msg_satype)) == 0) {
7575 		ipseclog((LOG_DEBUG, "%s: invalid satype is passed.\n",
7576 		    __func__));
7577 		return key_senderror(so, m, EINVAL);
7578 	}
7579 
7580 	/* count sav entries to be sent to the userland. */
7581 	cnt = 0;
7582 	SAHTREE_RLOCK();
7583 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
7584 		if (mhp->msg->sadb_msg_satype != SADB_SATYPE_UNSPEC &&
7585 		    proto != sah->saidx.proto)
7586 			continue;
7587 
7588 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain)
7589 			cnt++;
7590 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain)
7591 			cnt++;
7592 	}
7593 
7594 	if (cnt == 0) {
7595 		SAHTREE_RUNLOCK();
7596 		return key_senderror(so, m, ENOENT);
7597 	}
7598 
7599 	/* send this to the userland, one at a time. */
7600 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
7601 		if (mhp->msg->sadb_msg_satype != SADB_SATYPE_UNSPEC &&
7602 		    proto != sah->saidx.proto)
7603 			continue;
7604 
7605 		/* map proto to satype */
7606 		if ((satype = key_proto2satype(sah->saidx.proto)) == 0) {
7607 			SAHTREE_RUNLOCK();
7608 			ipseclog((LOG_DEBUG, "%s: there was invalid proto in "
7609 			    "SAD.\n", __func__));
7610 			return key_senderror(so, m, EINVAL);
7611 		}
7612 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7613 			n = key_setdumpsa(sav, SADB_DUMP, satype,
7614 			    --cnt, mhp->msg->sadb_msg_pid);
7615 			if (n == NULL) {
7616 				SAHTREE_RUNLOCK();
7617 				return key_senderror(so, m, ENOBUFS);
7618 			}
7619 			key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
7620 		}
7621 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7622 			n = key_setdumpsa(sav, SADB_DUMP, satype,
7623 			    --cnt, mhp->msg->sadb_msg_pid);
7624 			if (n == NULL) {
7625 				SAHTREE_RUNLOCK();
7626 				return key_senderror(so, m, ENOBUFS);
7627 			}
7628 			key_sendup_mbuf(so, n, KEY_SENDUP_ONE);
7629 		}
7630 	}
7631 	SAHTREE_RUNLOCK();
7632 	m_freem(m);
7633 	return (0);
7634 }
7635 /*
7636  * SADB_X_PROMISC processing
7637  *
7638  * m will always be freed.
7639  */
7640 static int
7641 key_promisc(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
7642 {
7643 	int olen;
7644 
7645 	IPSEC_ASSERT(so != NULL, ("null socket"));
7646 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7647 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
7648 	IPSEC_ASSERT(mhp->msg != NULL, ("null msg"));
7649 
7650 	olen = PFKEY_UNUNIT64(mhp->msg->sadb_msg_len);
7651 
7652 	if (olen < sizeof(struct sadb_msg)) {
7653 #if 1
7654 		return key_senderror(so, m, EINVAL);
7655 #else
7656 		m_freem(m);
7657 		return 0;
7658 #endif
7659 	} else if (olen == sizeof(struct sadb_msg)) {
7660 		/* enable/disable promisc mode */
7661 		struct keycb *kp;
7662 
7663 		if ((kp = (struct keycb *)sotorawcb(so)) == NULL)
7664 			return key_senderror(so, m, EINVAL);
7665 		mhp->msg->sadb_msg_errno = 0;
7666 		switch (mhp->msg->sadb_msg_satype) {
7667 		case 0:
7668 		case 1:
7669 			kp->kp_promisc = mhp->msg->sadb_msg_satype;
7670 			break;
7671 		default:
7672 			return key_senderror(so, m, EINVAL);
7673 		}
7674 
7675 		/* send the original message back to everyone */
7676 		mhp->msg->sadb_msg_errno = 0;
7677 		return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
7678 	} else {
7679 		/* send packet as is */
7680 
7681 		m_adj(m, PFKEY_ALIGN8(sizeof(struct sadb_msg)));
7682 
7683 		/* TODO: if sadb_msg_seq is specified, send to specific pid */
7684 		return key_sendup_mbuf(so, m, KEY_SENDUP_ALL);
7685 	}
7686 }
7687 
7688 static int (*key_typesw[])(struct socket *, struct mbuf *,
7689 		const struct sadb_msghdr *) = {
7690 	NULL,		/* SADB_RESERVED */
7691 	key_getspi,	/* SADB_GETSPI */
7692 	key_update,	/* SADB_UPDATE */
7693 	key_add,	/* SADB_ADD */
7694 	key_delete,	/* SADB_DELETE */
7695 	key_get,	/* SADB_GET */
7696 	key_acquire2,	/* SADB_ACQUIRE */
7697 	key_register,	/* SADB_REGISTER */
7698 	NULL,		/* SADB_EXPIRE */
7699 	key_flush,	/* SADB_FLUSH */
7700 	key_dump,	/* SADB_DUMP */
7701 	key_promisc,	/* SADB_X_PROMISC */
7702 	NULL,		/* SADB_X_PCHANGE */
7703 	key_spdadd,	/* SADB_X_SPDUPDATE */
7704 	key_spdadd,	/* SADB_X_SPDADD */
7705 	key_spddelete,	/* SADB_X_SPDDELETE */
7706 	key_spdget,	/* SADB_X_SPDGET */
7707 	NULL,		/* SADB_X_SPDACQUIRE */
7708 	key_spddump,	/* SADB_X_SPDDUMP */
7709 	key_spdflush,	/* SADB_X_SPDFLUSH */
7710 	key_spdadd,	/* SADB_X_SPDSETIDX */
7711 	NULL,		/* SADB_X_SPDEXPIRE */
7712 	key_spddelete2,	/* SADB_X_SPDDELETE2 */
7713 };
7714 
7715 /*
7716  * parse sadb_msg buffer to process PFKEYv2,
7717  * and create a data to response if needed.
7718  * I think to be dealed with mbuf directly.
7719  * IN:
7720  *     msgp  : pointer to pointer to a received buffer pulluped.
7721  *             This is rewrited to response.
7722  *     so    : pointer to socket.
7723  * OUT:
7724  *    length for buffer to send to user process.
7725  */
7726 int
7727 key_parse(struct mbuf *m, struct socket *so)
7728 {
7729 	struct sadb_msg *msg;
7730 	struct sadb_msghdr mh;
7731 	u_int orglen;
7732 	int error;
7733 	int target;
7734 
7735 	IPSEC_ASSERT(so != NULL, ("null socket"));
7736 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
7737 
7738 	if (m->m_len < sizeof(struct sadb_msg)) {
7739 		m = m_pullup(m, sizeof(struct sadb_msg));
7740 		if (!m)
7741 			return ENOBUFS;
7742 	}
7743 	msg = mtod(m, struct sadb_msg *);
7744 	orglen = PFKEY_UNUNIT64(msg->sadb_msg_len);
7745 	target = KEY_SENDUP_ONE;
7746 
7747 	if ((m->m_flags & M_PKTHDR) == 0 || m->m_pkthdr.len != orglen) {
7748 		ipseclog((LOG_DEBUG, "%s: invalid message length.\n",__func__));
7749 		PFKEYSTAT_INC(out_invlen);
7750 		error = EINVAL;
7751 		goto senderror;
7752 	}
7753 
7754 	if (msg->sadb_msg_version != PF_KEY_V2) {
7755 		ipseclog((LOG_DEBUG, "%s: PF_KEY version %u is mismatched.\n",
7756 		    __func__, msg->sadb_msg_version));
7757 		PFKEYSTAT_INC(out_invver);
7758 		error = EINVAL;
7759 		goto senderror;
7760 	}
7761 
7762 	if (msg->sadb_msg_type > SADB_MAX) {
7763 		ipseclog((LOG_DEBUG, "%s: invalid type %u is passed.\n",
7764 		    __func__, msg->sadb_msg_type));
7765 		PFKEYSTAT_INC(out_invmsgtype);
7766 		error = EINVAL;
7767 		goto senderror;
7768 	}
7769 
7770 	/* for old-fashioned code - should be nuked */
7771 	if (m->m_pkthdr.len > MCLBYTES) {
7772 		m_freem(m);
7773 		return ENOBUFS;
7774 	}
7775 	if (m->m_next) {
7776 		struct mbuf *n;
7777 
7778 		MGETHDR(n, M_NOWAIT, MT_DATA);
7779 		if (n && m->m_pkthdr.len > MHLEN) {
7780 			if (!(MCLGET(n, M_NOWAIT))) {
7781 				m_free(n);
7782 				n = NULL;
7783 			}
7784 		}
7785 		if (!n) {
7786 			m_freem(m);
7787 			return ENOBUFS;
7788 		}
7789 		m_copydata(m, 0, m->m_pkthdr.len, mtod(n, caddr_t));
7790 		n->m_pkthdr.len = n->m_len = m->m_pkthdr.len;
7791 		n->m_next = NULL;
7792 		m_freem(m);
7793 		m = n;
7794 	}
7795 
7796 	/* align the mbuf chain so that extensions are in contiguous region. */
7797 	error = key_align(m, &mh);
7798 	if (error)
7799 		return error;
7800 
7801 	msg = mh.msg;
7802 
7803 	/* We use satype as scope mask for spddump */
7804 	if (msg->sadb_msg_type == SADB_X_SPDDUMP) {
7805 		switch (msg->sadb_msg_satype) {
7806 		case IPSEC_POLICYSCOPE_ANY:
7807 		case IPSEC_POLICYSCOPE_GLOBAL:
7808 		case IPSEC_POLICYSCOPE_IFNET:
7809 		case IPSEC_POLICYSCOPE_PCB:
7810 			break;
7811 		default:
7812 			ipseclog((LOG_DEBUG, "%s: illegal satype=%u\n",
7813 			    __func__, msg->sadb_msg_type));
7814 			PFKEYSTAT_INC(out_invsatype);
7815 			error = EINVAL;
7816 			goto senderror;
7817 		}
7818 	} else {
7819 		switch (msg->sadb_msg_satype) { /* check SA type */
7820 		case SADB_SATYPE_UNSPEC:
7821 			switch (msg->sadb_msg_type) {
7822 			case SADB_GETSPI:
7823 			case SADB_UPDATE:
7824 			case SADB_ADD:
7825 			case SADB_DELETE:
7826 			case SADB_GET:
7827 			case SADB_ACQUIRE:
7828 			case SADB_EXPIRE:
7829 				ipseclog((LOG_DEBUG, "%s: must specify satype "
7830 				    "when msg type=%u.\n", __func__,
7831 				    msg->sadb_msg_type));
7832 				PFKEYSTAT_INC(out_invsatype);
7833 				error = EINVAL;
7834 				goto senderror;
7835 			}
7836 			break;
7837 		case SADB_SATYPE_AH:
7838 		case SADB_SATYPE_ESP:
7839 		case SADB_X_SATYPE_IPCOMP:
7840 		case SADB_X_SATYPE_TCPSIGNATURE:
7841 			switch (msg->sadb_msg_type) {
7842 			case SADB_X_SPDADD:
7843 			case SADB_X_SPDDELETE:
7844 			case SADB_X_SPDGET:
7845 			case SADB_X_SPDFLUSH:
7846 			case SADB_X_SPDSETIDX:
7847 			case SADB_X_SPDUPDATE:
7848 			case SADB_X_SPDDELETE2:
7849 				ipseclog((LOG_DEBUG, "%s: illegal satype=%u\n",
7850 				    __func__, msg->sadb_msg_type));
7851 				PFKEYSTAT_INC(out_invsatype);
7852 				error = EINVAL;
7853 				goto senderror;
7854 			}
7855 			break;
7856 		case SADB_SATYPE_RSVP:
7857 		case SADB_SATYPE_OSPFV2:
7858 		case SADB_SATYPE_RIPV2:
7859 		case SADB_SATYPE_MIP:
7860 			ipseclog((LOG_DEBUG, "%s: type %u isn't supported.\n",
7861 			    __func__, msg->sadb_msg_satype));
7862 			PFKEYSTAT_INC(out_invsatype);
7863 			error = EOPNOTSUPP;
7864 			goto senderror;
7865 		case 1:	/* XXX: What does it do? */
7866 			if (msg->sadb_msg_type == SADB_X_PROMISC)
7867 				break;
7868 			/*FALLTHROUGH*/
7869 		default:
7870 			ipseclog((LOG_DEBUG, "%s: invalid type %u is passed.\n",
7871 			    __func__, msg->sadb_msg_satype));
7872 			PFKEYSTAT_INC(out_invsatype);
7873 			error = EINVAL;
7874 			goto senderror;
7875 		}
7876 	}
7877 
7878 	/* check field of upper layer protocol and address family */
7879 	if (mh.ext[SADB_EXT_ADDRESS_SRC] != NULL
7880 	 && mh.ext[SADB_EXT_ADDRESS_DST] != NULL) {
7881 		struct sadb_address *src0, *dst0;
7882 		u_int plen;
7883 
7884 		src0 = (struct sadb_address *)(mh.ext[SADB_EXT_ADDRESS_SRC]);
7885 		dst0 = (struct sadb_address *)(mh.ext[SADB_EXT_ADDRESS_DST]);
7886 
7887 		/* check upper layer protocol */
7888 		if (src0->sadb_address_proto != dst0->sadb_address_proto) {
7889 			ipseclog((LOG_DEBUG, "%s: upper layer protocol "
7890 				"mismatched.\n", __func__));
7891 			PFKEYSTAT_INC(out_invaddr);
7892 			error = EINVAL;
7893 			goto senderror;
7894 		}
7895 
7896 		/* check family */
7897 		if (PFKEY_ADDR_SADDR(src0)->sa_family !=
7898 		    PFKEY_ADDR_SADDR(dst0)->sa_family) {
7899 			ipseclog((LOG_DEBUG, "%s: address family mismatched.\n",
7900 				__func__));
7901 			PFKEYSTAT_INC(out_invaddr);
7902 			error = EINVAL;
7903 			goto senderror;
7904 		}
7905 		if (PFKEY_ADDR_SADDR(src0)->sa_len !=
7906 		    PFKEY_ADDR_SADDR(dst0)->sa_len) {
7907 			ipseclog((LOG_DEBUG, "%s: address struct size "
7908 				"mismatched.\n", __func__));
7909 			PFKEYSTAT_INC(out_invaddr);
7910 			error = EINVAL;
7911 			goto senderror;
7912 		}
7913 
7914 		switch (PFKEY_ADDR_SADDR(src0)->sa_family) {
7915 		case AF_INET:
7916 			if (PFKEY_ADDR_SADDR(src0)->sa_len !=
7917 			    sizeof(struct sockaddr_in)) {
7918 				PFKEYSTAT_INC(out_invaddr);
7919 				error = EINVAL;
7920 				goto senderror;
7921 			}
7922 			break;
7923 		case AF_INET6:
7924 			if (PFKEY_ADDR_SADDR(src0)->sa_len !=
7925 			    sizeof(struct sockaddr_in6)) {
7926 				PFKEYSTAT_INC(out_invaddr);
7927 				error = EINVAL;
7928 				goto senderror;
7929 			}
7930 			break;
7931 		default:
7932 			ipseclog((LOG_DEBUG, "%s: unsupported address family\n",
7933 				__func__));
7934 			PFKEYSTAT_INC(out_invaddr);
7935 			error = EAFNOSUPPORT;
7936 			goto senderror;
7937 		}
7938 
7939 		switch (PFKEY_ADDR_SADDR(src0)->sa_family) {
7940 		case AF_INET:
7941 			plen = sizeof(struct in_addr) << 3;
7942 			break;
7943 		case AF_INET6:
7944 			plen = sizeof(struct in6_addr) << 3;
7945 			break;
7946 		default:
7947 			plen = 0;	/*fool gcc*/
7948 			break;
7949 		}
7950 
7951 		/* check max prefix length */
7952 		if (src0->sadb_address_prefixlen > plen ||
7953 		    dst0->sadb_address_prefixlen > plen) {
7954 			ipseclog((LOG_DEBUG, "%s: illegal prefixlen.\n",
7955 				__func__));
7956 			PFKEYSTAT_INC(out_invaddr);
7957 			error = EINVAL;
7958 			goto senderror;
7959 		}
7960 
7961 		/*
7962 		 * prefixlen == 0 is valid because there can be a case when
7963 		 * all addresses are matched.
7964 		 */
7965 	}
7966 
7967 	if (msg->sadb_msg_type >= nitems(key_typesw) ||
7968 	    key_typesw[msg->sadb_msg_type] == NULL) {
7969 		PFKEYSTAT_INC(out_invmsgtype);
7970 		error = EINVAL;
7971 		goto senderror;
7972 	}
7973 
7974 	return (*key_typesw[msg->sadb_msg_type])(so, m, &mh);
7975 
7976 senderror:
7977 	msg->sadb_msg_errno = error;
7978 	return key_sendup_mbuf(so, m, target);
7979 }
7980 
7981 static int
7982 key_senderror(struct socket *so, struct mbuf *m, int code)
7983 {
7984 	struct sadb_msg *msg;
7985 
7986 	IPSEC_ASSERT(m->m_len >= sizeof(struct sadb_msg),
7987 		("mbuf too small, len %u", m->m_len));
7988 
7989 	msg = mtod(m, struct sadb_msg *);
7990 	msg->sadb_msg_errno = code;
7991 	return key_sendup_mbuf(so, m, KEY_SENDUP_ONE);
7992 }
7993 
7994 /*
7995  * set the pointer to each header into message buffer.
7996  * m will be freed on error.
7997  * XXX larger-than-MCLBYTES extension?
7998  */
7999 static int
8000 key_align(struct mbuf *m, struct sadb_msghdr *mhp)
8001 {
8002 	struct mbuf *n;
8003 	struct sadb_ext *ext;
8004 	size_t off, end;
8005 	int extlen;
8006 	int toff;
8007 
8008 	IPSEC_ASSERT(m != NULL, ("null mbuf"));
8009 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
8010 	IPSEC_ASSERT(m->m_len >= sizeof(struct sadb_msg),
8011 		("mbuf too small, len %u", m->m_len));
8012 
8013 	/* initialize */
8014 	bzero(mhp, sizeof(*mhp));
8015 
8016 	mhp->msg = mtod(m, struct sadb_msg *);
8017 	mhp->ext[0] = (struct sadb_ext *)mhp->msg;	/*XXX backward compat */
8018 
8019 	end = PFKEY_UNUNIT64(mhp->msg->sadb_msg_len);
8020 	extlen = end;	/*just in case extlen is not updated*/
8021 	for (off = sizeof(struct sadb_msg); off < end; off += extlen) {
8022 		n = m_pulldown(m, off, sizeof(struct sadb_ext), &toff);
8023 		if (!n) {
8024 			/* m is already freed */
8025 			return ENOBUFS;
8026 		}
8027 		ext = (struct sadb_ext *)(mtod(n, caddr_t) + toff);
8028 
8029 		/* set pointer */
8030 		switch (ext->sadb_ext_type) {
8031 		case SADB_EXT_SA:
8032 		case SADB_EXT_ADDRESS_SRC:
8033 		case SADB_EXT_ADDRESS_DST:
8034 		case SADB_EXT_ADDRESS_PROXY:
8035 		case SADB_EXT_LIFETIME_CURRENT:
8036 		case SADB_EXT_LIFETIME_HARD:
8037 		case SADB_EXT_LIFETIME_SOFT:
8038 		case SADB_EXT_KEY_AUTH:
8039 		case SADB_EXT_KEY_ENCRYPT:
8040 		case SADB_EXT_IDENTITY_SRC:
8041 		case SADB_EXT_IDENTITY_DST:
8042 		case SADB_EXT_SENSITIVITY:
8043 		case SADB_EXT_PROPOSAL:
8044 		case SADB_EXT_SUPPORTED_AUTH:
8045 		case SADB_EXT_SUPPORTED_ENCRYPT:
8046 		case SADB_EXT_SPIRANGE:
8047 		case SADB_X_EXT_POLICY:
8048 		case SADB_X_EXT_SA2:
8049 		case SADB_X_EXT_NAT_T_TYPE:
8050 		case SADB_X_EXT_NAT_T_SPORT:
8051 		case SADB_X_EXT_NAT_T_DPORT:
8052 		case SADB_X_EXT_NAT_T_OAI:
8053 		case SADB_X_EXT_NAT_T_OAR:
8054 		case SADB_X_EXT_NAT_T_FRAG:
8055 		case SADB_X_EXT_SA_REPLAY:
8056 		case SADB_X_EXT_NEW_ADDRESS_SRC:
8057 		case SADB_X_EXT_NEW_ADDRESS_DST:
8058 			/* duplicate check */
8059 			/*
8060 			 * XXX Are there duplication payloads of either
8061 			 * KEY_AUTH or KEY_ENCRYPT ?
8062 			 */
8063 			if (mhp->ext[ext->sadb_ext_type] != NULL) {
8064 				ipseclog((LOG_DEBUG, "%s: duplicate ext_type "
8065 					"%u\n", __func__, ext->sadb_ext_type));
8066 				m_freem(m);
8067 				PFKEYSTAT_INC(out_dupext);
8068 				return EINVAL;
8069 			}
8070 			break;
8071 		default:
8072 			ipseclog((LOG_DEBUG, "%s: invalid ext_type %u\n",
8073 				__func__, ext->sadb_ext_type));
8074 			m_freem(m);
8075 			PFKEYSTAT_INC(out_invexttype);
8076 			return EINVAL;
8077 		}
8078 
8079 		extlen = PFKEY_UNUNIT64(ext->sadb_ext_len);
8080 
8081 		if (key_validate_ext(ext, extlen)) {
8082 			m_freem(m);
8083 			PFKEYSTAT_INC(out_invlen);
8084 			return EINVAL;
8085 		}
8086 
8087 		n = m_pulldown(m, off, extlen, &toff);
8088 		if (!n) {
8089 			/* m is already freed */
8090 			return ENOBUFS;
8091 		}
8092 		ext = (struct sadb_ext *)(mtod(n, caddr_t) + toff);
8093 
8094 		mhp->ext[ext->sadb_ext_type] = ext;
8095 		mhp->extoff[ext->sadb_ext_type] = off;
8096 		mhp->extlen[ext->sadb_ext_type] = extlen;
8097 	}
8098 
8099 	if (off != end) {
8100 		m_freem(m);
8101 		PFKEYSTAT_INC(out_invlen);
8102 		return EINVAL;
8103 	}
8104 
8105 	return 0;
8106 }
8107 
8108 static int
8109 key_validate_ext(const struct sadb_ext *ext, int len)
8110 {
8111 	const struct sockaddr *sa;
8112 	enum { NONE, ADDR } checktype = NONE;
8113 	int baselen = 0;
8114 	const int sal = offsetof(struct sockaddr, sa_len) + sizeof(sa->sa_len);
8115 
8116 	if (len != PFKEY_UNUNIT64(ext->sadb_ext_len))
8117 		return EINVAL;
8118 
8119 	/* if it does not match minimum/maximum length, bail */
8120 	if (ext->sadb_ext_type >= nitems(minsize) ||
8121 	    ext->sadb_ext_type >= nitems(maxsize))
8122 		return EINVAL;
8123 	if (!minsize[ext->sadb_ext_type] || len < minsize[ext->sadb_ext_type])
8124 		return EINVAL;
8125 	if (maxsize[ext->sadb_ext_type] && len > maxsize[ext->sadb_ext_type])
8126 		return EINVAL;
8127 
8128 	/* more checks based on sadb_ext_type XXX need more */
8129 	switch (ext->sadb_ext_type) {
8130 	case SADB_EXT_ADDRESS_SRC:
8131 	case SADB_EXT_ADDRESS_DST:
8132 	case SADB_EXT_ADDRESS_PROXY:
8133 	case SADB_X_EXT_NAT_T_OAI:
8134 	case SADB_X_EXT_NAT_T_OAR:
8135 	case SADB_X_EXT_NEW_ADDRESS_SRC:
8136 	case SADB_X_EXT_NEW_ADDRESS_DST:
8137 		baselen = PFKEY_ALIGN8(sizeof(struct sadb_address));
8138 		checktype = ADDR;
8139 		break;
8140 	case SADB_EXT_IDENTITY_SRC:
8141 	case SADB_EXT_IDENTITY_DST:
8142 		if (((const struct sadb_ident *)ext)->sadb_ident_type ==
8143 		    SADB_X_IDENTTYPE_ADDR) {
8144 			baselen = PFKEY_ALIGN8(sizeof(struct sadb_ident));
8145 			checktype = ADDR;
8146 		} else
8147 			checktype = NONE;
8148 		break;
8149 	default:
8150 		checktype = NONE;
8151 		break;
8152 	}
8153 
8154 	switch (checktype) {
8155 	case NONE:
8156 		break;
8157 	case ADDR:
8158 		sa = (const struct sockaddr *)(((const u_int8_t*)ext)+baselen);
8159 		if (len < baselen + sal)
8160 			return EINVAL;
8161 		if (baselen + PFKEY_ALIGN8(sa->sa_len) != len)
8162 			return EINVAL;
8163 		break;
8164 	}
8165 
8166 	return 0;
8167 }
8168 
8169 void
8170 spdcache_init(void)
8171 {
8172 	int i;
8173 
8174 	TUNABLE_INT_FETCH("net.key.spdcache.maxentries",
8175 	    &V_key_spdcache_maxentries);
8176 	TUNABLE_INT_FETCH("net.key.spdcache.threshold",
8177 	    &V_key_spdcache_threshold);
8178 
8179 	if (V_key_spdcache_maxentries) {
8180 		V_key_spdcache_maxentries = MAX(V_key_spdcache_maxentries,
8181 		    SPDCACHE_MAX_ENTRIES_PER_HASH);
8182 		V_spdcachehashtbl = hashinit(V_key_spdcache_maxentries /
8183 		    SPDCACHE_MAX_ENTRIES_PER_HASH,
8184 		    M_IPSEC_SPDCACHE, &V_spdcachehash_mask);
8185 		V_key_spdcache_maxentries = (V_spdcachehash_mask + 1)
8186 		    * SPDCACHE_MAX_ENTRIES_PER_HASH;
8187 
8188 		V_spdcache_lock = malloc(sizeof(struct mtx) *
8189 		    (V_spdcachehash_mask + 1),
8190 		    M_IPSEC_SPDCACHE, M_WAITOK|M_ZERO);
8191 
8192 		for (i = 0; i < V_spdcachehash_mask + 1; ++i)
8193 			SPDCACHE_LOCK_INIT(i);
8194 	}
8195 }
8196 
8197 struct spdcache_entry *
8198 spdcache_entry_alloc(const struct secpolicyindex *spidx, struct secpolicy *sp)
8199 {
8200 	struct spdcache_entry *entry;
8201 
8202 	entry = malloc(sizeof(struct spdcache_entry),
8203 		    M_IPSEC_SPDCACHE, M_NOWAIT|M_ZERO);
8204 	if (entry == NULL)
8205 		return NULL;
8206 
8207 	if (sp != NULL)
8208 		SP_ADDREF(sp);
8209 
8210 	entry->spidx = *spidx;
8211 	entry->sp = sp;
8212 
8213 	return (entry);
8214 }
8215 
8216 void
8217 spdcache_entry_free(struct spdcache_entry *entry)
8218 {
8219 
8220 	if (entry->sp != NULL)
8221 		key_freesp(&entry->sp);
8222 	free(entry, M_IPSEC_SPDCACHE);
8223 }
8224 
8225 void
8226 spdcache_clear(void)
8227 {
8228 	struct spdcache_entry *entry;
8229 	int i;
8230 
8231 	for (i = 0; i < V_spdcachehash_mask + 1; ++i) {
8232 		SPDCACHE_LOCK(i);
8233 		while (!LIST_EMPTY(&V_spdcachehashtbl[i])) {
8234 			entry = LIST_FIRST(&V_spdcachehashtbl[i]);
8235 			LIST_REMOVE(entry, chain);
8236 			spdcache_entry_free(entry);
8237 		}
8238 		SPDCACHE_UNLOCK(i);
8239 	}
8240 }
8241 
8242 #ifdef VIMAGE
8243 void
8244 spdcache_destroy(void)
8245 {
8246 	int i;
8247 
8248 	if (SPDCACHE_ENABLED()) {
8249 		spdcache_clear();
8250 		hashdestroy(V_spdcachehashtbl, M_IPSEC_SPDCACHE, V_spdcachehash_mask);
8251 
8252 		for (i = 0; i < V_spdcachehash_mask + 1; ++i)
8253 			SPDCACHE_LOCK_DESTROY(i);
8254 
8255 		free(V_spdcache_lock, M_IPSEC_SPDCACHE);
8256 	}
8257 }
8258 #endif
8259 void
8260 key_init(void)
8261 {
8262 	int i;
8263 
8264 	for (i = 0; i < IPSEC_DIR_MAX; i++) {
8265 		TAILQ_INIT(&V_sptree[i]);
8266 		TAILQ_INIT(&V_sptree_ifnet[i]);
8267 	}
8268 
8269 	TAILQ_INIT(&V_sahtree);
8270 	V_sphashtbl = hashinit(SPHASH_NHASH, M_IPSEC_SP, &V_sphash_mask);
8271 	V_savhashtbl = hashinit(SAVHASH_NHASH, M_IPSEC_SA, &V_savhash_mask);
8272 	V_sahaddrhashtbl = hashinit(SAHHASH_NHASH, M_IPSEC_SAH,
8273 	    &V_sahaddrhash_mask);
8274 	V_acqaddrhashtbl = hashinit(ACQHASH_NHASH, M_IPSEC_SAQ,
8275 	    &V_acqaddrhash_mask);
8276 	V_acqseqhashtbl = hashinit(ACQHASH_NHASH, M_IPSEC_SAQ,
8277 	    &V_acqseqhash_mask);
8278 
8279 	spdcache_init();
8280 
8281 	for (i = 0; i <= SADB_SATYPE_MAX; i++)
8282 		LIST_INIT(&V_regtree[i]);
8283 
8284 	LIST_INIT(&V_acqtree);
8285 	LIST_INIT(&V_spacqtree);
8286 
8287 	if (!IS_DEFAULT_VNET(curvnet))
8288 		return;
8289 
8290 	ipsec_key_lft_zone = uma_zcreate("IPsec SA lft_c",
8291 	    sizeof(uint64_t) * 2, NULL, NULL, NULL, NULL,
8292 	    UMA_ALIGN_PTR, UMA_ZONE_PCPU);
8293 
8294 	SPTREE_LOCK_INIT();
8295 	REGTREE_LOCK_INIT();
8296 	SAHTREE_LOCK_INIT();
8297 	ACQ_LOCK_INIT();
8298 	SPACQ_LOCK_INIT();
8299 
8300 #ifndef IPSEC_DEBUG2
8301 	callout_init(&key_timer, 1);
8302 	callout_reset(&key_timer, hz, key_timehandler, NULL);
8303 #endif /*IPSEC_DEBUG2*/
8304 
8305 	/* initialize key statistics */
8306 	keystat.getspi_count = 1;
8307 
8308 	if (bootverbose)
8309 		printf("IPsec: Initialized Security Association Processing.\n");
8310 }
8311 
8312 #ifdef VIMAGE
8313 void
8314 key_destroy(void)
8315 {
8316 	struct secashead_queue sahdrainq;
8317 	struct secpolicy_queue drainq;
8318 	struct secpolicy *sp, *nextsp;
8319 	struct secacq *acq, *nextacq;
8320 	struct secspacq *spacq, *nextspacq;
8321 	struct secashead *sah;
8322 	struct secasvar *sav;
8323 	struct secreg *reg;
8324 	int i;
8325 
8326 	/*
8327 	 * XXX: can we just call free() for each object without
8328 	 * walking through safe way with releasing references?
8329 	 */
8330 	TAILQ_INIT(&drainq);
8331 	SPTREE_WLOCK();
8332 	for (i = 0; i < IPSEC_DIR_MAX; i++) {
8333 		TAILQ_CONCAT(&drainq, &V_sptree[i], chain);
8334 		TAILQ_CONCAT(&drainq, &V_sptree_ifnet[i], chain);
8335 	}
8336 	for (i = 0; i < V_sphash_mask + 1; i++)
8337 		LIST_INIT(&V_sphashtbl[i]);
8338 	SPTREE_WUNLOCK();
8339 	spdcache_destroy();
8340 
8341 	sp = TAILQ_FIRST(&drainq);
8342 	while (sp != NULL) {
8343 		nextsp = TAILQ_NEXT(sp, chain);
8344 		key_freesp(&sp);
8345 		sp = nextsp;
8346 	}
8347 
8348 	TAILQ_INIT(&sahdrainq);
8349 	SAHTREE_WLOCK();
8350 	TAILQ_CONCAT(&sahdrainq, &V_sahtree, chain);
8351 	for (i = 0; i < V_savhash_mask + 1; i++)
8352 		LIST_INIT(&V_savhashtbl[i]);
8353 	for (i = 0; i < V_sahaddrhash_mask + 1; i++)
8354 		LIST_INIT(&V_sahaddrhashtbl[i]);
8355 	TAILQ_FOREACH(sah, &sahdrainq, chain) {
8356 		sah->state = SADB_SASTATE_DEAD;
8357 		TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
8358 			sav->state = SADB_SASTATE_DEAD;
8359 		}
8360 		TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
8361 			sav->state = SADB_SASTATE_DEAD;
8362 		}
8363 	}
8364 	SAHTREE_WUNLOCK();
8365 
8366 	key_freesah_flushed(&sahdrainq);
8367 	hashdestroy(V_sphashtbl, M_IPSEC_SP, V_sphash_mask);
8368 	hashdestroy(V_savhashtbl, M_IPSEC_SA, V_savhash_mask);
8369 	hashdestroy(V_sahaddrhashtbl, M_IPSEC_SAH, V_sahaddrhash_mask);
8370 
8371 	REGTREE_LOCK();
8372 	for (i = 0; i <= SADB_SATYPE_MAX; i++) {
8373 		LIST_FOREACH(reg, &V_regtree[i], chain) {
8374 			if (__LIST_CHAINED(reg)) {
8375 				LIST_REMOVE(reg, chain);
8376 				free(reg, M_IPSEC_SAR);
8377 				break;
8378 			}
8379 		}
8380 	}
8381 	REGTREE_UNLOCK();
8382 
8383 	ACQ_LOCK();
8384 	acq = LIST_FIRST(&V_acqtree);
8385 	while (acq != NULL) {
8386 		nextacq = LIST_NEXT(acq, chain);
8387 		LIST_REMOVE(acq, chain);
8388 		free(acq, M_IPSEC_SAQ);
8389 		acq = nextacq;
8390 	}
8391 	for (i = 0; i < V_acqaddrhash_mask + 1; i++)
8392 		LIST_INIT(&V_acqaddrhashtbl[i]);
8393 	for (i = 0; i < V_acqseqhash_mask + 1; i++)
8394 		LIST_INIT(&V_acqseqhashtbl[i]);
8395 	ACQ_UNLOCK();
8396 
8397 	SPACQ_LOCK();
8398 	for (spacq = LIST_FIRST(&V_spacqtree); spacq != NULL;
8399 	    spacq = nextspacq) {
8400 		nextspacq = LIST_NEXT(spacq, chain);
8401 		if (__LIST_CHAINED(spacq)) {
8402 			LIST_REMOVE(spacq, chain);
8403 			free(spacq, M_IPSEC_SAQ);
8404 		}
8405 	}
8406 	SPACQ_UNLOCK();
8407 	hashdestroy(V_acqaddrhashtbl, M_IPSEC_SAQ, V_acqaddrhash_mask);
8408 	hashdestroy(V_acqseqhashtbl, M_IPSEC_SAQ, V_acqseqhash_mask);
8409 
8410 	if (!IS_DEFAULT_VNET(curvnet))
8411 		return;
8412 
8413 	uma_zdestroy(ipsec_key_lft_zone);
8414 
8415 #ifndef IPSEC_DEBUG2
8416 	callout_drain(&key_timer);
8417 #endif
8418 	SPTREE_LOCK_DESTROY();
8419 	REGTREE_LOCK_DESTROY();
8420 	SAHTREE_LOCK_DESTROY();
8421 	ACQ_LOCK_DESTROY();
8422 	SPACQ_LOCK_DESTROY();
8423 }
8424 #endif
8425 
8426 /* record data transfer on SA, and update timestamps */
8427 void
8428 key_sa_recordxfer(struct secasvar *sav, struct mbuf *m)
8429 {
8430 	IPSEC_ASSERT(sav != NULL, ("Null secasvar"));
8431 	IPSEC_ASSERT(m != NULL, ("Null mbuf"));
8432 
8433 	/*
8434 	 * XXX Currently, there is a difference of bytes size
8435 	 * between inbound and outbound processing.
8436 	 */
8437 	counter_u64_add(sav->lft_c_bytes, m->m_pkthdr.len);
8438 
8439 	/*
8440 	 * We use the number of packets as the unit of
8441 	 * allocations.  We increment the variable
8442 	 * whenever {esp,ah}_{in,out}put is called.
8443 	 */
8444 	counter_u64_add(sav->lft_c_allocations, 1);
8445 
8446 	/*
8447 	 * NOTE: We record CURRENT usetime by using wall clock,
8448 	 * in seconds.  HARD and SOFT lifetime are measured by the time
8449 	 * difference (again in seconds) from usetime.
8450 	 *
8451 	 *	usetime
8452 	 *	v     expire   expire
8453 	 * -----+-----+--------+---> t
8454 	 *	<--------------> HARD
8455 	 *	<-----> SOFT
8456 	 */
8457 	if (sav->firstused == 0)
8458 		sav->firstused = time_second;
8459 }
8460 
8461 /*
8462  * Take one of the kernel's security keys and convert it into a PF_KEY
8463  * structure within an mbuf, suitable for sending up to a waiting
8464  * application in user land.
8465  *
8466  * IN:
8467  *    src: A pointer to a kernel security key.
8468  *    exttype: Which type of key this is. Refer to the PF_KEY data structures.
8469  * OUT:
8470  *    a valid mbuf or NULL indicating an error
8471  *
8472  */
8473 
8474 static struct mbuf *
8475 key_setkey(struct seckey *src, uint16_t exttype)
8476 {
8477 	struct mbuf *m;
8478 	struct sadb_key *p;
8479 	int len;
8480 
8481 	if (src == NULL)
8482 		return NULL;
8483 
8484 	len = PFKEY_ALIGN8(sizeof(struct sadb_key) + _KEYLEN(src));
8485 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
8486 	if (m == NULL)
8487 		return NULL;
8488 	m_align(m, len);
8489 	m->m_len = len;
8490 	p = mtod(m, struct sadb_key *);
8491 	bzero(p, len);
8492 	p->sadb_key_len = PFKEY_UNIT64(len);
8493 	p->sadb_key_exttype = exttype;
8494 	p->sadb_key_bits = src->bits;
8495 	bcopy(src->key_data, _KEYBUF(p), _KEYLEN(src));
8496 
8497 	return m;
8498 }
8499 
8500 /*
8501  * Take one of the kernel's lifetime data structures and convert it
8502  * into a PF_KEY structure within an mbuf, suitable for sending up to
8503  * a waiting application in user land.
8504  *
8505  * IN:
8506  *    src: A pointer to a kernel lifetime structure.
8507  *    exttype: Which type of lifetime this is. Refer to the PF_KEY
8508  *             data structures for more information.
8509  * OUT:
8510  *    a valid mbuf or NULL indicating an error
8511  *
8512  */
8513 
8514 static struct mbuf *
8515 key_setlifetime(struct seclifetime *src, uint16_t exttype)
8516 {
8517 	struct mbuf *m = NULL;
8518 	struct sadb_lifetime *p;
8519 	int len = PFKEY_ALIGN8(sizeof(struct sadb_lifetime));
8520 
8521 	if (src == NULL)
8522 		return NULL;
8523 
8524 	m = m_get2(len, M_NOWAIT, MT_DATA, 0);
8525 	if (m == NULL)
8526 		return m;
8527 	m_align(m, len);
8528 	m->m_len = len;
8529 	p = mtod(m, struct sadb_lifetime *);
8530 
8531 	bzero(p, len);
8532 	p->sadb_lifetime_len = PFKEY_UNIT64(len);
8533 	p->sadb_lifetime_exttype = exttype;
8534 	p->sadb_lifetime_allocations = src->allocations;
8535 	p->sadb_lifetime_bytes = src->bytes;
8536 	p->sadb_lifetime_addtime = src->addtime;
8537 	p->sadb_lifetime_usetime = src->usetime;
8538 
8539 	return m;
8540 
8541 }
8542 
8543 const struct enc_xform *
8544 enc_algorithm_lookup(int alg)
8545 {
8546 	int i;
8547 
8548 	for (i = 0; i < nitems(supported_ealgs); i++)
8549 		if (alg == supported_ealgs[i].sadb_alg)
8550 			return (supported_ealgs[i].xform);
8551 	return (NULL);
8552 }
8553 
8554 const struct auth_hash *
8555 auth_algorithm_lookup(int alg)
8556 {
8557 	int i;
8558 
8559 	for (i = 0; i < nitems(supported_aalgs); i++)
8560 		if (alg == supported_aalgs[i].sadb_alg)
8561 			return (supported_aalgs[i].xform);
8562 	return (NULL);
8563 }
8564 
8565 const struct comp_algo *
8566 comp_algorithm_lookup(int alg)
8567 {
8568 	int i;
8569 
8570 	for (i = 0; i < nitems(supported_calgs); i++)
8571 		if (alg == supported_calgs[i].sadb_alg)
8572 			return (supported_calgs[i].xform);
8573 	return (NULL);
8574 }
8575