xref: /illumos-gate/usr/src/uts/common/inet/ip/sadb.c (revision 98c507c4288789fc67365c4cb51f80eb641e7182)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #include <sys/types.h>
27 #include <sys/stream.h>
28 #include <sys/stropts.h>
29 #include <sys/strsubr.h>
30 #include <sys/errno.h>
31 #include <sys/ddi.h>
32 #include <sys/debug.h>
33 #include <sys/cmn_err.h>
34 #include <sys/stream.h>
35 #include <sys/strlog.h>
36 #include <sys/kmem.h>
37 #include <sys/sunddi.h>
38 #include <sys/tihdr.h>
39 #include <sys/atomic.h>
40 #include <sys/socket.h>
41 #include <sys/sysmacros.h>
42 #include <sys/crypto/common.h>
43 #include <sys/crypto/api.h>
44 #include <sys/zone.h>
45 #include <netinet/in.h>
46 #include <net/if.h>
47 #include <net/pfkeyv2.h>
48 #include <net/pfpolicy.h>
49 #include <inet/common.h>
50 #include <netinet/ip6.h>
51 #include <inet/ip.h>
52 #include <inet/ip_ire.h>
53 #include <inet/ip6.h>
54 #include <inet/ipsec_info.h>
55 #include <inet/tcp.h>
56 #include <inet/sadb.h>
57 #include <inet/ipsec_impl.h>
58 #include <inet/ipsecah.h>
59 #include <inet/ipsecesp.h>
60 #include <sys/random.h>
61 #include <sys/dlpi.h>
62 #include <sys/iphada.h>
63 #include <sys/strsun.h>
64 #include <sys/strsubr.h>
65 #include <inet/ip_if.h>
66 #include <inet/ipdrop.h>
67 #include <inet/ipclassifier.h>
68 #include <inet/sctp_ip.h>
69 #include <sys/tsol/tnet.h>
70 
71 /*
72  * This source file contains Security Association Database (SADB) common
73  * routines.  They are linked in with the AH module.  Since AH has no chance
74  * of falling under export control, it was safe to link it in there.
75  */
76 
77 static mblk_t *sadb_extended_acquire(ipsec_selector_t *, ipsec_policy_t *,
78     ipsec_action_t *, boolean_t, uint32_t, uint32_t, sadb_sens_t *,
79     netstack_t *);
80 static void sadb_ill_df(ill_t *, mblk_t *, isaf_t *, int, boolean_t);
81 static ipsa_t *sadb_torch_assoc(isaf_t *, ipsa_t *, boolean_t, mblk_t **);
82 static void sadb_drain_torchq(queue_t *, mblk_t *);
83 static void sadb_destroy_acqlist(iacqf_t **, uint_t, boolean_t,
84 			    netstack_t *);
85 static void sadb_destroy(sadb_t *, netstack_t *);
86 static mblk_t *sadb_sa2msg(ipsa_t *, sadb_msg_t *);
87 static cred_t *sadb_cred_from_sens(sadb_sens_t *, uint64_t *);
88 static sadb_sens_t *sadb_make_sens_ext(cred_t *cr, int *len);
89 
90 static time_t sadb_add_time(time_t, uint64_t);
91 static void lifetime_fuzz(ipsa_t *);
92 static void age_pair_peer_list(templist_t *, sadb_t *, boolean_t);
93 static int get_ipsa_pair(ipsa_query_t *, ipsap_t *, int *);
94 static void init_ipsa_pair(ipsap_t *);
95 static void destroy_ipsa_pair(ipsap_t *);
96 static int update_pairing(ipsap_t *, ipsa_query_t *, keysock_in_t *, int *);
97 static void ipsa_set_replay(ipsa_t *ipsa, uint32_t offset);
98 
99 extern void (*cl_inet_getspi)(netstackid_t stack_id, uint8_t protocol,
100     uint8_t *ptr, size_t len, void *args);
101 extern int (*cl_inet_checkspi)(netstackid_t stack_id, uint8_t protocol,
102     uint32_t spi, void *args);
103 extern void (*cl_inet_deletespi)(netstackid_t stack_id, uint8_t protocol,
104     uint32_t spi, void *args);
105 /*
106  * ipsacq_maxpackets is defined here to make it tunable
107  * from /etc/system.
108  */
109 extern uint64_t ipsacq_maxpackets;
110 
111 #define	SET_EXPIRE(sa, delta, exp) {				\
112 	if (((sa)->ipsa_ ## delta) != 0) {				\
113 		(sa)->ipsa_ ## exp = sadb_add_time((sa)->ipsa_addtime,	\
114 			(sa)->ipsa_ ## delta);				\
115 	}								\
116 }
117 
118 #define	UPDATE_EXPIRE(sa, delta, exp) {					\
119 	if (((sa)->ipsa_ ## delta) != 0) {				\
120 		time_t tmp = sadb_add_time((sa)->ipsa_usetime,		\
121 			(sa)->ipsa_ ## delta);				\
122 		if (((sa)->ipsa_ ## exp) == 0)				\
123 			(sa)->ipsa_ ## exp = tmp;			\
124 		else							\
125 			(sa)->ipsa_ ## exp = 				\
126 			    MIN((sa)->ipsa_ ## exp, tmp); 		\
127 	}								\
128 }
129 
130 
131 /* wrap the macro so we can pass it as a function pointer */
132 void
133 sadb_sa_refrele(void *target)
134 {
135 	IPSA_REFRELE(((ipsa_t *)target));
136 }
137 
138 /*
139  * We presume that sizeof (long) == sizeof (time_t) and that time_t is
140  * a signed type.
141  */
142 #define	TIME_MAX LONG_MAX
143 
144 /*
145  * PF_KEY gives us lifetimes in uint64_t seconds.  We presume that
146  * time_t is defined to be a signed type with the same range as
147  * "long".  On ILP32 systems, we thus run the risk of wrapping around
148  * at end of time, as well as "overwrapping" the clock back around
149  * into a seemingly valid but incorrect future date earlier than the
150  * desired expiration.
151  *
152  * In order to avoid odd behavior (either negative lifetimes or loss
153  * of high order bits) when someone asks for bizarrely long SA
154  * lifetimes, we do a saturating add for expire times.
155  *
156  * We presume that ILP32 systems will be past end of support life when
157  * the 32-bit time_t overflows (a dangerous assumption, mind you..).
158  *
159  * On LP64, 2^64 seconds are about 5.8e11 years, at which point we
160  * will hopefully have figured out clever ways to avoid the use of
161  * fixed-sized integers in computation.
162  */
163 static time_t
164 sadb_add_time(time_t base, uint64_t delta)
165 {
166 	time_t sum;
167 
168 	/*
169 	 * Clip delta to the maximum possible time_t value to
170 	 * prevent "overwrapping" back into a shorter-than-desired
171 	 * future time.
172 	 */
173 	if (delta > TIME_MAX)
174 		delta = TIME_MAX;
175 	/*
176 	 * This sum may still overflow.
177 	 */
178 	sum = base + delta;
179 
180 	/*
181 	 * .. so if the result is less than the base, we overflowed.
182 	 */
183 	if (sum < base)
184 		sum = TIME_MAX;
185 
186 	return (sum);
187 }
188 
189 /*
190  * Callers of this function have already created a working security
191  * association, and have found the appropriate table & hash chain.  All this
192  * function does is check duplicates, and insert the SA.  The caller needs to
193  * hold the hash bucket lock and increment the refcnt before insertion.
194  *
195  * Return 0 if success, EEXIST if collision.
196  */
197 #define	SA_UNIQUE_MATCH(sa1, sa2) \
198 	(((sa1)->ipsa_unique_id & (sa1)->ipsa_unique_mask) == \
199 	((sa2)->ipsa_unique_id & (sa2)->ipsa_unique_mask))
200 
201 int
202 sadb_insertassoc(ipsa_t *ipsa, isaf_t *bucket)
203 {
204 	ipsa_t **ptpn = NULL;
205 	ipsa_t *walker;
206 	boolean_t unspecsrc;
207 
208 	ASSERT(MUTEX_HELD(&bucket->isaf_lock));
209 
210 	unspecsrc = IPSA_IS_ADDR_UNSPEC(ipsa->ipsa_srcaddr, ipsa->ipsa_addrfam);
211 
212 	walker = bucket->isaf_ipsa;
213 	ASSERT(walker == NULL || ipsa->ipsa_addrfam == walker->ipsa_addrfam);
214 
215 	/*
216 	 * Find insertion point (pointed to with **ptpn).  Insert at the head
217 	 * of the list unless there's an unspecified source address, then
218 	 * insert it after the last SA with a specified source address.
219 	 *
220 	 * BTW, you'll have to walk the whole chain, matching on {DST, SPI}
221 	 * checking for collisions.
222 	 */
223 
224 	while (walker != NULL) {
225 		if (IPSA_ARE_ADDR_EQUAL(walker->ipsa_dstaddr,
226 		    ipsa->ipsa_dstaddr, ipsa->ipsa_addrfam)) {
227 			if (walker->ipsa_spi == ipsa->ipsa_spi)
228 				return (EEXIST);
229 
230 			mutex_enter(&walker->ipsa_lock);
231 			if (ipsa->ipsa_state == IPSA_STATE_MATURE &&
232 			    (walker->ipsa_flags & IPSA_F_USED) &&
233 			    SA_UNIQUE_MATCH(walker, ipsa)) {
234 				walker->ipsa_flags |= IPSA_F_CINVALID;
235 			}
236 			mutex_exit(&walker->ipsa_lock);
237 		}
238 
239 		if (ptpn == NULL && unspecsrc) {
240 			if (IPSA_IS_ADDR_UNSPEC(walker->ipsa_srcaddr,
241 			    walker->ipsa_addrfam))
242 				ptpn = walker->ipsa_ptpn;
243 			else if (walker->ipsa_next == NULL)
244 				ptpn = &walker->ipsa_next;
245 		}
246 
247 		walker = walker->ipsa_next;
248 	}
249 
250 	if (ptpn == NULL)
251 		ptpn = &bucket->isaf_ipsa;
252 	ipsa->ipsa_next = *ptpn;
253 	ipsa->ipsa_ptpn = ptpn;
254 	if (ipsa->ipsa_next != NULL)
255 		ipsa->ipsa_next->ipsa_ptpn = &ipsa->ipsa_next;
256 	*ptpn = ipsa;
257 	ipsa->ipsa_linklock = &bucket->isaf_lock;
258 
259 	return (0);
260 }
261 #undef SA_UNIQUE_MATCH
262 
263 /*
264  * Free a security association.  Its reference count is 0, which means
265  * I must free it.  The SA must be unlocked and must not be linked into
266  * any fanout list.
267  */
268 static void
269 sadb_freeassoc(ipsa_t *ipsa)
270 {
271 	ipsec_stack_t	*ipss = ipsa->ipsa_netstack->netstack_ipsec;
272 
273 	ASSERT(ipss != NULL);
274 	ASSERT(MUTEX_NOT_HELD(&ipsa->ipsa_lock));
275 	ASSERT(ipsa->ipsa_refcnt == 0);
276 	ASSERT(ipsa->ipsa_next == NULL);
277 	ASSERT(ipsa->ipsa_ptpn == NULL);
278 
279 	mutex_enter(&ipsa->ipsa_lock);
280 	/* Don't call sadb_clear_lpkt() since we hold the ipsa_lock anyway. */
281 	ip_drop_packet(ipsa->ipsa_lpkt, B_TRUE, NULL, NULL,
282 	    DROPPER(ipss, ipds_sadb_inlarval_timeout),
283 	    &ipss->ipsec_sadb_dropper);
284 
285 	if (ipsa->ipsa_cred != NULL) {
286 		crfree(ipsa->ipsa_cred);
287 		ipsa->ipsa_cred = NULL;
288 	}
289 
290 	if (ipsa->ipsa_ocred != NULL) {
291 		crfree(ipsa->ipsa_ocred);
292 		ipsa->ipsa_ocred = NULL;
293 	}
294 
295 	ipsec_destroy_ctx_tmpl(ipsa, IPSEC_ALG_AUTH);
296 	ipsec_destroy_ctx_tmpl(ipsa, IPSEC_ALG_ENCR);
297 	mutex_exit(&ipsa->ipsa_lock);
298 
299 	/* bzero() these fields for paranoia's sake. */
300 	if (ipsa->ipsa_authkey != NULL) {
301 		bzero(ipsa->ipsa_authkey, ipsa->ipsa_authkeylen);
302 		kmem_free(ipsa->ipsa_authkey, ipsa->ipsa_authkeylen);
303 	}
304 	if (ipsa->ipsa_encrkey != NULL) {
305 		bzero(ipsa->ipsa_encrkey, ipsa->ipsa_encrkeylen);
306 		kmem_free(ipsa->ipsa_encrkey, ipsa->ipsa_encrkeylen);
307 	}
308 	if (ipsa->ipsa_nonce_buf != NULL) {
309 		bzero(ipsa->ipsa_nonce_buf, sizeof (ipsec_nonce_t));
310 		kmem_free(ipsa->ipsa_nonce_buf, sizeof (ipsec_nonce_t));
311 	}
312 	if (ipsa->ipsa_src_cid != NULL) {
313 		IPSID_REFRELE(ipsa->ipsa_src_cid);
314 	}
315 	if (ipsa->ipsa_dst_cid != NULL) {
316 		IPSID_REFRELE(ipsa->ipsa_dst_cid);
317 	}
318 	if (ipsa->ipsa_emech.cm_param != NULL)
319 		kmem_free(ipsa->ipsa_emech.cm_param,
320 		    ipsa->ipsa_emech.cm_param_len);
321 
322 	mutex_destroy(&ipsa->ipsa_lock);
323 	kmem_free(ipsa, sizeof (*ipsa));
324 }
325 
326 /*
327  * Unlink a security association from a hash bucket.  Assume the hash bucket
328  * lock is held, but the association's lock is not.
329  *
330  * Note that we do not bump the bucket's generation number here because
331  * we might not be making a visible change to the set of visible SA's.
332  * All callers MUST bump the bucket's generation number before they unlock
333  * the bucket if they use sadb_unlinkassoc to permanetly remove an SA which
334  * was present in the bucket at the time it was locked.
335  */
336 void
337 sadb_unlinkassoc(ipsa_t *ipsa)
338 {
339 	ASSERT(ipsa->ipsa_linklock != NULL);
340 	ASSERT(MUTEX_HELD(ipsa->ipsa_linklock));
341 
342 	/* These fields are protected by the link lock. */
343 	*(ipsa->ipsa_ptpn) = ipsa->ipsa_next;
344 	if (ipsa->ipsa_next != NULL) {
345 		ipsa->ipsa_next->ipsa_ptpn = ipsa->ipsa_ptpn;
346 		ipsa->ipsa_next = NULL;
347 	}
348 
349 	ipsa->ipsa_ptpn = NULL;
350 
351 	/* This may destroy the SA. */
352 	IPSA_REFRELE(ipsa);
353 }
354 
355 void
356 sadb_delete_cluster(ipsa_t *assoc)
357 {
358 	uint8_t protocol;
359 
360 	if (cl_inet_deletespi &&
361 	    ((assoc->ipsa_state == IPSA_STATE_LARVAL) ||
362 	    (assoc->ipsa_state == IPSA_STATE_MATURE))) {
363 		protocol = (assoc->ipsa_type == SADB_SATYPE_AH) ?
364 		    IPPROTO_AH : IPPROTO_ESP;
365 		cl_inet_deletespi(assoc->ipsa_netstack->netstack_stackid,
366 		    protocol, assoc->ipsa_spi, NULL);
367 	}
368 }
369 
370 /*
371  * Create a larval security association with the specified SPI.	 All other
372  * fields are zeroed.
373  */
374 static ipsa_t *
375 sadb_makelarvalassoc(uint32_t spi, uint32_t *src, uint32_t *dst, int addrfam,
376     netstack_t *ns)
377 {
378 	ipsa_t *newbie;
379 
380 	/*
381 	 * Allocate...
382 	 */
383 
384 	newbie = (ipsa_t *)kmem_zalloc(sizeof (ipsa_t), KM_NOSLEEP);
385 	if (newbie == NULL) {
386 		/* Can't make new larval SA. */
387 		return (NULL);
388 	}
389 
390 	/* Assigned requested SPI, assume caller does SPI allocation magic. */
391 	newbie->ipsa_spi = spi;
392 	newbie->ipsa_netstack = ns;	/* No netstack_hold */
393 
394 	/*
395 	 * Copy addresses...
396 	 */
397 
398 	IPSA_COPY_ADDR(newbie->ipsa_srcaddr, src, addrfam);
399 	IPSA_COPY_ADDR(newbie->ipsa_dstaddr, dst, addrfam);
400 
401 	newbie->ipsa_addrfam = addrfam;
402 
403 	/*
404 	 * Set common initialization values, including refcnt.
405 	 */
406 	mutex_init(&newbie->ipsa_lock, NULL, MUTEX_DEFAULT, NULL);
407 	newbie->ipsa_state = IPSA_STATE_LARVAL;
408 	newbie->ipsa_refcnt = 1;
409 	newbie->ipsa_freefunc = sadb_freeassoc;
410 
411 	/*
412 	 * There aren't a lot of other common initialization values, as
413 	 * they are copied in from the PF_KEY message.
414 	 */
415 
416 	return (newbie);
417 }
418 
419 /*
420  * Call me to initialize a security association fanout.
421  */
422 static int
423 sadb_init_fanout(isaf_t **tablep, uint_t size, int kmflag)
424 {
425 	isaf_t *table;
426 	int i;
427 
428 	table = (isaf_t *)kmem_alloc(size * sizeof (*table), kmflag);
429 	*tablep = table;
430 
431 	if (table == NULL)
432 		return (ENOMEM);
433 
434 	for (i = 0; i < size; i++) {
435 		mutex_init(&(table[i].isaf_lock), NULL, MUTEX_DEFAULT, NULL);
436 		table[i].isaf_ipsa = NULL;
437 		table[i].isaf_gen = 0;
438 	}
439 
440 	return (0);
441 }
442 
443 /*
444  * Call me to initialize an acquire fanout
445  */
446 static int
447 sadb_init_acfanout(iacqf_t **tablep, uint_t size, int kmflag)
448 {
449 	iacqf_t *table;
450 	int i;
451 
452 	table = (iacqf_t *)kmem_alloc(size * sizeof (*table), kmflag);
453 	*tablep = table;
454 
455 	if (table == NULL)
456 		return (ENOMEM);
457 
458 	for (i = 0; i < size; i++) {
459 		mutex_init(&(table[i].iacqf_lock), NULL, MUTEX_DEFAULT, NULL);
460 		table[i].iacqf_ipsacq = NULL;
461 	}
462 
463 	return (0);
464 }
465 
466 /*
467  * Attempt to initialize an SADB instance.  On failure, return ENOMEM;
468  * caller must clean up partial allocations.
469  */
470 static int
471 sadb_init_trial(sadb_t *sp, uint_t size, int kmflag)
472 {
473 	ASSERT(sp->sdb_of == NULL);
474 	ASSERT(sp->sdb_if == NULL);
475 	ASSERT(sp->sdb_acq == NULL);
476 
477 	sp->sdb_hashsize = size;
478 	if (sadb_init_fanout(&sp->sdb_of, size, kmflag) != 0)
479 		return (ENOMEM);
480 	if (sadb_init_fanout(&sp->sdb_if, size, kmflag) != 0)
481 		return (ENOMEM);
482 	if (sadb_init_acfanout(&sp->sdb_acq, size, kmflag) != 0)
483 		return (ENOMEM);
484 
485 	return (0);
486 }
487 
488 /*
489  * Call me to initialize an SADB instance; fall back to default size on failure.
490  */
491 static void
492 sadb_init(const char *name, sadb_t *sp, uint_t size, uint_t ver,
493     netstack_t *ns)
494 {
495 	ASSERT(sp->sdb_of == NULL);
496 	ASSERT(sp->sdb_if == NULL);
497 	ASSERT(sp->sdb_acq == NULL);
498 
499 	if (size < IPSEC_DEFAULT_HASH_SIZE)
500 		size = IPSEC_DEFAULT_HASH_SIZE;
501 
502 	if (sadb_init_trial(sp, size, KM_NOSLEEP) != 0) {
503 
504 		cmn_err(CE_WARN,
505 		    "Unable to allocate %u entry IPv%u %s SADB hash table",
506 		    size, ver, name);
507 
508 		sadb_destroy(sp, ns);
509 		size = IPSEC_DEFAULT_HASH_SIZE;
510 		cmn_err(CE_WARN, "Falling back to %d entries", size);
511 		(void) sadb_init_trial(sp, size, KM_SLEEP);
512 	}
513 }
514 
515 
516 /*
517  * Initialize an SADB-pair.
518  */
519 void
520 sadbp_init(const char *name, sadbp_t *sp, int type, int size, netstack_t *ns)
521 {
522 	sadb_init(name, &sp->s_v4, size, 4, ns);
523 	sadb_init(name, &sp->s_v6, size, 6, ns);
524 
525 	sp->s_satype = type;
526 
527 	ASSERT((type == SADB_SATYPE_AH) || (type == SADB_SATYPE_ESP));
528 	if (type == SADB_SATYPE_AH) {
529 		ipsec_stack_t	*ipss = ns->netstack_ipsec;
530 
531 		ip_drop_register(&ipss->ipsec_sadb_dropper, "IPsec SADB");
532 		sp->s_addflags = AH_ADD_SETTABLE_FLAGS;
533 		sp->s_updateflags = AH_UPDATE_SETTABLE_FLAGS;
534 	} else {
535 		sp->s_addflags = ESP_ADD_SETTABLE_FLAGS;
536 		sp->s_updateflags = ESP_UPDATE_SETTABLE_FLAGS;
537 	}
538 }
539 
540 /*
541  * Deliver a single SADB_DUMP message representing a single SA.  This is
542  * called many times by sadb_dump().
543  *
544  * If the return value of this is ENOBUFS (not the same as ENOMEM), then
545  * the caller should take that as a hint that dupb() on the "original answer"
546  * failed, and that perhaps the caller should try again with a copyb()ed
547  * "original answer".
548  */
549 static int
550 sadb_dump_deliver(queue_t *pfkey_q, mblk_t *original_answer, ipsa_t *ipsa,
551     sadb_msg_t *samsg)
552 {
553 	mblk_t *answer;
554 
555 	answer = dupb(original_answer);
556 	if (answer == NULL)
557 		return (ENOBUFS);
558 	answer->b_cont = sadb_sa2msg(ipsa, samsg);
559 	if (answer->b_cont == NULL) {
560 		freeb(answer);
561 		return (ENOMEM);
562 	}
563 
564 	/* Just do a putnext, and let keysock deal with flow control. */
565 	putnext(pfkey_q, answer);
566 	return (0);
567 }
568 
569 /*
570  * Common function to allocate and prepare a keysock_out_t M_CTL message.
571  */
572 mblk_t *
573 sadb_keysock_out(minor_t serial)
574 {
575 	mblk_t *mp;
576 	keysock_out_t *kso;
577 
578 	mp = allocb(sizeof (ipsec_info_t), BPRI_HI);
579 	if (mp != NULL) {
580 		mp->b_datap->db_type = M_CTL;
581 		mp->b_wptr += sizeof (ipsec_info_t);
582 		kso = (keysock_out_t *)mp->b_rptr;
583 		kso->ks_out_type = KEYSOCK_OUT;
584 		kso->ks_out_len = sizeof (*kso);
585 		kso->ks_out_serial = serial;
586 	}
587 
588 	return (mp);
589 }
590 
591 /*
592  * Perform an SADB_DUMP, spewing out every SA in an array of SA fanouts
593  * to keysock.
594  */
595 static int
596 sadb_dump_fanout(queue_t *pfkey_q, mblk_t *mp, minor_t serial, isaf_t *fanout,
597     int num_entries, boolean_t do_peers, time_t active_time)
598 {
599 	int i, error = 0;
600 	mblk_t *original_answer;
601 	ipsa_t *walker;
602 	sadb_msg_t *samsg;
603 	time_t	current;
604 
605 	/*
606 	 * For each IPSA hash bucket do:
607 	 *	- Hold the mutex
608 	 *	- Walk each entry, doing an sadb_dump_deliver() on it.
609 	 */
610 	ASSERT(mp->b_cont != NULL);
611 	samsg = (sadb_msg_t *)mp->b_cont->b_rptr;
612 
613 	original_answer = sadb_keysock_out(serial);
614 	if (original_answer == NULL)
615 		return (ENOMEM);
616 
617 	current = gethrestime_sec();
618 	for (i = 0; i < num_entries; i++) {
619 		mutex_enter(&fanout[i].isaf_lock);
620 		for (walker = fanout[i].isaf_ipsa; walker != NULL;
621 		    walker = walker->ipsa_next) {
622 			if (!do_peers && walker->ipsa_haspeer)
623 				continue;
624 			if ((active_time != 0) &&
625 			    ((current - walker->ipsa_lastuse) > active_time))
626 				continue;
627 			error = sadb_dump_deliver(pfkey_q, original_answer,
628 			    walker, samsg);
629 			if (error == ENOBUFS) {
630 				mblk_t *new_original_answer;
631 
632 				/* Ran out of dupb's.  Try a copyb. */
633 				new_original_answer = copyb(original_answer);
634 				if (new_original_answer == NULL) {
635 					error = ENOMEM;
636 				} else {
637 					freeb(original_answer);
638 					original_answer = new_original_answer;
639 					error = sadb_dump_deliver(pfkey_q,
640 					    original_answer, walker, samsg);
641 				}
642 			}
643 			if (error != 0)
644 				break;	/* out of for loop. */
645 		}
646 		mutex_exit(&fanout[i].isaf_lock);
647 		if (error != 0)
648 			break;	/* out of for loop. */
649 	}
650 
651 	freeb(original_answer);
652 	return (error);
653 }
654 
655 /*
656  * Dump an entire SADB; outbound first, then inbound.
657  */
658 
659 int
660 sadb_dump(queue_t *pfkey_q, mblk_t *mp, keysock_in_t *ksi, sadb_t *sp)
661 {
662 	int error;
663 	time_t	active_time = 0;
664 	sadb_x_edump_t	*edump =
665 	    (sadb_x_edump_t *)ksi->ks_in_extv[SADB_X_EXT_EDUMP];
666 
667 	if (edump != NULL) {
668 		active_time = edump->sadb_x_edump_timeout;
669 	}
670 
671 	/* Dump outbound */
672 	error = sadb_dump_fanout(pfkey_q, mp, ksi->ks_in_serial, sp->sdb_of,
673 	    sp->sdb_hashsize, B_TRUE, active_time);
674 	if (error)
675 		return (error);
676 
677 	/* Dump inbound */
678 	return sadb_dump_fanout(pfkey_q, mp, ksi->ks_in_serial, sp->sdb_if,
679 	    sp->sdb_hashsize, B_FALSE, active_time);
680 }
681 
682 /*
683  * Generic sadb table walker.
684  *
685  * Call "walkfn" for each SA in each bucket in "table"; pass the
686  * bucket, the entry and "cookie" to the callback function.
687  * Take care to ensure that walkfn can delete the SA without screwing
688  * up our traverse.
689  *
690  * The bucket is locked for the duration of the callback, both so that the
691  * callback can just call sadb_unlinkassoc() when it wants to delete something,
692  * and so that no new entries are added while we're walking the list.
693  */
694 static void
695 sadb_walker(isaf_t *table, uint_t numentries,
696     void (*walkfn)(isaf_t *head, ipsa_t *entry, void *cookie),
697     void *cookie)
698 {
699 	int i;
700 	for (i = 0; i < numentries; i++) {
701 		ipsa_t *entry, *next;
702 
703 		mutex_enter(&table[i].isaf_lock);
704 
705 		for (entry = table[i].isaf_ipsa; entry != NULL;
706 		    entry = next) {
707 			next = entry->ipsa_next;
708 			(*walkfn)(&table[i], entry, cookie);
709 		}
710 		mutex_exit(&table[i].isaf_lock);
711 	}
712 }
713 
714 /*
715  * From the given SA, construct a dl_ct_ipsec_key and
716  * a dl_ct_ipsec structures to be sent to the adapter as part
717  * of a DL_CONTROL_REQ.
718  *
719  * ct_sa must point to the storage allocated for the key
720  * structure and must be followed by storage allocated
721  * for the SA information that must be sent to the driver
722  * as part of the DL_CONTROL_REQ request.
723  *
724  * The is_inbound boolean indicates whether the specified
725  * SA is part of an inbound SA table.
726  *
727  * Returns B_TRUE if the corresponding SA must be passed to
728  * a provider, B_FALSE otherwise; frees *mp if it returns B_FALSE.
729  */
730 static boolean_t
731 sadb_req_from_sa(ipsa_t *sa, mblk_t *mp, boolean_t is_inbound)
732 {
733 	dl_ct_ipsec_key_t *keyp;
734 	dl_ct_ipsec_t *sap;
735 	void *ct_sa = mp->b_wptr;
736 
737 	ASSERT(MUTEX_HELD(&sa->ipsa_lock));
738 
739 	keyp = (dl_ct_ipsec_key_t *)(ct_sa);
740 	sap = (dl_ct_ipsec_t *)(keyp + 1);
741 
742 	IPSECHW_DEBUG(IPSECHW_CAPAB, ("sadb_req_from_sa: "
743 	    "is_inbound = %d\n", is_inbound));
744 
745 	/* initialize flag */
746 	sap->sadb_sa_flags = 0;
747 	if (is_inbound) {
748 		sap->sadb_sa_flags |= DL_CT_IPSEC_INBOUND;
749 		/*
750 		 * If an inbound SA has a peer, then mark it has being
751 		 * an outbound SA as well.
752 		 */
753 		if (sa->ipsa_haspeer)
754 			sap->sadb_sa_flags |= DL_CT_IPSEC_OUTBOUND;
755 	} else {
756 		/*
757 		 * If an outbound SA has a peer, then don't send it,
758 		 * since we will send the copy from the inbound table.
759 		 */
760 		if (sa->ipsa_haspeer) {
761 			freemsg(mp);
762 			return (B_FALSE);
763 		}
764 		sap->sadb_sa_flags |= DL_CT_IPSEC_OUTBOUND;
765 	}
766 
767 	keyp->dl_key_spi = sa->ipsa_spi;
768 	bcopy(sa->ipsa_dstaddr, keyp->dl_key_dest_addr,
769 	    DL_CTL_IPSEC_ADDR_LEN);
770 	keyp->dl_key_addr_family = sa->ipsa_addrfam;
771 
772 	sap->sadb_sa_auth = sa->ipsa_auth_alg;
773 	sap->sadb_sa_encrypt = sa->ipsa_encr_alg;
774 
775 	sap->sadb_key_len_a = sa->ipsa_authkeylen;
776 	sap->sadb_key_bits_a = sa->ipsa_authkeybits;
777 	bcopy(sa->ipsa_authkey,
778 	    sap->sadb_key_data_a, sap->sadb_key_len_a);
779 
780 	sap->sadb_key_len_e = sa->ipsa_encrkeylen;
781 	sap->sadb_key_bits_e = sa->ipsa_encrkeybits;
782 	bcopy(sa->ipsa_encrkey,
783 	    sap->sadb_key_data_e, sap->sadb_key_len_e);
784 
785 	mp->b_wptr += sizeof (dl_ct_ipsec_t) + sizeof (dl_ct_ipsec_key_t);
786 	return (B_TRUE);
787 }
788 
789 /*
790  * Called from AH or ESP to format a message which will be used to inform
791  * IPsec-acceleration-capable ills of a SADB change.
792  * (It is not possible to send the message to IP directly from this function
793  * since the SA, if any, is locked during the call).
794  *
795  * dl_operation: DL_CONTROL_REQ operation (add, delete, update, etc)
796  * sa_type: identifies whether the operation applies to AH or ESP
797  *	(must be one of SADB_SATYPE_AH or SADB_SATYPE_ESP)
798  * sa: Pointer to an SA.  Must be non-NULL and locked
799  *	for ADD, DELETE, GET, and UPDATE operations.
800  * This function returns an mblk chain that must be passed to IP
801  * for forwarding to the IPsec capable providers.
802  */
803 mblk_t *
804 sadb_fmt_sa_req(uint_t dl_operation, uint_t sa_type, ipsa_t *sa,
805     boolean_t is_inbound)
806 {
807 	mblk_t *mp;
808 	dl_control_req_t *ctrl;
809 	boolean_t need_key = B_FALSE;
810 	mblk_t *ctl_mp = NULL;
811 	ipsec_ctl_t *ctl;
812 
813 	/*
814 	 * 1 allocate and initialize DL_CONTROL_REQ M_PROTO
815 	 * 2 if a key is needed for the operation
816 	 *    2.1 initialize key
817 	 *    2.2 if a full SA is needed for the operation
818 	 *	2.2.1 initialize full SA info
819 	 * 3 return message; caller will call ill_ipsec_capab_send_all()
820 	 * to send the resulting message to IPsec capable ills.
821 	 */
822 
823 	ASSERT(sa_type == SADB_SATYPE_AH || sa_type == SADB_SATYPE_ESP);
824 
825 	/*
826 	 * Allocate DL_CONTROL_REQ M_PROTO
827 	 * We allocate room for the SA even if it's not needed
828 	 * by some of the operations (for example flush)
829 	 */
830 	mp = allocb(sizeof (dl_control_req_t) +
831 	    sizeof (dl_ct_ipsec_key_t) + sizeof (dl_ct_ipsec_t), BPRI_HI);
832 	if (mp == NULL)
833 		return (NULL);
834 	mp->b_datap->db_type = M_PROTO;
835 
836 	/* initialize dl_control_req_t */
837 	ctrl = (dl_control_req_t *)mp->b_wptr;
838 	ctrl->dl_primitive = DL_CONTROL_REQ;
839 	ctrl->dl_operation = dl_operation;
840 	ctrl->dl_type = sa_type == SADB_SATYPE_AH ? DL_CT_IPSEC_AH :
841 	    DL_CT_IPSEC_ESP;
842 	ctrl->dl_key_offset = sizeof (dl_control_req_t);
843 	ctrl->dl_key_length = sizeof (dl_ct_ipsec_key_t);
844 	ctrl->dl_data_offset = sizeof (dl_control_req_t) +
845 	    sizeof (dl_ct_ipsec_key_t);
846 	ctrl->dl_data_length = sizeof (dl_ct_ipsec_t);
847 	mp->b_wptr += sizeof (dl_control_req_t);
848 
849 	if ((dl_operation == DL_CO_SET) || (dl_operation == DL_CO_DELETE)) {
850 		ASSERT(sa != NULL);
851 		ASSERT(MUTEX_HELD(&sa->ipsa_lock));
852 
853 		need_key = B_TRUE;
854 
855 		/*
856 		 * Initialize key and SA data. Note that for some
857 		 * operations the SA data is ignored by the provider
858 		 * (delete, etc.)
859 		 */
860 		if (!sadb_req_from_sa(sa, mp, is_inbound))
861 			return (NULL);
862 	}
863 
864 	/* construct control message */
865 	ctl_mp = allocb(sizeof (ipsec_ctl_t), BPRI_HI);
866 	if (ctl_mp == NULL) {
867 		cmn_err(CE_WARN, "sadb_fmt_sa_req: allocb failed\n");
868 		freemsg(mp);
869 		return (NULL);
870 	}
871 
872 	ctl_mp->b_datap->db_type = M_CTL;
873 	ctl_mp->b_wptr += sizeof (ipsec_ctl_t);
874 	ctl_mp->b_cont = mp;
875 
876 	ctl = (ipsec_ctl_t *)ctl_mp->b_rptr;
877 	ctl->ipsec_ctl_type = IPSEC_CTL;
878 	ctl->ipsec_ctl_len  = sizeof (ipsec_ctl_t);
879 	ctl->ipsec_ctl_sa_type = sa_type;
880 
881 	if (need_key) {
882 		/*
883 		 * Keep an additional reference on SA, since it will be
884 		 * needed by IP to send control messages corresponding
885 		 * to that SA from its perimeter. IP will do a
886 		 * IPSA_REFRELE when done with the request.
887 		 */
888 		ASSERT(MUTEX_HELD(&sa->ipsa_lock));
889 		IPSA_REFHOLD(sa);
890 		ctl->ipsec_ctl_sa = sa;
891 	} else
892 		ctl->ipsec_ctl_sa = NULL;
893 
894 	return (ctl_mp);
895 }
896 
897 
898 /*
899  * Called by sadb_ill_download() to dump the entries for a specific
900  * fanout table.  For each SA entry in the table passed as argument,
901  * use mp as a template and constructs a full DL_CONTROL message, and
902  * call ill_dlpi_send(), provided by IP, to send the resulting
903  * messages to the ill.
904  */
905 static void
906 sadb_ill_df(ill_t *ill, mblk_t *mp, isaf_t *fanout, int num_entries,
907     boolean_t is_inbound)
908 {
909 	ipsa_t *walker;
910 	mblk_t *nmp, *salist;
911 	int i, error = 0;
912 	ip_stack_t	*ipst = ill->ill_ipst;
913 	netstack_t	*ns = ipst->ips_netstack;
914 
915 	IPSECHW_DEBUG(IPSECHW_SADB, ("sadb_ill_df: fanout at 0x%p ne=%d\n",
916 	    (void *)fanout, num_entries));
917 	/*
918 	 * For each IPSA hash bucket do:
919 	 *	- Hold the mutex
920 	 *	- Walk each entry, sending a corresponding request to IP
921 	 *	  for it.
922 	 */
923 	ASSERT(mp->b_datap->db_type == M_PROTO);
924 
925 	for (i = 0; i < num_entries; i++) {
926 		mutex_enter(&fanout[i].isaf_lock);
927 		salist = NULL;
928 
929 		for (walker = fanout[i].isaf_ipsa; walker != NULL;
930 		    walker = walker->ipsa_next) {
931 			IPSECHW_DEBUG(IPSECHW_SADB,
932 			    ("sadb_ill_df: sending SA to ill via IP \n"));
933 			/*
934 			 * Duplicate the template mp passed and
935 			 * complete DL_CONTROL_REQ data.
936 			 * To be more memory efficient, we could use
937 			 * dupb() for the M_CTL and copyb() for the M_PROTO
938 			 * as the M_CTL, since the M_CTL is the same for
939 			 * every SA entry passed down to IP for the same ill.
940 			 *
941 			 * Note that copymsg/copyb ensure that the new mblk
942 			 * is at least as large as the source mblk even if it's
943 			 * not using all its storage -- therefore, nmp
944 			 * has trailing space for sadb_req_from_sa to add
945 			 * the SA-specific bits.
946 			 */
947 			mutex_enter(&walker->ipsa_lock);
948 			if (ipsec_capab_match(ill,
949 			    ill->ill_phyint->phyint_ifindex, ill->ill_isv6,
950 			    walker, ns)) {
951 				nmp = copymsg(mp);
952 				if (nmp == NULL) {
953 					IPSECHW_DEBUG(IPSECHW_SADB,
954 					    ("sadb_ill_df: alloc error\n"));
955 					error = ENOMEM;
956 					mutex_exit(&walker->ipsa_lock);
957 					break;
958 				}
959 				if (sadb_req_from_sa(walker, nmp, is_inbound)) {
960 					nmp->b_next = salist;
961 					salist = nmp;
962 				}
963 			}
964 			mutex_exit(&walker->ipsa_lock);
965 		}
966 		mutex_exit(&fanout[i].isaf_lock);
967 		while (salist != NULL) {
968 			nmp = salist;
969 			salist = nmp->b_next;
970 			nmp->b_next = NULL;
971 			ill_dlpi_send(ill, nmp);
972 		}
973 		if (error != 0)
974 			break;	/* out of for loop. */
975 	}
976 }
977 
978 /*
979  * Called by ill_ipsec_capab_add(). Sends a copy of the SADB of
980  * the type specified by sa_type to the specified ill.
981  *
982  * We call for each fanout table defined by the SADB (one per
983  * protocol). sadb_ill_df() finally calls ill_dlpi_send() for
984  * each SADB entry in order to send a corresponding DL_CONTROL_REQ
985  * message to the ill.
986  */
987 void
988 sadb_ill_download(ill_t *ill, uint_t sa_type)
989 {
990 	mblk_t *protomp;	/* prototype message */
991 	dl_control_req_t *ctrl;
992 	sadbp_t *spp;
993 	sadb_t *sp;
994 	int dlt;
995 	ip_stack_t	*ipst = ill->ill_ipst;
996 	netstack_t	*ns = ipst->ips_netstack;
997 
998 	ASSERT(sa_type == SADB_SATYPE_AH || sa_type == SADB_SATYPE_ESP);
999 
1000 	/*
1001 	 * Allocate and initialize prototype answer. A duplicate for
1002 	 * each SA is sent down to the interface.
1003 	 */
1004 
1005 	/* DL_CONTROL_REQ M_PROTO mblk_t */
1006 	protomp = allocb(sizeof (dl_control_req_t) +
1007 	    sizeof (dl_ct_ipsec_key_t) + sizeof (dl_ct_ipsec_t), BPRI_HI);
1008 	if (protomp == NULL)
1009 		return;
1010 	protomp->b_datap->db_type = M_PROTO;
1011 
1012 	dlt = (sa_type == SADB_SATYPE_AH) ? DL_CT_IPSEC_AH : DL_CT_IPSEC_ESP;
1013 	if (sa_type == SADB_SATYPE_ESP) {
1014 		ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
1015 
1016 		spp = &espstack->esp_sadb;
1017 	} else {
1018 		ipsecah_stack_t	*ahstack = ns->netstack_ipsecah;
1019 
1020 		spp = &ahstack->ah_sadb;
1021 	}
1022 
1023 	ctrl = (dl_control_req_t *)protomp->b_wptr;
1024 	ctrl->dl_primitive = DL_CONTROL_REQ;
1025 	ctrl->dl_operation = DL_CO_SET;
1026 	ctrl->dl_type = dlt;
1027 	ctrl->dl_key_offset = sizeof (dl_control_req_t);
1028 	ctrl->dl_key_length = sizeof (dl_ct_ipsec_key_t);
1029 	ctrl->dl_data_offset = sizeof (dl_control_req_t) +
1030 	    sizeof (dl_ct_ipsec_key_t);
1031 	ctrl->dl_data_length = sizeof (dl_ct_ipsec_t);
1032 	protomp->b_wptr += sizeof (dl_control_req_t);
1033 
1034 	/*
1035 	 * then for each SADB entry, we fill out the dl_ct_ipsec_key_t
1036 	 * and dl_ct_ipsec_t
1037 	 */
1038 	sp = ill->ill_isv6 ? &(spp->s_v6) : &(spp->s_v4);
1039 	sadb_ill_df(ill, protomp, sp->sdb_of, sp->sdb_hashsize, B_FALSE);
1040 	sadb_ill_df(ill, protomp, sp->sdb_if, sp->sdb_hashsize, B_TRUE);
1041 	freemsg(protomp);
1042 }
1043 
1044 /*
1045  * Call me to free up a security association fanout.  Use the forever
1046  * variable to indicate freeing up the SAs (forever == B_FALSE, e.g.
1047  * an SADB_FLUSH message), or destroying everything (forever == B_TRUE,
1048  * when a module is unloaded).
1049  */
1050 static void
1051 sadb_destroyer(isaf_t **tablep, uint_t numentries, boolean_t forever,
1052     boolean_t inbound)
1053 {
1054 	int i;
1055 	isaf_t *table = *tablep;
1056 	uint8_t protocol;
1057 	ipsa_t *sa;
1058 	netstackid_t sid;
1059 
1060 	if (table == NULL)
1061 		return;
1062 
1063 	for (i = 0; i < numentries; i++) {
1064 		mutex_enter(&table[i].isaf_lock);
1065 		while ((sa = table[i].isaf_ipsa) != NULL) {
1066 			if (inbound && cl_inet_deletespi &&
1067 			    (sa->ipsa_state != IPSA_STATE_ACTIVE_ELSEWHERE) &&
1068 			    (sa->ipsa_state != IPSA_STATE_IDLE)) {
1069 				protocol = (sa->ipsa_type == SADB_SATYPE_AH) ?
1070 				    IPPROTO_AH : IPPROTO_ESP;
1071 				sid = sa->ipsa_netstack->netstack_stackid;
1072 				cl_inet_deletespi(sid, protocol, sa->ipsa_spi,
1073 				    NULL);
1074 			}
1075 			sadb_unlinkassoc(sa);
1076 		}
1077 		table[i].isaf_gen++;
1078 		mutex_exit(&table[i].isaf_lock);
1079 		if (forever)
1080 			mutex_destroy(&(table[i].isaf_lock));
1081 	}
1082 
1083 	if (forever) {
1084 		*tablep = NULL;
1085 		kmem_free(table, numentries * sizeof (*table));
1086 	}
1087 }
1088 
1089 /*
1090  * Entry points to sadb_destroyer().
1091  */
1092 static void
1093 sadb_flush(sadb_t *sp, netstack_t *ns)
1094 {
1095 	/*
1096 	 * Flush out each bucket, one at a time.  Were it not for keysock's
1097 	 * enforcement, there would be a subtlety where I could add on the
1098 	 * heels of a flush.  With keysock's enforcement, however, this
1099 	 * makes ESP's job easy.
1100 	 */
1101 	sadb_destroyer(&sp->sdb_of, sp->sdb_hashsize, B_FALSE, B_FALSE);
1102 	sadb_destroyer(&sp->sdb_if, sp->sdb_hashsize, B_FALSE, B_TRUE);
1103 
1104 	/* For each acquire, destroy it; leave the bucket mutex alone. */
1105 	sadb_destroy_acqlist(&sp->sdb_acq, sp->sdb_hashsize, B_FALSE, ns);
1106 }
1107 
1108 static void
1109 sadb_destroy(sadb_t *sp, netstack_t *ns)
1110 {
1111 	sadb_destroyer(&sp->sdb_of, sp->sdb_hashsize, B_TRUE, B_FALSE);
1112 	sadb_destroyer(&sp->sdb_if, sp->sdb_hashsize, B_TRUE, B_TRUE);
1113 
1114 	/* For each acquire, destroy it, including the bucket mutex. */
1115 	sadb_destroy_acqlist(&sp->sdb_acq, sp->sdb_hashsize, B_TRUE, ns);
1116 
1117 	ASSERT(sp->sdb_of == NULL);
1118 	ASSERT(sp->sdb_if == NULL);
1119 	ASSERT(sp->sdb_acq == NULL);
1120 }
1121 
1122 static void
1123 sadb_send_flush_req(sadbp_t *spp)
1124 {
1125 	mblk_t *ctl_mp;
1126 
1127 	/*
1128 	 * we've been unplumbed, or never were plumbed; don't go there.
1129 	 */
1130 	if (spp->s_ip_q == NULL)
1131 		return;
1132 
1133 	/* have IP send a flush msg to the IPsec accelerators */
1134 	ctl_mp = sadb_fmt_sa_req(DL_CO_FLUSH, spp->s_satype, NULL, B_TRUE);
1135 	if (ctl_mp != NULL)
1136 		putnext(spp->s_ip_q, ctl_mp);
1137 }
1138 
1139 void
1140 sadbp_flush(sadbp_t *spp, netstack_t *ns)
1141 {
1142 	sadb_flush(&spp->s_v4, ns);
1143 	sadb_flush(&spp->s_v6, ns);
1144 
1145 	sadb_send_flush_req(spp);
1146 }
1147 
1148 void
1149 sadbp_destroy(sadbp_t *spp, netstack_t *ns)
1150 {
1151 	sadb_destroy(&spp->s_v4, ns);
1152 	sadb_destroy(&spp->s_v6, ns);
1153 
1154 	sadb_send_flush_req(spp);
1155 	if (spp->s_satype == SADB_SATYPE_AH) {
1156 		ipsec_stack_t	*ipss = ns->netstack_ipsec;
1157 
1158 		ip_drop_unregister(&ipss->ipsec_sadb_dropper);
1159 	}
1160 }
1161 
1162 
1163 /*
1164  * Check hard vs. soft lifetimes.  If there's a reality mismatch (e.g.
1165  * soft lifetimes > hard lifetimes) return an appropriate diagnostic for
1166  * EINVAL.
1167  */
1168 int
1169 sadb_hardsoftchk(sadb_lifetime_t *hard, sadb_lifetime_t *soft,
1170     sadb_lifetime_t *idle)
1171 {
1172 	if (hard == NULL || soft == NULL)
1173 		return (0);
1174 
1175 	if (hard->sadb_lifetime_allocations != 0 &&
1176 	    soft->sadb_lifetime_allocations != 0 &&
1177 	    hard->sadb_lifetime_allocations < soft->sadb_lifetime_allocations)
1178 		return (SADB_X_DIAGNOSTIC_ALLOC_HSERR);
1179 
1180 	if (hard->sadb_lifetime_bytes != 0 &&
1181 	    soft->sadb_lifetime_bytes != 0 &&
1182 	    hard->sadb_lifetime_bytes < soft->sadb_lifetime_bytes)
1183 		return (SADB_X_DIAGNOSTIC_BYTES_HSERR);
1184 
1185 	if (hard->sadb_lifetime_addtime != 0 &&
1186 	    soft->sadb_lifetime_addtime != 0 &&
1187 	    hard->sadb_lifetime_addtime < soft->sadb_lifetime_addtime)
1188 		return (SADB_X_DIAGNOSTIC_ADDTIME_HSERR);
1189 
1190 	if (hard->sadb_lifetime_usetime != 0 &&
1191 	    soft->sadb_lifetime_usetime != 0 &&
1192 	    hard->sadb_lifetime_usetime < soft->sadb_lifetime_usetime)
1193 		return (SADB_X_DIAGNOSTIC_USETIME_HSERR);
1194 
1195 	if (idle != NULL) {
1196 		if (hard->sadb_lifetime_addtime != 0 &&
1197 		    idle->sadb_lifetime_addtime != 0 &&
1198 		    hard->sadb_lifetime_addtime < idle->sadb_lifetime_addtime)
1199 			return (SADB_X_DIAGNOSTIC_ADDTIME_HSERR);
1200 
1201 		if (soft->sadb_lifetime_addtime != 0 &&
1202 		    idle->sadb_lifetime_addtime != 0 &&
1203 		    soft->sadb_lifetime_addtime < idle->sadb_lifetime_addtime)
1204 			return (SADB_X_DIAGNOSTIC_ADDTIME_HSERR);
1205 
1206 		if (hard->sadb_lifetime_usetime != 0 &&
1207 		    idle->sadb_lifetime_usetime != 0 &&
1208 		    hard->sadb_lifetime_usetime < idle->sadb_lifetime_usetime)
1209 			return (SADB_X_DIAGNOSTIC_USETIME_HSERR);
1210 
1211 		if (soft->sadb_lifetime_usetime != 0 &&
1212 		    idle->sadb_lifetime_usetime != 0 &&
1213 		    soft->sadb_lifetime_usetime < idle->sadb_lifetime_usetime)
1214 			return (SADB_X_DIAGNOSTIC_USETIME_HSERR);
1215 	}
1216 
1217 	return (0);
1218 }
1219 
1220 /*
1221  * Sanity check sensitivity labels.
1222  *
1223  * For now, just reject labels on unlabeled systems.
1224  */
1225 int
1226 sadb_labelchk(keysock_in_t *ksi)
1227 {
1228 	if (!is_system_labeled()) {
1229 		if (ksi->ks_in_extv[SADB_EXT_SENSITIVITY] != NULL)
1230 			return (SADB_X_DIAGNOSTIC_BAD_LABEL);
1231 
1232 		if (ksi->ks_in_extv[SADB_X_EXT_OUTER_SENS] != NULL)
1233 			return (SADB_X_DIAGNOSTIC_BAD_LABEL);
1234 	}
1235 
1236 	return (0);
1237 }
1238 
1239 /*
1240  * Clone a security association for the purposes of inserting a single SA
1241  * into inbound and outbound tables respectively. This function should only
1242  * be called from sadb_common_add().
1243  */
1244 static ipsa_t *
1245 sadb_cloneassoc(ipsa_t *ipsa)
1246 {
1247 	ipsa_t *newbie;
1248 	boolean_t error = B_FALSE;
1249 
1250 	ASSERT(MUTEX_NOT_HELD(&(ipsa->ipsa_lock)));
1251 
1252 	newbie = kmem_alloc(sizeof (ipsa_t), KM_NOSLEEP);
1253 	if (newbie == NULL)
1254 		return (NULL);
1255 
1256 	/* Copy over what we can. */
1257 	*newbie = *ipsa;
1258 
1259 	/* bzero and initialize locks, in case *_init() allocates... */
1260 	mutex_init(&newbie->ipsa_lock, NULL, MUTEX_DEFAULT, NULL);
1261 
1262 	if (newbie->ipsa_cred != NULL)
1263 		crhold(newbie->ipsa_cred);
1264 
1265 	if (newbie->ipsa_ocred != NULL)
1266 		crhold(newbie->ipsa_ocred);
1267 
1268 	/*
1269 	 * While somewhat dain-bramaged, the most graceful way to
1270 	 * recover from errors is to keep plowing through the
1271 	 * allocations, and getting what I can.  It's easier to call
1272 	 * sadb_freeassoc() on the stillborn clone when all the
1273 	 * pointers aren't pointing to the parent's data.
1274 	 */
1275 
1276 	if (ipsa->ipsa_authkey != NULL) {
1277 		newbie->ipsa_authkey = kmem_alloc(newbie->ipsa_authkeylen,
1278 		    KM_NOSLEEP);
1279 		if (newbie->ipsa_authkey == NULL) {
1280 			error = B_TRUE;
1281 		} else {
1282 			bcopy(ipsa->ipsa_authkey, newbie->ipsa_authkey,
1283 			    newbie->ipsa_authkeylen);
1284 
1285 			newbie->ipsa_kcfauthkey.ck_data =
1286 			    newbie->ipsa_authkey;
1287 		}
1288 
1289 		if (newbie->ipsa_amech.cm_param != NULL) {
1290 			newbie->ipsa_amech.cm_param =
1291 			    (char *)&newbie->ipsa_mac_len;
1292 		}
1293 	}
1294 
1295 	if (ipsa->ipsa_encrkey != NULL) {
1296 		newbie->ipsa_encrkey = kmem_alloc(newbie->ipsa_encrkeylen,
1297 		    KM_NOSLEEP);
1298 		if (newbie->ipsa_encrkey == NULL) {
1299 			error = B_TRUE;
1300 		} else {
1301 			bcopy(ipsa->ipsa_encrkey, newbie->ipsa_encrkey,
1302 			    newbie->ipsa_encrkeylen);
1303 
1304 			newbie->ipsa_kcfencrkey.ck_data =
1305 			    newbie->ipsa_encrkey;
1306 		}
1307 	}
1308 
1309 	newbie->ipsa_authtmpl = NULL;
1310 	newbie->ipsa_encrtmpl = NULL;
1311 	newbie->ipsa_haspeer = B_TRUE;
1312 
1313 	if (ipsa->ipsa_src_cid != NULL) {
1314 		newbie->ipsa_src_cid = ipsa->ipsa_src_cid;
1315 		IPSID_REFHOLD(ipsa->ipsa_src_cid);
1316 	}
1317 
1318 	if (ipsa->ipsa_dst_cid != NULL) {
1319 		newbie->ipsa_dst_cid = ipsa->ipsa_dst_cid;
1320 		IPSID_REFHOLD(ipsa->ipsa_dst_cid);
1321 	}
1322 
1323 	if (error) {
1324 		sadb_freeassoc(newbie);
1325 		return (NULL);
1326 	}
1327 
1328 	return (newbie);
1329 }
1330 
1331 /*
1332  * Initialize a SADB address extension at the address specified by addrext.
1333  * Return a pointer to the end of the new address extension.
1334  */
1335 static uint8_t *
1336 sadb_make_addr_ext(uint8_t *start, uint8_t *end, uint16_t exttype,
1337     sa_family_t af, uint32_t *addr, uint16_t port, uint8_t proto, int prefix)
1338 {
1339 	struct sockaddr_in *sin;
1340 	struct sockaddr_in6 *sin6;
1341 	uint8_t *cur = start;
1342 	int addrext_len;
1343 	int sin_len;
1344 	sadb_address_t *addrext	= (sadb_address_t *)cur;
1345 
1346 	if (cur == NULL)
1347 		return (NULL);
1348 
1349 	cur += sizeof (*addrext);
1350 	if (cur > end)
1351 		return (NULL);
1352 
1353 	addrext->sadb_address_proto = proto;
1354 	addrext->sadb_address_prefixlen = prefix;
1355 	addrext->sadb_address_reserved = 0;
1356 	addrext->sadb_address_exttype = exttype;
1357 
1358 	switch (af) {
1359 	case AF_INET:
1360 		sin = (struct sockaddr_in *)cur;
1361 		sin_len = sizeof (*sin);
1362 		cur += sin_len;
1363 		if (cur > end)
1364 			return (NULL);
1365 
1366 		sin->sin_family = af;
1367 		bzero(sin->sin_zero, sizeof (sin->sin_zero));
1368 		sin->sin_port = port;
1369 		IPSA_COPY_ADDR(&sin->sin_addr, addr, af);
1370 		break;
1371 	case AF_INET6:
1372 		sin6 = (struct sockaddr_in6 *)cur;
1373 		sin_len = sizeof (*sin6);
1374 		cur += sin_len;
1375 		if (cur > end)
1376 			return (NULL);
1377 
1378 		bzero(sin6, sizeof (*sin6));
1379 		sin6->sin6_family = af;
1380 		sin6->sin6_port = port;
1381 		IPSA_COPY_ADDR(&sin6->sin6_addr, addr, af);
1382 		break;
1383 	}
1384 
1385 	addrext_len = roundup(cur - start, sizeof (uint64_t));
1386 	addrext->sadb_address_len = SADB_8TO64(addrext_len);
1387 
1388 	cur = start + addrext_len;
1389 	if (cur > end)
1390 		cur = NULL;
1391 
1392 	return (cur);
1393 }
1394 
1395 /*
1396  * Construct a key management cookie extension.
1397  */
1398 
1399 static uint8_t *
1400 sadb_make_kmc_ext(uint8_t *cur, uint8_t *end, uint32_t kmp, uint32_t kmc)
1401 {
1402 	sadb_x_kmc_t *kmcext = (sadb_x_kmc_t *)cur;
1403 
1404 	if (cur == NULL)
1405 		return (NULL);
1406 
1407 	cur += sizeof (*kmcext);
1408 
1409 	if (cur > end)
1410 		return (NULL);
1411 
1412 	kmcext->sadb_x_kmc_len = SADB_8TO64(sizeof (*kmcext));
1413 	kmcext->sadb_x_kmc_exttype = SADB_X_EXT_KM_COOKIE;
1414 	kmcext->sadb_x_kmc_proto = kmp;
1415 	kmcext->sadb_x_kmc_cookie = kmc;
1416 	kmcext->sadb_x_kmc_reserved = 0;
1417 
1418 	return (cur);
1419 }
1420 
1421 /*
1422  * Given an original message header with sufficient space following it, and an
1423  * SA, construct a full PF_KEY message with all of the relevant extensions.
1424  * This is mostly used for SADB_GET, and SADB_DUMP.
1425  */
1426 static mblk_t *
1427 sadb_sa2msg(ipsa_t *ipsa, sadb_msg_t *samsg)
1428 {
1429 	int alloclen, addrsize, paddrsize, authsize, encrsize;
1430 	int srcidsize, dstidsize, senslen, osenslen;
1431 	sa_family_t fam, pfam;	/* Address family for SADB_EXT_ADDRESS */
1432 				/* src/dst and proxy sockaddrs. */
1433 	/*
1434 	 * The following are pointers into the PF_KEY message this PF_KEY
1435 	 * message creates.
1436 	 */
1437 	sadb_msg_t *newsamsg;
1438 	sadb_sa_t *assoc;
1439 	sadb_lifetime_t *lt;
1440 	sadb_key_t *key;
1441 	sadb_ident_t *ident;
1442 	sadb_sens_t *sens;
1443 	sadb_ext_t *walker;	/* For when we need a generic ext. pointer. */
1444 	sadb_x_replay_ctr_t *repl_ctr;
1445 	sadb_x_pair_t *pair_ext;
1446 
1447 	mblk_t *mp;
1448 	uint8_t *cur, *end;
1449 	/* These indicate the presence of the above extension fields. */
1450 	boolean_t soft = B_FALSE, hard = B_FALSE;
1451 	boolean_t isrc = B_FALSE, idst = B_FALSE;
1452 	boolean_t auth = B_FALSE, encr = B_FALSE;
1453 	boolean_t sensinteg = B_FALSE, osensinteg = B_FALSE;
1454 	boolean_t srcid = B_FALSE, dstid = B_FALSE;
1455 	boolean_t idle;
1456 	boolean_t paired;
1457 	uint32_t otherspi;
1458 
1459 	/* First off, figure out the allocation length for this message. */
1460 	/*
1461 	 * Constant stuff.  This includes base, SA, address (src, dst),
1462 	 * and lifetime (current).
1463 	 */
1464 	alloclen = sizeof (sadb_msg_t) + sizeof (sadb_sa_t) +
1465 	    sizeof (sadb_lifetime_t);
1466 
1467 	fam = ipsa->ipsa_addrfam;
1468 	switch (fam) {
1469 	case AF_INET:
1470 		addrsize = roundup(sizeof (struct sockaddr_in) +
1471 		    sizeof (sadb_address_t), sizeof (uint64_t));
1472 		break;
1473 	case AF_INET6:
1474 		addrsize = roundup(sizeof (struct sockaddr_in6) +
1475 		    sizeof (sadb_address_t), sizeof (uint64_t));
1476 		break;
1477 	default:
1478 		return (NULL);
1479 	}
1480 	/*
1481 	 * Allocate TWO address extensions, for source and destination.
1482 	 * (Thus, the * 2.)
1483 	 */
1484 	alloclen += addrsize * 2;
1485 	if (ipsa->ipsa_flags & IPSA_F_NATT_REM)
1486 		alloclen += addrsize;
1487 	if (ipsa->ipsa_flags & IPSA_F_NATT_LOC)
1488 		alloclen += addrsize;
1489 
1490 	if (ipsa->ipsa_flags & IPSA_F_PAIRED) {
1491 		paired = B_TRUE;
1492 		alloclen += sizeof (sadb_x_pair_t);
1493 		otherspi = ipsa->ipsa_otherspi;
1494 	} else {
1495 		paired = B_FALSE;
1496 	}
1497 
1498 	/* How 'bout other lifetimes? */
1499 	if (ipsa->ipsa_softaddlt != 0 || ipsa->ipsa_softuselt != 0 ||
1500 	    ipsa->ipsa_softbyteslt != 0 || ipsa->ipsa_softalloc != 0) {
1501 		alloclen += sizeof (sadb_lifetime_t);
1502 		soft = B_TRUE;
1503 	}
1504 
1505 	if (ipsa->ipsa_hardaddlt != 0 || ipsa->ipsa_harduselt != 0 ||
1506 	    ipsa->ipsa_hardbyteslt != 0 || ipsa->ipsa_hardalloc != 0) {
1507 		alloclen += sizeof (sadb_lifetime_t);
1508 		hard = B_TRUE;
1509 	}
1510 
1511 	if (ipsa->ipsa_idleaddlt != 0 || ipsa->ipsa_idleuselt != 0) {
1512 		alloclen += sizeof (sadb_lifetime_t);
1513 		idle = B_TRUE;
1514 	} else {
1515 		idle = B_FALSE;
1516 	}
1517 
1518 	/* Inner addresses. */
1519 	if (ipsa->ipsa_innerfam != 0) {
1520 		pfam = ipsa->ipsa_innerfam;
1521 		switch (pfam) {
1522 		case AF_INET6:
1523 			paddrsize = roundup(sizeof (struct sockaddr_in6) +
1524 			    sizeof (sadb_address_t), sizeof (uint64_t));
1525 			break;
1526 		case AF_INET:
1527 			paddrsize = roundup(sizeof (struct sockaddr_in) +
1528 			    sizeof (sadb_address_t), sizeof (uint64_t));
1529 			break;
1530 		default:
1531 			cmn_err(CE_PANIC,
1532 			    "IPsec SADB: Proxy length failure.\n");
1533 			break;
1534 		}
1535 		isrc = B_TRUE;
1536 		idst = B_TRUE;
1537 		alloclen += 2 * paddrsize;
1538 	}
1539 
1540 	/* For the following fields, assume that length != 0 ==> stuff */
1541 	if (ipsa->ipsa_authkeylen != 0) {
1542 		authsize = roundup(sizeof (sadb_key_t) + ipsa->ipsa_authkeylen,
1543 		    sizeof (uint64_t));
1544 		alloclen += authsize;
1545 		auth = B_TRUE;
1546 	}
1547 
1548 	if (ipsa->ipsa_encrkeylen != 0) {
1549 		encrsize = roundup(sizeof (sadb_key_t) + ipsa->ipsa_encrkeylen +
1550 		    ipsa->ipsa_nonce_len, sizeof (uint64_t));
1551 		alloclen += encrsize;
1552 		encr = B_TRUE;
1553 	} else {
1554 		encr = B_FALSE;
1555 	}
1556 
1557 	if (ipsa->ipsa_cred != NULL) {
1558 		senslen = sadb_sens_len_from_cred(ipsa->ipsa_cred);
1559 		alloclen += senslen;
1560 		sensinteg = B_TRUE;
1561 	}
1562 
1563 	if (ipsa->ipsa_ocred != NULL) {
1564 		osenslen = sadb_sens_len_from_cred(ipsa->ipsa_ocred);
1565 		alloclen += osenslen;
1566 		osensinteg = B_TRUE;
1567 	}
1568 
1569 	/*
1570 	 * Must use strlen() here for lengths.	Identities use NULL
1571 	 * pointers to indicate their nonexistence.
1572 	 */
1573 	if (ipsa->ipsa_src_cid != NULL) {
1574 		srcidsize = roundup(sizeof (sadb_ident_t) +
1575 		    strlen(ipsa->ipsa_src_cid->ipsid_cid) + 1,
1576 		    sizeof (uint64_t));
1577 		alloclen += srcidsize;
1578 		srcid = B_TRUE;
1579 	}
1580 
1581 	if (ipsa->ipsa_dst_cid != NULL) {
1582 		dstidsize = roundup(sizeof (sadb_ident_t) +
1583 		    strlen(ipsa->ipsa_dst_cid->ipsid_cid) + 1,
1584 		    sizeof (uint64_t));
1585 		alloclen += dstidsize;
1586 		dstid = B_TRUE;
1587 	}
1588 
1589 	if ((ipsa->ipsa_kmp != 0) || (ipsa->ipsa_kmc != 0))
1590 		alloclen += sizeof (sadb_x_kmc_t);
1591 
1592 	if (ipsa->ipsa_replay != 0) {
1593 		alloclen += sizeof (sadb_x_replay_ctr_t);
1594 	}
1595 
1596 	/* Make sure the allocation length is a multiple of 8 bytes. */
1597 	ASSERT((alloclen & 0x7) == 0);
1598 
1599 	/* XXX Possibly make it esballoc, with a bzero-ing free_ftn. */
1600 	mp = allocb(alloclen, BPRI_HI);
1601 	if (mp == NULL)
1602 		return (NULL);
1603 	bzero(mp->b_rptr, alloclen);
1604 
1605 	mp->b_wptr += alloclen;
1606 	end = mp->b_wptr;
1607 	newsamsg = (sadb_msg_t *)mp->b_rptr;
1608 	*newsamsg = *samsg;
1609 	newsamsg->sadb_msg_len = (uint16_t)SADB_8TO64(alloclen);
1610 
1611 	mutex_enter(&ipsa->ipsa_lock);	/* Since I'm grabbing SA fields... */
1612 
1613 	newsamsg->sadb_msg_satype = ipsa->ipsa_type;
1614 
1615 	assoc = (sadb_sa_t *)(newsamsg + 1);
1616 	assoc->sadb_sa_len = SADB_8TO64(sizeof (*assoc));
1617 	assoc->sadb_sa_exttype = SADB_EXT_SA;
1618 	assoc->sadb_sa_spi = ipsa->ipsa_spi;
1619 	assoc->sadb_sa_replay = ipsa->ipsa_replay_wsize;
1620 	assoc->sadb_sa_state = ipsa->ipsa_state;
1621 	assoc->sadb_sa_auth = ipsa->ipsa_auth_alg;
1622 	assoc->sadb_sa_encrypt = ipsa->ipsa_encr_alg;
1623 	assoc->sadb_sa_flags = ipsa->ipsa_flags;
1624 
1625 	lt = (sadb_lifetime_t *)(assoc + 1);
1626 	lt->sadb_lifetime_len = SADB_8TO64(sizeof (*lt));
1627 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
1628 	/* We do not support the concept. */
1629 	lt->sadb_lifetime_allocations = 0;
1630 	lt->sadb_lifetime_bytes = ipsa->ipsa_bytes;
1631 	lt->sadb_lifetime_addtime = ipsa->ipsa_addtime;
1632 	lt->sadb_lifetime_usetime = ipsa->ipsa_usetime;
1633 
1634 	if (hard) {
1635 		lt++;
1636 		lt->sadb_lifetime_len = SADB_8TO64(sizeof (*lt));
1637 		lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
1638 		lt->sadb_lifetime_allocations = ipsa->ipsa_hardalloc;
1639 		lt->sadb_lifetime_bytes = ipsa->ipsa_hardbyteslt;
1640 		lt->sadb_lifetime_addtime = ipsa->ipsa_hardaddlt;
1641 		lt->sadb_lifetime_usetime = ipsa->ipsa_harduselt;
1642 	}
1643 
1644 	if (soft) {
1645 		lt++;
1646 		lt->sadb_lifetime_len = SADB_8TO64(sizeof (*lt));
1647 		lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT;
1648 		lt->sadb_lifetime_allocations = ipsa->ipsa_softalloc;
1649 		lt->sadb_lifetime_bytes = ipsa->ipsa_softbyteslt;
1650 		lt->sadb_lifetime_addtime = ipsa->ipsa_softaddlt;
1651 		lt->sadb_lifetime_usetime = ipsa->ipsa_softuselt;
1652 	}
1653 
1654 	if (idle) {
1655 		lt++;
1656 		lt->sadb_lifetime_len = SADB_8TO64(sizeof (*lt));
1657 		lt->sadb_lifetime_exttype = SADB_X_EXT_LIFETIME_IDLE;
1658 		lt->sadb_lifetime_addtime = ipsa->ipsa_idleaddlt;
1659 		lt->sadb_lifetime_usetime = ipsa->ipsa_idleuselt;
1660 	}
1661 
1662 	cur = (uint8_t *)(lt + 1);
1663 
1664 	/* NOTE:  Don't fill in ports here if we are a tunnel-mode SA. */
1665 	cur = sadb_make_addr_ext(cur, end, SADB_EXT_ADDRESS_SRC, fam,
1666 	    ipsa->ipsa_srcaddr, (!isrc && !idst) ? SA_SRCPORT(ipsa) : 0,
1667 	    SA_PROTO(ipsa), 0);
1668 	if (cur == NULL) {
1669 		freemsg(mp);
1670 		mp = NULL;
1671 		goto bail;
1672 	}
1673 
1674 	cur = sadb_make_addr_ext(cur, end, SADB_EXT_ADDRESS_DST, fam,
1675 	    ipsa->ipsa_dstaddr, (!isrc && !idst) ? SA_DSTPORT(ipsa) : 0,
1676 	    SA_PROTO(ipsa), 0);
1677 	if (cur == NULL) {
1678 		freemsg(mp);
1679 		mp = NULL;
1680 		goto bail;
1681 	}
1682 
1683 	if (ipsa->ipsa_flags & IPSA_F_NATT_LOC) {
1684 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_NATT_LOC,
1685 		    fam, &ipsa->ipsa_natt_addr_loc, ipsa->ipsa_local_nat_port,
1686 		    IPPROTO_UDP, 0);
1687 		if (cur == NULL) {
1688 			freemsg(mp);
1689 			mp = NULL;
1690 			goto bail;
1691 		}
1692 	}
1693 
1694 	if (ipsa->ipsa_flags & IPSA_F_NATT_REM) {
1695 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_NATT_REM,
1696 		    fam, &ipsa->ipsa_natt_addr_rem, ipsa->ipsa_remote_nat_port,
1697 		    IPPROTO_UDP, 0);
1698 		if (cur == NULL) {
1699 			freemsg(mp);
1700 			mp = NULL;
1701 			goto bail;
1702 		}
1703 	}
1704 
1705 	/* If we are a tunnel-mode SA, fill in the inner-selectors. */
1706 	if (isrc) {
1707 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_INNER_SRC,
1708 		    pfam, ipsa->ipsa_innersrc, SA_SRCPORT(ipsa),
1709 		    SA_IPROTO(ipsa), ipsa->ipsa_innersrcpfx);
1710 		if (cur == NULL) {
1711 			freemsg(mp);
1712 			mp = NULL;
1713 			goto bail;
1714 		}
1715 	}
1716 
1717 	if (idst) {
1718 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_INNER_DST,
1719 		    pfam, ipsa->ipsa_innerdst, SA_DSTPORT(ipsa),
1720 		    SA_IPROTO(ipsa), ipsa->ipsa_innerdstpfx);
1721 		if (cur == NULL) {
1722 			freemsg(mp);
1723 			mp = NULL;
1724 			goto bail;
1725 		}
1726 	}
1727 
1728 	if ((ipsa->ipsa_kmp != 0) || (ipsa->ipsa_kmc != 0)) {
1729 		cur = sadb_make_kmc_ext(cur, end,
1730 		    ipsa->ipsa_kmp, ipsa->ipsa_kmc);
1731 		if (cur == NULL) {
1732 			freemsg(mp);
1733 			mp = NULL;
1734 			goto bail;
1735 		}
1736 	}
1737 
1738 	walker = (sadb_ext_t *)cur;
1739 	if (auth) {
1740 		key = (sadb_key_t *)walker;
1741 		key->sadb_key_len = SADB_8TO64(authsize);
1742 		key->sadb_key_exttype = SADB_EXT_KEY_AUTH;
1743 		key->sadb_key_bits = ipsa->ipsa_authkeybits;
1744 		key->sadb_key_reserved = 0;
1745 		bcopy(ipsa->ipsa_authkey, key + 1, ipsa->ipsa_authkeylen);
1746 		walker = (sadb_ext_t *)((uint64_t *)walker +
1747 		    walker->sadb_ext_len);
1748 	}
1749 
1750 	if (encr) {
1751 		uint8_t *buf_ptr;
1752 		key = (sadb_key_t *)walker;
1753 		key->sadb_key_len = SADB_8TO64(encrsize);
1754 		key->sadb_key_exttype = SADB_EXT_KEY_ENCRYPT;
1755 		key->sadb_key_bits = ipsa->ipsa_encrkeybits;
1756 		key->sadb_key_reserved = ipsa->ipsa_saltbits;
1757 		buf_ptr = (uint8_t *)(key + 1);
1758 		bcopy(ipsa->ipsa_encrkey, buf_ptr, ipsa->ipsa_encrkeylen);
1759 		if (ipsa->ipsa_salt != NULL) {
1760 			buf_ptr += ipsa->ipsa_encrkeylen;
1761 			bcopy(ipsa->ipsa_salt, buf_ptr, ipsa->ipsa_saltlen);
1762 		}
1763 		walker = (sadb_ext_t *)((uint64_t *)walker +
1764 		    walker->sadb_ext_len);
1765 	}
1766 
1767 	if (srcid) {
1768 		ident = (sadb_ident_t *)walker;
1769 		ident->sadb_ident_len = SADB_8TO64(srcidsize);
1770 		ident->sadb_ident_exttype = SADB_EXT_IDENTITY_SRC;
1771 		ident->sadb_ident_type = ipsa->ipsa_src_cid->ipsid_type;
1772 		ident->sadb_ident_id = 0;
1773 		ident->sadb_ident_reserved = 0;
1774 		(void) strcpy((char *)(ident + 1),
1775 		    ipsa->ipsa_src_cid->ipsid_cid);
1776 		walker = (sadb_ext_t *)((uint64_t *)walker +
1777 		    walker->sadb_ext_len);
1778 	}
1779 
1780 	if (dstid) {
1781 		ident = (sadb_ident_t *)walker;
1782 		ident->sadb_ident_len = SADB_8TO64(dstidsize);
1783 		ident->sadb_ident_exttype = SADB_EXT_IDENTITY_DST;
1784 		ident->sadb_ident_type = ipsa->ipsa_dst_cid->ipsid_type;
1785 		ident->sadb_ident_id = 0;
1786 		ident->sadb_ident_reserved = 0;
1787 		(void) strcpy((char *)(ident + 1),
1788 		    ipsa->ipsa_dst_cid->ipsid_cid);
1789 		walker = (sadb_ext_t *)((uint64_t *)walker +
1790 		    walker->sadb_ext_len);
1791 	}
1792 
1793 	if (sensinteg) {
1794 		sens = (sadb_sens_t *)walker;
1795 		sadb_sens_from_cred(sens, SADB_EXT_SENSITIVITY,
1796 		    ipsa->ipsa_cred, senslen);
1797 
1798 		walker = (sadb_ext_t *)((uint64_t *)walker +
1799 		    walker->sadb_ext_len);
1800 	}
1801 
1802 	if (osensinteg) {
1803 		sens = (sadb_sens_t *)walker;
1804 
1805 		sadb_sens_from_cred(sens, SADB_X_EXT_OUTER_SENS,
1806 		    ipsa->ipsa_ocred, osenslen);
1807 		if (ipsa->ipsa_mac_exempt)
1808 			sens->sadb_x_sens_flags = SADB_X_SENS_IMPLICIT;
1809 
1810 		walker = (sadb_ext_t *)((uint64_t *)walker +
1811 		    walker->sadb_ext_len);
1812 	}
1813 
1814 	if (paired) {
1815 		pair_ext = (sadb_x_pair_t *)walker;
1816 
1817 		pair_ext->sadb_x_pair_len = SADB_8TO64(sizeof (sadb_x_pair_t));
1818 		pair_ext->sadb_x_pair_exttype = SADB_X_EXT_PAIR;
1819 		pair_ext->sadb_x_pair_spi = otherspi;
1820 
1821 		walker = (sadb_ext_t *)((uint64_t *)walker +
1822 		    walker->sadb_ext_len);
1823 	}
1824 
1825 	if (ipsa->ipsa_replay != 0) {
1826 		repl_ctr = (sadb_x_replay_ctr_t *)walker;
1827 		repl_ctr->sadb_x_rc_len = SADB_8TO64(sizeof (*repl_ctr));
1828 		repl_ctr->sadb_x_rc_exttype = SADB_X_EXT_REPLAY_VALUE;
1829 		repl_ctr->sadb_x_rc_replay32 = ipsa->ipsa_replay;
1830 		repl_ctr->sadb_x_rc_replay64 = 0;
1831 		walker = (sadb_ext_t *)(repl_ctr + 1);
1832 	}
1833 
1834 bail:
1835 	/* Pardon any delays... */
1836 	mutex_exit(&ipsa->ipsa_lock);
1837 
1838 	return (mp);
1839 }
1840 
1841 /*
1842  * Strip out key headers or unmarked headers (SADB_EXT_KEY_*, SADB_EXT_UNKNOWN)
1843  * and adjust base message accordingly.
1844  *
1845  * Assume message is pulled up in one piece of contiguous memory.
1846  *
1847  * Say if we start off with:
1848  *
1849  * +------+----+-------------+-----------+---------------+---------------+
1850  * | base | SA | source addr | dest addr | rsrvd. or key | soft lifetime |
1851  * +------+----+-------------+-----------+---------------+---------------+
1852  *
1853  * we will end up with
1854  *
1855  * +------+----+-------------+-----------+---------------+
1856  * | base | SA | source addr | dest addr | soft lifetime |
1857  * +------+----+-------------+-----------+---------------+
1858  */
1859 static void
1860 sadb_strip(sadb_msg_t *samsg)
1861 {
1862 	sadb_ext_t *ext;
1863 	uint8_t *target = NULL;
1864 	uint8_t *msgend;
1865 	int sofar = SADB_8TO64(sizeof (*samsg));
1866 	int copylen;
1867 
1868 	ext = (sadb_ext_t *)(samsg + 1);
1869 	msgend = (uint8_t *)samsg;
1870 	msgend += SADB_64TO8(samsg->sadb_msg_len);
1871 	while ((uint8_t *)ext < msgend) {
1872 		if (ext->sadb_ext_type == SADB_EXT_RESERVED ||
1873 		    ext->sadb_ext_type == SADB_EXT_KEY_AUTH ||
1874 		    ext->sadb_ext_type == SADB_X_EXT_EDUMP ||
1875 		    ext->sadb_ext_type == SADB_EXT_KEY_ENCRYPT) {
1876 			/*
1877 			 * Aha!	 I found a header to be erased.
1878 			 */
1879 
1880 			if (target != NULL) {
1881 				/*
1882 				 * If I had a previous header to be erased,
1883 				 * copy over it.  I can get away with just
1884 				 * copying backwards because the target will
1885 				 * always be 8 bytes behind the source.
1886 				 */
1887 				copylen = ((uint8_t *)ext) - (target +
1888 				    SADB_64TO8(
1889 				    ((sadb_ext_t *)target)->sadb_ext_len));
1890 				ovbcopy(((uint8_t *)ext - copylen), target,
1891 				    copylen);
1892 				target += copylen;
1893 				((sadb_ext_t *)target)->sadb_ext_len =
1894 				    SADB_8TO64(((uint8_t *)ext) - target +
1895 				    SADB_64TO8(ext->sadb_ext_len));
1896 			} else {
1897 				target = (uint8_t *)ext;
1898 			}
1899 		} else {
1900 			sofar += ext->sadb_ext_len;
1901 		}
1902 
1903 		ext = (sadb_ext_t *)(((uint64_t *)ext) + ext->sadb_ext_len);
1904 	}
1905 
1906 	ASSERT((uint8_t *)ext == msgend);
1907 
1908 	if (target != NULL) {
1909 		copylen = ((uint8_t *)ext) - (target +
1910 		    SADB_64TO8(((sadb_ext_t *)target)->sadb_ext_len));
1911 		if (copylen != 0)
1912 			ovbcopy(((uint8_t *)ext - copylen), target, copylen);
1913 	}
1914 
1915 	/* Adjust samsg. */
1916 	samsg->sadb_msg_len = (uint16_t)sofar;
1917 
1918 	/* Assume all of the rest is cleared by caller in sadb_pfkey_echo(). */
1919 }
1920 
1921 /*
1922  * AH needs to send an error to PF_KEY.	 Assume mp points to an M_CTL
1923  * followed by an M_DATA with a PF_KEY message in it.  The serial of
1924  * the sending keysock instance is included.
1925  */
1926 void
1927 sadb_pfkey_error(queue_t *pfkey_q, mblk_t *mp, int error, int diagnostic,
1928     uint_t serial)
1929 {
1930 	mblk_t *msg = mp->b_cont;
1931 	sadb_msg_t *samsg;
1932 	keysock_out_t *kso;
1933 
1934 	/*
1935 	 * Enough functions call this to merit a NULL queue check.
1936 	 */
1937 	if (pfkey_q == NULL) {
1938 		freemsg(mp);
1939 		return;
1940 	}
1941 
1942 	ASSERT(msg != NULL);
1943 	ASSERT((mp->b_wptr - mp->b_rptr) == sizeof (ipsec_info_t));
1944 	ASSERT((msg->b_wptr - msg->b_rptr) >= sizeof (sadb_msg_t));
1945 	samsg = (sadb_msg_t *)msg->b_rptr;
1946 	kso = (keysock_out_t *)mp->b_rptr;
1947 
1948 	kso->ks_out_type = KEYSOCK_OUT;
1949 	kso->ks_out_len = sizeof (*kso);
1950 	kso->ks_out_serial = serial;
1951 
1952 	/*
1953 	 * Only send the base message up in the event of an error.
1954 	 * Don't worry about bzero()-ing, because it was probably bogus
1955 	 * anyway.
1956 	 */
1957 	msg->b_wptr = msg->b_rptr + sizeof (*samsg);
1958 	samsg = (sadb_msg_t *)msg->b_rptr;
1959 	samsg->sadb_msg_len = SADB_8TO64(sizeof (*samsg));
1960 	samsg->sadb_msg_errno = (uint8_t)error;
1961 	if (diagnostic != SADB_X_DIAGNOSTIC_PRESET)
1962 		samsg->sadb_x_msg_diagnostic = (uint16_t)diagnostic;
1963 
1964 	putnext(pfkey_q, mp);
1965 }
1966 
1967 /*
1968  * Send a successful return packet back to keysock via the queue in pfkey_q.
1969  *
1970  * Often, an SA is associated with the reply message, it's passed in if needed,
1971  * and NULL if not.  BTW, that ipsa will have its refcnt appropriately held,
1972  * and the caller will release said refcnt.
1973  */
1974 void
1975 sadb_pfkey_echo(queue_t *pfkey_q, mblk_t *mp, sadb_msg_t *samsg,
1976     keysock_in_t *ksi, ipsa_t *ipsa)
1977 {
1978 	keysock_out_t *kso;
1979 	mblk_t *mp1;
1980 	sadb_msg_t *newsamsg;
1981 	uint8_t *oldend;
1982 
1983 	ASSERT((mp->b_cont != NULL) &&
1984 	    ((void *)samsg == (void *)mp->b_cont->b_rptr) &&
1985 	    ((void *)mp->b_rptr == (void *)ksi));
1986 
1987 	switch (samsg->sadb_msg_type) {
1988 	case SADB_ADD:
1989 	case SADB_UPDATE:
1990 	case SADB_X_UPDATEPAIR:
1991 	case SADB_X_DELPAIR_STATE:
1992 	case SADB_FLUSH:
1993 	case SADB_DUMP:
1994 		/*
1995 		 * I have all of the message already.  I just need to strip
1996 		 * out the keying material and echo the message back.
1997 		 *
1998 		 * NOTE: for SADB_DUMP, the function sadb_dump() did the
1999 		 * work.  When DUMP reaches here, it should only be a base
2000 		 * message.
2001 		 */
2002 	justecho:
2003 		if (ksi->ks_in_extv[SADB_EXT_KEY_AUTH] != NULL ||
2004 		    ksi->ks_in_extv[SADB_EXT_KEY_ENCRYPT] != NULL ||
2005 		    ksi->ks_in_extv[SADB_X_EXT_EDUMP] != NULL) {
2006 			sadb_strip(samsg);
2007 			/* Assume PF_KEY message is contiguous. */
2008 			ASSERT(mp->b_cont->b_cont == NULL);
2009 			oldend = mp->b_cont->b_wptr;
2010 			mp->b_cont->b_wptr = mp->b_cont->b_rptr +
2011 			    SADB_64TO8(samsg->sadb_msg_len);
2012 			bzero(mp->b_cont->b_wptr, oldend - mp->b_cont->b_wptr);
2013 		}
2014 		break;
2015 	case SADB_GET:
2016 		/*
2017 		 * Do a lot of work here, because of the ipsa I just found.
2018 		 * First construct the new PF_KEY message, then abandon
2019 		 * the old one.
2020 		 */
2021 		mp1 = sadb_sa2msg(ipsa, samsg);
2022 		if (mp1 == NULL) {
2023 			sadb_pfkey_error(pfkey_q, mp, ENOMEM,
2024 			    SADB_X_DIAGNOSTIC_NONE, ksi->ks_in_serial);
2025 			return;
2026 		}
2027 		freemsg(mp->b_cont);
2028 		mp->b_cont = mp1;
2029 		break;
2030 	case SADB_DELETE:
2031 	case SADB_X_DELPAIR:
2032 		if (ipsa == NULL)
2033 			goto justecho;
2034 		/*
2035 		 * Because listening KMds may require more info, treat
2036 		 * DELETE like a special case of GET.
2037 		 */
2038 		mp1 = sadb_sa2msg(ipsa, samsg);
2039 		if (mp1 == NULL) {
2040 			sadb_pfkey_error(pfkey_q, mp, ENOMEM,
2041 			    SADB_X_DIAGNOSTIC_NONE, ksi->ks_in_serial);
2042 			return;
2043 		}
2044 		newsamsg = (sadb_msg_t *)mp1->b_rptr;
2045 		sadb_strip(newsamsg);
2046 		oldend = mp1->b_wptr;
2047 		mp1->b_wptr = mp1->b_rptr + SADB_64TO8(newsamsg->sadb_msg_len);
2048 		bzero(mp1->b_wptr, oldend - mp1->b_wptr);
2049 		freemsg(mp->b_cont);
2050 		mp->b_cont = mp1;
2051 		break;
2052 	default:
2053 		if (mp != NULL)
2054 			freemsg(mp);
2055 		return;
2056 	}
2057 
2058 	/* ksi is now null and void. */
2059 	kso = (keysock_out_t *)ksi;
2060 	kso->ks_out_type = KEYSOCK_OUT;
2061 	kso->ks_out_len = sizeof (*kso);
2062 	kso->ks_out_serial = ksi->ks_in_serial;
2063 	/* We're ready to send... */
2064 	putnext(pfkey_q, mp);
2065 }
2066 
2067 /*
2068  * Set up a global pfkey_q instance for AH, ESP, or some other consumer.
2069  */
2070 void
2071 sadb_keysock_hello(queue_t **pfkey_qp, queue_t *q, mblk_t *mp,
2072     void (*ager)(void *), void *agerarg, timeout_id_t *top, int satype)
2073 {
2074 	keysock_hello_ack_t *kha;
2075 	queue_t *oldq;
2076 
2077 	ASSERT(OTHERQ(q) != NULL);
2078 
2079 	/*
2080 	 * First, check atomically that I'm the first and only keysock
2081 	 * instance.
2082 	 *
2083 	 * Use OTHERQ(q), because qreply(q, mp) == putnext(OTHERQ(q), mp),
2084 	 * and I want this module to say putnext(*_pfkey_q, mp) for PF_KEY
2085 	 * messages.
2086 	 */
2087 
2088 	oldq = casptr((void **)pfkey_qp, NULL, OTHERQ(q));
2089 	if (oldq != NULL) {
2090 		ASSERT(oldq != q);
2091 		cmn_err(CE_WARN, "Danger!  Multiple keysocks on top of %s.\n",
2092 		    (satype == SADB_SATYPE_ESP)? "ESP" : "AH or other");
2093 		freemsg(mp);
2094 		return;
2095 	}
2096 
2097 	kha = (keysock_hello_ack_t *)mp->b_rptr;
2098 	kha->ks_hello_len = sizeof (keysock_hello_ack_t);
2099 	kha->ks_hello_type = KEYSOCK_HELLO_ACK;
2100 	kha->ks_hello_satype = (uint8_t)satype;
2101 
2102 	/*
2103 	 * If we made it past the casptr, then we have "exclusive" access
2104 	 * to the timeout handle.  Fire it off after the default ager
2105 	 * interval.
2106 	 */
2107 	*top = qtimeout(*pfkey_qp, ager, agerarg,
2108 	    drv_usectohz(SADB_AGE_INTERVAL_DEFAULT * 1000));
2109 
2110 	putnext(*pfkey_qp, mp);
2111 }
2112 
2113 /*
2114  * Normalize IPv4-mapped IPv6 addresses (and prefixes) as appropriate.
2115  *
2116  * Check addresses themselves for wildcard or multicast.
2117  * Check ire table for local/non-local/broadcast.
2118  */
2119 int
2120 sadb_addrcheck(queue_t *pfkey_q, mblk_t *mp, sadb_ext_t *ext, uint_t serial,
2121     netstack_t *ns)
2122 {
2123 	sadb_address_t *addr = (sadb_address_t *)ext;
2124 	struct sockaddr_in *sin;
2125 	struct sockaddr_in6 *sin6;
2126 	ire_t *ire;
2127 	int diagnostic, type;
2128 	boolean_t normalized = B_FALSE;
2129 
2130 	ASSERT(ext != NULL);
2131 	ASSERT((ext->sadb_ext_type == SADB_EXT_ADDRESS_SRC) ||
2132 	    (ext->sadb_ext_type == SADB_EXT_ADDRESS_DST) ||
2133 	    (ext->sadb_ext_type == SADB_X_EXT_ADDRESS_INNER_SRC) ||
2134 	    (ext->sadb_ext_type == SADB_X_EXT_ADDRESS_INNER_DST) ||
2135 	    (ext->sadb_ext_type == SADB_X_EXT_ADDRESS_NATT_LOC) ||
2136 	    (ext->sadb_ext_type == SADB_X_EXT_ADDRESS_NATT_REM));
2137 
2138 	/* Assign both sockaddrs, the compiler will do the right thing. */
2139 	sin = (struct sockaddr_in *)(addr + 1);
2140 	sin6 = (struct sockaddr_in6 *)(addr + 1);
2141 
2142 	if (sin6->sin6_family == AF_INET6) {
2143 		if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
2144 			/*
2145 			 * Convert to an AF_INET sockaddr.  This means the
2146 			 * return messages will have the extra space, but have
2147 			 * AF_INET sockaddrs instead of AF_INET6.
2148 			 *
2149 			 * Yes, RFC 2367 isn't clear on what to do here w.r.t.
2150 			 * mapped addresses, but since AF_INET6 ::ffff:<v4> is
2151 			 * equal to AF_INET <v4>, it shouldnt be a huge
2152 			 * problem.
2153 			 */
2154 			sin->sin_family = AF_INET;
2155 			IN6_V4MAPPED_TO_INADDR(&sin6->sin6_addr,
2156 			    &sin->sin_addr);
2157 			bzero(&sin->sin_zero, sizeof (sin->sin_zero));
2158 			normalized = B_TRUE;
2159 		}
2160 	} else if (sin->sin_family != AF_INET) {
2161 		switch (ext->sadb_ext_type) {
2162 		case SADB_EXT_ADDRESS_SRC:
2163 			diagnostic = SADB_X_DIAGNOSTIC_BAD_SRC_AF;
2164 			break;
2165 		case SADB_EXT_ADDRESS_DST:
2166 			diagnostic = SADB_X_DIAGNOSTIC_BAD_DST_AF;
2167 			break;
2168 		case SADB_X_EXT_ADDRESS_INNER_SRC:
2169 			diagnostic = SADB_X_DIAGNOSTIC_BAD_PROXY_AF;
2170 			break;
2171 		case SADB_X_EXT_ADDRESS_INNER_DST:
2172 			diagnostic = SADB_X_DIAGNOSTIC_BAD_INNER_DST_AF;
2173 			break;
2174 		case SADB_X_EXT_ADDRESS_NATT_LOC:
2175 			diagnostic = SADB_X_DIAGNOSTIC_BAD_NATT_LOC_AF;
2176 			break;
2177 		case SADB_X_EXT_ADDRESS_NATT_REM:
2178 			diagnostic = SADB_X_DIAGNOSTIC_BAD_NATT_REM_AF;
2179 			break;
2180 			/* There is no default, see above ASSERT. */
2181 		}
2182 bail:
2183 		if (pfkey_q != NULL) {
2184 			sadb_pfkey_error(pfkey_q, mp, EINVAL, diagnostic,
2185 			    serial);
2186 		} else {
2187 			/*
2188 			 * Scribble in sadb_msg that we got passed in.
2189 			 * Overload "mp" to be an sadb_msg pointer.
2190 			 */
2191 			sadb_msg_t *samsg = (sadb_msg_t *)mp;
2192 
2193 			samsg->sadb_msg_errno = EINVAL;
2194 			samsg->sadb_x_msg_diagnostic = diagnostic;
2195 		}
2196 		return (KS_IN_ADDR_UNKNOWN);
2197 	}
2198 
2199 	if (ext->sadb_ext_type == SADB_X_EXT_ADDRESS_INNER_SRC ||
2200 	    ext->sadb_ext_type == SADB_X_EXT_ADDRESS_INNER_DST) {
2201 		/*
2202 		 * We need only check for prefix issues.
2203 		 */
2204 
2205 		/* Set diagnostic now, in case we need it later. */
2206 		diagnostic =
2207 		    (ext->sadb_ext_type == SADB_X_EXT_ADDRESS_INNER_SRC) ?
2208 		    SADB_X_DIAGNOSTIC_PREFIX_INNER_SRC :
2209 		    SADB_X_DIAGNOSTIC_PREFIX_INNER_DST;
2210 
2211 		if (normalized)
2212 			addr->sadb_address_prefixlen -= 96;
2213 
2214 		/*
2215 		 * Verify and mask out inner-addresses based on prefix length.
2216 		 */
2217 		if (sin->sin_family == AF_INET) {
2218 			if (addr->sadb_address_prefixlen > 32)
2219 				goto bail;
2220 			sin->sin_addr.s_addr &=
2221 			    ip_plen_to_mask(addr->sadb_address_prefixlen);
2222 		} else {
2223 			in6_addr_t mask;
2224 
2225 			ASSERT(sin->sin_family == AF_INET6);
2226 			/*
2227 			 * ip_plen_to_mask_v6() returns NULL if the value in
2228 			 * question is out of range.
2229 			 */
2230 			if (ip_plen_to_mask_v6(addr->sadb_address_prefixlen,
2231 			    &mask) == NULL)
2232 				goto bail;
2233 			sin6->sin6_addr.s6_addr32[0] &= mask.s6_addr32[0];
2234 			sin6->sin6_addr.s6_addr32[1] &= mask.s6_addr32[1];
2235 			sin6->sin6_addr.s6_addr32[2] &= mask.s6_addr32[2];
2236 			sin6->sin6_addr.s6_addr32[3] &= mask.s6_addr32[3];
2237 		}
2238 
2239 		/* We don't care in these cases. */
2240 		return (KS_IN_ADDR_DONTCARE);
2241 	}
2242 
2243 	if (sin->sin_family == AF_INET6) {
2244 		/* Check the easy ones now. */
2245 		if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr))
2246 			return (KS_IN_ADDR_MBCAST);
2247 		if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr))
2248 			return (KS_IN_ADDR_UNSPEC);
2249 		/*
2250 		 * At this point, we're a unicast IPv6 address.
2251 		 *
2252 		 * A ctable lookup for local is sufficient here.  If we're
2253 		 * local, return KS_IN_ADDR_ME, otherwise KS_IN_ADDR_NOTME.
2254 		 *
2255 		 * XXX Zones alert -> me/notme decision needs to be tempered
2256 		 * by what zone we're in when we go to zone-aware IPsec.
2257 		 */
2258 		ire = ire_ctable_lookup_v6(&sin6->sin6_addr, NULL,
2259 		    IRE_LOCAL, NULL, ALL_ZONES, NULL, MATCH_IRE_TYPE,
2260 		    ns->netstack_ip);
2261 		if (ire != NULL) {
2262 			/* Hey hey, it's local. */
2263 			IRE_REFRELE(ire);
2264 			return (KS_IN_ADDR_ME);
2265 		}
2266 	} else {
2267 		ASSERT(sin->sin_family == AF_INET);
2268 		if (sin->sin_addr.s_addr == INADDR_ANY)
2269 			return (KS_IN_ADDR_UNSPEC);
2270 		if (CLASSD(sin->sin_addr.s_addr))
2271 			return (KS_IN_ADDR_MBCAST);
2272 		/*
2273 		 * At this point we're a unicast or broadcast IPv4 address.
2274 		 *
2275 		 * Lookup on the ctable for IRE_BROADCAST or IRE_LOCAL.
2276 		 * A NULL return value is NOTME, otherwise, look at the
2277 		 * returned ire for broadcast or not and return accordingly.
2278 		 *
2279 		 * XXX Zones alert -> me/notme decision needs to be tempered
2280 		 * by what zone we're in when we go to zone-aware IPsec.
2281 		 */
2282 		ire = ire_ctable_lookup(sin->sin_addr.s_addr, 0,
2283 		    IRE_LOCAL | IRE_BROADCAST, NULL, ALL_ZONES, NULL,
2284 		    MATCH_IRE_TYPE, ns->netstack_ip);
2285 		if (ire != NULL) {
2286 			/* Check for local or broadcast */
2287 			type = ire->ire_type;
2288 			IRE_REFRELE(ire);
2289 			ASSERT(type == IRE_LOCAL || type == IRE_BROADCAST);
2290 			return ((type == IRE_LOCAL) ? KS_IN_ADDR_ME :
2291 			    KS_IN_ADDR_MBCAST);
2292 		}
2293 	}
2294 
2295 	return (KS_IN_ADDR_NOTME);
2296 }
2297 
2298 /*
2299  * Address normalizations and reality checks for inbound PF_KEY messages.
2300  *
2301  * For the case of src == unspecified AF_INET6, and dst == AF_INET, convert
2302  * the source to AF_INET.  Do the same for the inner sources.
2303  */
2304 boolean_t
2305 sadb_addrfix(keysock_in_t *ksi, queue_t *pfkey_q, mblk_t *mp, netstack_t *ns)
2306 {
2307 	struct sockaddr_in *src, *isrc;
2308 	struct sockaddr_in6 *dst, *idst;
2309 	sadb_address_t *srcext, *dstext;
2310 	uint16_t sport;
2311 	sadb_ext_t **extv = ksi->ks_in_extv;
2312 	int rc;
2313 
2314 	if (extv[SADB_EXT_ADDRESS_SRC] != NULL) {
2315 		rc = sadb_addrcheck(pfkey_q, mp, extv[SADB_EXT_ADDRESS_SRC],
2316 		    ksi->ks_in_serial, ns);
2317 		if (rc == KS_IN_ADDR_UNKNOWN)
2318 			return (B_FALSE);
2319 		if (rc == KS_IN_ADDR_MBCAST) {
2320 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2321 			    SADB_X_DIAGNOSTIC_BAD_SRC, ksi->ks_in_serial);
2322 			return (B_FALSE);
2323 		}
2324 		ksi->ks_in_srctype = rc;
2325 	}
2326 
2327 	if (extv[SADB_EXT_ADDRESS_DST] != NULL) {
2328 		rc = sadb_addrcheck(pfkey_q, mp, extv[SADB_EXT_ADDRESS_DST],
2329 		    ksi->ks_in_serial, ns);
2330 		if (rc == KS_IN_ADDR_UNKNOWN)
2331 			return (B_FALSE);
2332 		if (rc == KS_IN_ADDR_UNSPEC) {
2333 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2334 			    SADB_X_DIAGNOSTIC_BAD_DST, ksi->ks_in_serial);
2335 			return (B_FALSE);
2336 		}
2337 		ksi->ks_in_dsttype = rc;
2338 	}
2339 
2340 	/*
2341 	 * NAT-Traversal addrs are simple enough to not require all of
2342 	 * the checks in sadb_addrcheck().  Just normalize or reject if not
2343 	 * AF_INET.
2344 	 */
2345 	if (extv[SADB_X_EXT_ADDRESS_NATT_LOC] != NULL) {
2346 		rc = sadb_addrcheck(pfkey_q, mp,
2347 		    extv[SADB_X_EXT_ADDRESS_NATT_LOC], ksi->ks_in_serial, ns);
2348 
2349 		/*
2350 		 * Local NAT-T addresses never use an IRE_LOCAL, so it should
2351 		 * always be NOTME, or UNSPEC (to handle both tunnel mode
2352 		 * AND local-port flexibility).
2353 		 */
2354 		if (rc != KS_IN_ADDR_NOTME && rc != KS_IN_ADDR_UNSPEC) {
2355 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2356 			    SADB_X_DIAGNOSTIC_MALFORMED_NATT_LOC,
2357 			    ksi->ks_in_serial);
2358 			return (B_FALSE);
2359 		}
2360 		src = (struct sockaddr_in *)
2361 		    (((sadb_address_t *)extv[SADB_X_EXT_ADDRESS_NATT_LOC]) + 1);
2362 		if (src->sin_family != AF_INET) {
2363 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2364 			    SADB_X_DIAGNOSTIC_BAD_NATT_LOC_AF,
2365 			    ksi->ks_in_serial);
2366 			return (B_FALSE);
2367 		}
2368 	}
2369 
2370 	if (extv[SADB_X_EXT_ADDRESS_NATT_REM] != NULL) {
2371 		rc = sadb_addrcheck(pfkey_q, mp,
2372 		    extv[SADB_X_EXT_ADDRESS_NATT_REM], ksi->ks_in_serial, ns);
2373 
2374 		/*
2375 		 * Remote NAT-T addresses never use an IRE_LOCAL, so it should
2376 		 * always be NOTME, or UNSPEC if it's a tunnel-mode SA.
2377 		 */
2378 		if (rc != KS_IN_ADDR_NOTME &&
2379 		    !(extv[SADB_X_EXT_ADDRESS_INNER_SRC] != NULL &&
2380 		    rc == KS_IN_ADDR_UNSPEC)) {
2381 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2382 			    SADB_X_DIAGNOSTIC_MALFORMED_NATT_REM,
2383 			    ksi->ks_in_serial);
2384 			return (B_FALSE);
2385 		}
2386 		src = (struct sockaddr_in *)
2387 		    (((sadb_address_t *)extv[SADB_X_EXT_ADDRESS_NATT_REM]) + 1);
2388 		if (src->sin_family != AF_INET) {
2389 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2390 			    SADB_X_DIAGNOSTIC_BAD_NATT_REM_AF,
2391 			    ksi->ks_in_serial);
2392 			return (B_FALSE);
2393 		}
2394 	}
2395 
2396 	if (extv[SADB_X_EXT_ADDRESS_INNER_SRC] != NULL) {
2397 		if (extv[SADB_X_EXT_ADDRESS_INNER_DST] == NULL) {
2398 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2399 			    SADB_X_DIAGNOSTIC_MISSING_INNER_DST,
2400 			    ksi->ks_in_serial);
2401 			return (B_FALSE);
2402 		}
2403 
2404 		if (sadb_addrcheck(pfkey_q, mp,
2405 		    extv[SADB_X_EXT_ADDRESS_INNER_DST], ksi->ks_in_serial, ns)
2406 		    == KS_IN_ADDR_UNKNOWN ||
2407 		    sadb_addrcheck(pfkey_q, mp,
2408 		    extv[SADB_X_EXT_ADDRESS_INNER_SRC], ksi->ks_in_serial, ns)
2409 		    == KS_IN_ADDR_UNKNOWN)
2410 			return (B_FALSE);
2411 
2412 		isrc = (struct sockaddr_in *)
2413 		    (((sadb_address_t *)extv[SADB_X_EXT_ADDRESS_INNER_SRC]) +
2414 		    1);
2415 		idst = (struct sockaddr_in6 *)
2416 		    (((sadb_address_t *)extv[SADB_X_EXT_ADDRESS_INNER_DST]) +
2417 		    1);
2418 		if (isrc->sin_family != idst->sin6_family) {
2419 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2420 			    SADB_X_DIAGNOSTIC_INNER_AF_MISMATCH,
2421 			    ksi->ks_in_serial);
2422 			return (B_FALSE);
2423 		}
2424 	} else if (extv[SADB_X_EXT_ADDRESS_INNER_DST] != NULL) {
2425 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2426 			    SADB_X_DIAGNOSTIC_MISSING_INNER_SRC,
2427 			    ksi->ks_in_serial);
2428 			return (B_FALSE);
2429 	} else {
2430 		isrc = NULL;	/* For inner/outer port check below. */
2431 	}
2432 
2433 	dstext = (sadb_address_t *)extv[SADB_EXT_ADDRESS_DST];
2434 	srcext = (sadb_address_t *)extv[SADB_EXT_ADDRESS_SRC];
2435 
2436 	if (dstext == NULL || srcext == NULL)
2437 		return (B_TRUE);
2438 
2439 	dst = (struct sockaddr_in6 *)(dstext + 1);
2440 	src = (struct sockaddr_in *)(srcext + 1);
2441 
2442 	if (isrc != NULL &&
2443 	    (isrc->sin_port != 0 || idst->sin6_port != 0) &&
2444 	    (src->sin_port != 0 || dst->sin6_port != 0)) {
2445 		/* Can't set inner and outer ports in one SA. */
2446 		sadb_pfkey_error(pfkey_q, mp, EINVAL,
2447 		    SADB_X_DIAGNOSTIC_DUAL_PORT_SETS,
2448 		    ksi->ks_in_serial);
2449 		return (B_FALSE);
2450 	}
2451 
2452 	if (dst->sin6_family == src->sin_family)
2453 		return (B_TRUE);
2454 
2455 	if (srcext->sadb_address_proto != dstext->sadb_address_proto) {
2456 		if (srcext->sadb_address_proto == 0) {
2457 			srcext->sadb_address_proto = dstext->sadb_address_proto;
2458 		} else if (dstext->sadb_address_proto == 0) {
2459 			dstext->sadb_address_proto = srcext->sadb_address_proto;
2460 		} else {
2461 			/* Inequal protocols, neither were 0.  Report error. */
2462 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2463 			    SADB_X_DIAGNOSTIC_PROTO_MISMATCH,
2464 			    ksi->ks_in_serial);
2465 			return (B_FALSE);
2466 		}
2467 	}
2468 
2469 	/*
2470 	 * With the exception of an unspec IPv6 source and an IPv4
2471 	 * destination, address families MUST me matched.
2472 	 */
2473 	if (src->sin_family == AF_INET ||
2474 	    ksi->ks_in_srctype != KS_IN_ADDR_UNSPEC) {
2475 		sadb_pfkey_error(pfkey_q, mp, EINVAL,
2476 		    SADB_X_DIAGNOSTIC_AF_MISMATCH, ksi->ks_in_serial);
2477 		return (B_FALSE);
2478 	}
2479 
2480 	/*
2481 	 * Convert "src" to AF_INET INADDR_ANY.  We rely on sin_port being
2482 	 * in the same place for sockaddr_in and sockaddr_in6.
2483 	 */
2484 	sport = src->sin_port;
2485 	bzero(src, sizeof (*src));
2486 	src->sin_family = AF_INET;
2487 	src->sin_port = sport;
2488 
2489 	return (B_TRUE);
2490 }
2491 
2492 /*
2493  * Set the results in "addrtype", given an IRE as requested by
2494  * sadb_addrcheck().
2495  */
2496 int
2497 sadb_addrset(ire_t *ire)
2498 {
2499 	if ((ire->ire_type & IRE_BROADCAST) ||
2500 	    (ire->ire_ipversion == IPV4_VERSION && CLASSD(ire->ire_addr)) ||
2501 	    (ire->ire_ipversion == IPV6_VERSION &&
2502 	    IN6_IS_ADDR_MULTICAST(&(ire->ire_addr_v6))))
2503 		return (KS_IN_ADDR_MBCAST);
2504 	if (ire->ire_type & (IRE_LOCAL | IRE_LOOPBACK))
2505 		return (KS_IN_ADDR_ME);
2506 	return (KS_IN_ADDR_NOTME);
2507 }
2508 
2509 /*
2510  * Match primitives..
2511  * !!! TODO: short term: inner selectors
2512  *		ipv6 scope id (ifindex)
2513  * longer term:  zone id.  sensitivity label. uid.
2514  */
2515 boolean_t
2516 sadb_match_spi(ipsa_query_t *sq, ipsa_t *sa)
2517 {
2518 	return (sq->spi == sa->ipsa_spi);
2519 }
2520 
2521 boolean_t
2522 sadb_match_dst_v6(ipsa_query_t *sq, ipsa_t *sa)
2523 {
2524 	return (IPSA_ARE_ADDR_EQUAL(sa->ipsa_dstaddr, sq->dstaddr, AF_INET6));
2525 }
2526 
2527 boolean_t
2528 sadb_match_src_v6(ipsa_query_t *sq, ipsa_t *sa)
2529 {
2530 	return (IPSA_ARE_ADDR_EQUAL(sa->ipsa_srcaddr, sq->srcaddr, AF_INET6));
2531 }
2532 
2533 boolean_t
2534 sadb_match_dst_v4(ipsa_query_t *sq, ipsa_t *sa)
2535 {
2536 	return (sq->dstaddr[0] == sa->ipsa_dstaddr[0]);
2537 }
2538 
2539 boolean_t
2540 sadb_match_src_v4(ipsa_query_t *sq, ipsa_t *sa)
2541 {
2542 	return (sq->srcaddr[0] == sa->ipsa_srcaddr[0]);
2543 }
2544 
2545 boolean_t
2546 sadb_match_dstid(ipsa_query_t *sq, ipsa_t *sa)
2547 {
2548 	return ((sa->ipsa_dst_cid != NULL) &&
2549 	    (sq->didtype == sa->ipsa_dst_cid->ipsid_type) &&
2550 	    (strcmp(sq->didstr, sa->ipsa_dst_cid->ipsid_cid) == 0));
2551 
2552 }
2553 boolean_t
2554 sadb_match_srcid(ipsa_query_t *sq, ipsa_t *sa)
2555 {
2556 	return ((sa->ipsa_src_cid != NULL) &&
2557 	    (sq->sidtype == sa->ipsa_src_cid->ipsid_type) &&
2558 	    (strcmp(sq->sidstr, sa->ipsa_src_cid->ipsid_cid) == 0));
2559 }
2560 
2561 boolean_t
2562 sadb_match_kmc(ipsa_query_t *sq, ipsa_t *sa)
2563 {
2564 #define	M(a, b) (((a) == 0) || ((b) == 0) || ((a) == (b)))
2565 
2566 	return (M(sq->kmc, sa->ipsa_kmc) && M(sq->kmp, sa->ipsa_kmp));
2567 
2568 #undef M
2569 }
2570 
2571 /*
2572  * Common function which extracts several PF_KEY extensions for ease of
2573  * SADB matching.
2574  *
2575  * XXX TODO: weed out ipsa_query_t fields not used during matching
2576  * or afterwards?
2577  */
2578 int
2579 sadb_form_query(keysock_in_t *ksi, uint32_t req, uint32_t match,
2580     ipsa_query_t *sq, int *diagnostic)
2581 {
2582 	int i;
2583 	ipsa_match_fn_t *mfpp = &(sq->matchers[0]);
2584 
2585 	for (i = 0; i < IPSA_NMATCH; i++)
2586 		sq->matchers[i] = NULL;
2587 
2588 	ASSERT((req & ~match) == 0);
2589 
2590 	sq->req = req;
2591 	sq->dstext = (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
2592 	sq->srcext = (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_SRC];
2593 	sq->assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
2594 
2595 	if ((req & IPSA_Q_DST) && (sq->dstext == NULL)) {
2596 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_DST;
2597 		return (EINVAL);
2598 	}
2599 	if ((req & IPSA_Q_SRC) && (sq->srcext == NULL)) {
2600 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_SRC;
2601 		return (EINVAL);
2602 	}
2603 	if ((req & IPSA_Q_SA) && (sq->assoc == NULL)) {
2604 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_SA;
2605 		return (EINVAL);
2606 	}
2607 
2608 	if (match & IPSA_Q_SA) {
2609 		*mfpp++ = sadb_match_spi;
2610 		sq->spi = sq->assoc->sadb_sa_spi;
2611 	}
2612 
2613 	if (sq->dstext != NULL)
2614 		sq->dst = (struct sockaddr_in *)(sq->dstext + 1);
2615 	else {
2616 		sq->dst = NULL;
2617 		sq->dst6 = NULL;
2618 		sq->dstaddr = NULL;
2619 	}
2620 
2621 	if (sq->srcext != NULL)
2622 		sq->src = (struct sockaddr_in *)(sq->srcext + 1);
2623 	else {
2624 		sq->src = NULL;
2625 		sq->src6 = NULL;
2626 		sq->srcaddr = NULL;
2627 	}
2628 
2629 	if (sq->dst != NULL)
2630 		sq->af = sq->dst->sin_family;
2631 	else if (sq->src != NULL)
2632 		sq->af = sq->src->sin_family;
2633 	else
2634 		sq->af = AF_INET;
2635 
2636 	if (sq->af == AF_INET6) {
2637 		if ((match & IPSA_Q_DST) && (sq->dstext != NULL)) {
2638 			*mfpp++ = sadb_match_dst_v6;
2639 			sq->dst6 = (struct sockaddr_in6 *)sq->dst;
2640 			sq->dstaddr = (uint32_t *)&(sq->dst6->sin6_addr);
2641 		} else {
2642 			match &= ~IPSA_Q_DST;
2643 			sq->dstaddr = ALL_ZEROES_PTR;
2644 		}
2645 
2646 		if ((match & IPSA_Q_SRC) && (sq->srcext != NULL)) {
2647 			sq->src6 = (struct sockaddr_in6 *)(sq->srcext + 1);
2648 			sq->srcaddr = (uint32_t *)&sq->src6->sin6_addr;
2649 			if (sq->src6->sin6_family != AF_INET6) {
2650 				*diagnostic = SADB_X_DIAGNOSTIC_AF_MISMATCH;
2651 				return (EINVAL);
2652 			}
2653 			*mfpp++ = sadb_match_src_v6;
2654 		} else {
2655 			match &= ~IPSA_Q_SRC;
2656 			sq->srcaddr = ALL_ZEROES_PTR;
2657 		}
2658 	} else {
2659 		sq->src6 = sq->dst6 = NULL;
2660 		if ((match & IPSA_Q_DST) && (sq->dstext != NULL)) {
2661 			*mfpp++ = sadb_match_dst_v4;
2662 			sq->dstaddr = (uint32_t *)&sq->dst->sin_addr;
2663 		} else {
2664 			match &= ~IPSA_Q_DST;
2665 			sq->dstaddr = ALL_ZEROES_PTR;
2666 		}
2667 		if ((match & IPSA_Q_SRC) && (sq->srcext != NULL)) {
2668 			sq->srcaddr = (uint32_t *)&sq->src->sin_addr;
2669 			if (sq->src->sin_family != AF_INET) {
2670 				*diagnostic = SADB_X_DIAGNOSTIC_AF_MISMATCH;
2671 				return (EINVAL);
2672 			}
2673 			*mfpp++ = sadb_match_src_v4;
2674 		} else {
2675 			match &= ~IPSA_Q_SRC;
2676 			sq->srcaddr = ALL_ZEROES_PTR;
2677 		}
2678 	}
2679 
2680 	sq->dstid = (sadb_ident_t *)ksi->ks_in_extv[SADB_EXT_IDENTITY_DST];
2681 	if ((match & IPSA_Q_DSTID) && (sq->dstid != NULL)) {
2682 		sq->didstr = (char *)(sq->dstid + 1);
2683 		sq->didtype = sq->dstid->sadb_ident_type;
2684 		*mfpp++ = sadb_match_dstid;
2685 	}
2686 
2687 	sq->srcid = (sadb_ident_t *)ksi->ks_in_extv[SADB_EXT_IDENTITY_SRC];
2688 
2689 	if ((match & IPSA_Q_SRCID) && (sq->srcid != NULL)) {
2690 		sq->sidstr = (char *)(sq->srcid + 1);
2691 		sq->sidtype = sq->srcid->sadb_ident_type;
2692 		*mfpp++ = sadb_match_srcid;
2693 	}
2694 
2695 	sq->kmcext = (sadb_x_kmc_t *)ksi->ks_in_extv[SADB_X_EXT_KM_COOKIE];
2696 	sq->kmc = 0;
2697 	sq->kmp = 0;
2698 
2699 	if ((match & IPSA_Q_KMC) && (sq->kmcext)) {
2700 		sq->kmc = sq->kmcext->sadb_x_kmc_cookie;
2701 		sq->kmp = sq->kmcext->sadb_x_kmc_proto;
2702 		*mfpp++ = sadb_match_kmc;
2703 	}
2704 
2705 	if (match & (IPSA_Q_INBOUND|IPSA_Q_OUTBOUND)) {
2706 		if (sq->af == AF_INET6)
2707 			sq->sp = &sq->spp->s_v6;
2708 		else
2709 			sq->sp = &sq->spp->s_v4;
2710 	} else {
2711 		sq->sp = NULL;
2712 	}
2713 
2714 	if (match & IPSA_Q_INBOUND) {
2715 		sq->inhash = INBOUND_HASH(sq->sp, sq->assoc->sadb_sa_spi);
2716 		sq->inbound = &sq->sp->sdb_if[sq->inhash];
2717 	} else {
2718 		sq->inhash = 0;
2719 		sq->inbound = NULL;
2720 	}
2721 
2722 	if (match & IPSA_Q_OUTBOUND) {
2723 		if (sq->af == AF_INET6) {
2724 			sq->outhash = OUTBOUND_HASH_V6(sq->sp, *(sq->dstaddr));
2725 		} else {
2726 			sq->outhash = OUTBOUND_HASH_V4(sq->sp, *(sq->dstaddr));
2727 		}
2728 		sq->outbound = &sq->sp->sdb_of[sq->outhash];
2729 	} else {
2730 		sq->outhash = 0;
2731 		sq->outbound = NULL;
2732 	}
2733 	sq->match = match;
2734 	return (0);
2735 }
2736 
2737 /*
2738  * Match an initialized query structure with a security association;
2739  * return B_TRUE on a match, B_FALSE on a miss.
2740  * Applies match functions set up by sadb_form_query() until one returns false.
2741  */
2742 boolean_t
2743 sadb_match_query(ipsa_query_t *sq, ipsa_t *sa)
2744 {
2745 	ipsa_match_fn_t *mfpp = &(sq->matchers[0]);
2746 	ipsa_match_fn_t mfp;
2747 
2748 	for (mfp = *mfpp++; mfp != NULL; mfp = *mfpp++) {
2749 		if (!mfp(sq, sa))
2750 			return (B_FALSE);
2751 	}
2752 	return (B_TRUE);
2753 }
2754 
2755 /*
2756  * Walker callback function to delete sa's based on src/dst address.
2757  * Assumes that we're called with *head locked, no other locks held;
2758  * Conveniently, and not coincidentally, this is both what sadb_walker
2759  * gives us and also what sadb_unlinkassoc expects.
2760  */
2761 struct sadb_purge_state
2762 {
2763 	ipsa_query_t sq;
2764 	boolean_t inbnd;
2765 	uint8_t sadb_sa_state;
2766 	mblk_t *mq;
2767 };
2768 
2769 static void
2770 sadb_purge_cb(isaf_t *head, ipsa_t *entry, void *cookie)
2771 {
2772 	struct sadb_purge_state *ps = (struct sadb_purge_state *)cookie;
2773 
2774 	ASSERT(MUTEX_HELD(&head->isaf_lock));
2775 
2776 	mutex_enter(&entry->ipsa_lock);
2777 
2778 	if (entry->ipsa_state == IPSA_STATE_LARVAL ||
2779 	    !sadb_match_query(&ps->sq, entry)) {
2780 		mutex_exit(&entry->ipsa_lock);
2781 		return;
2782 	}
2783 
2784 	if (ps->inbnd) {
2785 		sadb_delete_cluster(entry);
2786 	}
2787 	entry->ipsa_state = IPSA_STATE_DEAD;
2788 	(void) sadb_torch_assoc(head, entry, ps->inbnd, &ps->mq);
2789 }
2790 
2791 /*
2792  * Common code to purge an SA with a matching src or dst address.
2793  * Don't kill larval SA's in such a purge.
2794  */
2795 int
2796 sadb_purge_sa(mblk_t *mp, keysock_in_t *ksi, sadb_t *sp,
2797 	int *diagnostic, queue_t *pfkey_q, queue_t *ip_q)
2798 {
2799 	struct sadb_purge_state ps;
2800 	int error = sadb_form_query(ksi, 0,
2801 	    IPSA_Q_SRC|IPSA_Q_DST|IPSA_Q_SRCID|IPSA_Q_DSTID|IPSA_Q_KMC,
2802 	    &ps.sq, diagnostic);
2803 
2804 	ps.mq = NULL;
2805 
2806 	if (error != 0)
2807 		return (error);
2808 
2809 	/*
2810 	 * This is simple, crude, and effective.
2811 	 * Unimplemented optimizations (TBD):
2812 	 * - we can limit how many places we search based on where we
2813 	 * think the SA is filed.
2814 	 * - if we get a dst address, we can hash based on dst addr to find
2815 	 * the correct bucket in the outbound table.
2816 	 */
2817 	ps.inbnd = B_TRUE;
2818 	sadb_walker(sp->sdb_if, sp->sdb_hashsize, sadb_purge_cb, &ps);
2819 	ps.inbnd = B_FALSE;
2820 	sadb_walker(sp->sdb_of, sp->sdb_hashsize, sadb_purge_cb, &ps);
2821 
2822 	if (ps.mq != NULL)
2823 		sadb_drain_torchq(ip_q, ps.mq);
2824 
2825 	ASSERT(mp->b_cont != NULL);
2826 	sadb_pfkey_echo(pfkey_q, mp, (sadb_msg_t *)mp->b_cont->b_rptr, ksi,
2827 	    NULL);
2828 	return (0);
2829 }
2830 
2831 static void
2832 sadb_delpair_state_one(isaf_t *head, ipsa_t *entry, void *cookie)
2833 {
2834 	struct sadb_purge_state *ps = (struct sadb_purge_state *)cookie;
2835 	isaf_t  *inbound_bucket;
2836 	ipsa_t *peer_assoc;
2837 	ipsa_query_t *sq = &ps->sq;
2838 
2839 	ASSERT(MUTEX_HELD(&head->isaf_lock));
2840 
2841 	mutex_enter(&entry->ipsa_lock);
2842 
2843 	if ((entry->ipsa_state != ps->sadb_sa_state) ||
2844 	    ((sq->srcaddr != NULL) &&
2845 	    !IPSA_ARE_ADDR_EQUAL(entry->ipsa_srcaddr, sq->srcaddr, sq->af))) {
2846 		mutex_exit(&entry->ipsa_lock);
2847 		return;
2848 	}
2849 
2850 	/*
2851 	 * The isaf_t *, which is passed in , is always an outbound bucket,
2852 	 * and we are preserving the outbound-then-inbound hash-bucket lock
2853 	 * ordering. The sadb_walker() which triggers this function is called
2854 	 * only on the outbound fanout, and the corresponding inbound bucket
2855 	 * lock is safe to acquire here.
2856 	 */
2857 
2858 	if (entry->ipsa_haspeer) {
2859 		inbound_bucket = INBOUND_BUCKET(sq->sp, entry->ipsa_spi);
2860 		mutex_enter(&inbound_bucket->isaf_lock);
2861 		peer_assoc = ipsec_getassocbyspi(inbound_bucket,
2862 		    entry->ipsa_spi, entry->ipsa_srcaddr,
2863 		    entry->ipsa_dstaddr, entry->ipsa_addrfam);
2864 	} else {
2865 		inbound_bucket = INBOUND_BUCKET(sq->sp, entry->ipsa_otherspi);
2866 		mutex_enter(&inbound_bucket->isaf_lock);
2867 		peer_assoc = ipsec_getassocbyspi(inbound_bucket,
2868 		    entry->ipsa_otherspi, entry->ipsa_dstaddr,
2869 		    entry->ipsa_srcaddr, entry->ipsa_addrfam);
2870 	}
2871 
2872 	entry->ipsa_state = IPSA_STATE_DEAD;
2873 	(void) sadb_torch_assoc(head, entry, B_FALSE, &ps->mq);
2874 	if (peer_assoc != NULL) {
2875 		mutex_enter(&peer_assoc->ipsa_lock);
2876 		peer_assoc->ipsa_state = IPSA_STATE_DEAD;
2877 		(void) sadb_torch_assoc(inbound_bucket, peer_assoc,
2878 		    B_FALSE, &ps->mq);
2879 	}
2880 	mutex_exit(&inbound_bucket->isaf_lock);
2881 }
2882 
2883 static int
2884 sadb_delpair_state(mblk_t *mp, keysock_in_t *ksi, sadbp_t *spp,
2885     int *diagnostic, queue_t *pfkey_q)
2886 {
2887 	sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
2888 	struct sadb_purge_state ps;
2889 	int error;
2890 
2891 	ps.sq.spp = spp;		/* XXX param */
2892 	ps.mq = NULL;
2893 
2894 	error = sadb_form_query(ksi, IPSA_Q_DST|IPSA_Q_SRC,
2895 	    IPSA_Q_SRC|IPSA_Q_DST|IPSA_Q_SRCID|IPSA_Q_DSTID|IPSA_Q_KMC,
2896 	    &ps.sq, diagnostic);
2897 	if (error != 0)
2898 		return (error);
2899 
2900 	ps.inbnd = B_FALSE;
2901 	ps.sadb_sa_state = assoc->sadb_sa_state;
2902 	sadb_walker(ps.sq.sp->sdb_of, ps.sq.sp->sdb_hashsize,
2903 	    sadb_delpair_state_one, &ps);
2904 
2905 	if (ps.mq != NULL)
2906 		sadb_drain_torchq(pfkey_q, ps.mq);
2907 
2908 	ASSERT(mp->b_cont != NULL);
2909 	sadb_pfkey_echo(pfkey_q, mp, (sadb_msg_t *)mp->b_cont->b_rptr,
2910 	    ksi, NULL);
2911 	return (0);
2912 }
2913 
2914 /*
2915  * Common code to delete/get an SA.
2916  */
2917 int
2918 sadb_delget_sa(mblk_t *mp, keysock_in_t *ksi, sadbp_t *spp,
2919     int *diagnostic, queue_t *pfkey_q, uint8_t sadb_msg_type)
2920 {
2921 	ipsa_query_t sq;
2922 	ipsa_t *echo_target = NULL;
2923 	ipsap_t ipsapp;
2924 	mblk_t *torchq = NULL;
2925 	uint_t	error = 0;
2926 
2927 	if (sadb_msg_type == SADB_X_DELPAIR_STATE)
2928 		return (sadb_delpair_state(mp, ksi, spp, diagnostic, pfkey_q));
2929 
2930 	sq.spp = spp;		/* XXX param */
2931 	error = sadb_form_query(ksi, IPSA_Q_DST|IPSA_Q_SA,
2932 	    IPSA_Q_SRC|IPSA_Q_DST|IPSA_Q_SA|IPSA_Q_INBOUND|IPSA_Q_OUTBOUND,
2933 	    &sq, diagnostic);
2934 	if (error != 0)
2935 		return (error);
2936 
2937 	error = get_ipsa_pair(&sq, &ipsapp, diagnostic);
2938 	if (error != 0) {
2939 		return (error);
2940 	}
2941 
2942 	echo_target = ipsapp.ipsap_sa_ptr;
2943 	if (echo_target == NULL)
2944 		echo_target = ipsapp.ipsap_psa_ptr;
2945 
2946 	if (sadb_msg_type == SADB_DELETE || sadb_msg_type == SADB_X_DELPAIR) {
2947 		/*
2948 		 * Bucket locks will be required if SA is actually unlinked.
2949 		 * get_ipsa_pair() returns valid hash bucket pointers even
2950 		 * if it can't find a pair SA pointer. To prevent a potential
2951 		 * deadlock, always lock the outbound bucket before the inbound.
2952 		 */
2953 		if (ipsapp.in_inbound_table) {
2954 			mutex_enter(&ipsapp.ipsap_pbucket->isaf_lock);
2955 			mutex_enter(&ipsapp.ipsap_bucket->isaf_lock);
2956 		} else {
2957 			mutex_enter(&ipsapp.ipsap_bucket->isaf_lock);
2958 			mutex_enter(&ipsapp.ipsap_pbucket->isaf_lock);
2959 		}
2960 
2961 		if (ipsapp.ipsap_sa_ptr != NULL) {
2962 			mutex_enter(&ipsapp.ipsap_sa_ptr->ipsa_lock);
2963 			if (ipsapp.ipsap_sa_ptr->ipsa_flags & IPSA_F_INBOUND) {
2964 				sadb_delete_cluster(ipsapp.ipsap_sa_ptr);
2965 			}
2966 			ipsapp.ipsap_sa_ptr->ipsa_state = IPSA_STATE_DEAD;
2967 			(void) sadb_torch_assoc(ipsapp.ipsap_bucket,
2968 			    ipsapp.ipsap_sa_ptr, B_FALSE, &torchq);
2969 			/*
2970 			 * sadb_torch_assoc() releases the ipsa_lock
2971 			 * and calls sadb_unlinkassoc() which does a
2972 			 * IPSA_REFRELE.
2973 			 */
2974 		}
2975 		if (ipsapp.ipsap_psa_ptr != NULL) {
2976 			mutex_enter(&ipsapp.ipsap_psa_ptr->ipsa_lock);
2977 			if (sadb_msg_type == SADB_X_DELPAIR ||
2978 			    ipsapp.ipsap_psa_ptr->ipsa_haspeer) {
2979 				if (ipsapp.ipsap_psa_ptr->ipsa_flags &
2980 				    IPSA_F_INBOUND) {
2981 					sadb_delete_cluster
2982 					    (ipsapp.ipsap_psa_ptr);
2983 				}
2984 				ipsapp.ipsap_psa_ptr->ipsa_state =
2985 				    IPSA_STATE_DEAD;
2986 				(void) sadb_torch_assoc(ipsapp.ipsap_pbucket,
2987 				    ipsapp.ipsap_psa_ptr, B_FALSE, &torchq);
2988 			} else {
2989 				/*
2990 				 * Only half of the "pair" has been deleted.
2991 				 * Update the remaining SA and remove references
2992 				 * to its pair SA, which is now gone.
2993 				 */
2994 				ipsapp.ipsap_psa_ptr->ipsa_otherspi = 0;
2995 				ipsapp.ipsap_psa_ptr->ipsa_flags &=
2996 				    ~IPSA_F_PAIRED;
2997 				mutex_exit(&ipsapp.ipsap_psa_ptr->ipsa_lock);
2998 			}
2999 		} else if (sadb_msg_type == SADB_X_DELPAIR) {
3000 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_SA_NOTFOUND;
3001 			error = ESRCH;
3002 		}
3003 		mutex_exit(&ipsapp.ipsap_bucket->isaf_lock);
3004 		mutex_exit(&ipsapp.ipsap_pbucket->isaf_lock);
3005 	}
3006 
3007 	if (torchq != NULL)
3008 		sadb_drain_torchq(spp->s_ip_q, torchq);
3009 
3010 	ASSERT(mp->b_cont != NULL);
3011 
3012 	if (error == 0)
3013 		sadb_pfkey_echo(pfkey_q, mp, (sadb_msg_t *)
3014 		    mp->b_cont->b_rptr, ksi, echo_target);
3015 
3016 	destroy_ipsa_pair(&ipsapp);
3017 
3018 	return (error);
3019 }
3020 
3021 /*
3022  * This function takes a sadb_sa_t and finds the ipsa_t structure
3023  * and the isaf_t (hash bucket) that its stored under. If the security
3024  * association has a peer, the ipsa_t structure and bucket for that security
3025  * association are also searched for. The "pair" of ipsa_t's and isaf_t's
3026  * are returned as a ipsap_t.
3027  *
3028  * The hash buckets are returned for convenience, if the calling function
3029  * needs to use the hash bucket locks, say to remove the SA's, it should
3030  * take care to observe the convention of locking outbound bucket then
3031  * inbound bucket. The flag in_inbound_table provides direction.
3032  *
3033  * Note that a "pair" is defined as one (but not both) of the following:
3034  *
3035  * A security association which has a soft reference to another security
3036  * association via its SPI.
3037  *
3038  * A security association that is not obviously "inbound" or "outbound" so
3039  * it appears in both hash tables, the "peer" being the same security
3040  * association in the other hash table.
3041  *
3042  * This function will return NULL if the ipsa_t can't be found in the
3043  * inbound or outbound  hash tables (not found). If only one ipsa_t is
3044  * found, the pair ipsa_t will be NULL. Both isaf_t values are valid
3045  * provided at least one ipsa_t is found.
3046  */
3047 static int
3048 get_ipsa_pair(ipsa_query_t *sq, ipsap_t *ipsapp, int *diagnostic)
3049 {
3050 	uint32_t pair_srcaddr[IPSA_MAX_ADDRLEN];
3051 	uint32_t pair_dstaddr[IPSA_MAX_ADDRLEN];
3052 	uint32_t pair_spi;
3053 
3054 	init_ipsa_pair(ipsapp);
3055 
3056 	ipsapp->in_inbound_table = B_FALSE;
3057 
3058 	/* Lock down both buckets. */
3059 	mutex_enter(&sq->outbound->isaf_lock);
3060 	mutex_enter(&sq->inbound->isaf_lock);
3061 
3062 	if (sq->assoc->sadb_sa_flags & IPSA_F_INBOUND) {
3063 		ipsapp->ipsap_sa_ptr = ipsec_getassocbyspi(sq->inbound,
3064 		    sq->assoc->sadb_sa_spi, sq->srcaddr, sq->dstaddr, sq->af);
3065 		if (ipsapp->ipsap_sa_ptr != NULL) {
3066 			ipsapp->ipsap_bucket = sq->inbound;
3067 			ipsapp->ipsap_pbucket = sq->outbound;
3068 			ipsapp->in_inbound_table = B_TRUE;
3069 		} else {
3070 			ipsapp->ipsap_sa_ptr = ipsec_getassocbyspi(sq->outbound,
3071 			    sq->assoc->sadb_sa_spi, sq->srcaddr, sq->dstaddr,
3072 			    sq->af);
3073 			ipsapp->ipsap_bucket = sq->outbound;
3074 			ipsapp->ipsap_pbucket = sq->inbound;
3075 		}
3076 	} else {
3077 		/* IPSA_F_OUTBOUND is set *or* no directions flags set. */
3078 		ipsapp->ipsap_sa_ptr =
3079 		    ipsec_getassocbyspi(sq->outbound,
3080 		    sq->assoc->sadb_sa_spi, sq->srcaddr, sq->dstaddr, sq->af);
3081 		if (ipsapp->ipsap_sa_ptr != NULL) {
3082 			ipsapp->ipsap_bucket = sq->outbound;
3083 			ipsapp->ipsap_pbucket = sq->inbound;
3084 		} else {
3085 			ipsapp->ipsap_sa_ptr = ipsec_getassocbyspi(sq->inbound,
3086 			    sq->assoc->sadb_sa_spi, sq->srcaddr, sq->dstaddr,
3087 			    sq->af);
3088 			ipsapp->ipsap_bucket = sq->inbound;
3089 			ipsapp->ipsap_pbucket = sq->outbound;
3090 			if (ipsapp->ipsap_sa_ptr != NULL)
3091 				ipsapp->in_inbound_table = B_TRUE;
3092 		}
3093 	}
3094 
3095 	if (ipsapp->ipsap_sa_ptr == NULL) {
3096 		mutex_exit(&sq->outbound->isaf_lock);
3097 		mutex_exit(&sq->inbound->isaf_lock);
3098 		*diagnostic = SADB_X_DIAGNOSTIC_SA_NOTFOUND;
3099 		return (ESRCH);
3100 	}
3101 
3102 	if ((ipsapp->ipsap_sa_ptr->ipsa_state == IPSA_STATE_LARVAL) &&
3103 	    ipsapp->in_inbound_table) {
3104 		mutex_exit(&sq->outbound->isaf_lock);
3105 		mutex_exit(&sq->inbound->isaf_lock);
3106 		return (0);
3107 	}
3108 
3109 	mutex_enter(&ipsapp->ipsap_sa_ptr->ipsa_lock);
3110 	if (ipsapp->ipsap_sa_ptr->ipsa_haspeer) {
3111 		/*
3112 		 * haspeer implies no sa_pairing, look for same spi
3113 		 * in other hashtable.
3114 		 */
3115 		ipsapp->ipsap_psa_ptr =
3116 		    ipsec_getassocbyspi(ipsapp->ipsap_pbucket,
3117 		    sq->assoc->sadb_sa_spi, sq->srcaddr, sq->dstaddr, sq->af);
3118 		mutex_exit(&ipsapp->ipsap_sa_ptr->ipsa_lock);
3119 		mutex_exit(&sq->outbound->isaf_lock);
3120 		mutex_exit(&sq->inbound->isaf_lock);
3121 		return (0);
3122 	}
3123 	pair_spi = ipsapp->ipsap_sa_ptr->ipsa_otherspi;
3124 	IPSA_COPY_ADDR(&pair_srcaddr,
3125 	    ipsapp->ipsap_sa_ptr->ipsa_srcaddr, sq->af);
3126 	IPSA_COPY_ADDR(&pair_dstaddr,
3127 	    ipsapp->ipsap_sa_ptr->ipsa_dstaddr, sq->af);
3128 	mutex_exit(&ipsapp->ipsap_sa_ptr->ipsa_lock);
3129 	mutex_exit(&sq->inbound->isaf_lock);
3130 	mutex_exit(&sq->outbound->isaf_lock);
3131 
3132 	if (pair_spi == 0) {
3133 		ASSERT(ipsapp->ipsap_bucket != NULL);
3134 		ASSERT(ipsapp->ipsap_pbucket != NULL);
3135 		return (0);
3136 	}
3137 
3138 	/* found sa in outbound sadb, peer should be inbound */
3139 
3140 	if (ipsapp->in_inbound_table) {
3141 		/* Found SA in inbound table, pair will be in outbound. */
3142 		if (sq->af == AF_INET6) {
3143 			ipsapp->ipsap_pbucket = OUTBOUND_BUCKET_V6(sq->sp,
3144 			    *(uint32_t *)pair_srcaddr);
3145 		} else {
3146 			ipsapp->ipsap_pbucket = OUTBOUND_BUCKET_V4(sq->sp,
3147 			    *(uint32_t *)pair_srcaddr);
3148 		}
3149 	} else {
3150 		ipsapp->ipsap_pbucket = INBOUND_BUCKET(sq->sp, pair_spi);
3151 	}
3152 	mutex_enter(&ipsapp->ipsap_pbucket->isaf_lock);
3153 	ipsapp->ipsap_psa_ptr = ipsec_getassocbyspi(ipsapp->ipsap_pbucket,
3154 	    pair_spi, pair_dstaddr, pair_srcaddr, sq->af);
3155 	mutex_exit(&ipsapp->ipsap_pbucket->isaf_lock);
3156 	ASSERT(ipsapp->ipsap_bucket != NULL);
3157 	ASSERT(ipsapp->ipsap_pbucket != NULL);
3158 	return (0);
3159 }
3160 
3161 /*
3162  * Perform NAT-traversal cached checksum offset calculations here.
3163  */
3164 static void
3165 sadb_nat_calculations(ipsa_t *newbie, sadb_address_t *natt_loc_ext,
3166     sadb_address_t *natt_rem_ext, uint32_t *src_addr_ptr,
3167     uint32_t *dst_addr_ptr)
3168 {
3169 	struct sockaddr_in *natt_loc, *natt_rem;
3170 	uint32_t *natt_loc_ptr = NULL, *natt_rem_ptr = NULL;
3171 	uint32_t running_sum = 0;
3172 
3173 #define	DOWN_SUM(x) (x) = ((x) & 0xFFFF) +	 ((x) >> 16)
3174 
3175 	if (natt_rem_ext != NULL) {
3176 		uint32_t l_src;
3177 		uint32_t l_rem;
3178 
3179 		natt_rem = (struct sockaddr_in *)(natt_rem_ext + 1);
3180 
3181 		/* Ensured by sadb_addrfix(). */
3182 		ASSERT(natt_rem->sin_family == AF_INET);
3183 
3184 		natt_rem_ptr = (uint32_t *)(&natt_rem->sin_addr);
3185 		newbie->ipsa_remote_nat_port = natt_rem->sin_port;
3186 		l_src = *src_addr_ptr;
3187 		l_rem = *natt_rem_ptr;
3188 
3189 		/* Instead of IPSA_COPY_ADDR(), just copy first 32 bits. */
3190 		newbie->ipsa_natt_addr_rem = *natt_rem_ptr;
3191 
3192 		l_src = ntohl(l_src);
3193 		DOWN_SUM(l_src);
3194 		DOWN_SUM(l_src);
3195 		l_rem = ntohl(l_rem);
3196 		DOWN_SUM(l_rem);
3197 		DOWN_SUM(l_rem);
3198 
3199 		/*
3200 		 * We're 1's complement for checksums, so check for wraparound
3201 		 * here.
3202 		 */
3203 		if (l_rem > l_src)
3204 			l_src--;
3205 
3206 		running_sum += l_src - l_rem;
3207 
3208 		DOWN_SUM(running_sum);
3209 		DOWN_SUM(running_sum);
3210 	}
3211 
3212 	if (natt_loc_ext != NULL) {
3213 		natt_loc = (struct sockaddr_in *)(natt_loc_ext + 1);
3214 
3215 		/* Ensured by sadb_addrfix(). */
3216 		ASSERT(natt_loc->sin_family == AF_INET);
3217 
3218 		natt_loc_ptr = (uint32_t *)(&natt_loc->sin_addr);
3219 		newbie->ipsa_local_nat_port = natt_loc->sin_port;
3220 
3221 		/* Instead of IPSA_COPY_ADDR(), just copy first 32 bits. */
3222 		newbie->ipsa_natt_addr_loc = *natt_loc_ptr;
3223 
3224 		/*
3225 		 * NAT-T port agility means we may have natt_loc_ext, but
3226 		 * only for a local-port change.
3227 		 */
3228 		if (natt_loc->sin_addr.s_addr != INADDR_ANY) {
3229 			uint32_t l_dst = ntohl(*dst_addr_ptr);
3230 			uint32_t l_loc = ntohl(*natt_loc_ptr);
3231 
3232 			DOWN_SUM(l_loc);
3233 			DOWN_SUM(l_loc);
3234 			DOWN_SUM(l_dst);
3235 			DOWN_SUM(l_dst);
3236 
3237 			/*
3238 			 * We're 1's complement for checksums, so check for
3239 			 * wraparound here.
3240 			 */
3241 			if (l_loc > l_dst)
3242 				l_dst--;
3243 
3244 			running_sum += l_dst - l_loc;
3245 			DOWN_SUM(running_sum);
3246 			DOWN_SUM(running_sum);
3247 		}
3248 	}
3249 
3250 	newbie->ipsa_inbound_cksum = running_sum;
3251 #undef DOWN_SUM
3252 }
3253 
3254 /*
3255  * This function is called from consumers that need to insert a fully-grown
3256  * security association into its tables.  This function takes into account that
3257  * SAs can be "inbound", "outbound", or "both".	 The "primary" and "secondary"
3258  * hash bucket parameters are set in order of what the SA will be most of the
3259  * time.  (For example, an SA with an unspecified source, and a multicast
3260  * destination will primarily be an outbound SA.  OTOH, if that destination
3261  * is unicast for this node, then the SA will primarily be inbound.)
3262  *
3263  * It takes a lot of parameters because even if clone is B_FALSE, this needs
3264  * to check both buckets for purposes of collision.
3265  *
3266  * Return 0 upon success.  Return various errnos (ENOMEM, EEXIST) for
3267  * various error conditions.  We may need to set samsg->sadb_x_msg_diagnostic
3268  * with additional diagnostic information because there is at least one EINVAL
3269  * case here.
3270  */
3271 int
3272 sadb_common_add(queue_t *ip_q, queue_t *pfkey_q, mblk_t *mp, sadb_msg_t *samsg,
3273     keysock_in_t *ksi, isaf_t *primary, isaf_t *secondary,
3274     ipsa_t *newbie, boolean_t clone, boolean_t is_inbound, int *diagnostic,
3275     netstack_t *ns, sadbp_t *spp)
3276 {
3277 	ipsa_t *newbie_clone = NULL, *scratch;
3278 	ipsap_t ipsapp;
3279 	sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
3280 	sadb_address_t *srcext =
3281 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_SRC];
3282 	sadb_address_t *dstext =
3283 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
3284 	sadb_address_t *isrcext =
3285 	    (sadb_address_t *)ksi->ks_in_extv[SADB_X_EXT_ADDRESS_INNER_SRC];
3286 	sadb_address_t *idstext =
3287 	    (sadb_address_t *)ksi->ks_in_extv[SADB_X_EXT_ADDRESS_INNER_DST];
3288 	sadb_x_kmc_t *kmcext =
3289 	    (sadb_x_kmc_t *)ksi->ks_in_extv[SADB_X_EXT_KM_COOKIE];
3290 	sadb_key_t *akey = (sadb_key_t *)ksi->ks_in_extv[SADB_EXT_KEY_AUTH];
3291 	sadb_key_t *ekey = (sadb_key_t *)ksi->ks_in_extv[SADB_EXT_KEY_ENCRYPT];
3292 	sadb_sens_t *sens =
3293 	    (sadb_sens_t *)ksi->ks_in_extv[SADB_EXT_SENSITIVITY];
3294 	sadb_sens_t *osens =
3295 	    (sadb_sens_t *)ksi->ks_in_extv[SADB_X_EXT_OUTER_SENS];
3296 	sadb_x_pair_t *pair_ext =
3297 	    (sadb_x_pair_t *)ksi->ks_in_extv[SADB_X_EXT_PAIR];
3298 	sadb_x_replay_ctr_t *replayext =
3299 	    (sadb_x_replay_ctr_t *)ksi->ks_in_extv[SADB_X_EXT_REPLAY_VALUE];
3300 	uint8_t protocol =
3301 	    (samsg->sadb_msg_satype == SADB_SATYPE_AH) ? IPPROTO_AH:IPPROTO_ESP;
3302 	int salt_offset;
3303 	uint8_t *buf_ptr;
3304 	struct sockaddr_in *src, *dst, *isrc, *idst;
3305 	struct sockaddr_in6 *src6, *dst6, *isrc6, *idst6;
3306 	sadb_lifetime_t *soft =
3307 	    (sadb_lifetime_t *)ksi->ks_in_extv[SADB_EXT_LIFETIME_SOFT];
3308 	sadb_lifetime_t *hard =
3309 	    (sadb_lifetime_t *)ksi->ks_in_extv[SADB_EXT_LIFETIME_HARD];
3310 	sadb_lifetime_t	*idle =
3311 	    (sadb_lifetime_t *)ksi->ks_in_extv[SADB_X_EXT_LIFETIME_IDLE];
3312 	sa_family_t af;
3313 	int error = 0;
3314 	boolean_t isupdate = (newbie != NULL);
3315 	uint32_t *src_addr_ptr, *dst_addr_ptr, *isrc_addr_ptr, *idst_addr_ptr;
3316 	mblk_t *ctl_mp = NULL;
3317 	ipsec_stack_t	*ipss = ns->netstack_ipsec;
3318 	ip_stack_t 	*ipst = ns->netstack_ip;
3319 	ipsec_alginfo_t *alg;
3320 	int		rcode;
3321 
3322 	init_ipsa_pair(&ipsapp);
3323 
3324 	if (srcext == NULL) {
3325 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_SRC;
3326 		return (EINVAL);
3327 	}
3328 	if (dstext == NULL) {
3329 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_DST;
3330 		return (EINVAL);
3331 	}
3332 	if (assoc == NULL) {
3333 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_SA;
3334 		return (EINVAL);
3335 	}
3336 
3337 	src = (struct sockaddr_in *)(srcext + 1);
3338 	src6 = (struct sockaddr_in6 *)(srcext + 1);
3339 	dst = (struct sockaddr_in *)(dstext + 1);
3340 	dst6 = (struct sockaddr_in6 *)(dstext + 1);
3341 	if (isrcext != NULL) {
3342 		isrc = (struct sockaddr_in *)(isrcext + 1);
3343 		isrc6 = (struct sockaddr_in6 *)(isrcext + 1);
3344 		ASSERT(idstext != NULL);
3345 		idst = (struct sockaddr_in *)(idstext + 1);
3346 		idst6 = (struct sockaddr_in6 *)(idstext + 1);
3347 	} else {
3348 		isrc = NULL;
3349 		isrc6 = NULL;
3350 	}
3351 
3352 	af = src->sin_family;
3353 
3354 	if (af == AF_INET) {
3355 		src_addr_ptr = (uint32_t *)&src->sin_addr;
3356 		dst_addr_ptr = (uint32_t *)&dst->sin_addr;
3357 	} else {
3358 		ASSERT(af == AF_INET6);
3359 		src_addr_ptr = (uint32_t *)&src6->sin6_addr;
3360 		dst_addr_ptr = (uint32_t *)&dst6->sin6_addr;
3361 	}
3362 
3363 	if (!isupdate && (clone == B_TRUE || is_inbound == B_TRUE) &&
3364 	    cl_inet_checkspi &&
3365 	    (assoc->sadb_sa_state != SADB_X_SASTATE_ACTIVE_ELSEWHERE)) {
3366 		rcode = cl_inet_checkspi(ns->netstack_stackid, protocol,
3367 		    assoc->sadb_sa_spi, NULL);
3368 		if (rcode == -1) {
3369 			return (EEXIST);
3370 		}
3371 	}
3372 
3373 	/*
3374 	 * Check to see if the new SA will be cloned AND paired. The
3375 	 * reason a SA will be cloned is the source or destination addresses
3376 	 * are not specific enough to determine if the SA goes in the outbound
3377 	 * or the inbound hash table, so its cloned and put in both. If
3378 	 * the SA is paired, it's soft linked to another SA for the other
3379 	 * direction. Keeping track and looking up SA's that are direction
3380 	 * unspecific and linked is too hard.
3381 	 */
3382 	if (clone && (pair_ext != NULL)) {
3383 		*diagnostic = SADB_X_DIAGNOSTIC_PAIR_INAPPROPRIATE;
3384 		return (EINVAL);
3385 	}
3386 
3387 	if (!isupdate) {
3388 		newbie = sadb_makelarvalassoc(assoc->sadb_sa_spi,
3389 		    src_addr_ptr, dst_addr_ptr, af, ns);
3390 		if (newbie == NULL)
3391 			return (ENOMEM);
3392 	}
3393 
3394 	mutex_enter(&newbie->ipsa_lock);
3395 
3396 	if (isrc != NULL) {
3397 		if (isrc->sin_family == AF_INET) {
3398 			if (srcext->sadb_address_proto != IPPROTO_ENCAP) {
3399 				if (srcext->sadb_address_proto != 0) {
3400 					/*
3401 					 * Mismatched outer-packet protocol
3402 					 * and inner-packet address family.
3403 					 */
3404 					mutex_exit(&newbie->ipsa_lock);
3405 					error = EPROTOTYPE;
3406 					*diagnostic =
3407 					    SADB_X_DIAGNOSTIC_INNER_AF_MISMATCH;
3408 					goto error;
3409 				} else {
3410 					/* Fill in with explicit protocol. */
3411 					srcext->sadb_address_proto =
3412 					    IPPROTO_ENCAP;
3413 					dstext->sadb_address_proto =
3414 					    IPPROTO_ENCAP;
3415 				}
3416 			}
3417 			isrc_addr_ptr = (uint32_t *)&isrc->sin_addr;
3418 			idst_addr_ptr = (uint32_t *)&idst->sin_addr;
3419 		} else {
3420 			ASSERT(isrc->sin_family == AF_INET6);
3421 			if (srcext->sadb_address_proto != IPPROTO_IPV6) {
3422 				if (srcext->sadb_address_proto != 0) {
3423 					/*
3424 					 * Mismatched outer-packet protocol
3425 					 * and inner-packet address family.
3426 					 */
3427 					mutex_exit(&newbie->ipsa_lock);
3428 					error = EPROTOTYPE;
3429 					*diagnostic =
3430 					    SADB_X_DIAGNOSTIC_INNER_AF_MISMATCH;
3431 					goto error;
3432 				} else {
3433 					/* Fill in with explicit protocol. */
3434 					srcext->sadb_address_proto =
3435 					    IPPROTO_IPV6;
3436 					dstext->sadb_address_proto =
3437 					    IPPROTO_IPV6;
3438 				}
3439 			}
3440 			isrc_addr_ptr = (uint32_t *)&isrc6->sin6_addr;
3441 			idst_addr_ptr = (uint32_t *)&idst6->sin6_addr;
3442 		}
3443 		newbie->ipsa_innerfam = isrc->sin_family;
3444 
3445 		IPSA_COPY_ADDR(newbie->ipsa_innersrc, isrc_addr_ptr,
3446 		    newbie->ipsa_innerfam);
3447 		IPSA_COPY_ADDR(newbie->ipsa_innerdst, idst_addr_ptr,
3448 		    newbie->ipsa_innerfam);
3449 		newbie->ipsa_innersrcpfx = isrcext->sadb_address_prefixlen;
3450 		newbie->ipsa_innerdstpfx = idstext->sadb_address_prefixlen;
3451 
3452 		/* Unique value uses inner-ports for Tunnel Mode... */
3453 		newbie->ipsa_unique_id = SA_UNIQUE_ID(isrc->sin_port,
3454 		    idst->sin_port, dstext->sadb_address_proto,
3455 		    idstext->sadb_address_proto);
3456 		newbie->ipsa_unique_mask = SA_UNIQUE_MASK(isrc->sin_port,
3457 		    idst->sin_port, dstext->sadb_address_proto,
3458 		    idstext->sadb_address_proto);
3459 	} else {
3460 		/* ... and outer-ports for Transport Mode. */
3461 		newbie->ipsa_unique_id = SA_UNIQUE_ID(src->sin_port,
3462 		    dst->sin_port, dstext->sadb_address_proto, 0);
3463 		newbie->ipsa_unique_mask = SA_UNIQUE_MASK(src->sin_port,
3464 		    dst->sin_port, dstext->sadb_address_proto, 0);
3465 	}
3466 	if (newbie->ipsa_unique_mask != (uint64_t)0)
3467 		newbie->ipsa_flags |= IPSA_F_UNIQUE;
3468 
3469 	sadb_nat_calculations(newbie,
3470 	    (sadb_address_t *)ksi->ks_in_extv[SADB_X_EXT_ADDRESS_NATT_LOC],
3471 	    (sadb_address_t *)ksi->ks_in_extv[SADB_X_EXT_ADDRESS_NATT_REM],
3472 	    src_addr_ptr, dst_addr_ptr);
3473 
3474 	newbie->ipsa_type = samsg->sadb_msg_satype;
3475 
3476 	ASSERT((assoc->sadb_sa_state == SADB_SASTATE_MATURE) ||
3477 	    (assoc->sadb_sa_state == SADB_X_SASTATE_ACTIVE_ELSEWHERE));
3478 	newbie->ipsa_auth_alg = assoc->sadb_sa_auth;
3479 	newbie->ipsa_encr_alg = assoc->sadb_sa_encrypt;
3480 
3481 	newbie->ipsa_flags |= assoc->sadb_sa_flags;
3482 	if (newbie->ipsa_flags & SADB_X_SAFLAGS_NATT_LOC &&
3483 	    ksi->ks_in_extv[SADB_X_EXT_ADDRESS_NATT_LOC] == NULL) {
3484 		mutex_exit(&newbie->ipsa_lock);
3485 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_NATT_LOC;
3486 		error = EINVAL;
3487 		goto error;
3488 	}
3489 	if (newbie->ipsa_flags & SADB_X_SAFLAGS_NATT_REM &&
3490 	    ksi->ks_in_extv[SADB_X_EXT_ADDRESS_NATT_REM] == NULL) {
3491 		mutex_exit(&newbie->ipsa_lock);
3492 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_NATT_REM;
3493 		error = EINVAL;
3494 		goto error;
3495 	}
3496 	if (newbie->ipsa_flags & SADB_X_SAFLAGS_TUNNEL &&
3497 	    ksi->ks_in_extv[SADB_X_EXT_ADDRESS_INNER_SRC] == NULL) {
3498 		mutex_exit(&newbie->ipsa_lock);
3499 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_INNER_SRC;
3500 		error = EINVAL;
3501 		goto error;
3502 	}
3503 	/*
3504 	 * If unspecified source address, force replay_wsize to 0.
3505 	 * This is because an SA that has multiple sources of secure
3506 	 * traffic cannot enforce a replay counter w/o synchronizing the
3507 	 * senders.
3508 	 */
3509 	if (ksi->ks_in_srctype != KS_IN_ADDR_UNSPEC)
3510 		newbie->ipsa_replay_wsize = assoc->sadb_sa_replay;
3511 	else
3512 		newbie->ipsa_replay_wsize = 0;
3513 
3514 	newbie->ipsa_addtime = gethrestime_sec();
3515 
3516 	if (kmcext != NULL) {
3517 		newbie->ipsa_kmp = kmcext->sadb_x_kmc_proto;
3518 		newbie->ipsa_kmc = kmcext->sadb_x_kmc_cookie;
3519 	}
3520 
3521 	/*
3522 	 * XXX CURRENT lifetime checks MAY BE needed for an UPDATE.
3523 	 * The spec says that one can update current lifetimes, but
3524 	 * that seems impractical, especially in the larval-to-mature
3525 	 * update that this function performs.
3526 	 */
3527 	if (soft != NULL) {
3528 		newbie->ipsa_softaddlt = soft->sadb_lifetime_addtime;
3529 		newbie->ipsa_softuselt = soft->sadb_lifetime_usetime;
3530 		newbie->ipsa_softbyteslt = soft->sadb_lifetime_bytes;
3531 		newbie->ipsa_softalloc = soft->sadb_lifetime_allocations;
3532 		SET_EXPIRE(newbie, softaddlt, softexpiretime);
3533 	}
3534 	if (hard != NULL) {
3535 		newbie->ipsa_hardaddlt = hard->sadb_lifetime_addtime;
3536 		newbie->ipsa_harduselt = hard->sadb_lifetime_usetime;
3537 		newbie->ipsa_hardbyteslt = hard->sadb_lifetime_bytes;
3538 		newbie->ipsa_hardalloc = hard->sadb_lifetime_allocations;
3539 		SET_EXPIRE(newbie, hardaddlt, hardexpiretime);
3540 	}
3541 	if (idle != NULL) {
3542 		newbie->ipsa_idleaddlt = idle->sadb_lifetime_addtime;
3543 		newbie->ipsa_idleuselt = idle->sadb_lifetime_usetime;
3544 		newbie->ipsa_idleexpiretime = newbie->ipsa_addtime +
3545 		    newbie->ipsa_idleaddlt;
3546 		newbie->ipsa_idletime = newbie->ipsa_idleaddlt;
3547 	}
3548 
3549 	newbie->ipsa_authtmpl = NULL;
3550 	newbie->ipsa_encrtmpl = NULL;
3551 
3552 	if (akey != NULL) {
3553 		newbie->ipsa_authkeybits = akey->sadb_key_bits;
3554 		newbie->ipsa_authkeylen = SADB_1TO8(akey->sadb_key_bits);
3555 		/* In case we have to round up to the next byte... */
3556 		if ((akey->sadb_key_bits & 0x7) != 0)
3557 			newbie->ipsa_authkeylen++;
3558 		newbie->ipsa_authkey = kmem_alloc(newbie->ipsa_authkeylen,
3559 		    KM_NOSLEEP);
3560 		if (newbie->ipsa_authkey == NULL) {
3561 			error = ENOMEM;
3562 			mutex_exit(&newbie->ipsa_lock);
3563 			goto error;
3564 		}
3565 		bcopy(akey + 1, newbie->ipsa_authkey, newbie->ipsa_authkeylen);
3566 		bzero(akey + 1, newbie->ipsa_authkeylen);
3567 
3568 		/*
3569 		 * Pre-initialize the kernel crypto framework key
3570 		 * structure.
3571 		 */
3572 		newbie->ipsa_kcfauthkey.ck_format = CRYPTO_KEY_RAW;
3573 		newbie->ipsa_kcfauthkey.ck_length = newbie->ipsa_authkeybits;
3574 		newbie->ipsa_kcfauthkey.ck_data = newbie->ipsa_authkey;
3575 
3576 		mutex_enter(&ipss->ipsec_alg_lock);
3577 		alg = ipss->ipsec_alglists[IPSEC_ALG_AUTH]
3578 		    [newbie->ipsa_auth_alg];
3579 		if (alg != NULL && ALG_VALID(alg)) {
3580 			newbie->ipsa_amech.cm_type = alg->alg_mech_type;
3581 			newbie->ipsa_amech.cm_param =
3582 			    (char *)&newbie->ipsa_mac_len;
3583 			newbie->ipsa_amech.cm_param_len = sizeof (size_t);
3584 			newbie->ipsa_mac_len = (size_t)alg->alg_datalen;
3585 		} else {
3586 			newbie->ipsa_amech.cm_type = CRYPTO_MECHANISM_INVALID;
3587 		}
3588 		error = ipsec_create_ctx_tmpl(newbie, IPSEC_ALG_AUTH);
3589 		mutex_exit(&ipss->ipsec_alg_lock);
3590 		if (error != 0) {
3591 			mutex_exit(&newbie->ipsa_lock);
3592 			/*
3593 			 * An error here indicates that alg is the wrong type
3594 			 * (IE: not authentication) or its not in the alg tables
3595 			 * created by ipsecalgs(1m), or Kcf does not like the
3596 			 * parameters passed in with this algorithm, which is
3597 			 * probably a coding error!
3598 			 */
3599 			*diagnostic = SADB_X_DIAGNOSTIC_BAD_CTX;
3600 
3601 			goto error;
3602 		}
3603 	}
3604 
3605 	if (ekey != NULL) {
3606 		mutex_enter(&ipss->ipsec_alg_lock);
3607 		alg = ipss->ipsec_alglists[IPSEC_ALG_ENCR]
3608 		    [newbie->ipsa_encr_alg];
3609 
3610 		if (alg != NULL && ALG_VALID(alg)) {
3611 			newbie->ipsa_emech.cm_type = alg->alg_mech_type;
3612 			newbie->ipsa_datalen = alg->alg_datalen;
3613 			if (alg->alg_flags & ALG_FLAG_COUNTERMODE)
3614 				newbie->ipsa_flags |= IPSA_F_COUNTERMODE;
3615 
3616 			if (alg->alg_flags & ALG_FLAG_COMBINED) {
3617 				newbie->ipsa_flags |= IPSA_F_COMBINED;
3618 				newbie->ipsa_mac_len =  alg->alg_icvlen;
3619 			}
3620 
3621 			if (alg->alg_flags & ALG_FLAG_CCM)
3622 				newbie->ipsa_noncefunc = ccm_params_init;
3623 			else if (alg->alg_flags & ALG_FLAG_GCM)
3624 				newbie->ipsa_noncefunc = gcm_params_init;
3625 			else newbie->ipsa_noncefunc = cbc_params_init;
3626 
3627 			newbie->ipsa_saltlen = alg->alg_saltlen;
3628 			newbie->ipsa_saltbits = SADB_8TO1(newbie->ipsa_saltlen);
3629 			newbie->ipsa_iv_len = alg->alg_ivlen;
3630 			newbie->ipsa_nonce_len = newbie->ipsa_saltlen +
3631 			    newbie->ipsa_iv_len;
3632 			newbie->ipsa_emech.cm_param = NULL;
3633 			newbie->ipsa_emech.cm_param_len = 0;
3634 		} else {
3635 			newbie->ipsa_emech.cm_type = CRYPTO_MECHANISM_INVALID;
3636 		}
3637 		mutex_exit(&ipss->ipsec_alg_lock);
3638 
3639 		/*
3640 		 * The byte stream following the sadb_key_t is made up of:
3641 		 * key bytes, [salt bytes], [IV initial value]
3642 		 * All of these have variable length. The IV is typically
3643 		 * randomly generated by this function and not passed in.
3644 		 * By supporting the injection of a known IV, the whole
3645 		 * IPsec subsystem and the underlying crypto subsystem
3646 		 * can be tested with known test vectors.
3647 		 *
3648 		 * The keying material has been checked by ext_check()
3649 		 * and ipsec_valid_key_size(), after removing salt/IV
3650 		 * bits, whats left is the encryption key. If this is too
3651 		 * short, ipsec_create_ctx_tmpl() will fail and the SA
3652 		 * won't get created.
3653 		 *
3654 		 * set ipsa_encrkeylen to length of key only.
3655 		 */
3656 		newbie->ipsa_encrkeybits = ekey->sadb_key_bits;
3657 		newbie->ipsa_encrkeybits -= ekey->sadb_key_reserved;
3658 		newbie->ipsa_encrkeybits -= newbie->ipsa_saltbits;
3659 		newbie->ipsa_encrkeylen = SADB_1TO8(newbie->ipsa_encrkeybits);
3660 
3661 		/* In case we have to round up to the next byte... */
3662 		if ((ekey->sadb_key_bits & 0x7) != 0)
3663 			newbie->ipsa_encrkeylen++;
3664 
3665 		newbie->ipsa_encrkey = kmem_alloc(newbie->ipsa_encrkeylen,
3666 		    KM_NOSLEEP);
3667 		if (newbie->ipsa_encrkey == NULL) {
3668 			error = ENOMEM;
3669 			mutex_exit(&newbie->ipsa_lock);
3670 			goto error;
3671 		}
3672 
3673 		buf_ptr = (uint8_t *)(ekey + 1);
3674 		bcopy(buf_ptr, newbie->ipsa_encrkey, newbie->ipsa_encrkeylen);
3675 
3676 		if (newbie->ipsa_flags & IPSA_F_COMBINED) {
3677 			/*
3678 			 * Combined mode algs need a nonce. Copy the salt and
3679 			 * IV into a buffer. The ipsa_nonce is a pointer into
3680 			 * this buffer, some bytes at the start of the buffer
3681 			 * may be unused, depends on the salt length. The IV
3682 			 * is 64 bit aligned so it can be incremented as a
3683 			 * uint64_t. Zero out key in samsg_t before freeing.
3684 			 */
3685 
3686 			newbie->ipsa_nonce_buf = kmem_alloc(
3687 			    sizeof (ipsec_nonce_t), KM_NOSLEEP);
3688 			if (newbie->ipsa_nonce_buf == NULL) {
3689 				error = ENOMEM;
3690 				mutex_exit(&newbie->ipsa_lock);
3691 				goto error;
3692 			}
3693 			/*
3694 			 * Initialize nonce and salt pointers to point
3695 			 * to the nonce buffer. This is just in case we get
3696 			 * bad data, the pointers will be valid, the data
3697 			 * won't be.
3698 			 *
3699 			 * See sadb.h for layout of nonce.
3700 			 */
3701 			newbie->ipsa_iv = &newbie->ipsa_nonce_buf->iv;
3702 			newbie->ipsa_salt = (uint8_t *)newbie->ipsa_nonce_buf;
3703 			newbie->ipsa_nonce = newbie->ipsa_salt;
3704 			if (newbie->ipsa_saltlen != 0) {
3705 				salt_offset = MAXSALTSIZE -
3706 				    newbie->ipsa_saltlen;
3707 				newbie->ipsa_salt = (uint8_t *)
3708 				    &newbie->ipsa_nonce_buf->salt[salt_offset];
3709 				newbie->ipsa_nonce = newbie->ipsa_salt;
3710 				buf_ptr += newbie->ipsa_encrkeylen;
3711 				bcopy(buf_ptr, newbie->ipsa_salt,
3712 				    newbie->ipsa_saltlen);
3713 			}
3714 			/*
3715 			 * The IV for CCM/GCM mode increments, it should not
3716 			 * repeat. Get a random value for the IV, make a
3717 			 * copy, the SA will expire when/if the IV ever
3718 			 * wraps back to the initial value. If an Initial IV
3719 			 * is passed in via PF_KEY, save this in the SA.
3720 			 * Initialising IV for inbound is pointless as its
3721 			 * taken from the inbound packet.
3722 			 */
3723 			if (!is_inbound) {
3724 				if (ekey->sadb_key_reserved != 0) {
3725 					buf_ptr += newbie->ipsa_saltlen;
3726 					bcopy(buf_ptr, (uint8_t *)newbie->
3727 					    ipsa_iv, SADB_1TO8(ekey->
3728 					    sadb_key_reserved));
3729 				} else {
3730 					(void) random_get_pseudo_bytes(
3731 					    (uint8_t *)newbie->ipsa_iv,
3732 					    newbie->ipsa_iv_len);
3733 				}
3734 				newbie->ipsa_iv_softexpire =
3735 				    (*newbie->ipsa_iv) << 9;
3736 				newbie->ipsa_iv_hardexpire = *newbie->ipsa_iv;
3737 			}
3738 		}
3739 		bzero((ekey + 1), SADB_1TO8(ekey->sadb_key_bits));
3740 
3741 		/*
3742 		 * Pre-initialize the kernel crypto framework key
3743 		 * structure.
3744 		 */
3745 		newbie->ipsa_kcfencrkey.ck_format = CRYPTO_KEY_RAW;
3746 		newbie->ipsa_kcfencrkey.ck_length = newbie->ipsa_encrkeybits;
3747 		newbie->ipsa_kcfencrkey.ck_data = newbie->ipsa_encrkey;
3748 
3749 		mutex_enter(&ipss->ipsec_alg_lock);
3750 		error = ipsec_create_ctx_tmpl(newbie, IPSEC_ALG_ENCR);
3751 		mutex_exit(&ipss->ipsec_alg_lock);
3752 		if (error != 0) {
3753 			mutex_exit(&newbie->ipsa_lock);
3754 			/* See above for error explanation. */
3755 			*diagnostic = SADB_X_DIAGNOSTIC_BAD_CTX;
3756 			goto error;
3757 		}
3758 	}
3759 
3760 	/*
3761 	 * Ptrs to processing functions.
3762 	 */
3763 	if (newbie->ipsa_type == SADB_SATYPE_ESP)
3764 		ipsecesp_init_funcs(newbie);
3765 	else
3766 		ipsecah_init_funcs(newbie);
3767 	ASSERT(newbie->ipsa_output_func != NULL &&
3768 	    newbie->ipsa_input_func != NULL);
3769 
3770 	/*
3771 	 * Certificate ID stuff.
3772 	 */
3773 	if (ksi->ks_in_extv[SADB_EXT_IDENTITY_SRC] != NULL) {
3774 		sadb_ident_t *id =
3775 		    (sadb_ident_t *)ksi->ks_in_extv[SADB_EXT_IDENTITY_SRC];
3776 
3777 		/*
3778 		 * Can assume strlen() will return okay because ext_check() in
3779 		 * keysock.c prepares the string for us.
3780 		 */
3781 		newbie->ipsa_src_cid = ipsid_lookup(id->sadb_ident_type,
3782 		    (char *)(id+1), ns);
3783 		if (newbie->ipsa_src_cid == NULL) {
3784 			error = ENOMEM;
3785 			mutex_exit(&newbie->ipsa_lock);
3786 			goto error;
3787 		}
3788 	}
3789 
3790 	if (ksi->ks_in_extv[SADB_EXT_IDENTITY_DST] != NULL) {
3791 		sadb_ident_t *id =
3792 		    (sadb_ident_t *)ksi->ks_in_extv[SADB_EXT_IDENTITY_DST];
3793 
3794 		/*
3795 		 * Can assume strlen() will return okay because ext_check() in
3796 		 * keysock.c prepares the string for us.
3797 		 */
3798 		newbie->ipsa_dst_cid = ipsid_lookup(id->sadb_ident_type,
3799 		    (char *)(id+1), ns);
3800 		if (newbie->ipsa_dst_cid == NULL) {
3801 			error = ENOMEM;
3802 			mutex_exit(&newbie->ipsa_lock);
3803 			goto error;
3804 		}
3805 	}
3806 
3807 	/*
3808 	 * sensitivity label handling code:
3809 	 * Convert sens + bitmap into cred_t, and associate it
3810 	 * with the new SA.
3811 	 */
3812 	if (sens != NULL) {
3813 		uint64_t *bitmap = (uint64_t *)(sens + 1);
3814 
3815 		newbie->ipsa_cred = sadb_cred_from_sens(sens, bitmap);
3816 	}
3817 
3818 	/*
3819 	 * Likewise for outer sensitivity.
3820 	 */
3821 	if (osens != NULL) {
3822 		uint64_t *bitmap = (uint64_t *)(osens + 1);
3823 		cred_t *cred, *effective_cred;
3824 		uint32_t *peer_addr_ptr;
3825 
3826 		peer_addr_ptr = is_inbound ? src_addr_ptr : dst_addr_ptr;
3827 
3828 		cred = sadb_cred_from_sens(osens, bitmap);
3829 		newbie->ipsa_mac_exempt = CONN_MAC_DEFAULT;
3830 
3831 		if (osens->sadb_x_sens_flags & SADB_X_SENS_IMPLICIT) {
3832 			newbie->ipsa_mac_exempt = CONN_MAC_IMPLICIT;
3833 		}
3834 
3835 		error = tsol_check_dest(cred, peer_addr_ptr,
3836 		    (af == AF_INET6)?IPV6_VERSION:IPV4_VERSION,
3837 		    newbie->ipsa_mac_exempt, &effective_cred);
3838 		if (error != 0) {
3839 			crfree(cred);
3840 			mutex_exit(&newbie->ipsa_lock);
3841 			goto error;
3842 		}
3843 
3844 		if (effective_cred != NULL) {
3845 			crfree(cred);
3846 			cred = effective_cred;
3847 		}
3848 
3849 		newbie->ipsa_ocred = cred;
3850 
3851 		if (af == AF_INET6) {
3852 			error = tsol_compute_label_v6(cred,
3853 			    (in6_addr_t *)peer_addr_ptr,
3854 			    newbie->ipsa_opt_storage, ipst);
3855 		} else {
3856 			error = tsol_compute_label(cred, *peer_addr_ptr,
3857 			    newbie->ipsa_opt_storage, ipst);
3858 		}
3859 		if (error != 0) {
3860 			mutex_exit(&newbie->ipsa_lock);
3861 			goto error;
3862 		}
3863 	}
3864 
3865 
3866 	if (replayext != NULL) {
3867 		if ((replayext->sadb_x_rc_replay32 == 0) &&
3868 		    (replayext->sadb_x_rc_replay64 != 0)) {
3869 			error = EOPNOTSUPP;
3870 			*diagnostic = SADB_X_DIAGNOSTIC_INVALID_REPLAY;
3871 			mutex_exit(&newbie->ipsa_lock);
3872 			goto error;
3873 		}
3874 		newbie->ipsa_replay = replayext->sadb_x_rc_replay32;
3875 	}
3876 
3877 	/* now that the SA has been updated, set its new state */
3878 	newbie->ipsa_state = assoc->sadb_sa_state;
3879 
3880 	if (clone) {
3881 		newbie->ipsa_haspeer = B_TRUE;
3882 	} else {
3883 		if (!is_inbound) {
3884 			lifetime_fuzz(newbie);
3885 		}
3886 	}
3887 	/*
3888 	 * The less locks I hold when doing an insertion and possible cloning,
3889 	 * the better!
3890 	 */
3891 	mutex_exit(&newbie->ipsa_lock);
3892 
3893 	if (clone) {
3894 		newbie_clone = sadb_cloneassoc(newbie);
3895 
3896 		if (newbie_clone == NULL) {
3897 			error = ENOMEM;
3898 			goto error;
3899 		}
3900 	}
3901 
3902 	/*
3903 	 * Enter the bucket locks.  The order of entry is outbound,
3904 	 * inbound.  We map "primary" and "secondary" into outbound and inbound
3905 	 * based on the destination address type.  If the destination address
3906 	 * type is for a node that isn't mine (or potentially mine), the
3907 	 * "primary" bucket is the outbound one.
3908 	 */
3909 	if (!is_inbound) {
3910 		/* primary == outbound */
3911 		mutex_enter(&primary->isaf_lock);
3912 		mutex_enter(&secondary->isaf_lock);
3913 	} else {
3914 		/* primary == inbound */
3915 		mutex_enter(&secondary->isaf_lock);
3916 		mutex_enter(&primary->isaf_lock);
3917 	}
3918 
3919 	IPSECHW_DEBUG(IPSECHW_SADB, ("sadb_common_add: spi = 0x%x\n",
3920 	    newbie->ipsa_spi));
3921 
3922 	/*
3923 	 * sadb_insertassoc() doesn't increment the reference
3924 	 * count.  We therefore have to increment the
3925 	 * reference count one more time to reflect the
3926 	 * pointers of the table that reference this SA.
3927 	 */
3928 	IPSA_REFHOLD(newbie);
3929 
3930 	if (isupdate) {
3931 		/*
3932 		 * Unlink from larval holding cell in the "inbound" fanout.
3933 		 */
3934 		ASSERT(newbie->ipsa_linklock == &primary->isaf_lock ||
3935 		    newbie->ipsa_linklock == &secondary->isaf_lock);
3936 		sadb_unlinkassoc(newbie);
3937 	}
3938 
3939 	mutex_enter(&newbie->ipsa_lock);
3940 	error = sadb_insertassoc(newbie, primary);
3941 	if (error == 0) {
3942 		ctl_mp = sadb_fmt_sa_req(DL_CO_SET, newbie->ipsa_type, newbie,
3943 		    is_inbound);
3944 	}
3945 	mutex_exit(&newbie->ipsa_lock);
3946 
3947 	if (error != 0) {
3948 		/*
3949 		 * Since sadb_insertassoc() failed, we must decrement the
3950 		 * refcount again so the cleanup code will actually free
3951 		 * the offending SA.
3952 		 */
3953 		IPSA_REFRELE(newbie);
3954 		goto error_unlock;
3955 	}
3956 
3957 	if (newbie_clone != NULL) {
3958 		mutex_enter(&newbie_clone->ipsa_lock);
3959 		error = sadb_insertassoc(newbie_clone, secondary);
3960 		mutex_exit(&newbie_clone->ipsa_lock);
3961 		if (error != 0) {
3962 			/* Collision in secondary table. */
3963 			sadb_unlinkassoc(newbie);  /* This does REFRELE. */
3964 			goto error_unlock;
3965 		}
3966 		IPSA_REFHOLD(newbie_clone);
3967 	} else {
3968 		ASSERT(primary != secondary);
3969 		scratch = ipsec_getassocbyspi(secondary, newbie->ipsa_spi,
3970 		    ALL_ZEROES_PTR, newbie->ipsa_dstaddr, af);
3971 		if (scratch != NULL) {
3972 			/* Collision in secondary table. */
3973 			sadb_unlinkassoc(newbie);  /* This does REFRELE. */
3974 			/* Set the error, since ipsec_getassocbyspi() can't. */
3975 			error = EEXIST;
3976 			goto error_unlock;
3977 		}
3978 	}
3979 
3980 	/* OKAY!  So let's do some reality check assertions. */
3981 
3982 	ASSERT(MUTEX_NOT_HELD(&newbie->ipsa_lock));
3983 	ASSERT(newbie_clone == NULL ||
3984 	    (MUTEX_NOT_HELD(&newbie_clone->ipsa_lock)));
3985 	/*
3986 	 * If hardware acceleration could happen, send it.
3987 	 */
3988 	if (ctl_mp != NULL) {
3989 		putnext(ip_q, ctl_mp);
3990 		ctl_mp = NULL;
3991 	}
3992 
3993 error_unlock:
3994 
3995 	/*
3996 	 * We can exit the locks in any order.	Only entrance needs to
3997 	 * follow any protocol.
3998 	 */
3999 	mutex_exit(&secondary->isaf_lock);
4000 	mutex_exit(&primary->isaf_lock);
4001 
4002 	if (pair_ext != NULL && error == 0) {
4003 		/* update pair_spi if it exists. */
4004 		ipsa_query_t sq;
4005 
4006 		sq.spp = spp;		/* XXX param */
4007 		error = sadb_form_query(ksi, IPSA_Q_DST, IPSA_Q_SRC|IPSA_Q_DST|
4008 		    IPSA_Q_SA|IPSA_Q_INBOUND|IPSA_Q_OUTBOUND, &sq, diagnostic);
4009 		if (error)
4010 			return (error);
4011 
4012 		error = get_ipsa_pair(&sq, &ipsapp, diagnostic);
4013 
4014 		if (error != 0)
4015 			goto error;
4016 
4017 		if (ipsapp.ipsap_psa_ptr != NULL) {
4018 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_ALREADY;
4019 			error = EINVAL;
4020 		} else {
4021 			/* update_pairing() sets diagnostic */
4022 			error = update_pairing(&ipsapp, &sq, ksi, diagnostic);
4023 		}
4024 	}
4025 	/* Common error point for this routine. */
4026 error:
4027 	if (newbie != NULL) {
4028 		if (error != 0) {
4029 			/* This SA is broken, let the reaper clean up. */
4030 			mutex_enter(&newbie->ipsa_lock);
4031 			newbie->ipsa_state = IPSA_STATE_DEAD;
4032 			newbie->ipsa_hardexpiretime = 1;
4033 			mutex_exit(&newbie->ipsa_lock);
4034 		}
4035 		IPSA_REFRELE(newbie);
4036 	}
4037 	if (newbie_clone != NULL) {
4038 		IPSA_REFRELE(newbie_clone);
4039 	}
4040 	if (ctl_mp != NULL)
4041 		freemsg(ctl_mp);
4042 
4043 	if (error == 0) {
4044 		/*
4045 		 * Construct favorable PF_KEY return message and send to
4046 		 * keysock. Update the flags in the original keysock message
4047 		 * to reflect the actual flags in the new SA.
4048 		 *  (Q:  Do I need to pass "newbie"?  If I do,
4049 		 * make sure to REFHOLD, call, then REFRELE.)
4050 		 */
4051 		assoc->sadb_sa_flags = newbie->ipsa_flags;
4052 		sadb_pfkey_echo(pfkey_q, mp, samsg, ksi, NULL);
4053 	}
4054 
4055 	destroy_ipsa_pair(&ipsapp);
4056 	return (error);
4057 }
4058 
4059 /*
4060  * Set the time of first use for a security association.  Update any
4061  * expiration times as a result.
4062  */
4063 void
4064 sadb_set_usetime(ipsa_t *assoc)
4065 {
4066 	time_t snapshot = gethrestime_sec();
4067 
4068 	mutex_enter(&assoc->ipsa_lock);
4069 	assoc->ipsa_lastuse = snapshot;
4070 	assoc->ipsa_idleexpiretime = snapshot + assoc->ipsa_idletime;
4071 
4072 	/*
4073 	 * Caller does check usetime before calling me usually, and
4074 	 * double-checking is better than a mutex_enter/exit hit.
4075 	 */
4076 	if (assoc->ipsa_usetime == 0) {
4077 		/*
4078 		 * This is redundant for outbound SA's, as
4079 		 * ipsec_getassocbyconn() sets the IPSA_F_USED flag already.
4080 		 * Inbound SAs, however, have no such protection.
4081 		 */
4082 		assoc->ipsa_flags |= IPSA_F_USED;
4083 		assoc->ipsa_usetime = snapshot;
4084 
4085 		/*
4086 		 * After setting the use time, see if we have a use lifetime
4087 		 * that would cause the actual SA expiration time to shorten.
4088 		 */
4089 		UPDATE_EXPIRE(assoc, softuselt, softexpiretime);
4090 		UPDATE_EXPIRE(assoc, harduselt, hardexpiretime);
4091 	}
4092 	mutex_exit(&assoc->ipsa_lock);
4093 }
4094 
4095 /*
4096  * Send up a PF_KEY expire message for this association.
4097  */
4098 static void
4099 sadb_expire_assoc(queue_t *pfkey_q, ipsa_t *assoc)
4100 {
4101 	mblk_t *mp, *mp1;
4102 	int alloclen, af;
4103 	sadb_msg_t *samsg;
4104 	sadb_lifetime_t *current, *expire;
4105 	sadb_sa_t *saext;
4106 	uint8_t *end;
4107 	boolean_t tunnel_mode;
4108 
4109 	ASSERT(MUTEX_HELD(&assoc->ipsa_lock));
4110 
4111 	/* Don't bother sending if there's no queue. */
4112 	if (pfkey_q == NULL)
4113 		return;
4114 
4115 	/* If the SA is one of a pair, only SOFT expire the OUTBOUND SA */
4116 	if (assoc->ipsa_state == IPSA_STATE_DYING &&
4117 	    (assoc->ipsa_flags & IPSA_F_PAIRED) &&
4118 	    !(assoc->ipsa_flags & IPSA_F_OUTBOUND)) {
4119 		return;
4120 	}
4121 
4122 	mp = sadb_keysock_out(0);
4123 	if (mp == NULL) {
4124 		/* cmn_err(CE_WARN, */
4125 		/*	"sadb_expire_assoc: Can't allocate KEYSOCK_OUT.\n"); */
4126 		return;
4127 	}
4128 
4129 	alloclen = sizeof (*samsg) + sizeof (*current) + sizeof (*expire) +
4130 	    2 * sizeof (sadb_address_t) + sizeof (*saext);
4131 
4132 	af = assoc->ipsa_addrfam;
4133 	switch (af) {
4134 	case AF_INET:
4135 		alloclen += 2 * sizeof (struct sockaddr_in);
4136 		break;
4137 	case AF_INET6:
4138 		alloclen += 2 * sizeof (struct sockaddr_in6);
4139 		break;
4140 	default:
4141 		/* Won't happen unless there's a kernel bug. */
4142 		freeb(mp);
4143 		cmn_err(CE_WARN,
4144 		    "sadb_expire_assoc: Unknown address length.\n");
4145 		return;
4146 	}
4147 
4148 	tunnel_mode = (assoc->ipsa_flags & IPSA_F_TUNNEL);
4149 	if (tunnel_mode) {
4150 		alloclen += 2 * sizeof (sadb_address_t);
4151 		switch (assoc->ipsa_innerfam) {
4152 		case AF_INET:
4153 			alloclen += 2 * sizeof (struct sockaddr_in);
4154 			break;
4155 		case AF_INET6:
4156 			alloclen += 2 * sizeof (struct sockaddr_in6);
4157 			break;
4158 		default:
4159 			/* Won't happen unless there's a kernel bug. */
4160 			freeb(mp);
4161 			cmn_err(CE_WARN, "sadb_expire_assoc: "
4162 			    "Unknown inner address length.\n");
4163 			return;
4164 		}
4165 	}
4166 
4167 	mp->b_cont = allocb(alloclen, BPRI_HI);
4168 	if (mp->b_cont == NULL) {
4169 		freeb(mp);
4170 		/* cmn_err(CE_WARN, */
4171 		/*	"sadb_expire_assoc: Can't allocate message.\n"); */
4172 		return;
4173 	}
4174 
4175 	mp1 = mp;
4176 	mp = mp->b_cont;
4177 	end = mp->b_wptr + alloclen;
4178 
4179 	samsg = (sadb_msg_t *)mp->b_wptr;
4180 	mp->b_wptr += sizeof (*samsg);
4181 	samsg->sadb_msg_version = PF_KEY_V2;
4182 	samsg->sadb_msg_type = SADB_EXPIRE;
4183 	samsg->sadb_msg_errno = 0;
4184 	samsg->sadb_msg_satype = assoc->ipsa_type;
4185 	samsg->sadb_msg_len = SADB_8TO64(alloclen);
4186 	samsg->sadb_msg_reserved = 0;
4187 	samsg->sadb_msg_seq = 0;
4188 	samsg->sadb_msg_pid = 0;
4189 
4190 	saext = (sadb_sa_t *)mp->b_wptr;
4191 	mp->b_wptr += sizeof (*saext);
4192 	saext->sadb_sa_len = SADB_8TO64(sizeof (*saext));
4193 	saext->sadb_sa_exttype = SADB_EXT_SA;
4194 	saext->sadb_sa_spi = assoc->ipsa_spi;
4195 	saext->sadb_sa_replay = assoc->ipsa_replay_wsize;
4196 	saext->sadb_sa_state = assoc->ipsa_state;
4197 	saext->sadb_sa_auth = assoc->ipsa_auth_alg;
4198 	saext->sadb_sa_encrypt = assoc->ipsa_encr_alg;
4199 	saext->sadb_sa_flags = assoc->ipsa_flags;
4200 
4201 	current = (sadb_lifetime_t *)mp->b_wptr;
4202 	mp->b_wptr += sizeof (sadb_lifetime_t);
4203 	current->sadb_lifetime_len = SADB_8TO64(sizeof (*current));
4204 	current->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
4205 	/* We do not support the concept. */
4206 	current->sadb_lifetime_allocations = 0;
4207 	current->sadb_lifetime_bytes = assoc->ipsa_bytes;
4208 	current->sadb_lifetime_addtime = assoc->ipsa_addtime;
4209 	current->sadb_lifetime_usetime = assoc->ipsa_usetime;
4210 
4211 	expire = (sadb_lifetime_t *)mp->b_wptr;
4212 	mp->b_wptr += sizeof (*expire);
4213 	expire->sadb_lifetime_len = SADB_8TO64(sizeof (*expire));
4214 
4215 	if (assoc->ipsa_state == IPSA_STATE_DEAD) {
4216 		expire->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
4217 		expire->sadb_lifetime_allocations = assoc->ipsa_hardalloc;
4218 		expire->sadb_lifetime_bytes = assoc->ipsa_hardbyteslt;
4219 		expire->sadb_lifetime_addtime = assoc->ipsa_hardaddlt;
4220 		expire->sadb_lifetime_usetime = assoc->ipsa_harduselt;
4221 	} else if (assoc->ipsa_state == IPSA_STATE_DYING) {
4222 		expire->sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT;
4223 		expire->sadb_lifetime_allocations = assoc->ipsa_softalloc;
4224 		expire->sadb_lifetime_bytes = assoc->ipsa_softbyteslt;
4225 		expire->sadb_lifetime_addtime = assoc->ipsa_softaddlt;
4226 		expire->sadb_lifetime_usetime = assoc->ipsa_softuselt;
4227 	} else {
4228 		ASSERT(assoc->ipsa_state == IPSA_STATE_MATURE);
4229 		expire->sadb_lifetime_exttype = SADB_X_EXT_LIFETIME_IDLE;
4230 		expire->sadb_lifetime_allocations = 0;
4231 		expire->sadb_lifetime_bytes = 0;
4232 		expire->sadb_lifetime_addtime = assoc->ipsa_idleaddlt;
4233 		expire->sadb_lifetime_usetime = assoc->ipsa_idleuselt;
4234 	}
4235 
4236 	mp->b_wptr = sadb_make_addr_ext(mp->b_wptr, end, SADB_EXT_ADDRESS_SRC,
4237 	    af, assoc->ipsa_srcaddr, tunnel_mode ? 0 : SA_SRCPORT(assoc),
4238 	    SA_PROTO(assoc), 0);
4239 	ASSERT(mp->b_wptr != NULL);
4240 
4241 	mp->b_wptr = sadb_make_addr_ext(mp->b_wptr, end, SADB_EXT_ADDRESS_DST,
4242 	    af, assoc->ipsa_dstaddr, tunnel_mode ? 0 : SA_DSTPORT(assoc),
4243 	    SA_PROTO(assoc), 0);
4244 	ASSERT(mp->b_wptr != NULL);
4245 
4246 	if (tunnel_mode) {
4247 		mp->b_wptr = sadb_make_addr_ext(mp->b_wptr, end,
4248 		    SADB_X_EXT_ADDRESS_INNER_SRC, assoc->ipsa_innerfam,
4249 		    assoc->ipsa_innersrc, SA_SRCPORT(assoc), SA_IPROTO(assoc),
4250 		    assoc->ipsa_innersrcpfx);
4251 		ASSERT(mp->b_wptr != NULL);
4252 		mp->b_wptr = sadb_make_addr_ext(mp->b_wptr, end,
4253 		    SADB_X_EXT_ADDRESS_INNER_DST, assoc->ipsa_innerfam,
4254 		    assoc->ipsa_innerdst, SA_DSTPORT(assoc), SA_IPROTO(assoc),
4255 		    assoc->ipsa_innerdstpfx);
4256 		ASSERT(mp->b_wptr != NULL);
4257 	}
4258 
4259 	/* Can just putnext, we're ready to go! */
4260 	putnext(pfkey_q, mp1);
4261 }
4262 
4263 /*
4264  * "Age" the SA with the number of bytes that was used to protect traffic.
4265  * Send an SADB_EXPIRE message if appropriate.	Return B_TRUE if there was
4266  * enough "charge" left in the SA to protect the data.	Return B_FALSE
4267  * otherwise.  (If B_FALSE is returned, the association either was, or became
4268  * DEAD.)
4269  */
4270 boolean_t
4271 sadb_age_bytes(queue_t *pfkey_q, ipsa_t *assoc, uint64_t bytes,
4272     boolean_t sendmsg)
4273 {
4274 	boolean_t rc = B_TRUE;
4275 	uint64_t newtotal;
4276 
4277 	mutex_enter(&assoc->ipsa_lock);
4278 	newtotal = assoc->ipsa_bytes + bytes;
4279 	if (assoc->ipsa_hardbyteslt != 0 &&
4280 	    newtotal >= assoc->ipsa_hardbyteslt) {
4281 		if (assoc->ipsa_state != IPSA_STATE_DEAD) {
4282 			sadb_delete_cluster(assoc);
4283 			/*
4284 			 * Send EXPIRE message to PF_KEY.  May wish to pawn
4285 			 * this off on another non-interrupt thread.  Also
4286 			 * unlink this SA immediately.
4287 			 */
4288 			assoc->ipsa_state = IPSA_STATE_DEAD;
4289 			if (sendmsg)
4290 				sadb_expire_assoc(pfkey_q, assoc);
4291 			/*
4292 			 * Set non-zero expiration time so sadb_age_assoc()
4293 			 * will work when reaping.
4294 			 */
4295 			assoc->ipsa_hardexpiretime = (time_t)1;
4296 		} /* Else someone beat me to it! */
4297 		rc = B_FALSE;
4298 	} else if (assoc->ipsa_softbyteslt != 0 &&
4299 	    (newtotal >= assoc->ipsa_softbyteslt)) {
4300 		if (assoc->ipsa_state < IPSA_STATE_DYING) {
4301 			/*
4302 			 * Send EXPIRE message to PF_KEY.  May wish to pawn
4303 			 * this off on another non-interrupt thread.
4304 			 */
4305 			assoc->ipsa_state = IPSA_STATE_DYING;
4306 			assoc->ipsa_bytes = newtotal;
4307 			if (sendmsg)
4308 				sadb_expire_assoc(pfkey_q, assoc);
4309 		} /* Else someone beat me to it! */
4310 	}
4311 	if (rc == B_TRUE)
4312 		assoc->ipsa_bytes = newtotal;
4313 	mutex_exit(&assoc->ipsa_lock);
4314 	return (rc);
4315 }
4316 
4317 /*
4318  * Push one or more DL_CO_DELETE messages queued up by
4319  * sadb_torch_assoc down to the underlying driver now that it's a
4320  * convenient time for it (i.e., ipsa bucket locks not held).
4321  */
4322 static void
4323 sadb_drain_torchq(queue_t *q, mblk_t *mp)
4324 {
4325 	while (mp != NULL) {
4326 		mblk_t *next = mp->b_next;
4327 		mp->b_next = NULL;
4328 		if (q != NULL)
4329 			putnext(q, mp);
4330 		else
4331 			freemsg(mp);
4332 		mp = next;
4333 	}
4334 }
4335 
4336 /*
4337  * "Torch" an individual SA.  Returns NULL, so it can be tail-called from
4338  *     sadb_age_assoc().
4339  *
4340  * If SA is hardware-accelerated, and we can't allocate the mblk
4341  * containing the DL_CO_DELETE, just return; it will remain in the
4342  * table and be swept up by sadb_ager() in a subsequent pass.
4343  */
4344 static ipsa_t *
4345 sadb_torch_assoc(isaf_t *head, ipsa_t *sa, boolean_t inbnd, mblk_t **mq)
4346 {
4347 	mblk_t *mp;
4348 
4349 	ASSERT(MUTEX_HELD(&head->isaf_lock));
4350 	ASSERT(MUTEX_HELD(&sa->ipsa_lock));
4351 	ASSERT(sa->ipsa_state == IPSA_STATE_DEAD);
4352 
4353 	/*
4354 	 * Force cached SAs to be revalidated..
4355 	 */
4356 	head->isaf_gen++;
4357 
4358 	if (sa->ipsa_flags & IPSA_F_HW) {
4359 		mp = sadb_fmt_sa_req(DL_CO_DELETE, sa->ipsa_type, sa, inbnd);
4360 		if (mp == NULL) {
4361 			mutex_exit(&sa->ipsa_lock);
4362 			return (NULL);
4363 		}
4364 		mp->b_next = *mq;
4365 		*mq = mp;
4366 	}
4367 	mutex_exit(&sa->ipsa_lock);
4368 	sadb_unlinkassoc(sa);
4369 
4370 	return (NULL);
4371 }
4372 
4373 /*
4374  * Do various SA-is-idle activities depending on delta (the number of idle
4375  * seconds on the SA) and/or other properties of the SA.
4376  *
4377  * Return B_TRUE if I've sent a packet, because I have to drop the
4378  * association's mutex before sending a packet out the wire.
4379  */
4380 /* ARGSUSED */
4381 static boolean_t
4382 sadb_idle_activities(ipsa_t *assoc, time_t delta, boolean_t inbound)
4383 {
4384 	ipsecesp_stack_t *espstack = assoc->ipsa_netstack->netstack_ipsecesp;
4385 	int nat_t_interval = espstack->ipsecesp_nat_keepalive_interval;
4386 
4387 	ASSERT(MUTEX_HELD(&assoc->ipsa_lock));
4388 
4389 	if (!inbound && (assoc->ipsa_flags & IPSA_F_NATT_LOC) &&
4390 	    delta >= nat_t_interval &&
4391 	    gethrestime_sec() - assoc->ipsa_last_nat_t_ka >= nat_t_interval) {
4392 		ASSERT(assoc->ipsa_type == SADB_SATYPE_ESP);
4393 		assoc->ipsa_last_nat_t_ka = gethrestime_sec();
4394 		mutex_exit(&assoc->ipsa_lock);
4395 		ipsecesp_send_keepalive(assoc);
4396 		return (B_TRUE);
4397 	}
4398 	return (B_FALSE);
4399 }
4400 
4401 /*
4402  * Return "assoc" if haspeer is true and I send an expire.  This allows
4403  * the consumers' aging functions to tidy up an expired SA's peer.
4404  */
4405 static ipsa_t *
4406 sadb_age_assoc(isaf_t *head, queue_t *pfkey_q, ipsa_t *assoc,
4407     time_t current, int reap_delay, boolean_t inbound, mblk_t **mq)
4408 {
4409 	ipsa_t *retval = NULL;
4410 	boolean_t dropped_mutex = B_FALSE;
4411 
4412 	ASSERT(MUTEX_HELD(&head->isaf_lock));
4413 
4414 	mutex_enter(&assoc->ipsa_lock);
4415 
4416 	if (((assoc->ipsa_state == IPSA_STATE_LARVAL) ||
4417 	    ((assoc->ipsa_state == IPSA_STATE_IDLE) ||
4418 	    (assoc->ipsa_state == IPSA_STATE_ACTIVE_ELSEWHERE) &&
4419 	    (assoc->ipsa_hardexpiretime != 0))) &&
4420 	    (assoc->ipsa_hardexpiretime <= current)) {
4421 		assoc->ipsa_state = IPSA_STATE_DEAD;
4422 		return (sadb_torch_assoc(head, assoc, inbound, mq));
4423 	}
4424 
4425 	/*
4426 	 * Check lifetimes.  Fortunately, SA setup is done
4427 	 * such that there are only two times to look at,
4428 	 * softexpiretime, and hardexpiretime.
4429 	 *
4430 	 * Check hard first.
4431 	 */
4432 
4433 	if (assoc->ipsa_hardexpiretime != 0 &&
4434 	    assoc->ipsa_hardexpiretime <= current) {
4435 		if (assoc->ipsa_state == IPSA_STATE_DEAD)
4436 			return (sadb_torch_assoc(head, assoc, inbound, mq));
4437 
4438 		if (inbound) {
4439 			sadb_delete_cluster(assoc);
4440 		}
4441 
4442 		/*
4443 		 * Send SADB_EXPIRE with hard lifetime, delay for unlinking.
4444 		 */
4445 		assoc->ipsa_state = IPSA_STATE_DEAD;
4446 		if (assoc->ipsa_haspeer || assoc->ipsa_otherspi != 0) {
4447 			/*
4448 			 * If the SA is paired or peered with another, put
4449 			 * a copy on a list which can be processed later, the
4450 			 * pair/peer SA needs to be updated so the both die
4451 			 * at the same time.
4452 			 *
4453 			 * If I return assoc, I have to bump up its reference
4454 			 * count to keep with the ipsa_t reference count
4455 			 * semantics.
4456 			 */
4457 			IPSA_REFHOLD(assoc);
4458 			retval = assoc;
4459 		}
4460 		sadb_expire_assoc(pfkey_q, assoc);
4461 		assoc->ipsa_hardexpiretime = current + reap_delay;
4462 	} else if (assoc->ipsa_softexpiretime != 0 &&
4463 	    assoc->ipsa_softexpiretime <= current &&
4464 	    assoc->ipsa_state < IPSA_STATE_DYING) {
4465 		/*
4466 		 * Send EXPIRE message to PF_KEY.  May wish to pawn
4467 		 * this off on another non-interrupt thread.
4468 		 */
4469 		assoc->ipsa_state = IPSA_STATE_DYING;
4470 		if (assoc->ipsa_haspeer) {
4471 			/*
4472 			 * If the SA has a peer, update the peer's state
4473 			 * on SOFT_EXPIRE, this is mostly to prevent two
4474 			 * expire messages from effectively the same SA.
4475 			 *
4476 			 * Don't care about paired SA's, then can (and should)
4477 			 * be able to soft expire at different times.
4478 			 *
4479 			 * If I return assoc, I have to bump up its
4480 			 * reference count to keep with the ipsa_t reference
4481 			 * count semantics.
4482 			 */
4483 			IPSA_REFHOLD(assoc);
4484 			retval = assoc;
4485 		}
4486 		sadb_expire_assoc(pfkey_q, assoc);
4487 	} else if (assoc->ipsa_idletime != 0 &&
4488 	    assoc->ipsa_idleexpiretime <= current) {
4489 		if (assoc->ipsa_state == IPSA_STATE_ACTIVE_ELSEWHERE) {
4490 			assoc->ipsa_state = IPSA_STATE_IDLE;
4491 		}
4492 
4493 		/*
4494 		 * Need to handle Mature case
4495 		 */
4496 		if (assoc->ipsa_state == IPSA_STATE_MATURE) {
4497 			sadb_expire_assoc(pfkey_q, assoc);
4498 		}
4499 	} else {
4500 		/* Check idle time activities. */
4501 		dropped_mutex = sadb_idle_activities(assoc,
4502 		    current - assoc->ipsa_lastuse, inbound);
4503 	}
4504 
4505 	if (!dropped_mutex)
4506 		mutex_exit(&assoc->ipsa_lock);
4507 	return (retval);
4508 }
4509 
4510 /*
4511  * Called by a consumer protocol to do ther dirty work of reaping dead
4512  * Security Associations.
4513  *
4514  * NOTE: sadb_age_assoc() marks expired SA's as DEAD but only removed
4515  * SA's that are already marked DEAD, so expired SA's are only reaped
4516  * the second time sadb_ager() runs.
4517  */
4518 void
4519 sadb_ager(sadb_t *sp, queue_t *pfkey_q, queue_t *ip_q, int reap_delay,
4520     netstack_t *ns)
4521 {
4522 	int i;
4523 	isaf_t *bucket;
4524 	ipsa_t *assoc, *spare;
4525 	iacqf_t *acqlist;
4526 	ipsacq_t *acqrec, *spareacq;
4527 	templist_t *haspeerlist, *newbie;
4528 	/* Snapshot current time now. */
4529 	time_t current = gethrestime_sec();
4530 	mblk_t *mq = NULL;
4531 	haspeerlist = NULL;
4532 
4533 	/*
4534 	 * Do my dirty work.  This includes aging real entries, aging
4535 	 * larvals, and aging outstanding ACQUIREs.
4536 	 *
4537 	 * I hope I don't tie up resources for too long.
4538 	 */
4539 
4540 	/* Age acquires. */
4541 
4542 	for (i = 0; i < sp->sdb_hashsize; i++) {
4543 		acqlist = &sp->sdb_acq[i];
4544 		mutex_enter(&acqlist->iacqf_lock);
4545 		for (acqrec = acqlist->iacqf_ipsacq; acqrec != NULL;
4546 		    acqrec = spareacq) {
4547 			spareacq = acqrec->ipsacq_next;
4548 			if (current > acqrec->ipsacq_expire)
4549 				sadb_destroy_acquire(acqrec, ns);
4550 		}
4551 		mutex_exit(&acqlist->iacqf_lock);
4552 	}
4553 
4554 	/* Age inbound associations. */
4555 	for (i = 0; i < sp->sdb_hashsize; i++) {
4556 		bucket = &(sp->sdb_if[i]);
4557 		mutex_enter(&bucket->isaf_lock);
4558 		for (assoc = bucket->isaf_ipsa; assoc != NULL;
4559 		    assoc = spare) {
4560 			spare = assoc->ipsa_next;
4561 			if (sadb_age_assoc(bucket, pfkey_q, assoc, current,
4562 			    reap_delay, B_TRUE, &mq) != NULL) {
4563 				/*
4564 				 * Put SA's which have a peer or SA's which
4565 				 * are paired on a list for processing after
4566 				 * all the hash tables have been walked.
4567 				 *
4568 				 * sadb_age_assoc() increments the refcnt,
4569 				 * effectively doing an IPSA_REFHOLD().
4570 				 */
4571 				newbie = kmem_alloc(sizeof (*newbie),
4572 				    KM_NOSLEEP);
4573 				if (newbie == NULL) {
4574 					/*
4575 					 * Don't forget to REFRELE().
4576 					 */
4577 					IPSA_REFRELE(assoc);
4578 					continue;	/* for loop... */
4579 				}
4580 				newbie->next = haspeerlist;
4581 				newbie->ipsa = assoc;
4582 				haspeerlist = newbie;
4583 			}
4584 		}
4585 		mutex_exit(&bucket->isaf_lock);
4586 	}
4587 
4588 	if (mq != NULL) {
4589 		sadb_drain_torchq(ip_q, mq);
4590 		mq = NULL;
4591 	}
4592 	age_pair_peer_list(haspeerlist, sp, B_FALSE);
4593 	haspeerlist = NULL;
4594 
4595 	/* Age outbound associations. */
4596 	for (i = 0; i < sp->sdb_hashsize; i++) {
4597 		bucket = &(sp->sdb_of[i]);
4598 		mutex_enter(&bucket->isaf_lock);
4599 		for (assoc = bucket->isaf_ipsa; assoc != NULL;
4600 		    assoc = spare) {
4601 			spare = assoc->ipsa_next;
4602 			if (sadb_age_assoc(bucket, pfkey_q, assoc, current,
4603 			    reap_delay, B_FALSE, &mq) != NULL) {
4604 				/*
4605 				 * sadb_age_assoc() increments the refcnt,
4606 				 * effectively doing an IPSA_REFHOLD().
4607 				 */
4608 				newbie = kmem_alloc(sizeof (*newbie),
4609 				    KM_NOSLEEP);
4610 				if (newbie == NULL) {
4611 					/*
4612 					 * Don't forget to REFRELE().
4613 					 */
4614 					IPSA_REFRELE(assoc);
4615 					continue;	/* for loop... */
4616 				}
4617 				newbie->next = haspeerlist;
4618 				newbie->ipsa = assoc;
4619 				haspeerlist = newbie;
4620 			}
4621 		}
4622 		mutex_exit(&bucket->isaf_lock);
4623 	}
4624 	if (mq != NULL) {
4625 		sadb_drain_torchq(ip_q, mq);
4626 		mq = NULL;
4627 	}
4628 
4629 	age_pair_peer_list(haspeerlist, sp, B_TRUE);
4630 
4631 	/*
4632 	 * Run a GC pass to clean out dead identities.
4633 	 */
4634 	ipsid_gc(ns);
4635 }
4636 
4637 /*
4638  * Figure out when to reschedule the ager.
4639  */
4640 timeout_id_t
4641 sadb_retimeout(hrtime_t begin, queue_t *pfkey_q, void (*ager)(void *),
4642     void *agerarg, uint_t *intp, uint_t intmax, short mid)
4643 {
4644 	hrtime_t end = gethrtime();
4645 	uint_t interval = *intp;
4646 
4647 	/*
4648 	 * See how long this took.  If it took too long, increase the
4649 	 * aging interval.
4650 	 */
4651 	if ((end - begin) > (hrtime_t)interval * (hrtime_t)1000000) {
4652 		if (interval >= intmax) {
4653 			/* XXX Rate limit this?  Or recommend flush? */
4654 			(void) strlog(mid, 0, 0, SL_ERROR | SL_WARN,
4655 			    "Too many SA's to age out in %d msec.\n",
4656 			    intmax);
4657 		} else {
4658 			/* Double by shifting by one bit. */
4659 			interval <<= 1;
4660 			interval = min(interval, intmax);
4661 		}
4662 	} else if ((end - begin) <= (hrtime_t)interval * (hrtime_t)500000 &&
4663 	    interval > SADB_AGE_INTERVAL_DEFAULT) {
4664 		/*
4665 		 * If I took less than half of the interval, then I should
4666 		 * ratchet the interval back down.  Never automatically
4667 		 * shift below the default aging interval.
4668 		 *
4669 		 * NOTE:This even overrides manual setting of the age
4670 		 *	interval using NDD to lower the setting past the
4671 		 *	default.  In other words, if you set the interval
4672 		 *	lower than the default, and your SADB gets too big,
4673 		 *	the interval will only self-lower back to the default.
4674 		 */
4675 		/* Halve by shifting one bit. */
4676 		interval >>= 1;
4677 		interval = max(interval, SADB_AGE_INTERVAL_DEFAULT);
4678 	}
4679 	*intp = interval;
4680 	return (qtimeout(pfkey_q, ager, agerarg,
4681 	    drv_usectohz(interval * 1000)));
4682 }
4683 
4684 
4685 /*
4686  * Update the lifetime values of an SA.	 This is the path an SADB_UPDATE
4687  * message takes when updating a MATURE or DYING SA.
4688  */
4689 static void
4690 sadb_update_lifetimes(ipsa_t *assoc, sadb_lifetime_t *hard,
4691     sadb_lifetime_t *soft, sadb_lifetime_t *idle, boolean_t outbound)
4692 {
4693 	mutex_enter(&assoc->ipsa_lock);
4694 
4695 	/*
4696 	 * XXX RFC 2367 mentions how an SADB_EXT_LIFETIME_CURRENT can be
4697 	 * passed in during an update message.	We currently don't handle
4698 	 * these.
4699 	 */
4700 
4701 	if (hard != NULL) {
4702 		if (hard->sadb_lifetime_bytes != 0)
4703 			assoc->ipsa_hardbyteslt = hard->sadb_lifetime_bytes;
4704 		if (hard->sadb_lifetime_usetime != 0)
4705 			assoc->ipsa_harduselt = hard->sadb_lifetime_usetime;
4706 		if (hard->sadb_lifetime_addtime != 0)
4707 			assoc->ipsa_hardaddlt = hard->sadb_lifetime_addtime;
4708 		if (assoc->ipsa_hardaddlt != 0) {
4709 			assoc->ipsa_hardexpiretime =
4710 			    assoc->ipsa_addtime + assoc->ipsa_hardaddlt;
4711 		}
4712 		if (assoc->ipsa_harduselt != 0 &&
4713 		    assoc->ipsa_flags & IPSA_F_USED) {
4714 			UPDATE_EXPIRE(assoc, harduselt, hardexpiretime);
4715 		}
4716 		if (hard->sadb_lifetime_allocations != 0)
4717 			assoc->ipsa_hardalloc = hard->sadb_lifetime_allocations;
4718 	}
4719 
4720 	if (soft != NULL) {
4721 		if (soft->sadb_lifetime_bytes != 0) {
4722 			if (soft->sadb_lifetime_bytes >
4723 			    assoc->ipsa_hardbyteslt) {
4724 				assoc->ipsa_softbyteslt =
4725 				    assoc->ipsa_hardbyteslt;
4726 			} else {
4727 				assoc->ipsa_softbyteslt =
4728 				    soft->sadb_lifetime_bytes;
4729 			}
4730 		}
4731 		if (soft->sadb_lifetime_usetime != 0) {
4732 			if (soft->sadb_lifetime_usetime >
4733 			    assoc->ipsa_harduselt) {
4734 				assoc->ipsa_softuselt =
4735 				    assoc->ipsa_harduselt;
4736 			} else {
4737 				assoc->ipsa_softuselt =
4738 				    soft->sadb_lifetime_usetime;
4739 			}
4740 		}
4741 		if (soft->sadb_lifetime_addtime != 0) {
4742 			if (soft->sadb_lifetime_addtime >
4743 			    assoc->ipsa_hardexpiretime) {
4744 				assoc->ipsa_softexpiretime =
4745 				    assoc->ipsa_hardexpiretime;
4746 			} else {
4747 				assoc->ipsa_softaddlt =
4748 				    soft->sadb_lifetime_addtime;
4749 			}
4750 		}
4751 		if (assoc->ipsa_softaddlt != 0) {
4752 			assoc->ipsa_softexpiretime =
4753 			    assoc->ipsa_addtime + assoc->ipsa_softaddlt;
4754 		}
4755 		if (assoc->ipsa_softuselt != 0 &&
4756 		    assoc->ipsa_flags & IPSA_F_USED) {
4757 			UPDATE_EXPIRE(assoc, softuselt, softexpiretime);
4758 		}
4759 		if (outbound && assoc->ipsa_softexpiretime != 0) {
4760 			if (assoc->ipsa_state == IPSA_STATE_MATURE)
4761 				lifetime_fuzz(assoc);
4762 		}
4763 
4764 		if (soft->sadb_lifetime_allocations != 0)
4765 			assoc->ipsa_softalloc = soft->sadb_lifetime_allocations;
4766 	}
4767 
4768 	if (idle != NULL) {
4769 		time_t current = gethrestime_sec();
4770 		if ((assoc->ipsa_idleexpiretime <= current) &&
4771 		    (assoc->ipsa_idleaddlt == idle->sadb_lifetime_addtime)) {
4772 			assoc->ipsa_idleexpiretime =
4773 			    current + assoc->ipsa_idleaddlt;
4774 		}
4775 		if (idle->sadb_lifetime_addtime != 0)
4776 			assoc->ipsa_idleaddlt = idle->sadb_lifetime_addtime;
4777 		if (idle->sadb_lifetime_usetime != 0)
4778 			assoc->ipsa_idleuselt = idle->sadb_lifetime_usetime;
4779 		if (assoc->ipsa_idleaddlt != 0) {
4780 			assoc->ipsa_idleexpiretime =
4781 			    current + idle->sadb_lifetime_addtime;
4782 			assoc->ipsa_idletime = idle->sadb_lifetime_addtime;
4783 		}
4784 		if (assoc->ipsa_idleuselt != 0) {
4785 			if (assoc->ipsa_idletime != 0) {
4786 				assoc->ipsa_idletime = min(assoc->ipsa_idletime,
4787 				    assoc->ipsa_idleuselt);
4788 			assoc->ipsa_idleexpiretime =
4789 			    current + assoc->ipsa_idletime;
4790 			} else {
4791 				assoc->ipsa_idleexpiretime =
4792 				    current + assoc->ipsa_idleuselt;
4793 				assoc->ipsa_idletime = assoc->ipsa_idleuselt;
4794 			}
4795 		}
4796 	}
4797 	mutex_exit(&assoc->ipsa_lock);
4798 }
4799 
4800 static int
4801 sadb_update_state(ipsa_t *assoc, uint_t new_state, mblk_t **ipkt_lst)
4802 {
4803 	int rcode = 0;
4804 	time_t current = gethrestime_sec();
4805 
4806 	mutex_enter(&assoc->ipsa_lock);
4807 
4808 	switch (new_state) {
4809 	case SADB_X_SASTATE_ACTIVE_ELSEWHERE:
4810 		if (assoc->ipsa_state == SADB_X_SASTATE_IDLE) {
4811 			assoc->ipsa_state = IPSA_STATE_ACTIVE_ELSEWHERE;
4812 			assoc->ipsa_idleexpiretime =
4813 			    current + assoc->ipsa_idletime;
4814 		}
4815 		break;
4816 	case SADB_X_SASTATE_IDLE:
4817 		if (assoc->ipsa_state == SADB_X_SASTATE_ACTIVE_ELSEWHERE) {
4818 			assoc->ipsa_state = IPSA_STATE_IDLE;
4819 			assoc->ipsa_idleexpiretime =
4820 			    current + assoc->ipsa_idletime;
4821 		} else {
4822 			rcode = EINVAL;
4823 		}
4824 		break;
4825 
4826 	case SADB_X_SASTATE_ACTIVE:
4827 		if (assoc->ipsa_state != SADB_X_SASTATE_IDLE) {
4828 			rcode = EINVAL;
4829 			break;
4830 		}
4831 		assoc->ipsa_state = IPSA_STATE_MATURE;
4832 		assoc->ipsa_idleexpiretime = current + assoc->ipsa_idletime;
4833 
4834 		if (ipkt_lst == NULL) {
4835 			break;
4836 		}
4837 
4838 		if (assoc->ipsa_bpkt_head != NULL) {
4839 			*ipkt_lst = assoc->ipsa_bpkt_head;
4840 			assoc->ipsa_bpkt_head = assoc->ipsa_bpkt_tail = NULL;
4841 			assoc->ipsa_mblkcnt = 0;
4842 		} else {
4843 			*ipkt_lst = NULL;
4844 		}
4845 		break;
4846 	default:
4847 		rcode = EINVAL;
4848 		break;
4849 	}
4850 
4851 	mutex_exit(&assoc->ipsa_lock);
4852 	return (rcode);
4853 }
4854 
4855 /*
4856  * Check a proposed KMC update for sanity.
4857  */
4858 static int
4859 sadb_check_kmc(ipsa_query_t *sq, ipsa_t *sa, int *diagnostic)
4860 {
4861 	uint32_t kmp = sq->kmp;
4862 	uint32_t kmc = sq->kmc;
4863 
4864 	if (sa == NULL)
4865 		return (0);
4866 
4867 	if (sa->ipsa_state == IPSA_STATE_DEAD)
4868 		return (ESRCH);	/* DEAD == Not there, in this case. */
4869 
4870 	if ((kmp != 0) && ((sa->ipsa_kmp != 0) || (sa->ipsa_kmp != kmp))) {
4871 		*diagnostic = SADB_X_DIAGNOSTIC_DUPLICATE_KMP;
4872 		return (EINVAL);
4873 	}
4874 
4875 	if ((kmc != 0) && ((sa->ipsa_kmc != 0) || (sa->ipsa_kmc != kmc))) {
4876 		*diagnostic = SADB_X_DIAGNOSTIC_DUPLICATE_KMC;
4877 		return (EINVAL);
4878 	}
4879 
4880 	return (0);
4881 }
4882 
4883 /*
4884  * Actually update the KMC info.
4885  */
4886 static void
4887 sadb_update_kmc(ipsa_query_t *sq, ipsa_t *sa)
4888 {
4889 	uint32_t kmp = sq->kmp;
4890 	uint32_t kmc = sq->kmc;
4891 
4892 	if (kmp != 0)
4893 		sa->ipsa_kmp = kmp;
4894 	if (kmc != 0)
4895 		sa->ipsa_kmc = kmc;
4896 }
4897 
4898 /*
4899  * Common code to update an SA.
4900  */
4901 
4902 int
4903 sadb_update_sa(mblk_t *mp, keysock_in_t *ksi, mblk_t **ipkt_lst,
4904     sadbp_t *spp, int *diagnostic, queue_t *pfkey_q,
4905     int (*add_sa_func)(mblk_t *, keysock_in_t *, int *, netstack_t *),
4906     netstack_t *ns, uint8_t sadb_msg_type)
4907 {
4908 	sadb_key_t *akey = (sadb_key_t *)ksi->ks_in_extv[SADB_EXT_KEY_AUTH];
4909 	sadb_key_t *ekey = (sadb_key_t *)ksi->ks_in_extv[SADB_EXT_KEY_ENCRYPT];
4910 	sadb_x_replay_ctr_t *replext =
4911 	    (sadb_x_replay_ctr_t *)ksi->ks_in_extv[SADB_X_EXT_REPLAY_VALUE];
4912 	sadb_lifetime_t *soft =
4913 	    (sadb_lifetime_t *)ksi->ks_in_extv[SADB_EXT_LIFETIME_SOFT];
4914 	sadb_lifetime_t *hard =
4915 	    (sadb_lifetime_t *)ksi->ks_in_extv[SADB_EXT_LIFETIME_HARD];
4916 	sadb_lifetime_t *idle =
4917 	    (sadb_lifetime_t *)ksi->ks_in_extv[SADB_X_EXT_LIFETIME_IDLE];
4918 	sadb_x_pair_t *pair_ext =
4919 	    (sadb_x_pair_t *)ksi->ks_in_extv[SADB_X_EXT_PAIR];
4920 	ipsa_t *echo_target = NULL;
4921 	ipsap_t ipsapp;
4922 	ipsa_query_t sq;
4923 	time_t current = gethrestime_sec();
4924 
4925 	sq.spp = spp;		/* XXX param */
4926 	int error = sadb_form_query(ksi, IPSA_Q_SRC|IPSA_Q_DST|IPSA_Q_SA,
4927 	    IPSA_Q_SRC|IPSA_Q_DST|IPSA_Q_SA|IPSA_Q_INBOUND|IPSA_Q_OUTBOUND,
4928 	    &sq, diagnostic);
4929 
4930 	if (error != 0)
4931 		return (error);
4932 
4933 	error = get_ipsa_pair(&sq, &ipsapp, diagnostic);
4934 	if (error != 0)
4935 		return (error);
4936 
4937 	if (ipsapp.ipsap_psa_ptr == NULL && ipsapp.ipsap_sa_ptr != NULL) {
4938 		if (ipsapp.ipsap_sa_ptr->ipsa_state == IPSA_STATE_LARVAL) {
4939 			/*
4940 			 * REFRELE the target and let the add_sa_func()
4941 			 * deal with updating a larval SA.
4942 			 */
4943 			destroy_ipsa_pair(&ipsapp);
4944 			return (add_sa_func(mp, ksi, diagnostic, ns));
4945 		}
4946 	}
4947 
4948 	/*
4949 	 * At this point we have an UPDATE to a MATURE SA. There should
4950 	 * not be any keying material present.
4951 	 */
4952 	if (akey != NULL) {
4953 		*diagnostic = SADB_X_DIAGNOSTIC_AKEY_PRESENT;
4954 		error = EINVAL;
4955 		goto bail;
4956 	}
4957 	if (ekey != NULL) {
4958 		*diagnostic = SADB_X_DIAGNOSTIC_EKEY_PRESENT;
4959 		error = EINVAL;
4960 		goto bail;
4961 	}
4962 
4963 	if (sq.assoc->sadb_sa_state == SADB_X_SASTATE_ACTIVE_ELSEWHERE) {
4964 		if (ipsapp.ipsap_sa_ptr != NULL &&
4965 		    ipsapp.ipsap_sa_ptr->ipsa_state == IPSA_STATE_IDLE) {
4966 			if ((error = sadb_update_state(ipsapp.ipsap_sa_ptr,
4967 			    sq.assoc->sadb_sa_state, NULL)) != 0) {
4968 				*diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
4969 				goto bail;
4970 			}
4971 		}
4972 		if (ipsapp.ipsap_psa_ptr != NULL &&
4973 		    ipsapp.ipsap_psa_ptr->ipsa_state == IPSA_STATE_IDLE) {
4974 			if ((error = sadb_update_state(ipsapp.ipsap_psa_ptr,
4975 			    sq.assoc->sadb_sa_state, NULL)) != 0) {
4976 				*diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
4977 				goto bail;
4978 			}
4979 		}
4980 	}
4981 	if (sq.assoc->sadb_sa_state == SADB_X_SASTATE_ACTIVE) {
4982 		if (ipsapp.ipsap_sa_ptr != NULL) {
4983 			error = sadb_update_state(ipsapp.ipsap_sa_ptr,
4984 			    sq.assoc->sadb_sa_state,
4985 			    (ipsapp.ipsap_sa_ptr->ipsa_flags &
4986 			    IPSA_F_INBOUND) ? ipkt_lst : NULL);
4987 			if (error) {
4988 				*diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
4989 				goto bail;
4990 			}
4991 		}
4992 		if (ipsapp.ipsap_psa_ptr != NULL) {
4993 			error = sadb_update_state(ipsapp.ipsap_psa_ptr,
4994 			    sq.assoc->sadb_sa_state,
4995 			    (ipsapp.ipsap_psa_ptr->ipsa_flags &
4996 			    IPSA_F_INBOUND) ? ipkt_lst : NULL);
4997 			if (error) {
4998 				*diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
4999 				goto bail;
5000 			}
5001 		}
5002 		sadb_pfkey_echo(pfkey_q, mp, (sadb_msg_t *)mp->b_cont->b_rptr,
5003 		    ksi, echo_target);
5004 		goto bail;
5005 	}
5006 
5007 	/*
5008 	 * Reality checks for updates of active associations.
5009 	 * Sundry first-pass UPDATE-specific reality checks.
5010 	 * Have to do the checks here, because it's after the add_sa code.
5011 	 * XXX STATS : logging/stats here?
5012 	 */
5013 
5014 	if (!((sq.assoc->sadb_sa_state == SADB_SASTATE_MATURE) ||
5015 	    (sq.assoc->sadb_sa_state == SADB_X_SASTATE_ACTIVE_ELSEWHERE))) {
5016 		*diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
5017 		error = EINVAL;
5018 		goto bail;
5019 	}
5020 	if (sq.assoc->sadb_sa_flags & ~spp->s_updateflags) {
5021 		*diagnostic = SADB_X_DIAGNOSTIC_BAD_SAFLAGS;
5022 		error = EINVAL;
5023 		goto bail;
5024 	}
5025 	if (ksi->ks_in_extv[SADB_EXT_LIFETIME_CURRENT] != NULL) {
5026 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_LIFETIME;
5027 		error = EOPNOTSUPP;
5028 		goto bail;
5029 	}
5030 
5031 	if ((*diagnostic = sadb_hardsoftchk(hard, soft, idle)) != 0) {
5032 		error = EINVAL;
5033 		goto bail;
5034 	}
5035 
5036 	if ((*diagnostic = sadb_labelchk(ksi)) != 0)
5037 		return (EINVAL);
5038 
5039 	error = sadb_check_kmc(&sq, ipsapp.ipsap_sa_ptr, diagnostic);
5040 	if (error != 0)
5041 		goto bail;
5042 
5043 	error = sadb_check_kmc(&sq, ipsapp.ipsap_psa_ptr, diagnostic);
5044 	if (error != 0)
5045 		goto bail;
5046 
5047 
5048 	if (ipsapp.ipsap_sa_ptr != NULL) {
5049 		/*
5050 		 * Do not allow replay value change for MATURE or LARVAL SA.
5051 		 */
5052 
5053 		if ((replext != NULL) &&
5054 		    ((ipsapp.ipsap_sa_ptr->ipsa_state == IPSA_STATE_LARVAL) ||
5055 		    (ipsapp.ipsap_sa_ptr->ipsa_state == IPSA_STATE_MATURE))) {
5056 			*diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
5057 			error = EINVAL;
5058 			goto bail;
5059 		}
5060 	}
5061 
5062 
5063 	if (ipsapp.ipsap_sa_ptr != NULL) {
5064 		sadb_update_lifetimes(ipsapp.ipsap_sa_ptr, hard, soft,
5065 		    idle, B_TRUE);
5066 		sadb_update_kmc(&sq, ipsapp.ipsap_sa_ptr);
5067 		if ((replext != NULL) &&
5068 		    (ipsapp.ipsap_sa_ptr->ipsa_replay_wsize != 0)) {
5069 			/*
5070 			 * If an inbound SA, update the replay counter
5071 			 * and check off all the other sequence number
5072 			 */
5073 			if (ksi->ks_in_dsttype == KS_IN_ADDR_ME) {
5074 				if (!sadb_replay_check(ipsapp.ipsap_sa_ptr,
5075 				    replext->sadb_x_rc_replay32)) {
5076 					*diagnostic =
5077 					    SADB_X_DIAGNOSTIC_INVALID_REPLAY;
5078 					error = EINVAL;
5079 					goto bail;
5080 				}
5081 				mutex_enter(&ipsapp.ipsap_sa_ptr->ipsa_lock);
5082 				ipsapp.ipsap_sa_ptr->ipsa_idleexpiretime =
5083 				    current +
5084 				    ipsapp.ipsap_sa_ptr->ipsa_idletime;
5085 				mutex_exit(&ipsapp.ipsap_sa_ptr->ipsa_lock);
5086 			} else {
5087 				mutex_enter(&ipsapp.ipsap_sa_ptr->ipsa_lock);
5088 				ipsapp.ipsap_sa_ptr->ipsa_replay =
5089 				    replext->sadb_x_rc_replay32;
5090 				ipsapp.ipsap_sa_ptr->ipsa_idleexpiretime =
5091 				    current +
5092 				    ipsapp.ipsap_sa_ptr->ipsa_idletime;
5093 				mutex_exit(&ipsapp.ipsap_sa_ptr->ipsa_lock);
5094 			}
5095 		}
5096 	}
5097 
5098 	if (sadb_msg_type == SADB_X_UPDATEPAIR) {
5099 		if (ipsapp.ipsap_psa_ptr != NULL) {
5100 			sadb_update_lifetimes(ipsapp.ipsap_psa_ptr, hard, soft,
5101 			    idle, B_FALSE);
5102 			sadb_update_kmc(&sq, ipsapp.ipsap_psa_ptr);
5103 		} else {
5104 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_SA_NOTFOUND;
5105 			error = ESRCH;
5106 			goto bail;
5107 		}
5108 	}
5109 
5110 	if (pair_ext != NULL)
5111 		error = update_pairing(&ipsapp, &sq, ksi, diagnostic);
5112 
5113 	if (error == 0)
5114 		sadb_pfkey_echo(pfkey_q, mp, (sadb_msg_t *)mp->b_cont->b_rptr,
5115 		    ksi, echo_target);
5116 bail:
5117 
5118 	destroy_ipsa_pair(&ipsapp);
5119 
5120 	return (error);
5121 }
5122 
5123 
5124 static int
5125 update_pairing(ipsap_t *ipsapp, ipsa_query_t *sq, keysock_in_t *ksi,
5126     int *diagnostic)
5127 {
5128 	sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
5129 	sadb_x_pair_t *pair_ext =
5130 	    (sadb_x_pair_t *)ksi->ks_in_extv[SADB_X_EXT_PAIR];
5131 	int error = 0;
5132 	ipsap_t oipsapp;
5133 	boolean_t undo_pair = B_FALSE;
5134 	uint32_t ipsa_flags;
5135 
5136 	if (pair_ext->sadb_x_pair_spi == 0 || pair_ext->sadb_x_pair_spi ==
5137 	    assoc->sadb_sa_spi) {
5138 		*diagnostic = SADB_X_DIAGNOSTIC_PAIR_INAPPROPRIATE;
5139 		return (EINVAL);
5140 	}
5141 
5142 	/*
5143 	 * Assume for now that the spi value provided in the SADB_UPDATE
5144 	 * message was valid, update the SA with its pair spi value.
5145 	 * If the spi turns out to be bogus or the SA no longer exists
5146 	 * then this will be detected when the reverse update is made
5147 	 * below.
5148 	 */
5149 	mutex_enter(&ipsapp->ipsap_sa_ptr->ipsa_lock);
5150 	ipsapp->ipsap_sa_ptr->ipsa_flags |= IPSA_F_PAIRED;
5151 	ipsapp->ipsap_sa_ptr->ipsa_otherspi = pair_ext->sadb_x_pair_spi;
5152 	mutex_exit(&ipsapp->ipsap_sa_ptr->ipsa_lock);
5153 
5154 	/*
5155 	 * After updating the ipsa_otherspi element of the SA, get_ipsa_pair()
5156 	 * should now return pointers to the SA *AND* its pair, if this is not
5157 	 * the case, the "otherspi" either did not exist or was deleted. Also
5158 	 * check that "otherspi" is not already paired. If everything looks
5159 	 * good, complete the update. IPSA_REFRELE the first pair_pointer
5160 	 * after this update to ensure its not deleted until we are done.
5161 	 */
5162 	error = get_ipsa_pair(sq, &oipsapp, diagnostic);
5163 	if (error != 0) {
5164 		/*
5165 		 * This should never happen, calling function still has
5166 		 * IPSA_REFHELD on the SA we just updated.
5167 		 */
5168 		return (error);	/* XXX EINVAL instead of ESRCH? */
5169 	}
5170 
5171 	if (oipsapp.ipsap_psa_ptr == NULL) {
5172 		*diagnostic = SADB_X_DIAGNOSTIC_PAIR_INAPPROPRIATE;
5173 		error = EINVAL;
5174 		undo_pair = B_TRUE;
5175 	} else {
5176 		ipsa_flags = oipsapp.ipsap_psa_ptr->ipsa_flags;
5177 		if ((oipsapp.ipsap_psa_ptr->ipsa_state == IPSA_STATE_DEAD) ||
5178 		    (oipsapp.ipsap_psa_ptr->ipsa_state == IPSA_STATE_DYING)) {
5179 			/* Its dead Jim! */
5180 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_INAPPROPRIATE;
5181 			undo_pair = B_TRUE;
5182 		} else if ((ipsa_flags & (IPSA_F_OUTBOUND | IPSA_F_INBOUND)) ==
5183 		    (IPSA_F_OUTBOUND | IPSA_F_INBOUND)) {
5184 			/* This SA is in both hashtables. */
5185 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_INAPPROPRIATE;
5186 			undo_pair = B_TRUE;
5187 		} else if (ipsa_flags & IPSA_F_PAIRED) {
5188 			/* This SA is already paired with another. */
5189 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_ALREADY;
5190 			undo_pair = B_TRUE;
5191 		}
5192 	}
5193 
5194 	if (undo_pair) {
5195 		/* The pair SA does not exist. */
5196 		mutex_enter(&ipsapp->ipsap_sa_ptr->ipsa_lock);
5197 		ipsapp->ipsap_sa_ptr->ipsa_flags &= ~IPSA_F_PAIRED;
5198 		ipsapp->ipsap_sa_ptr->ipsa_otherspi = 0;
5199 		mutex_exit(&ipsapp->ipsap_sa_ptr->ipsa_lock);
5200 	} else {
5201 		mutex_enter(&oipsapp.ipsap_psa_ptr->ipsa_lock);
5202 		oipsapp.ipsap_psa_ptr->ipsa_otherspi = assoc->sadb_sa_spi;
5203 		oipsapp.ipsap_psa_ptr->ipsa_flags |= IPSA_F_PAIRED;
5204 		mutex_exit(&oipsapp.ipsap_psa_ptr->ipsa_lock);
5205 	}
5206 
5207 	destroy_ipsa_pair(&oipsapp);
5208 	return (error);
5209 }
5210 
5211 /*
5212  * The following functions deal with ACQUIRE LISTS.  An ACQUIRE list is
5213  * a list of outstanding SADB_ACQUIRE messages.	 If ipsec_getassocbyconn() fails
5214  * for an outbound datagram, that datagram is queued up on an ACQUIRE record,
5215  * and an SADB_ACQUIRE message is sent up.  Presumably, a user-space key
5216  * management daemon will process the ACQUIRE, use a SADB_GETSPI to reserve
5217  * an SPI value and a larval SA, then SADB_UPDATE the larval SA, and ADD the
5218  * other direction's SA.
5219  */
5220 
5221 /*
5222  * Check the ACQUIRE lists.  If there's an existing ACQUIRE record,
5223  * grab it, lock it, and return it.  Otherwise return NULL.
5224  *
5225  * XXX MLS number of arguments getting unwieldy here
5226  */
5227 static ipsacq_t *
5228 sadb_checkacquire(iacqf_t *bucket, ipsec_action_t *ap, ipsec_policy_t *pp,
5229     uint32_t *src, uint32_t *dst, uint32_t *isrc, uint32_t *idst,
5230     uint64_t unique_id, cred_t *cr)
5231 {
5232 	ipsacq_t *walker;
5233 	sa_family_t fam;
5234 	uint32_t blank_address[4] = {0, 0, 0, 0};
5235 
5236 	if (isrc == NULL) {
5237 		ASSERT(idst == NULL);
5238 		isrc = idst = blank_address;
5239 	}
5240 
5241 	/*
5242 	 * Scan list for duplicates.  Check for UNIQUE, src/dest, policy.
5243 	 *
5244 	 * XXX May need search for duplicates based on other things too!
5245 	 */
5246 	for (walker = bucket->iacqf_ipsacq; walker != NULL;
5247 	    walker = walker->ipsacq_next) {
5248 		mutex_enter(&walker->ipsacq_lock);
5249 		fam = walker->ipsacq_addrfam;
5250 		if (IPSA_ARE_ADDR_EQUAL(dst, walker->ipsacq_dstaddr, fam) &&
5251 		    IPSA_ARE_ADDR_EQUAL(src, walker->ipsacq_srcaddr, fam) &&
5252 		    ip_addr_match((uint8_t *)isrc, walker->ipsacq_innersrcpfx,
5253 		    (in6_addr_t *)walker->ipsacq_innersrc) &&
5254 		    ip_addr_match((uint8_t *)idst, walker->ipsacq_innerdstpfx,
5255 		    (in6_addr_t *)walker->ipsacq_innerdst) &&
5256 		    (ap == walker->ipsacq_act) &&
5257 		    (pp == walker->ipsacq_policy) &&
5258 		    /* XXX do deep compares of ap/pp? */
5259 		    (unique_id == walker->ipsacq_unique_id) &&
5260 		    (ipsec_label_match(cr, walker->ipsacq_cred)))
5261 			break;			/* everything matched */
5262 		mutex_exit(&walker->ipsacq_lock);
5263 	}
5264 
5265 	return (walker);
5266 }
5267 
5268 /*
5269  * For this mblk, insert a new acquire record.  Assume bucket contains addrs
5270  * of all of the same length.  Give up (and drop) if memory
5271  * cannot be allocated for a new one; otherwise, invoke callback to
5272  * send the acquire up..
5273  *
5274  * In cases where we need both AH and ESP, add the SA to the ESP ACQUIRE
5275  * list.  The ah_add_sa_finish() routines can look at the packet's ipsec_out_t
5276  * and handle this case specially.
5277  */
5278 void
5279 sadb_acquire(mblk_t *mp, ipsec_out_t *io, boolean_t need_ah, boolean_t need_esp)
5280 {
5281 	sadbp_t *spp;
5282 	sadb_t *sp;
5283 	ipsacq_t *newbie;
5284 	iacqf_t *bucket;
5285 	mblk_t *datamp = mp->b_cont;
5286 	mblk_t *extended;
5287 	ipha_t *ipha = (ipha_t *)datamp->b_rptr;
5288 	ip6_t *ip6h = (ip6_t *)datamp->b_rptr;
5289 	uint32_t *src, *dst, *isrc, *idst;
5290 	ipsec_policy_t *pp = io->ipsec_out_policy;
5291 	ipsec_action_t *ap = io->ipsec_out_act;
5292 	sa_family_t af;
5293 	int hashoffset;
5294 	uint32_t seq;
5295 	uint64_t unique_id = 0;
5296 	ipsec_selector_t sel;
5297 	boolean_t tunnel_mode = io->ipsec_out_tunnel;
5298 	cred_t 		*cr = NULL;
5299 	netstack_t	*ns = io->ipsec_out_ns;
5300 	ipsec_stack_t	*ipss = ns->netstack_ipsec;
5301 	sadb_sens_t 	*sens = NULL;
5302 	int 		sens_len;
5303 
5304 	ASSERT((pp != NULL) || (ap != NULL));
5305 
5306 	ASSERT(need_ah != NULL || need_esp != NULL);
5307 
5308 	/* Assign sadb pointers */
5309 	if (need_esp) { /* ESP for AH+ESP */
5310 		ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
5311 
5312 		spp = &espstack->esp_sadb;
5313 	} else {
5314 		ipsecah_stack_t	*ahstack = ns->netstack_ipsecah;
5315 
5316 		spp = &ahstack->ah_sadb;
5317 	}
5318 	sp = io->ipsec_out_v4 ? &spp->s_v4 : &spp->s_v6;
5319 
5320 	ASSERT(mp->b_cont != NULL);
5321 
5322 	if (is_system_labeled())
5323 		cr = msg_getcred(mp->b_cont, NULL);
5324 
5325 	if (ap == NULL)
5326 		ap = pp->ipsp_act;
5327 
5328 	ASSERT(ap != NULL);
5329 
5330 	if (ap->ipa_act.ipa_apply.ipp_use_unique || tunnel_mode)
5331 		unique_id = SA_FORM_UNIQUE_ID(io);
5332 
5333 	/*
5334 	 * Set up an ACQUIRE record.
5335 	 *
5336 	 * Immediately, make sure the ACQUIRE sequence number doesn't slip
5337 	 * below the lowest point allowed in the kernel.  (In other words,
5338 	 * make sure the high bit on the sequence number is set.)
5339 	 */
5340 
5341 	seq = keysock_next_seq(ns) | IACQF_LOWEST_SEQ;
5342 
5343 	if (IPH_HDR_VERSION(ipha) == IP_VERSION) {
5344 		src = (uint32_t *)&ipha->ipha_src;
5345 		dst = (uint32_t *)&ipha->ipha_dst;
5346 		af = AF_INET;
5347 		hashoffset = OUTBOUND_HASH_V4(sp, ipha->ipha_dst);
5348 		ASSERT(io->ipsec_out_v4 == B_TRUE);
5349 	} else {
5350 		ASSERT(IPH_HDR_VERSION(ipha) == IPV6_VERSION);
5351 		src = (uint32_t *)&ip6h->ip6_src;
5352 		dst = (uint32_t *)&ip6h->ip6_dst;
5353 		af = AF_INET6;
5354 		hashoffset = OUTBOUND_HASH_V6(sp, ip6h->ip6_dst);
5355 		ASSERT(io->ipsec_out_v4 == B_FALSE);
5356 	}
5357 
5358 	if (tunnel_mode) {
5359 		if (pp == NULL) {
5360 			/*
5361 			 * Tunnel mode with no policy pointer means this is a
5362 			 * reflected ICMP (like a ECHO REQUEST) that came in
5363 			 * with self-encapsulated protection.  Until we better
5364 			 * support this, drop the packet.
5365 			 */
5366 			ip_drop_packet(mp, B_FALSE, NULL, NULL,
5367 			    DROPPER(ipss, ipds_spd_got_selfencap),
5368 			    &ipss->ipsec_spd_dropper);
5369 			return;
5370 		}
5371 		/* Snag inner addresses. */
5372 		isrc = io->ipsec_out_insrc;
5373 		idst = io->ipsec_out_indst;
5374 	} else {
5375 		isrc = idst = NULL;
5376 	}
5377 
5378 	/*
5379 	 * Check buckets to see if there is an existing entry.  If so,
5380 	 * grab it.  sadb_checkacquire locks newbie if found.
5381 	 */
5382 	bucket = &(sp->sdb_acq[hashoffset]);
5383 	mutex_enter(&bucket->iacqf_lock);
5384 	newbie = sadb_checkacquire(bucket, ap, pp, src, dst, isrc, idst,
5385 	    unique_id, cr);
5386 
5387 	if (newbie == NULL) {
5388 		/*
5389 		 * Otherwise, allocate a new one.
5390 		 */
5391 		newbie = kmem_zalloc(sizeof (*newbie), KM_NOSLEEP);
5392 		if (newbie == NULL) {
5393 			mutex_exit(&bucket->iacqf_lock);
5394 			ip_drop_packet(mp, B_FALSE, NULL, NULL,
5395 			    DROPPER(ipss, ipds_sadb_acquire_nomem),
5396 			    &ipss->ipsec_sadb_dropper);
5397 			return;
5398 		}
5399 		newbie->ipsacq_policy = pp;
5400 		if (pp != NULL) {
5401 			IPPOL_REFHOLD(pp);
5402 		}
5403 		IPACT_REFHOLD(ap);
5404 		newbie->ipsacq_act = ap;
5405 		newbie->ipsacq_linklock = &bucket->iacqf_lock;
5406 		newbie->ipsacq_next = bucket->iacqf_ipsacq;
5407 		newbie->ipsacq_ptpn = &bucket->iacqf_ipsacq;
5408 		if (newbie->ipsacq_next != NULL)
5409 			newbie->ipsacq_next->ipsacq_ptpn = &newbie->ipsacq_next;
5410 
5411 		bucket->iacqf_ipsacq = newbie;
5412 		mutex_init(&newbie->ipsacq_lock, NULL, MUTEX_DEFAULT, NULL);
5413 		mutex_enter(&newbie->ipsacq_lock);
5414 	}
5415 
5416 	/*
5417 	 * XXX MLS does it actually help us to drop the bucket lock here?
5418 	 * we have inserted a half-built, locked acquire record into the
5419 	 * bucket.  any competing thread will now be able to lock the bucket
5420 	 * to scan it, but will immediately pile up on the new acquire
5421 	 * record's lock; I don't think we gain anything here other than to
5422 	 * disperse blame for lock contention.
5423 	 *
5424 	 * we might be able to dispense with acquire record locks entirely..
5425 	 * just use the bucket locks..
5426 	 */
5427 
5428 	mutex_exit(&bucket->iacqf_lock);
5429 
5430 	/*
5431 	 * This assert looks silly for now, but we may need to enter newbie's
5432 	 * mutex during a search.
5433 	 */
5434 	ASSERT(MUTEX_HELD(&newbie->ipsacq_lock));
5435 
5436 	mp->b_next = NULL;
5437 	/* Queue up packet.  Use b_next. */
5438 	if (newbie->ipsacq_numpackets == 0) {
5439 		/* First one. */
5440 		newbie->ipsacq_mp = mp;
5441 		newbie->ipsacq_numpackets = 1;
5442 		newbie->ipsacq_expire = gethrestime_sec();
5443 		/*
5444 		 * Extended ACQUIRE with both AH+ESP will use ESP's timeout
5445 		 * value.
5446 		 */
5447 		newbie->ipsacq_expire += *spp->s_acquire_timeout;
5448 		newbie->ipsacq_seq = seq;
5449 		newbie->ipsacq_addrfam = af;
5450 
5451 		newbie->ipsacq_srcport = io->ipsec_out_src_port;
5452 		newbie->ipsacq_dstport = io->ipsec_out_dst_port;
5453 		newbie->ipsacq_icmp_type = io->ipsec_out_icmp_type;
5454 		newbie->ipsacq_icmp_code = io->ipsec_out_icmp_code;
5455 		if (tunnel_mode) {
5456 			newbie->ipsacq_inneraddrfam = io->ipsec_out_inaf;
5457 			newbie->ipsacq_proto = io->ipsec_out_inaf == AF_INET6 ?
5458 			    IPPROTO_IPV6 : IPPROTO_ENCAP;
5459 			newbie->ipsacq_innersrcpfx = io->ipsec_out_insrcpfx;
5460 			newbie->ipsacq_innerdstpfx = io->ipsec_out_indstpfx;
5461 			IPSA_COPY_ADDR(newbie->ipsacq_innersrc,
5462 			    io->ipsec_out_insrc, io->ipsec_out_inaf);
5463 			IPSA_COPY_ADDR(newbie->ipsacq_innerdst,
5464 			    io->ipsec_out_indst, io->ipsec_out_inaf);
5465 		} else {
5466 			newbie->ipsacq_proto = io->ipsec_out_proto;
5467 		}
5468 		newbie->ipsacq_unique_id = unique_id;
5469 
5470 		if (cr != NULL) {
5471 			crhold(cr);
5472 			newbie->ipsacq_cred = cr;
5473 		}
5474 	} else {
5475 		/* Scan to the end of the list & insert. */
5476 		mblk_t *lastone = newbie->ipsacq_mp;
5477 
5478 		while (lastone->b_next != NULL)
5479 			lastone = lastone->b_next;
5480 		lastone->b_next = mp;
5481 		if (newbie->ipsacq_numpackets++ == ipsacq_maxpackets) {
5482 			newbie->ipsacq_numpackets = ipsacq_maxpackets;
5483 			lastone = newbie->ipsacq_mp;
5484 			newbie->ipsacq_mp = lastone->b_next;
5485 			lastone->b_next = NULL;
5486 			ip_drop_packet(lastone, B_FALSE, NULL, NULL,
5487 			    DROPPER(ipss, ipds_sadb_acquire_toofull),
5488 			    &ipss->ipsec_sadb_dropper);
5489 		} else {
5490 			IP_ACQUIRE_STAT(ipss, qhiwater,
5491 			    newbie->ipsacq_numpackets);
5492 		}
5493 	}
5494 
5495 	/*
5496 	 * Reset addresses.  Set them to the most recently added mblk chain,
5497 	 * so that the address pointers in the acquire record will point
5498 	 * at an mblk still attached to the acquire list.
5499 	 */
5500 
5501 	newbie->ipsacq_srcaddr = src;
5502 	newbie->ipsacq_dstaddr = dst;
5503 
5504 	/*
5505 	 * If the acquire record has more than one queued packet, we've
5506 	 * already sent an ACQUIRE, and don't need to repeat ourself.
5507 	 */
5508 	if (newbie->ipsacq_seq != seq || newbie->ipsacq_numpackets > 1) {
5509 		/* I have an acquire outstanding already! */
5510 		mutex_exit(&newbie->ipsacq_lock);
5511 		return;
5512 	}
5513 
5514 	if (!keysock_extended_reg(ns))
5515 		goto punt_extended;
5516 	/*
5517 	 * Construct an extended ACQUIRE.  There are logging
5518 	 * opportunities here in failure cases.
5519 	 */
5520 	(void) memset(&sel, 0, sizeof (sel));
5521 	sel.ips_isv4 = io->ipsec_out_v4;
5522 	if (tunnel_mode) {
5523 		sel.ips_protocol = (io->ipsec_out_inaf == AF_INET) ?
5524 		    IPPROTO_ENCAP : IPPROTO_IPV6;
5525 	} else {
5526 		sel.ips_protocol = io->ipsec_out_proto;
5527 		sel.ips_local_port = io->ipsec_out_src_port;
5528 		sel.ips_remote_port = io->ipsec_out_dst_port;
5529 	}
5530 	sel.ips_icmp_type = io->ipsec_out_icmp_type;
5531 	sel.ips_icmp_code = io->ipsec_out_icmp_code;
5532 	sel.ips_is_icmp_inv_acq = 0;
5533 	if (af == AF_INET) {
5534 		sel.ips_local_addr_v4 = ipha->ipha_src;
5535 		sel.ips_remote_addr_v4 = ipha->ipha_dst;
5536 	} else {
5537 		sel.ips_local_addr_v6 = ip6h->ip6_src;
5538 		sel.ips_remote_addr_v6 = ip6h->ip6_dst;
5539 	}
5540 
5541 	extended = sadb_keysock_out(0);
5542 	if (extended == NULL)
5543 		goto punt_extended;
5544 
5545 	if (cr != NULL) {
5546 		/*
5547 		 * XXX MLS correct condition here?
5548 		 * XXX MLS other credential attributes in acquire?
5549 		 * XXX malloc failure?  don't fall back to original?
5550 		 */
5551 		sens = sadb_make_sens_ext(cr, &sens_len);
5552 
5553 		if (sens == NULL) {
5554 			freeb(extended);
5555 			goto punt_extended;
5556 		}
5557 	}
5558 
5559 	extended->b_cont = sadb_extended_acquire(&sel, pp, ap, tunnel_mode,
5560 	    seq, 0, sens, ns);
5561 
5562 	if (sens != NULL)
5563 		kmem_free(sens, sens_len);
5564 
5565 	if (extended->b_cont == NULL) {
5566 		freeb(extended);
5567 		goto punt_extended;
5568 	}
5569 
5570 	/*
5571 	 * Send an ACQUIRE message (and possible an extended ACQUIRE) based on
5572 	 * this new record.  The send-acquire callback assumes that acqrec is
5573 	 * already locked.
5574 	 */
5575 	(*spp->s_acqfn)(newbie, extended, ns);
5576 	return;
5577 
5578 punt_extended:
5579 	(*spp->s_acqfn)(newbie, NULL, ns);
5580 }
5581 
5582 /*
5583  * Unlink and free an acquire record.
5584  */
5585 void
5586 sadb_destroy_acquire(ipsacq_t *acqrec, netstack_t *ns)
5587 {
5588 	mblk_t *mp;
5589 	ipsec_stack_t	*ipss = ns->netstack_ipsec;
5590 
5591 	ASSERT(MUTEX_HELD(acqrec->ipsacq_linklock));
5592 
5593 	if (acqrec->ipsacq_policy != NULL) {
5594 		IPPOL_REFRELE(acqrec->ipsacq_policy, ns);
5595 	}
5596 	if (acqrec->ipsacq_act != NULL) {
5597 		IPACT_REFRELE(acqrec->ipsacq_act);
5598 	}
5599 
5600 	/* Unlink */
5601 	*(acqrec->ipsacq_ptpn) = acqrec->ipsacq_next;
5602 	if (acqrec->ipsacq_next != NULL)
5603 		acqrec->ipsacq_next->ipsacq_ptpn = acqrec->ipsacq_ptpn;
5604 
5605 	if (acqrec->ipsacq_cred) {
5606 		crfree(acqrec->ipsacq_cred);
5607 		acqrec->ipsacq_cred = NULL;
5608 	}
5609 
5610 	/*
5611 	 * Free hanging mp's.
5612 	 *
5613 	 * XXX Instead of freemsg(), perhaps use IPSEC_REQ_FAILED.
5614 	 */
5615 
5616 	mutex_enter(&acqrec->ipsacq_lock);
5617 	while (acqrec->ipsacq_mp != NULL) {
5618 		mp = acqrec->ipsacq_mp;
5619 		acqrec->ipsacq_mp = mp->b_next;
5620 		mp->b_next = NULL;
5621 		ip_drop_packet(mp, B_FALSE, NULL, NULL,
5622 		    DROPPER(ipss, ipds_sadb_acquire_timeout),
5623 		    &ipss->ipsec_sadb_dropper);
5624 	}
5625 	mutex_exit(&acqrec->ipsacq_lock);
5626 
5627 	/* Free */
5628 	mutex_destroy(&acqrec->ipsacq_lock);
5629 	kmem_free(acqrec, sizeof (*acqrec));
5630 }
5631 
5632 /*
5633  * Destroy an acquire list fanout.
5634  */
5635 static void
5636 sadb_destroy_acqlist(iacqf_t **listp, uint_t numentries, boolean_t forever,
5637     netstack_t *ns)
5638 {
5639 	int i;
5640 	iacqf_t *list = *listp;
5641 
5642 	if (list == NULL)
5643 		return;
5644 
5645 	for (i = 0; i < numentries; i++) {
5646 		mutex_enter(&(list[i].iacqf_lock));
5647 		while (list[i].iacqf_ipsacq != NULL)
5648 			sadb_destroy_acquire(list[i].iacqf_ipsacq, ns);
5649 		mutex_exit(&(list[i].iacqf_lock));
5650 		if (forever)
5651 			mutex_destroy(&(list[i].iacqf_lock));
5652 	}
5653 
5654 	if (forever) {
5655 		*listp = NULL;
5656 		kmem_free(list, numentries * sizeof (*list));
5657 	}
5658 }
5659 
5660 /*
5661  * Create an algorithm descriptor for an extended ACQUIRE.  Filter crypto
5662  * framework's view of reality vs. IPsec's.  EF's wins, BTW.
5663  */
5664 static uint8_t *
5665 sadb_new_algdesc(uint8_t *start, uint8_t *limit,
5666     sadb_x_ecomb_t *ecomb, uint8_t satype, uint8_t algtype,
5667     uint8_t alg, uint16_t minbits, uint16_t maxbits, ipsec_stack_t *ipss)
5668 {
5669 	uint8_t *cur = start;
5670 	ipsec_alginfo_t *algp;
5671 	sadb_x_algdesc_t *algdesc = (sadb_x_algdesc_t *)cur;
5672 
5673 	cur += sizeof (*algdesc);
5674 	if (cur >= limit)
5675 		return (NULL);
5676 
5677 	ecomb->sadb_x_ecomb_numalgs++;
5678 
5679 	/*
5680 	 * Normalize vs. crypto framework's limits.  This way, you can specify
5681 	 * a stronger policy, and when the framework loads a stronger version,
5682 	 * you can just keep plowing w/o rewhacking your SPD.
5683 	 */
5684 	mutex_enter(&ipss->ipsec_alg_lock);
5685 	algp = ipss->ipsec_alglists[(algtype == SADB_X_ALGTYPE_AUTH) ?
5686 	    IPSEC_ALG_AUTH : IPSEC_ALG_ENCR][alg];
5687 	if (algp == NULL) {
5688 		mutex_exit(&ipss->ipsec_alg_lock);
5689 		return (NULL);	/* Algorithm doesn't exist.  Fail gracefully. */
5690 	}
5691 	if (minbits < algp->alg_ef_minbits)
5692 		minbits = algp->alg_ef_minbits;
5693 	if (maxbits > algp->alg_ef_maxbits)
5694 		maxbits = algp->alg_ef_maxbits;
5695 	mutex_exit(&ipss->ipsec_alg_lock);
5696 
5697 	algdesc->sadb_x_algdesc_reserved = SADB_8TO1(algp->alg_saltlen);
5698 	algdesc->sadb_x_algdesc_satype = satype;
5699 	algdesc->sadb_x_algdesc_algtype = algtype;
5700 	algdesc->sadb_x_algdesc_alg = alg;
5701 	algdesc->sadb_x_algdesc_minbits = minbits;
5702 	algdesc->sadb_x_algdesc_maxbits = maxbits;
5703 
5704 	return (cur);
5705 }
5706 
5707 /*
5708  * Convert the given ipsec_action_t into an ecomb starting at *ecomb
5709  * which must fit before *limit
5710  *
5711  * return NULL if we ran out of room or a pointer to the end of the ecomb.
5712  */
5713 static uint8_t *
5714 sadb_action_to_ecomb(uint8_t *start, uint8_t *limit, ipsec_action_t *act,
5715     netstack_t *ns)
5716 {
5717 	uint8_t *cur = start;
5718 	sadb_x_ecomb_t *ecomb = (sadb_x_ecomb_t *)cur;
5719 	ipsec_prot_t *ipp;
5720 	ipsec_stack_t *ipss = ns->netstack_ipsec;
5721 
5722 	cur += sizeof (*ecomb);
5723 	if (cur >= limit)
5724 		return (NULL);
5725 
5726 	ASSERT(act->ipa_act.ipa_type == IPSEC_ACT_APPLY);
5727 
5728 	ipp = &act->ipa_act.ipa_apply;
5729 
5730 	ecomb->sadb_x_ecomb_numalgs = 0;
5731 	ecomb->sadb_x_ecomb_reserved = 0;
5732 	ecomb->sadb_x_ecomb_reserved2 = 0;
5733 	/*
5734 	 * No limits on allocations, since we really don't support that
5735 	 * concept currently.
5736 	 */
5737 	ecomb->sadb_x_ecomb_soft_allocations = 0;
5738 	ecomb->sadb_x_ecomb_hard_allocations = 0;
5739 
5740 	/*
5741 	 * XXX TBD: Policy or global parameters will eventually be
5742 	 * able to fill in some of these.
5743 	 */
5744 	ecomb->sadb_x_ecomb_flags = 0;
5745 	ecomb->sadb_x_ecomb_soft_bytes = 0;
5746 	ecomb->sadb_x_ecomb_hard_bytes = 0;
5747 	ecomb->sadb_x_ecomb_soft_addtime = 0;
5748 	ecomb->sadb_x_ecomb_hard_addtime = 0;
5749 	ecomb->sadb_x_ecomb_soft_usetime = 0;
5750 	ecomb->sadb_x_ecomb_hard_usetime = 0;
5751 
5752 	if (ipp->ipp_use_ah) {
5753 		cur = sadb_new_algdesc(cur, limit, ecomb,
5754 		    SADB_SATYPE_AH, SADB_X_ALGTYPE_AUTH, ipp->ipp_auth_alg,
5755 		    ipp->ipp_ah_minbits, ipp->ipp_ah_maxbits, ipss);
5756 		if (cur == NULL)
5757 			return (NULL);
5758 		ipsecah_fill_defs(ecomb, ns);
5759 	}
5760 
5761 	if (ipp->ipp_use_esp) {
5762 		if (ipp->ipp_use_espa) {
5763 			cur = sadb_new_algdesc(cur, limit, ecomb,
5764 			    SADB_SATYPE_ESP, SADB_X_ALGTYPE_AUTH,
5765 			    ipp->ipp_esp_auth_alg,
5766 			    ipp->ipp_espa_minbits,
5767 			    ipp->ipp_espa_maxbits, ipss);
5768 			if (cur == NULL)
5769 				return (NULL);
5770 		}
5771 
5772 		cur = sadb_new_algdesc(cur, limit, ecomb,
5773 		    SADB_SATYPE_ESP, SADB_X_ALGTYPE_CRYPT,
5774 		    ipp->ipp_encr_alg,
5775 		    ipp->ipp_espe_minbits,
5776 		    ipp->ipp_espe_maxbits, ipss);
5777 		if (cur == NULL)
5778 			return (NULL);
5779 		/* Fill in lifetimes if and only if AH didn't already... */
5780 		if (!ipp->ipp_use_ah)
5781 			ipsecesp_fill_defs(ecomb, ns);
5782 	}
5783 
5784 	return (cur);
5785 }
5786 
5787 #include <sys/tsol/label_macro.h> /* XXX should not need this */
5788 
5789 /*
5790  * From a cred_t, construct a sensitivity label extension
5791  *
5792  * We send up a fixed-size sensitivity label bitmap, and are perhaps
5793  * overly chummy with the underlying data structures here.
5794  */
5795 
5796 /* ARGSUSED */
5797 int
5798 sadb_sens_len_from_cred(cred_t *cr)
5799 {
5800 	int baselen = sizeof (sadb_sens_t) + _C_LEN * 4;
5801 	return (roundup(baselen, sizeof (uint64_t)));
5802 }
5803 
5804 void
5805 sadb_sens_from_cred(sadb_sens_t *sens, int exttype, cred_t *cr, int senslen)
5806 {
5807 	uint8_t *bitmap;
5808 	bslabel_t *sl;
5809 	ts_label_t *tsl;
5810 
5811 	/* LINTED */
5812 	ASSERT((_C_LEN & 1) == 0);
5813 	ASSERT((senslen & 7) == 0);
5814 
5815 	tsl = crgetlabel(cr);
5816 	sl = label2bslabel(tsl);
5817 
5818 	sens->sadb_sens_exttype = exttype;
5819 	sens->sadb_sens_len = SADB_8TO64(senslen);
5820 
5821 	sens->sadb_sens_dpd = tsl->tsl_doi;
5822 	sens->sadb_sens_sens_level = LCLASS(sl);
5823 	sens->sadb_sens_integ_level = 0; /* TBD */
5824 	sens->sadb_sens_sens_len = _C_LEN >> 1;
5825 	sens->sadb_sens_integ_len = 0; /* TBD */
5826 	sens->sadb_x_sens_flags = 0;
5827 
5828 	bitmap = (uint8_t *)(sens + 1);
5829 	bcopy(&(((_bslabel_impl_t *)sl)->compartments), bitmap, _C_LEN * 4);
5830 }
5831 
5832 static sadb_sens_t *
5833 sadb_make_sens_ext(cred_t *cr, int *len)
5834 {
5835 	/* XXX allocation failure? */
5836 	int sens_len = sadb_sens_len_from_cred(cr);
5837 
5838 	sadb_sens_t *sens = kmem_alloc(sens_len, KM_SLEEP);
5839 
5840 	sadb_sens_from_cred(sens, SADB_EXT_SENSITIVITY, cr, sens_len);
5841 
5842 	*len = sens_len;
5843 
5844 	return (sens);
5845 }
5846 
5847 /*
5848  * Okay, how do we report errors/invalid labels from this?
5849  * With a special designated "not a label" cred_t ?
5850  */
5851 /* ARGSUSED */
5852 cred_t *
5853 sadb_cred_from_sens(sadb_sens_t *sens, uint64_t *bitmap)
5854 {
5855 	int bitmap_len = SADB_64TO8(sens->sadb_sens_sens_len);
5856 	bslabel_t sl;
5857 	cred_t *cr;
5858 
5859 	if (sens->sadb_sens_integ_level != 0)
5860 		return (NULL);
5861 	if (sens->sadb_sens_integ_len != 0)
5862 		return (NULL);
5863 	if (bitmap_len > _C_LEN * 4)
5864 		return (NULL);
5865 
5866 	bsllow(&sl);
5867 	LCLASS_SET((_bslabel_impl_t *)&sl, sens->sadb_sens_sens_level);
5868 	bcopy(bitmap, &((_bslabel_impl_t *)&sl)->compartments,
5869 	    bitmap_len);
5870 
5871 	cr = newcred_from_bslabel(&sl, sens->sadb_sens_dpd, KM_NOSLEEP);
5872 	if (cr == NULL)
5873 		return (cr);
5874 
5875 	if (sens->sadb_x_sens_flags & SADB_X_SENS_UNLABELED)
5876 		crgetlabel(cr)->tsl_flags |= TSLF_UNLABELED;
5877 	return (cr);
5878 }
5879 
5880 /* End XXX label-library-leakage */
5881 
5882 /*
5883  * Construct an extended ACQUIRE message based on a selector and the resulting
5884  * IPsec action.
5885  *
5886  * NOTE: This is used by both inverse ACQUIRE and actual ACQUIRE
5887  * generation. As a consequence, expect this function to evolve
5888  * rapidly.
5889  */
5890 static mblk_t *
5891 sadb_extended_acquire(ipsec_selector_t *sel, ipsec_policy_t *pol,
5892     ipsec_action_t *act, boolean_t tunnel_mode, uint32_t seq, uint32_t pid,
5893     sadb_sens_t *sens, netstack_t *ns)
5894 {
5895 	mblk_t *mp;
5896 	sadb_msg_t *samsg;
5897 	uint8_t *start, *cur, *end;
5898 	uint32_t *saddrptr, *daddrptr;
5899 	sa_family_t af;
5900 	sadb_prop_t *eprop;
5901 	ipsec_action_t *ap, *an;
5902 	ipsec_selkey_t *ipsl;
5903 	uint8_t proto, pfxlen;
5904 	uint16_t lport, rport;
5905 	uint32_t kmp, kmc;
5906 
5907 	/*
5908 	 * Find the action we want sooner rather than later..
5909 	 */
5910 	an = NULL;
5911 	if (pol == NULL) {
5912 		ap = act;
5913 	} else {
5914 		ap = pol->ipsp_act;
5915 
5916 		if (ap != NULL)
5917 			an = ap->ipa_next;
5918 	}
5919 
5920 	/*
5921 	 * Just take a swag for the allocation for now.	 We can always
5922 	 * alter it later.
5923 	 */
5924 #define	SADB_EXTENDED_ACQUIRE_SIZE	4096
5925 	mp = allocb(SADB_EXTENDED_ACQUIRE_SIZE, BPRI_HI);
5926 	if (mp == NULL)
5927 		return (NULL);
5928 
5929 	start = mp->b_rptr;
5930 	end = start + SADB_EXTENDED_ACQUIRE_SIZE;
5931 
5932 	cur = start;
5933 
5934 	samsg = (sadb_msg_t *)cur;
5935 	cur += sizeof (*samsg);
5936 
5937 	samsg->sadb_msg_version = PF_KEY_V2;
5938 	samsg->sadb_msg_type = SADB_ACQUIRE;
5939 	samsg->sadb_msg_errno = 0;
5940 	samsg->sadb_msg_reserved = 0;
5941 	samsg->sadb_msg_satype = 0;
5942 	samsg->sadb_msg_seq = seq;
5943 	samsg->sadb_msg_pid = pid;
5944 
5945 	if (tunnel_mode) {
5946 		/*
5947 		 * Form inner address extensions based NOT on the inner
5948 		 * selectors (i.e. the packet data), but on the policy's
5949 		 * selector key (i.e. the policy's selector information).
5950 		 *
5951 		 * NOTE:  The position of IPv4 and IPv6 addresses is the
5952 		 * same in ipsec_selkey_t (unless the compiler does very
5953 		 * strange things with unions, consult your local C language
5954 		 * lawyer for details).
5955 		 */
5956 		ASSERT(pol != NULL);
5957 
5958 		ipsl = &(pol->ipsp_sel->ipsl_key);
5959 		if (ipsl->ipsl_valid & IPSL_IPV4) {
5960 			af = AF_INET;
5961 			ASSERT(sel->ips_protocol == IPPROTO_ENCAP);
5962 			ASSERT(!(ipsl->ipsl_valid & IPSL_IPV6));
5963 		} else {
5964 			af = AF_INET6;
5965 			ASSERT(sel->ips_protocol == IPPROTO_IPV6);
5966 			ASSERT(ipsl->ipsl_valid & IPSL_IPV6);
5967 		}
5968 
5969 		if (ipsl->ipsl_valid & IPSL_LOCAL_ADDR) {
5970 			saddrptr = (uint32_t *)(&ipsl->ipsl_local);
5971 			pfxlen = ipsl->ipsl_local_pfxlen;
5972 		} else {
5973 			saddrptr = (uint32_t *)(&ipv6_all_zeros);
5974 			pfxlen = 0;
5975 		}
5976 		/* XXX What about ICMP type/code? */
5977 		lport = (ipsl->ipsl_valid & IPSL_LOCAL_PORT) ?
5978 		    ipsl->ipsl_lport : 0;
5979 		proto = (ipsl->ipsl_valid & IPSL_PROTOCOL) ?
5980 		    ipsl->ipsl_proto : 0;
5981 
5982 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_INNER_SRC,
5983 		    af, saddrptr, lport, proto, pfxlen);
5984 		if (cur == NULL) {
5985 			freeb(mp);
5986 			return (NULL);
5987 		}
5988 
5989 		if (ipsl->ipsl_valid & IPSL_REMOTE_ADDR) {
5990 			daddrptr = (uint32_t *)(&ipsl->ipsl_remote);
5991 			pfxlen = ipsl->ipsl_remote_pfxlen;
5992 		} else {
5993 			daddrptr = (uint32_t *)(&ipv6_all_zeros);
5994 			pfxlen = 0;
5995 		}
5996 		/* XXX What about ICMP type/code? */
5997 		rport = (ipsl->ipsl_valid & IPSL_REMOTE_PORT) ?
5998 		    ipsl->ipsl_rport : 0;
5999 
6000 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_INNER_DST,
6001 		    af, daddrptr, rport, proto, pfxlen);
6002 		if (cur == NULL) {
6003 			freeb(mp);
6004 			return (NULL);
6005 		}
6006 		/*
6007 		 * TODO  - if we go to 3408's dream of transport mode IP-in-IP
6008 		 * _with_ inner-packet address selectors, we'll need to further
6009 		 * distinguish tunnel mode here.  For now, having inner
6010 		 * addresses and/or ports is sufficient.
6011 		 *
6012 		 * Meanwhile, whack proto/ports to reflect IP-in-IP for the
6013 		 * outer addresses.
6014 		 */
6015 		proto = sel->ips_protocol;	/* Either _ENCAP or _IPV6 */
6016 		lport = rport = 0;
6017 	} else if ((ap != NULL) && (!ap->ipa_want_unique)) {
6018 		proto = 0;
6019 		lport = 0;
6020 		rport = 0;
6021 		if (pol != NULL) {
6022 			ipsl = &(pol->ipsp_sel->ipsl_key);
6023 			if (ipsl->ipsl_valid & IPSL_PROTOCOL)
6024 				proto = ipsl->ipsl_proto;
6025 			if (ipsl->ipsl_valid & IPSL_REMOTE_PORT)
6026 				rport = ipsl->ipsl_rport;
6027 			if (ipsl->ipsl_valid & IPSL_LOCAL_PORT)
6028 				lport = ipsl->ipsl_lport;
6029 		}
6030 	} else {
6031 		proto = sel->ips_protocol;
6032 		lport = sel->ips_local_port;
6033 		rport = sel->ips_remote_port;
6034 	}
6035 
6036 	af = sel->ips_isv4 ? AF_INET : AF_INET6;
6037 
6038 	/*
6039 	 * NOTE:  The position of IPv4 and IPv6 addresses is the same in
6040 	 * ipsec_selector_t.
6041 	 */
6042 	cur = sadb_make_addr_ext(cur, end, SADB_EXT_ADDRESS_SRC, af,
6043 	    (uint32_t *)(&sel->ips_local_addr_v6), lport, proto, 0);
6044 
6045 	if (cur == NULL) {
6046 		freeb(mp);
6047 		return (NULL);
6048 	}
6049 
6050 	cur = sadb_make_addr_ext(cur, end, SADB_EXT_ADDRESS_DST, af,
6051 	    (uint32_t *)(&sel->ips_remote_addr_v6), rport, proto, 0);
6052 
6053 	if (cur == NULL) {
6054 		freeb(mp);
6055 		return (NULL);
6056 	}
6057 
6058 	if (sens != NULL) {
6059 		uint8_t *sensext = cur;
6060 		int senslen = SADB_64TO8(sens->sadb_sens_len);
6061 
6062 		cur += senslen;
6063 		if (cur > end) {
6064 			freeb(mp);
6065 			return (NULL);
6066 		}
6067 		bcopy(sens, sensext, senslen);
6068 	}
6069 
6070 	/*
6071 	 * This section will change a lot as policy evolves.
6072 	 * For now, it'll be relatively simple.
6073 	 */
6074 	eprop = (sadb_prop_t *)cur;
6075 	cur += sizeof (*eprop);
6076 	if (cur > end) {
6077 		/* no space left */
6078 		freeb(mp);
6079 		return (NULL);
6080 	}
6081 
6082 	eprop->sadb_prop_exttype = SADB_X_EXT_EPROP;
6083 	eprop->sadb_x_prop_ereserved = 0;
6084 	eprop->sadb_x_prop_numecombs = 0;
6085 	eprop->sadb_prop_replay = 32;	/* default */
6086 
6087 	kmc = kmp = 0;
6088 
6089 	for (; ap != NULL; ap = an) {
6090 		an = (pol != NULL) ? ap->ipa_next : NULL;
6091 
6092 		/*
6093 		 * Skip non-IPsec policies
6094 		 */
6095 		if (ap->ipa_act.ipa_type != IPSEC_ACT_APPLY)
6096 			continue;
6097 
6098 		if (ap->ipa_act.ipa_apply.ipp_km_proto)
6099 			kmp = ap->ipa_act.ipa_apply.ipp_km_proto;
6100 		if (ap->ipa_act.ipa_apply.ipp_km_cookie)
6101 			kmc = ap->ipa_act.ipa_apply.ipp_km_cookie;
6102 		if (ap->ipa_act.ipa_apply.ipp_replay_depth) {
6103 			eprop->sadb_prop_replay =
6104 			    ap->ipa_act.ipa_apply.ipp_replay_depth;
6105 		}
6106 
6107 		cur = sadb_action_to_ecomb(cur, end, ap, ns);
6108 		if (cur == NULL) { /* no space */
6109 			freeb(mp);
6110 			return (NULL);
6111 		}
6112 		eprop->sadb_x_prop_numecombs++;
6113 	}
6114 
6115 	if (eprop->sadb_x_prop_numecombs == 0) {
6116 		/*
6117 		 * This will happen if we fail to find a policy
6118 		 * allowing for IPsec processing.
6119 		 * Construct an error message.
6120 		 */
6121 		samsg->sadb_msg_len = SADB_8TO64(sizeof (*samsg));
6122 		samsg->sadb_msg_errno = ENOENT;
6123 		samsg->sadb_x_msg_diagnostic = 0;
6124 		return (mp);
6125 	}
6126 
6127 	if ((kmp != 0) || (kmc != 0)) {
6128 		cur = sadb_make_kmc_ext(cur, end, kmp, kmc);
6129 		if (cur == NULL) {
6130 			freeb(mp);
6131 			return (NULL);
6132 		}
6133 	}
6134 
6135 	eprop->sadb_prop_len = SADB_8TO64(cur - (uint8_t *)eprop);
6136 	samsg->sadb_msg_len = SADB_8TO64(cur - start);
6137 	mp->b_wptr = cur;
6138 
6139 	return (mp);
6140 }
6141 
6142 /*
6143  * Generic setup of an RFC 2367 ACQUIRE message.  Caller sets satype.
6144  *
6145  * NOTE: This function acquires alg_lock as a side-effect if-and-only-if we
6146  * succeed (i.e. return non-NULL).  Caller MUST release it.  This is to
6147  * maximize code consolidation while preventing algorithm changes from messing
6148  * with the callers finishing touches on the ACQUIRE itself.
6149  */
6150 mblk_t *
6151 sadb_setup_acquire(ipsacq_t *acqrec, uint8_t satype, ipsec_stack_t *ipss)
6152 {
6153 	uint_t allocsize;
6154 	mblk_t *pfkeymp, *msgmp;
6155 	sa_family_t af;
6156 	uint8_t *cur, *end;
6157 	sadb_msg_t *samsg;
6158 	uint16_t sport_typecode;
6159 	uint16_t dport_typecode;
6160 	uint8_t check_proto;
6161 	boolean_t tunnel_mode = (acqrec->ipsacq_inneraddrfam != 0);
6162 
6163 	ASSERT(MUTEX_HELD(&acqrec->ipsacq_lock));
6164 
6165 	pfkeymp = sadb_keysock_out(0);
6166 	if (pfkeymp == NULL)
6167 		return (NULL);
6168 
6169 	/*
6170 	 * First, allocate a basic ACQUIRE message
6171 	 */
6172 	allocsize = sizeof (sadb_msg_t) + sizeof (sadb_address_t) +
6173 	    sizeof (sadb_address_t) + sizeof (sadb_prop_t);
6174 
6175 	/* Make sure there's enough to cover both AF_INET and AF_INET6. */
6176 	allocsize += 2 * sizeof (struct sockaddr_in6);
6177 
6178 	mutex_enter(&ipss->ipsec_alg_lock);
6179 	/* NOTE:  The lock is now held through to this function's return. */
6180 	allocsize += ipss->ipsec_nalgs[IPSEC_ALG_AUTH] *
6181 	    ipss->ipsec_nalgs[IPSEC_ALG_ENCR] * sizeof (sadb_comb_t);
6182 
6183 	if (tunnel_mode) {
6184 		/* Tunnel mode! */
6185 		allocsize += 2 * sizeof (sadb_address_t);
6186 		/* Enough to cover both AF_INET and AF_INET6. */
6187 		allocsize += 2 * sizeof (struct sockaddr_in6);
6188 	}
6189 
6190 	msgmp = allocb(allocsize, BPRI_HI);
6191 	if (msgmp == NULL) {
6192 		freeb(pfkeymp);
6193 		mutex_exit(&ipss->ipsec_alg_lock);
6194 		return (NULL);
6195 	}
6196 
6197 	pfkeymp->b_cont = msgmp;
6198 	cur = msgmp->b_rptr;
6199 	end = cur + allocsize;
6200 	samsg = (sadb_msg_t *)cur;
6201 	cur += sizeof (sadb_msg_t);
6202 
6203 	af = acqrec->ipsacq_addrfam;
6204 	switch (af) {
6205 	case AF_INET:
6206 		check_proto = IPPROTO_ICMP;
6207 		break;
6208 	case AF_INET6:
6209 		check_proto = IPPROTO_ICMPV6;
6210 		break;
6211 	default:
6212 		/* This should never happen unless we have kernel bugs. */
6213 		cmn_err(CE_WARN,
6214 		    "sadb_setup_acquire:  corrupt ACQUIRE record.\n");
6215 		ASSERT(0);
6216 		mutex_exit(&ipss->ipsec_alg_lock);
6217 		return (NULL);
6218 	}
6219 
6220 	samsg->sadb_msg_version = PF_KEY_V2;
6221 	samsg->sadb_msg_type = SADB_ACQUIRE;
6222 	samsg->sadb_msg_satype = satype;
6223 	samsg->sadb_msg_errno = 0;
6224 	samsg->sadb_msg_pid = 0;
6225 	samsg->sadb_msg_reserved = 0;
6226 	samsg->sadb_msg_seq = acqrec->ipsacq_seq;
6227 
6228 	ASSERT(MUTEX_HELD(&acqrec->ipsacq_lock));
6229 
6230 	if ((acqrec->ipsacq_proto == check_proto) || tunnel_mode) {
6231 		sport_typecode = dport_typecode = 0;
6232 	} else {
6233 		sport_typecode = acqrec->ipsacq_srcport;
6234 		dport_typecode = acqrec->ipsacq_dstport;
6235 	}
6236 
6237 	cur = sadb_make_addr_ext(cur, end, SADB_EXT_ADDRESS_SRC, af,
6238 	    acqrec->ipsacq_srcaddr, sport_typecode, acqrec->ipsacq_proto, 0);
6239 
6240 	cur = sadb_make_addr_ext(cur, end, SADB_EXT_ADDRESS_DST, af,
6241 	    acqrec->ipsacq_dstaddr, dport_typecode, acqrec->ipsacq_proto, 0);
6242 
6243 	if (tunnel_mode) {
6244 		sport_typecode = acqrec->ipsacq_srcport;
6245 		dport_typecode = acqrec->ipsacq_dstport;
6246 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_INNER_SRC,
6247 		    acqrec->ipsacq_inneraddrfam, acqrec->ipsacq_innersrc,
6248 		    sport_typecode, acqrec->ipsacq_inner_proto,
6249 		    acqrec->ipsacq_innersrcpfx);
6250 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_INNER_DST,
6251 		    acqrec->ipsacq_inneraddrfam, acqrec->ipsacq_innerdst,
6252 		    dport_typecode, acqrec->ipsacq_inner_proto,
6253 		    acqrec->ipsacq_innerdstpfx);
6254 	}
6255 
6256 	/* XXX Insert identity information here. */
6257 
6258 	/* XXXMLS Insert sensitivity information here. */
6259 
6260 	if (cur != NULL)
6261 		samsg->sadb_msg_len = SADB_8TO64(cur - msgmp->b_rptr);
6262 	else
6263 		mutex_exit(&ipss->ipsec_alg_lock);
6264 
6265 	return (pfkeymp);
6266 }
6267 
6268 /*
6269  * Given an SADB_GETSPI message, find an appropriately ranged SA and
6270  * allocate an SA.  If there are message improprieties, return (ipsa_t *)-1.
6271  * If there was a memory allocation error, return NULL.	 (Assume NULL !=
6272  * (ipsa_t *)-1).
6273  *
6274  * master_spi is passed in host order.
6275  */
6276 ipsa_t *
6277 sadb_getspi(keysock_in_t *ksi, uint32_t master_spi, int *diagnostic,
6278     netstack_t *ns, uint_t sa_type)
6279 {
6280 	sadb_address_t *src =
6281 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_SRC],
6282 	    *dst = (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
6283 	sadb_spirange_t *range =
6284 	    (sadb_spirange_t *)ksi->ks_in_extv[SADB_EXT_SPIRANGE];
6285 	struct sockaddr_in *ssa, *dsa;
6286 	struct sockaddr_in6 *ssa6, *dsa6;
6287 	uint32_t *srcaddr, *dstaddr;
6288 	sa_family_t af;
6289 	uint32_t add, min, max;
6290 	uint8_t protocol =
6291 	    (sa_type == SADB_SATYPE_AH) ? IPPROTO_AH : IPPROTO_ESP;
6292 
6293 	if (src == NULL) {
6294 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_SRC;
6295 		return ((ipsa_t *)-1);
6296 	}
6297 	if (dst == NULL) {
6298 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_DST;
6299 		return ((ipsa_t *)-1);
6300 	}
6301 	if (range == NULL) {
6302 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_RANGE;
6303 		return ((ipsa_t *)-1);
6304 	}
6305 
6306 	min = ntohl(range->sadb_spirange_min);
6307 	max = ntohl(range->sadb_spirange_max);
6308 	dsa = (struct sockaddr_in *)(dst + 1);
6309 	dsa6 = (struct sockaddr_in6 *)dsa;
6310 
6311 	ssa = (struct sockaddr_in *)(src + 1);
6312 	ssa6 = (struct sockaddr_in6 *)ssa;
6313 	ASSERT(dsa->sin_family == ssa->sin_family);
6314 
6315 	srcaddr = ALL_ZEROES_PTR;
6316 	af = dsa->sin_family;
6317 	switch (af) {
6318 	case AF_INET:
6319 		if (src != NULL)
6320 			srcaddr = (uint32_t *)(&ssa->sin_addr);
6321 		dstaddr = (uint32_t *)(&dsa->sin_addr);
6322 		break;
6323 	case AF_INET6:
6324 		if (src != NULL)
6325 			srcaddr = (uint32_t *)(&ssa6->sin6_addr);
6326 		dstaddr = (uint32_t *)(&dsa6->sin6_addr);
6327 		break;
6328 	default:
6329 		*diagnostic = SADB_X_DIAGNOSTIC_BAD_DST_AF;
6330 		return ((ipsa_t *)-1);
6331 	}
6332 
6333 	if (master_spi < min || master_spi > max) {
6334 		/* Return a random value in the range. */
6335 		if (cl_inet_getspi) {
6336 			cl_inet_getspi(ns->netstack_stackid, protocol,
6337 			    (uint8_t *)&add, sizeof (add), NULL);
6338 		} else {
6339 			(void) random_get_pseudo_bytes((uint8_t *)&add,
6340 			    sizeof (add));
6341 		}
6342 		master_spi = min + (add % (max - min + 1));
6343 	}
6344 
6345 	/*
6346 	 * Since master_spi is passed in host order, we need to htonl() it
6347 	 * for the purposes of creating a new SA.
6348 	 */
6349 	return (sadb_makelarvalassoc(htonl(master_spi), srcaddr, dstaddr, af,
6350 	    ns));
6351 }
6352 
6353 /*
6354  *
6355  * Locate an ACQUIRE and nuke it.  If I have an samsg that's larger than the
6356  * base header, just ignore it.	 Otherwise, lock down the whole ACQUIRE list
6357  * and scan for the sequence number in question.  I may wish to accept an
6358  * address pair with it, for easier searching.
6359  *
6360  * Caller frees the message, so we don't have to here.
6361  *
6362  * NOTE:	The ip_q parameter may be used in the future for ACQUIRE
6363  *		failures.
6364  */
6365 /* ARGSUSED */
6366 void
6367 sadb_in_acquire(sadb_msg_t *samsg, sadbp_t *sp, queue_t *ip_q, netstack_t *ns)
6368 {
6369 	int i;
6370 	ipsacq_t *acqrec;
6371 	iacqf_t *bucket;
6372 
6373 	/*
6374 	 * I only accept the base header for this!
6375 	 * Though to be honest, requiring the dst address would help
6376 	 * immensely.
6377 	 *
6378 	 * XXX	There are already cases where I can get the dst address.
6379 	 */
6380 	if (samsg->sadb_msg_len > SADB_8TO64(sizeof (*samsg)))
6381 		return;
6382 
6383 	/*
6384 	 * Using the samsg->sadb_msg_seq, find the ACQUIRE record, delete it,
6385 	 * (and in the future send a message to IP with the appropriate error
6386 	 * number).
6387 	 *
6388 	 * Q: Do I want to reject if pid != 0?
6389 	 */
6390 
6391 	for (i = 0; i < sp->s_v4.sdb_hashsize; i++) {
6392 		bucket = &sp->s_v4.sdb_acq[i];
6393 		mutex_enter(&bucket->iacqf_lock);
6394 		for (acqrec = bucket->iacqf_ipsacq; acqrec != NULL;
6395 		    acqrec = acqrec->ipsacq_next) {
6396 			if (samsg->sadb_msg_seq == acqrec->ipsacq_seq)
6397 				break;	/* for acqrec... loop. */
6398 		}
6399 		if (acqrec != NULL)
6400 			break;	/* for i = 0... loop. */
6401 
6402 		mutex_exit(&bucket->iacqf_lock);
6403 	}
6404 
6405 	if (acqrec == NULL) {
6406 		for (i = 0; i < sp->s_v6.sdb_hashsize; i++) {
6407 			bucket = &sp->s_v6.sdb_acq[i];
6408 			mutex_enter(&bucket->iacqf_lock);
6409 			for (acqrec = bucket->iacqf_ipsacq; acqrec != NULL;
6410 			    acqrec = acqrec->ipsacq_next) {
6411 				if (samsg->sadb_msg_seq == acqrec->ipsacq_seq)
6412 					break;	/* for acqrec... loop. */
6413 			}
6414 			if (acqrec != NULL)
6415 				break;	/* for i = 0... loop. */
6416 
6417 			mutex_exit(&bucket->iacqf_lock);
6418 		}
6419 	}
6420 
6421 
6422 	if (acqrec == NULL)
6423 		return;
6424 
6425 	/*
6426 	 * What do I do with the errno and IP?	I may need mp's services a
6427 	 * little more.	 See sadb_destroy_acquire() for future directions
6428 	 * beyond free the mblk chain on the acquire record.
6429 	 */
6430 
6431 	ASSERT(&bucket->iacqf_lock == acqrec->ipsacq_linklock);
6432 	sadb_destroy_acquire(acqrec, ns);
6433 	/* Have to exit mutex here, because of breaking out of for loop. */
6434 	mutex_exit(&bucket->iacqf_lock);
6435 }
6436 
6437 /*
6438  * The following functions work with the replay windows of an SA.  They assume
6439  * the ipsa->ipsa_replay_arr is an array of uint64_t, and that the bit vector
6440  * represents the highest sequence number packet received, and back
6441  * (ipsa->ipsa_replay_wsize) packets.
6442  */
6443 
6444 /*
6445  * Is the replay bit set?
6446  */
6447 static boolean_t
6448 ipsa_is_replay_set(ipsa_t *ipsa, uint32_t offset)
6449 {
6450 	uint64_t bit = (uint64_t)1 << (uint64_t)(offset & 63);
6451 
6452 	return ((bit & ipsa->ipsa_replay_arr[offset >> 6]) ? B_TRUE : B_FALSE);
6453 }
6454 
6455 /*
6456  * Shift the bits of the replay window over.
6457  */
6458 static void
6459 ipsa_shift_replay(ipsa_t *ipsa, uint32_t shift)
6460 {
6461 	int i;
6462 	int jump = ((shift - 1) >> 6) + 1;
6463 
6464 	if (shift == 0)
6465 		return;
6466 
6467 	for (i = (ipsa->ipsa_replay_wsize - 1) >> 6; i >= 0; i--) {
6468 		if (i + jump <= (ipsa->ipsa_replay_wsize - 1) >> 6) {
6469 			ipsa->ipsa_replay_arr[i + jump] |=
6470 			    ipsa->ipsa_replay_arr[i] >> (64 - (shift & 63));
6471 		}
6472 		ipsa->ipsa_replay_arr[i] <<= shift;
6473 	}
6474 }
6475 
6476 /*
6477  * Set a bit in the bit vector.
6478  */
6479 static void
6480 ipsa_set_replay(ipsa_t *ipsa, uint32_t offset)
6481 {
6482 	uint64_t bit = (uint64_t)1 << (uint64_t)(offset & 63);
6483 
6484 	ipsa->ipsa_replay_arr[offset >> 6] |= bit;
6485 }
6486 
6487 #define	SADB_MAX_REPLAY_VALUE 0xffffffff
6488 
6489 /*
6490  * Assume caller has NOT done ntohl() already on seq.  Check to see
6491  * if replay sequence number "seq" has been seen already.
6492  */
6493 boolean_t
6494 sadb_replay_check(ipsa_t *ipsa, uint32_t seq)
6495 {
6496 	boolean_t rc;
6497 	uint32_t diff;
6498 
6499 	if (ipsa->ipsa_replay_wsize == 0)
6500 		return (B_TRUE);
6501 
6502 	/*
6503 	 * NOTE:  I've already checked for 0 on the wire in sadb_replay_peek().
6504 	 */
6505 
6506 	/* Convert sequence number into host order before holding the mutex. */
6507 	seq = ntohl(seq);
6508 
6509 	mutex_enter(&ipsa->ipsa_lock);
6510 
6511 	/* Initialize inbound SA's ipsa_replay field to last one received. */
6512 	if (ipsa->ipsa_replay == 0)
6513 		ipsa->ipsa_replay = 1;
6514 
6515 	if (seq > ipsa->ipsa_replay) {
6516 		/*
6517 		 * I have received a new "highest value received".  Shift
6518 		 * the replay window over.
6519 		 */
6520 		diff = seq - ipsa->ipsa_replay;
6521 		if (diff < ipsa->ipsa_replay_wsize) {
6522 			/* In replay window, shift bits over. */
6523 			ipsa_shift_replay(ipsa, diff);
6524 		} else {
6525 			/* WAY FAR AHEAD, clear bits and start again. */
6526 			bzero(ipsa->ipsa_replay_arr,
6527 			    sizeof (ipsa->ipsa_replay_arr));
6528 		}
6529 		ipsa_set_replay(ipsa, 0);
6530 		ipsa->ipsa_replay = seq;
6531 		rc = B_TRUE;
6532 		goto done;
6533 	}
6534 	diff = ipsa->ipsa_replay - seq;
6535 	if (diff >= ipsa->ipsa_replay_wsize || ipsa_is_replay_set(ipsa, diff)) {
6536 		rc = B_FALSE;
6537 		goto done;
6538 	}
6539 	/* Set this packet as seen. */
6540 	ipsa_set_replay(ipsa, diff);
6541 
6542 	rc = B_TRUE;
6543 done:
6544 	mutex_exit(&ipsa->ipsa_lock);
6545 	return (rc);
6546 }
6547 
6548 /*
6549  * "Peek" and see if we should even bother going through the effort of
6550  * running an authentication check on the sequence number passed in.
6551  * this takes into account packets that are below the replay window,
6552  * and collisions with already replayed packets.  Return B_TRUE if it
6553  * is okay to proceed, B_FALSE if this packet should be dropped immediately.
6554  * Assume same byte-ordering as sadb_replay_check.
6555  */
6556 boolean_t
6557 sadb_replay_peek(ipsa_t *ipsa, uint32_t seq)
6558 {
6559 	boolean_t rc = B_FALSE;
6560 	uint32_t diff;
6561 
6562 	if (ipsa->ipsa_replay_wsize == 0)
6563 		return (B_TRUE);
6564 
6565 	/*
6566 	 * 0 is 0, regardless of byte order... :)
6567 	 *
6568 	 * If I get 0 on the wire (and there is a replay window) then the
6569 	 * sender most likely wrapped.	This ipsa may need to be marked or
6570 	 * something.
6571 	 */
6572 	if (seq == 0)
6573 		return (B_FALSE);
6574 
6575 	seq = ntohl(seq);
6576 	mutex_enter(&ipsa->ipsa_lock);
6577 	if (seq < ipsa->ipsa_replay - ipsa->ipsa_replay_wsize &&
6578 	    ipsa->ipsa_replay >= ipsa->ipsa_replay_wsize)
6579 		goto done;
6580 
6581 	/*
6582 	 * If I've hit 0xffffffff, then quite honestly, I don't need to
6583 	 * bother with formalities.  I'm not accepting any more packets
6584 	 * on this SA.
6585 	 */
6586 	if (ipsa->ipsa_replay == SADB_MAX_REPLAY_VALUE) {
6587 		/*
6588 		 * Since we're already holding the lock, update the
6589 		 * expire time ala. sadb_replay_delete() and return.
6590 		 */
6591 		ipsa->ipsa_hardexpiretime = (time_t)1;
6592 		goto done;
6593 	}
6594 
6595 	if (seq <= ipsa->ipsa_replay) {
6596 		/*
6597 		 * This seq is in the replay window.  I'm not below it,
6598 		 * because I already checked for that above!
6599 		 */
6600 		diff = ipsa->ipsa_replay - seq;
6601 		if (ipsa_is_replay_set(ipsa, diff))
6602 			goto done;
6603 	}
6604 	/* Else return B_TRUE, I'm going to advance the window. */
6605 
6606 	rc = B_TRUE;
6607 done:
6608 	mutex_exit(&ipsa->ipsa_lock);
6609 	return (rc);
6610 }
6611 
6612 /*
6613  * Delete a single SA.
6614  *
6615  * For now, use the quick-and-dirty trick of making the association's
6616  * hard-expire lifetime (time_t)1, ensuring deletion by the *_ager().
6617  */
6618 void
6619 sadb_replay_delete(ipsa_t *assoc)
6620 {
6621 	mutex_enter(&assoc->ipsa_lock);
6622 	assoc->ipsa_hardexpiretime = (time_t)1;
6623 	mutex_exit(&assoc->ipsa_lock);
6624 }
6625 
6626 /*
6627  * Given a queue that presumably points to IP, send a T_BIND_REQ for _proto_
6628  * down.  The caller will handle the T_BIND_ACK locally.
6629  */
6630 boolean_t
6631 sadb_t_bind_req(queue_t *q, int proto)
6632 {
6633 	struct T_bind_req *tbr;
6634 	mblk_t *mp;
6635 
6636 	mp = allocb_cred(sizeof (struct T_bind_req) + 1, kcred, NOPID);
6637 	if (mp == NULL) {
6638 		/* cmn_err(CE_WARN, */
6639 		/* "sadb_t_bind_req(%d): couldn't allocate mblk\n", proto); */
6640 		return (B_FALSE);
6641 	}
6642 	mp->b_datap->db_type = M_PCPROTO;
6643 	tbr = (struct T_bind_req *)mp->b_rptr;
6644 	mp->b_wptr += sizeof (struct T_bind_req);
6645 	tbr->PRIM_type = T_BIND_REQ;
6646 	tbr->ADDR_length = 0;
6647 	tbr->ADDR_offset = 0;
6648 	tbr->CONIND_number = 0;
6649 	*mp->b_wptr = (uint8_t)proto;
6650 	mp->b_wptr++;
6651 
6652 	putnext(q, mp);
6653 	return (B_TRUE);
6654 }
6655 
6656 /*
6657  * Special front-end to ipsec_rl_strlog() dealing with SA failure.
6658  * this is designed to take only a format string with "* %x * %s *", so
6659  * that "spi" is printed first, then "addr" is converted using inet_pton().
6660  *
6661  * This is abstracted out to save the stack space for only when inet_pton()
6662  * is called.  Make sure "spi" is in network order; it usually is when this
6663  * would get called.
6664  */
6665 void
6666 ipsec_assocfailure(short mid, short sid, char level, ushort_t sl, char *fmt,
6667     uint32_t spi, void *addr, int af, netstack_t *ns)
6668 {
6669 	char buf[INET6_ADDRSTRLEN];
6670 
6671 	ASSERT(af == AF_INET6 || af == AF_INET);
6672 
6673 	ipsec_rl_strlog(ns, mid, sid, level, sl, fmt, ntohl(spi),
6674 	    inet_ntop(af, addr, buf, sizeof (buf)));
6675 }
6676 
6677 /*
6678  * Fills in a reference to the policy, if any, from the conn, in *ppp
6679  * Releases a reference to the passed conn_t.
6680  */
6681 static void
6682 ipsec_conn_pol(ipsec_selector_t *sel, conn_t *connp, ipsec_policy_t **ppp)
6683 {
6684 	ipsec_policy_t	*pp;
6685 	ipsec_latch_t	*ipl = connp->conn_latch;
6686 
6687 	if ((ipl != NULL) && (ipl->ipl_out_policy != NULL)) {
6688 		pp = ipl->ipl_out_policy;
6689 		IPPOL_REFHOLD(pp);
6690 	} else {
6691 		pp = ipsec_find_policy(IPSEC_TYPE_OUTBOUND, connp, NULL, sel,
6692 		    connp->conn_netstack);
6693 	}
6694 	*ppp = pp;
6695 	CONN_DEC_REF(connp);
6696 }
6697 
6698 /*
6699  * The following functions scan through active conn_t structures
6700  * and return a reference to the best-matching policy it can find.
6701  * Caller must release the reference.
6702  */
6703 static void
6704 ipsec_udp_pol(ipsec_selector_t *sel, ipsec_policy_t **ppp, ip_stack_t *ipst)
6705 {
6706 	connf_t *connfp;
6707 	conn_t *connp = NULL;
6708 	ipsec_selector_t portonly;
6709 
6710 	bzero((void *)&portonly, sizeof (portonly));
6711 
6712 	if (sel->ips_local_port == 0)
6713 		return;
6714 
6715 	connfp = &ipst->ips_ipcl_udp_fanout[IPCL_UDP_HASH(sel->ips_local_port,
6716 	    ipst)];
6717 	mutex_enter(&connfp->connf_lock);
6718 
6719 	if (sel->ips_isv4) {
6720 		connp = connfp->connf_head;
6721 		while (connp != NULL) {
6722 			if (IPCL_UDP_MATCH(connp, sel->ips_local_port,
6723 			    sel->ips_local_addr_v4, sel->ips_remote_port,
6724 			    sel->ips_remote_addr_v4))
6725 				break;
6726 			connp = connp->conn_next;
6727 		}
6728 
6729 		if (connp == NULL) {
6730 			/* Try port-only match in IPv6. */
6731 			portonly.ips_local_port = sel->ips_local_port;
6732 			sel = &portonly;
6733 		}
6734 	}
6735 
6736 	if (connp == NULL) {
6737 		connp = connfp->connf_head;
6738 		while (connp != NULL) {
6739 			if (IPCL_UDP_MATCH_V6(connp, sel->ips_local_port,
6740 			    sel->ips_local_addr_v6, sel->ips_remote_port,
6741 			    sel->ips_remote_addr_v6))
6742 				break;
6743 			connp = connp->conn_next;
6744 		}
6745 
6746 		if (connp == NULL) {
6747 			mutex_exit(&connfp->connf_lock);
6748 			return;
6749 		}
6750 	}
6751 
6752 	CONN_INC_REF(connp);
6753 	mutex_exit(&connfp->connf_lock);
6754 
6755 	ipsec_conn_pol(sel, connp, ppp);
6756 }
6757 
6758 static conn_t *
6759 ipsec_find_listen_conn(uint16_t *pptr, ipsec_selector_t *sel, ip_stack_t *ipst)
6760 {
6761 	connf_t *connfp;
6762 	conn_t *connp = NULL;
6763 	const in6_addr_t *v6addrmatch = &sel->ips_local_addr_v6;
6764 
6765 	if (sel->ips_local_port == 0)
6766 		return (NULL);
6767 
6768 	connfp = &ipst->ips_ipcl_bind_fanout[
6769 	    IPCL_BIND_HASH(sel->ips_local_port, ipst)];
6770 	mutex_enter(&connfp->connf_lock);
6771 
6772 	if (sel->ips_isv4) {
6773 		connp = connfp->connf_head;
6774 		while (connp != NULL) {
6775 			if (IPCL_BIND_MATCH(connp, IPPROTO_TCP,
6776 			    sel->ips_local_addr_v4, pptr[1]))
6777 				break;
6778 			connp = connp->conn_next;
6779 		}
6780 
6781 		if (connp == NULL) {
6782 			/* Match to all-zeroes. */
6783 			v6addrmatch = &ipv6_all_zeros;
6784 		}
6785 	}
6786 
6787 	if (connp == NULL) {
6788 		connp = connfp->connf_head;
6789 		while (connp != NULL) {
6790 			if (IPCL_BIND_MATCH_V6(connp, IPPROTO_TCP,
6791 			    *v6addrmatch, pptr[1]))
6792 				break;
6793 			connp = connp->conn_next;
6794 		}
6795 
6796 		if (connp == NULL) {
6797 			mutex_exit(&connfp->connf_lock);
6798 			return (NULL);
6799 		}
6800 	}
6801 
6802 	CONN_INC_REF(connp);
6803 	mutex_exit(&connfp->connf_lock);
6804 	return (connp);
6805 }
6806 
6807 static void
6808 ipsec_tcp_pol(ipsec_selector_t *sel, ipsec_policy_t **ppp, ip_stack_t *ipst)
6809 {
6810 	connf_t 	*connfp;
6811 	conn_t		*connp;
6812 	uint32_t	ports;
6813 	uint16_t	*pptr = (uint16_t *)&ports;
6814 
6815 	/*
6816 	 * Find TCP state in the following order:
6817 	 * 1.) Connected conns.
6818 	 * 2.) Listeners.
6819 	 *
6820 	 * Even though #2 will be the common case for inbound traffic, only
6821 	 * following this order insures correctness.
6822 	 */
6823 
6824 	if (sel->ips_local_port == 0)
6825 		return;
6826 
6827 	/*
6828 	 * 0 should be fport, 1 should be lport.  SRC is the local one here.
6829 	 * See ipsec_construct_inverse_acquire() for details.
6830 	 */
6831 	pptr[0] = sel->ips_remote_port;
6832 	pptr[1] = sel->ips_local_port;
6833 
6834 	connfp = &ipst->ips_ipcl_conn_fanout[
6835 	    IPCL_CONN_HASH(sel->ips_remote_addr_v4, ports, ipst)];
6836 	mutex_enter(&connfp->connf_lock);
6837 	connp = connfp->connf_head;
6838 
6839 	if (sel->ips_isv4) {
6840 		while (connp != NULL) {
6841 			if (IPCL_CONN_MATCH(connp, IPPROTO_TCP,
6842 			    sel->ips_remote_addr_v4, sel->ips_local_addr_v4,
6843 			    ports))
6844 				break;
6845 			connp = connp->conn_next;
6846 		}
6847 	} else {
6848 		while (connp != NULL) {
6849 			if (IPCL_CONN_MATCH_V6(connp, IPPROTO_TCP,
6850 			    sel->ips_remote_addr_v6, sel->ips_local_addr_v6,
6851 			    ports))
6852 				break;
6853 			connp = connp->conn_next;
6854 		}
6855 	}
6856 
6857 	if (connp != NULL) {
6858 		CONN_INC_REF(connp);
6859 		mutex_exit(&connfp->connf_lock);
6860 	} else {
6861 		mutex_exit(&connfp->connf_lock);
6862 
6863 		/* Try the listen hash. */
6864 		if ((connp = ipsec_find_listen_conn(pptr, sel, ipst)) == NULL)
6865 			return;
6866 	}
6867 
6868 	ipsec_conn_pol(sel, connp, ppp);
6869 }
6870 
6871 static void
6872 ipsec_sctp_pol(ipsec_selector_t *sel, ipsec_policy_t **ppp,
6873     ip_stack_t *ipst)
6874 {
6875 	conn_t		*connp;
6876 	uint32_t	ports;
6877 	uint16_t	*pptr = (uint16_t *)&ports;
6878 
6879 	/*
6880 	 * Find SCP state in the following order:
6881 	 * 1.) Connected conns.
6882 	 * 2.) Listeners.
6883 	 *
6884 	 * Even though #2 will be the common case for inbound traffic, only
6885 	 * following this order insures correctness.
6886 	 */
6887 
6888 	if (sel->ips_local_port == 0)
6889 		return;
6890 
6891 	/*
6892 	 * 0 should be fport, 1 should be lport.  SRC is the local one here.
6893 	 * See ipsec_construct_inverse_acquire() for details.
6894 	 */
6895 	pptr[0] = sel->ips_remote_port;
6896 	pptr[1] = sel->ips_local_port;
6897 
6898 	if (sel->ips_isv4) {
6899 		in6_addr_t	src, dst;
6900 
6901 		IN6_IPADDR_TO_V4MAPPED(sel->ips_remote_addr_v4, &dst);
6902 		IN6_IPADDR_TO_V4MAPPED(sel->ips_local_addr_v4, &src);
6903 		connp = sctp_find_conn(&dst, &src, ports, ALL_ZONES,
6904 		    ipst->ips_netstack->netstack_sctp);
6905 	} else {
6906 		connp = sctp_find_conn(&sel->ips_remote_addr_v6,
6907 		    &sel->ips_local_addr_v6, ports, ALL_ZONES,
6908 		    ipst->ips_netstack->netstack_sctp);
6909 	}
6910 	if (connp == NULL)
6911 		return;
6912 	ipsec_conn_pol(sel, connp, ppp);
6913 }
6914 
6915 /*
6916  * Fill in a query for the SPD (in "sel") using two PF_KEY address extensions.
6917  * Returns 0 or errno, and always sets *diagnostic to something appropriate
6918  * to PF_KEY.
6919  *
6920  * NOTE:  For right now, this function (and ipsec_selector_t for that matter),
6921  * ignore prefix lengths in the address extension.  Since we match on first-
6922  * entered policies, this shouldn't matter.  Also, since we normalize prefix-
6923  * set addresses to mask out the lower bits, we should get a suitable search
6924  * key for the SPD anyway.  This is the function to change if the assumption
6925  * about suitable search keys is wrong.
6926  */
6927 static int
6928 ipsec_get_inverse_acquire_sel(ipsec_selector_t *sel, sadb_address_t *srcext,
6929     sadb_address_t *dstext, int *diagnostic)
6930 {
6931 	struct sockaddr_in *src, *dst;
6932 	struct sockaddr_in6 *src6, *dst6;
6933 
6934 	*diagnostic = 0;
6935 
6936 	bzero(sel, sizeof (*sel));
6937 	sel->ips_protocol = srcext->sadb_address_proto;
6938 	dst = (struct sockaddr_in *)(dstext + 1);
6939 	if (dst->sin_family == AF_INET6) {
6940 		dst6 = (struct sockaddr_in6 *)dst;
6941 		src6 = (struct sockaddr_in6 *)(srcext + 1);
6942 		if (src6->sin6_family != AF_INET6) {
6943 			*diagnostic = SADB_X_DIAGNOSTIC_AF_MISMATCH;
6944 			return (EINVAL);
6945 		}
6946 		sel->ips_remote_addr_v6 = dst6->sin6_addr;
6947 		sel->ips_local_addr_v6 = src6->sin6_addr;
6948 		if (sel->ips_protocol == IPPROTO_ICMPV6) {
6949 			sel->ips_is_icmp_inv_acq = 1;
6950 		} else {
6951 			sel->ips_remote_port = dst6->sin6_port;
6952 			sel->ips_local_port = src6->sin6_port;
6953 		}
6954 		sel->ips_isv4 = B_FALSE;
6955 	} else {
6956 		src = (struct sockaddr_in *)(srcext + 1);
6957 		if (src->sin_family != AF_INET) {
6958 			*diagnostic = SADB_X_DIAGNOSTIC_AF_MISMATCH;
6959 			return (EINVAL);
6960 		}
6961 		sel->ips_remote_addr_v4 = dst->sin_addr.s_addr;
6962 		sel->ips_local_addr_v4 = src->sin_addr.s_addr;
6963 		if (sel->ips_protocol == IPPROTO_ICMP) {
6964 			sel->ips_is_icmp_inv_acq = 1;
6965 		} else {
6966 			sel->ips_remote_port = dst->sin_port;
6967 			sel->ips_local_port = src->sin_port;
6968 		}
6969 		sel->ips_isv4 = B_TRUE;
6970 	}
6971 	return (0);
6972 }
6973 
6974 /*
6975  * We have encapsulation.
6976  * - Lookup tun_t by address and look for an associated
6977  *   tunnel policy
6978  * - If there are inner selectors
6979  *   - check ITPF_P_TUNNEL and ITPF_P_ACTIVE
6980  *   - Look up tunnel policy based on selectors
6981  * - Else
6982  *   - Sanity check the negotation
6983  *   - If appropriate, fall through to global policy
6984  */
6985 static int
6986 ipsec_tun_pol(ipsec_selector_t *sel, ipsec_policy_t **ppp,
6987     sadb_address_t *innsrcext, sadb_address_t *inndstext, ipsec_tun_pol_t *itp,
6988     int *diagnostic, netstack_t *ns)
6989 {
6990 	int err;
6991 	ipsec_policy_head_t *polhead;
6992 
6993 	*diagnostic = 0;
6994 
6995 	/* Check for inner selectors and act appropriately */
6996 
6997 	if (innsrcext != NULL) {
6998 		/* Inner selectors present */
6999 		ASSERT(inndstext != NULL);
7000 		if ((itp == NULL) ||
7001 		    (itp->itp_flags & (ITPF_P_ACTIVE | ITPF_P_TUNNEL)) !=
7002 		    (ITPF_P_ACTIVE | ITPF_P_TUNNEL)) {
7003 			/*
7004 			 * If inner packet selectors, we must have negotiate
7005 			 * tunnel and active policy.  If the tunnel has
7006 			 * transport-mode policy set on it, or has no policy,
7007 			 * fail.
7008 			 */
7009 			return (ENOENT);
7010 		} else {
7011 			/*
7012 			 * Reset "sel" to indicate inner selectors.  Pass
7013 			 * inner PF_KEY address extensions for this to happen.
7014 			 */
7015 			if ((err = ipsec_get_inverse_acquire_sel(sel,
7016 			    innsrcext, inndstext, diagnostic)) != 0)
7017 				return (err);
7018 			/*
7019 			 * Now look for a tunnel policy based on those inner
7020 			 * selectors.  (Common code is below.)
7021 			 */
7022 		}
7023 	} else {
7024 		/* No inner selectors present */
7025 		if ((itp == NULL) || !(itp->itp_flags & ITPF_P_ACTIVE)) {
7026 			/*
7027 			 * Transport mode negotiation with no tunnel policy
7028 			 * configured - return to indicate a global policy
7029 			 * check is needed.
7030 			 */
7031 			return (0);
7032 		} else if (itp->itp_flags & ITPF_P_TUNNEL) {
7033 			/* Tunnel mode set with no inner selectors. */
7034 			return (ENOENT);
7035 		}
7036 		/*
7037 		 * Else, this is a tunnel policy configured with ifconfig(1m)
7038 		 * or "negotiate transport" with ipsecconf(1m).  We have an
7039 		 * itp with policy set based on any match, so don't bother
7040 		 * changing fields in "sel".
7041 		 */
7042 	}
7043 
7044 	ASSERT(itp != NULL);
7045 	polhead = itp->itp_policy;
7046 	ASSERT(polhead != NULL);
7047 	rw_enter(&polhead->iph_lock, RW_READER);
7048 	*ppp = ipsec_find_policy_head(NULL, polhead,
7049 	    IPSEC_TYPE_INBOUND, sel, ns);
7050 	rw_exit(&polhead->iph_lock);
7051 
7052 	/*
7053 	 * Don't default to global if we didn't find a matching policy entry.
7054 	 * Instead, send ENOENT, just like if we hit a transport-mode tunnel.
7055 	 */
7056 	if (*ppp == NULL)
7057 		return (ENOENT);
7058 
7059 	return (0);
7060 }
7061 
7062 static void
7063 ipsec_oth_pol(ipsec_selector_t *sel, ipsec_policy_t **ppp,
7064     ip_stack_t *ipst)
7065 {
7066 	boolean_t	isv4 = sel->ips_isv4;
7067 	connf_t		*connfp;
7068 	conn_t		*connp;
7069 
7070 	if (isv4) {
7071 		connfp = &ipst->ips_ipcl_proto_fanout[sel->ips_protocol];
7072 	} else {
7073 		connfp = &ipst->ips_ipcl_proto_fanout_v6[sel->ips_protocol];
7074 	}
7075 
7076 	mutex_enter(&connfp->connf_lock);
7077 	for (connp = connfp->connf_head; connp != NULL;
7078 	    connp = connp->conn_next) {
7079 		if (!((isv4 && !((connp->conn_src == 0 ||
7080 		    connp->conn_src == sel->ips_local_addr_v4) &&
7081 		    (connp->conn_rem == 0 ||
7082 		    connp->conn_rem == sel->ips_remote_addr_v4))) ||
7083 		    (!isv4 && !((IN6_IS_ADDR_UNSPECIFIED(&connp->conn_srcv6) ||
7084 		    IN6_ARE_ADDR_EQUAL(&connp->conn_srcv6,
7085 		    &sel->ips_local_addr_v6)) &&
7086 		    (IN6_IS_ADDR_UNSPECIFIED(&connp->conn_remv6) ||
7087 		    IN6_ARE_ADDR_EQUAL(&connp->conn_remv6,
7088 		    &sel->ips_remote_addr_v6)))))) {
7089 			break;
7090 		}
7091 	}
7092 	if (connp == NULL) {
7093 		mutex_exit(&connfp->connf_lock);
7094 		return;
7095 	}
7096 
7097 	CONN_INC_REF(connp);
7098 	mutex_exit(&connfp->connf_lock);
7099 
7100 	ipsec_conn_pol(sel, connp, ppp);
7101 }
7102 
7103 /*
7104  * Construct an inverse ACQUIRE reply based on:
7105  *
7106  * 1.) Current global policy.
7107  * 2.) An conn_t match depending on what all was passed in the extv[].
7108  * 3.) A tunnel's policy head.
7109  * ...
7110  * N.) Other stuff TBD (e.g. identities)
7111  *
7112  * If there is an error, set sadb_msg_errno and sadb_x_msg_diagnostic
7113  * in this function so the caller can extract them where appropriately.
7114  *
7115  * The SRC address is the local one - just like an outbound ACQUIRE message.
7116  *
7117  * XXX MLS: key management supplies a label which we just reflect back up
7118  * again.  clearly we need to involve the label in the rest of the checks.
7119  */
7120 mblk_t *
7121 ipsec_construct_inverse_acquire(sadb_msg_t *samsg, sadb_ext_t *extv[],
7122     netstack_t *ns)
7123 {
7124 	int err;
7125 	int diagnostic;
7126 	sadb_address_t *srcext = (sadb_address_t *)extv[SADB_EXT_ADDRESS_SRC],
7127 	    *dstext = (sadb_address_t *)extv[SADB_EXT_ADDRESS_DST],
7128 	    *innsrcext = (sadb_address_t *)extv[SADB_X_EXT_ADDRESS_INNER_SRC],
7129 	    *inndstext = (sadb_address_t *)extv[SADB_X_EXT_ADDRESS_INNER_DST];
7130 	sadb_sens_t *sens = (sadb_sens_t *)extv[SADB_EXT_SENSITIVITY];
7131 	struct sockaddr_in6 *src, *dst;
7132 	struct sockaddr_in6 *isrc, *idst;
7133 	ipsec_tun_pol_t *itp = NULL;
7134 	ipsec_policy_t *pp = NULL;
7135 	ipsec_selector_t sel, isel;
7136 	mblk_t *retmp = NULL;
7137 	ip_stack_t	*ipst = ns->netstack_ip;
7138 
7139 
7140 	/* Normalize addresses */
7141 	if (sadb_addrcheck(NULL, (mblk_t *)samsg, (sadb_ext_t *)srcext, 0, ns)
7142 	    == KS_IN_ADDR_UNKNOWN) {
7143 		err = EINVAL;
7144 		diagnostic = SADB_X_DIAGNOSTIC_BAD_SRC;
7145 		goto bail;
7146 	}
7147 	src = (struct sockaddr_in6 *)(srcext + 1);
7148 	if (sadb_addrcheck(NULL, (mblk_t *)samsg, (sadb_ext_t *)dstext, 0, ns)
7149 	    == KS_IN_ADDR_UNKNOWN) {
7150 		err = EINVAL;
7151 		diagnostic = SADB_X_DIAGNOSTIC_BAD_DST;
7152 		goto bail;
7153 	}
7154 	dst = (struct sockaddr_in6 *)(dstext + 1);
7155 	if (src->sin6_family != dst->sin6_family) {
7156 		err = EINVAL;
7157 		diagnostic = SADB_X_DIAGNOSTIC_AF_MISMATCH;
7158 		goto bail;
7159 	}
7160 
7161 	/* Check for tunnel mode and act appropriately */
7162 	if (innsrcext != NULL) {
7163 		if (inndstext == NULL) {
7164 			err = EINVAL;
7165 			diagnostic = SADB_X_DIAGNOSTIC_MISSING_INNER_DST;
7166 			goto bail;
7167 		}
7168 		if (sadb_addrcheck(NULL, (mblk_t *)samsg,
7169 		    (sadb_ext_t *)innsrcext, 0, ns) == KS_IN_ADDR_UNKNOWN) {
7170 			err = EINVAL;
7171 			diagnostic = SADB_X_DIAGNOSTIC_MALFORMED_INNER_SRC;
7172 			goto bail;
7173 		}
7174 		isrc = (struct sockaddr_in6 *)(innsrcext + 1);
7175 		if (sadb_addrcheck(NULL, (mblk_t *)samsg,
7176 		    (sadb_ext_t *)inndstext, 0, ns) == KS_IN_ADDR_UNKNOWN) {
7177 			err = EINVAL;
7178 			diagnostic = SADB_X_DIAGNOSTIC_MALFORMED_INNER_DST;
7179 			goto bail;
7180 		}
7181 		idst = (struct sockaddr_in6 *)(inndstext + 1);
7182 		if (isrc->sin6_family != idst->sin6_family) {
7183 			err = EINVAL;
7184 			diagnostic = SADB_X_DIAGNOSTIC_INNER_AF_MISMATCH;
7185 			goto bail;
7186 		}
7187 		if (isrc->sin6_family != AF_INET &&
7188 		    isrc->sin6_family != AF_INET6) {
7189 			err = EINVAL;
7190 			diagnostic = SADB_X_DIAGNOSTIC_BAD_INNER_SRC_AF;
7191 			goto bail;
7192 		}
7193 	} else if (inndstext != NULL) {
7194 		err = EINVAL;
7195 		diagnostic = SADB_X_DIAGNOSTIC_MISSING_INNER_SRC;
7196 		goto bail;
7197 	}
7198 
7199 	/* Get selectors first, based on outer addresses */
7200 	err = ipsec_get_inverse_acquire_sel(&sel, srcext, dstext, &diagnostic);
7201 	if (err != 0)
7202 		goto bail;
7203 
7204 	/* Check for tunnel mode mismatches. */
7205 	if (innsrcext != NULL &&
7206 	    ((isrc->sin6_family == AF_INET &&
7207 	    sel.ips_protocol != IPPROTO_ENCAP && sel.ips_protocol != 0) ||
7208 	    (isrc->sin6_family == AF_INET6 &&
7209 	    sel.ips_protocol != IPPROTO_IPV6 && sel.ips_protocol != 0))) {
7210 		err = EPROTOTYPE;
7211 		goto bail;
7212 	}
7213 
7214 	/*
7215 	 * Okay, we have the addresses and other selector information.
7216 	 * Let's first find a conn...
7217 	 */
7218 	pp = NULL;
7219 	switch (sel.ips_protocol) {
7220 	case IPPROTO_TCP:
7221 		ipsec_tcp_pol(&sel, &pp, ipst);
7222 		break;
7223 	case IPPROTO_UDP:
7224 		ipsec_udp_pol(&sel, &pp, ipst);
7225 		break;
7226 	case IPPROTO_SCTP:
7227 		ipsec_sctp_pol(&sel, &pp, ipst);
7228 		break;
7229 	case IPPROTO_ENCAP:
7230 	case IPPROTO_IPV6:
7231 		/*
7232 		 * Assume sel.ips_remote_addr_* has the right address at
7233 		 * that exact position.
7234 		 */
7235 		itp = itp_get_byaddr((uint32_t *)(&sel.ips_local_addr_v6),
7236 		    (uint32_t *)(&sel.ips_remote_addr_v6), src->sin6_family,
7237 		    ipst);
7238 
7239 		if (innsrcext == NULL) {
7240 			/*
7241 			 * Transport-mode tunnel, make sure we fake out isel
7242 			 * to contain something based on the outer protocol.
7243 			 */
7244 			bzero(&isel, sizeof (isel));
7245 			isel.ips_isv4 = (sel.ips_protocol == IPPROTO_ENCAP);
7246 		} /* Else isel is initialized by ipsec_tun_pol(). */
7247 		err = ipsec_tun_pol(&isel, &pp, innsrcext, inndstext, itp,
7248 		    &diagnostic, ns);
7249 		/*
7250 		 * NOTE:  isel isn't used for now, but in RFC 430x IPsec, it
7251 		 * may be.
7252 		 */
7253 		if (err != 0)
7254 			goto bail;
7255 		break;
7256 	default:
7257 		ipsec_oth_pol(&sel, &pp, ipst);
7258 		break;
7259 	}
7260 
7261 	/*
7262 	 * If we didn't find a matching conn_t or other policy head, take a
7263 	 * look in the global policy.
7264 	 */
7265 	if (pp == NULL) {
7266 		pp = ipsec_find_policy(IPSEC_TYPE_OUTBOUND, NULL, NULL, &sel,
7267 		    ns);
7268 		if (pp == NULL) {
7269 			/* There's no global policy. */
7270 			err = ENOENT;
7271 			diagnostic = 0;
7272 			goto bail;
7273 		}
7274 	}
7275 
7276 	/*
7277 	 * Now that we have a policy entry/widget, construct an ACQUIRE
7278 	 * message based on that, fix fields where appropriate,
7279 	 * and return the message.
7280 	 */
7281 	retmp = sadb_extended_acquire(&sel, pp, NULL,
7282 	    (itp != NULL && (itp->itp_flags & ITPF_P_TUNNEL)),
7283 	    samsg->sadb_msg_seq, samsg->sadb_msg_pid, sens, ns);
7284 	if (pp != NULL) {
7285 		IPPOL_REFRELE(pp, ns);
7286 	}
7287 	ASSERT(err == 0 && diagnostic == 0);
7288 	if (retmp == NULL)
7289 		err = ENOMEM;
7290 bail:
7291 	if (itp != NULL) {
7292 		ITP_REFRELE(itp, ns);
7293 	}
7294 	samsg->sadb_msg_errno = (uint8_t)err;
7295 	samsg->sadb_x_msg_diagnostic = (uint16_t)diagnostic;
7296 	return (retmp);
7297 }
7298 
7299 /*
7300  * ipsa_lpkt is a one-element queue, only manipulated by the next two
7301  * functions.  They have to hold the ipsa_lock because of potential races
7302  * between key management using SADB_UPDATE, and inbound packets that may
7303  * queue up on the larval SA (hence the 'l' in "lpkt").
7304  */
7305 
7306 /*
7307  * sadb_set_lpkt: Return TRUE if we can swap in a value to ipsa->ipsa_lpkt and
7308  * freemsg the previous value.  Return FALSE if we lost the race and the SA is
7309  * in a non-LARVAL state.  free clue: ip_drop_packet(NULL) is safe.
7310  */
7311 boolean_t
7312 sadb_set_lpkt(ipsa_t *ipsa, mblk_t *npkt, netstack_t *ns)
7313 {
7314 	mblk_t *opkt;
7315 	ipsec_stack_t	*ipss = ns->netstack_ipsec;
7316 	boolean_t is_larval;
7317 
7318 	/*
7319 	 * Check the packet's netstack id in case we go asynch with a
7320 	 * taskq_dispatch.
7321 	 */
7322 	ASSERT(((ipsec_in_t *)npkt->b_rptr)->ipsec_in_type == IPSEC_IN);
7323 	ASSERT(((ipsec_in_t *)npkt->b_rptr)->ipsec_in_stackid ==
7324 	    ns->netstack_stackid);
7325 
7326 	mutex_enter(&ipsa->ipsa_lock);
7327 	is_larval = (ipsa->ipsa_state == IPSA_STATE_LARVAL);
7328 	if (is_larval) {
7329 		opkt = ipsa->ipsa_lpkt;
7330 		ipsa->ipsa_lpkt = npkt;
7331 	} else {
7332 		/* We lost the race. */
7333 		opkt = NULL;
7334 	}
7335 	mutex_exit(&ipsa->ipsa_lock);
7336 
7337 	ip_drop_packet(opkt, B_TRUE, NULL, NULL,
7338 	    DROPPER(ipss, ipds_sadb_inlarval_replace),
7339 	    &ipss->ipsec_sadb_dropper);
7340 	return (is_larval);
7341 }
7342 
7343 /*
7344  * sadb_clear_lpkt: Atomically clear ipsa->ipsa_lpkt and return the
7345  * previous value.
7346  */
7347 mblk_t *
7348 sadb_clear_lpkt(ipsa_t *ipsa)
7349 {
7350 	mblk_t *opkt;
7351 
7352 	mutex_enter(&ipsa->ipsa_lock);
7353 	opkt = ipsa->ipsa_lpkt;
7354 	ipsa->ipsa_lpkt = NULL;
7355 	mutex_exit(&ipsa->ipsa_lock);
7356 
7357 	return (opkt);
7358 }
7359 
7360 /*
7361  * Buffer a packet that's in IDLE state as set by Solaris Clustering.
7362  */
7363 void
7364 sadb_buf_pkt(ipsa_t *ipsa, mblk_t *bpkt, netstack_t *ns)
7365 {
7366 	ipsec_stack_t   *ipss = ns->netstack_ipsec;
7367 	extern void (*cl_inet_idlesa)(netstackid_t, uint8_t, uint32_t,
7368 	    sa_family_t, in6_addr_t, in6_addr_t, void *);
7369 	in6_addr_t *srcaddr = (in6_addr_t *)(&ipsa->ipsa_srcaddr);
7370 	in6_addr_t *dstaddr = (in6_addr_t *)(&ipsa->ipsa_dstaddr);
7371 
7372 	ASSERT(ipsa->ipsa_state == IPSA_STATE_IDLE);
7373 
7374 	if (cl_inet_idlesa == NULL) {
7375 		ip_drop_packet(bpkt, B_TRUE, NULL, NULL,
7376 		    DROPPER(ipss, ipds_sadb_inidle_overflow),
7377 		    &ipss->ipsec_sadb_dropper);
7378 		return;
7379 	}
7380 
7381 	cl_inet_idlesa(ns->netstack_stackid,
7382 	    (ipsa->ipsa_type == SADB_SATYPE_AH) ? IPPROTO_AH : IPPROTO_ESP,
7383 	    ipsa->ipsa_spi, ipsa->ipsa_addrfam, *srcaddr, *dstaddr, NULL);
7384 
7385 	/*
7386 	 * Check the packet's netstack id in case we go asynch with a
7387 	 * taskq_dispatch.
7388 	 */
7389 	ASSERT(((ipsec_in_t *)bpkt->b_rptr)->ipsec_in_type == IPSEC_IN);
7390 	ASSERT(((ipsec_in_t *)bpkt->b_rptr)->ipsec_in_stackid ==
7391 	    ns->netstack_stackid);
7392 
7393 	mutex_enter(&ipsa->ipsa_lock);
7394 	ipsa->ipsa_mblkcnt++;
7395 	if (ipsa->ipsa_bpkt_head == NULL) {
7396 		ipsa->ipsa_bpkt_head = ipsa->ipsa_bpkt_tail = bpkt;
7397 	} else {
7398 		ipsa->ipsa_bpkt_tail->b_next = bpkt;
7399 		ipsa->ipsa_bpkt_tail = bpkt;
7400 		if (ipsa->ipsa_mblkcnt > SADB_MAX_IDLEPKTS) {
7401 			mblk_t *tmp;
7402 			tmp = ipsa->ipsa_bpkt_head;
7403 			ipsa->ipsa_bpkt_head = ipsa->ipsa_bpkt_head->b_next;
7404 			ip_drop_packet(tmp, B_TRUE, NULL, NULL,
7405 			    DROPPER(ipss, ipds_sadb_inidle_overflow),
7406 			    &ipss->ipsec_sadb_dropper);
7407 			ipsa->ipsa_mblkcnt --;
7408 		}
7409 	}
7410 	mutex_exit(&ipsa->ipsa_lock);
7411 
7412 }
7413 
7414 /*
7415  * Stub function that taskq_dispatch() invokes to take the mblk (in arg)
7416  * and put into STREAMS again.
7417  */
7418 void
7419 sadb_clear_buf_pkt(void *ipkt)
7420 {
7421 	mblk_t	*tmp, *buf_pkt;
7422 	netstack_t *ns;
7423 	ipsec_in_t *ii;
7424 
7425 	buf_pkt = (mblk_t *)ipkt;
7426 
7427 	ii = (ipsec_in_t *)buf_pkt->b_rptr;
7428 	ASSERT(ii->ipsec_in_type == IPSEC_IN);
7429 	ns = netstack_find_by_stackid(ii->ipsec_in_stackid);
7430 	if (ns != NULL && ns != ii->ipsec_in_ns) {
7431 		netstack_rele(ns);
7432 		ns = NULL;  /* For while-loop below. */
7433 	}
7434 
7435 	while (buf_pkt != NULL) {
7436 		tmp = buf_pkt->b_next;
7437 		buf_pkt->b_next = NULL;
7438 		if (ns != NULL)
7439 			ip_fanout_proto_again(buf_pkt, NULL, NULL, NULL);
7440 		else
7441 			freemsg(buf_pkt);
7442 		buf_pkt = tmp;
7443 	}
7444 	if (ns != NULL)
7445 		netstack_rele(ns);
7446 }
7447 /*
7448  * Walker callback used by sadb_alg_update() to free/create crypto
7449  * context template when a crypto software provider is removed or
7450  * added.
7451  */
7452 
7453 struct sadb_update_alg_state {
7454 	ipsec_algtype_t alg_type;
7455 	uint8_t alg_id;
7456 	boolean_t is_added;
7457 };
7458 
7459 static void
7460 sadb_alg_update_cb(isaf_t *head, ipsa_t *entry, void *cookie)
7461 {
7462 	struct sadb_update_alg_state *update_state =
7463 	    (struct sadb_update_alg_state *)cookie;
7464 	crypto_ctx_template_t *ctx_tmpl = NULL;
7465 
7466 	ASSERT(MUTEX_HELD(&head->isaf_lock));
7467 
7468 	if (entry->ipsa_state == IPSA_STATE_LARVAL)
7469 		return;
7470 
7471 	mutex_enter(&entry->ipsa_lock);
7472 
7473 	switch (update_state->alg_type) {
7474 	case IPSEC_ALG_AUTH:
7475 		if (entry->ipsa_auth_alg == update_state->alg_id)
7476 			ctx_tmpl = &entry->ipsa_authtmpl;
7477 		break;
7478 	case IPSEC_ALG_ENCR:
7479 		if (entry->ipsa_encr_alg == update_state->alg_id)
7480 			ctx_tmpl = &entry->ipsa_encrtmpl;
7481 		break;
7482 	default:
7483 		ctx_tmpl = NULL;
7484 	}
7485 
7486 	if (ctx_tmpl == NULL) {
7487 		mutex_exit(&entry->ipsa_lock);
7488 		return;
7489 	}
7490 
7491 	/*
7492 	 * The context template of the SA may be affected by the change
7493 	 * of crypto provider.
7494 	 */
7495 	if (update_state->is_added) {
7496 		/* create the context template if not already done */
7497 		if (*ctx_tmpl == NULL) {
7498 			(void) ipsec_create_ctx_tmpl(entry,
7499 			    update_state->alg_type);
7500 		}
7501 	} else {
7502 		/*
7503 		 * The crypto provider was removed. If the context template
7504 		 * exists but it is no longer valid, free it.
7505 		 */
7506 		if (*ctx_tmpl != NULL)
7507 			ipsec_destroy_ctx_tmpl(entry, update_state->alg_type);
7508 	}
7509 
7510 	mutex_exit(&entry->ipsa_lock);
7511 }
7512 
7513 /*
7514  * Invoked by IP when an software crypto provider has been updated.
7515  * The type and id of the corresponding algorithm is passed as argument.
7516  * is_added is B_TRUE if the provider was added, B_FALSE if it was
7517  * removed. The function updates the SADB and free/creates the
7518  * context templates associated with SAs if needed.
7519  */
7520 
7521 #define	SADB_ALG_UPDATE_WALK(sadb, table) \
7522     sadb_walker((sadb).table, (sadb).sdb_hashsize, sadb_alg_update_cb, \
7523 	&update_state)
7524 
7525 void
7526 sadb_alg_update(ipsec_algtype_t alg_type, uint8_t alg_id, boolean_t is_added,
7527     netstack_t *ns)
7528 {
7529 	struct sadb_update_alg_state update_state;
7530 	ipsecah_stack_t	*ahstack = ns->netstack_ipsecah;
7531 	ipsecesp_stack_t	*espstack = ns->netstack_ipsecesp;
7532 
7533 	update_state.alg_type = alg_type;
7534 	update_state.alg_id = alg_id;
7535 	update_state.is_added = is_added;
7536 
7537 	if (alg_type == IPSEC_ALG_AUTH) {
7538 		/* walk the AH tables only for auth. algorithm changes */
7539 		SADB_ALG_UPDATE_WALK(ahstack->ah_sadb.s_v4, sdb_of);
7540 		SADB_ALG_UPDATE_WALK(ahstack->ah_sadb.s_v4, sdb_if);
7541 		SADB_ALG_UPDATE_WALK(ahstack->ah_sadb.s_v6, sdb_of);
7542 		SADB_ALG_UPDATE_WALK(ahstack->ah_sadb.s_v6, sdb_if);
7543 	}
7544 
7545 	/* walk the ESP tables */
7546 	SADB_ALG_UPDATE_WALK(espstack->esp_sadb.s_v4, sdb_of);
7547 	SADB_ALG_UPDATE_WALK(espstack->esp_sadb.s_v4, sdb_if);
7548 	SADB_ALG_UPDATE_WALK(espstack->esp_sadb.s_v6, sdb_of);
7549 	SADB_ALG_UPDATE_WALK(espstack->esp_sadb.s_v6, sdb_if);
7550 }
7551 
7552 /*
7553  * Creates a context template for the specified SA. This function
7554  * is called when an SA is created and when a context template needs
7555  * to be created due to a change of software provider.
7556  */
7557 int
7558 ipsec_create_ctx_tmpl(ipsa_t *sa, ipsec_algtype_t alg_type)
7559 {
7560 	ipsec_alginfo_t *alg;
7561 	crypto_mechanism_t mech;
7562 	crypto_key_t *key;
7563 	crypto_ctx_template_t *sa_tmpl;
7564 	int rv;
7565 	ipsec_stack_t	*ipss = sa->ipsa_netstack->netstack_ipsec;
7566 
7567 	ASSERT(MUTEX_HELD(&ipss->ipsec_alg_lock));
7568 	ASSERT(MUTEX_HELD(&sa->ipsa_lock));
7569 
7570 	/* get pointers to the algorithm info, context template, and key */
7571 	switch (alg_type) {
7572 	case IPSEC_ALG_AUTH:
7573 		key = &sa->ipsa_kcfauthkey;
7574 		sa_tmpl = &sa->ipsa_authtmpl;
7575 		alg = ipss->ipsec_alglists[alg_type][sa->ipsa_auth_alg];
7576 		break;
7577 	case IPSEC_ALG_ENCR:
7578 		key = &sa->ipsa_kcfencrkey;
7579 		sa_tmpl = &sa->ipsa_encrtmpl;
7580 		alg = ipss->ipsec_alglists[alg_type][sa->ipsa_encr_alg];
7581 		break;
7582 	default:
7583 		alg = NULL;
7584 	}
7585 
7586 	if (alg == NULL || !ALG_VALID(alg))
7587 		return (EINVAL);
7588 
7589 	/* initialize the mech info structure for the framework */
7590 	ASSERT(alg->alg_mech_type != CRYPTO_MECHANISM_INVALID);
7591 	mech.cm_type = alg->alg_mech_type;
7592 	mech.cm_param = NULL;
7593 	mech.cm_param_len = 0;
7594 
7595 	/* create a new context template */
7596 	rv = crypto_create_ctx_template(&mech, key, sa_tmpl, KM_NOSLEEP);
7597 
7598 	/*
7599 	 * CRYPTO_MECH_NOT_SUPPORTED can be returned if only hardware
7600 	 * providers are available for that mechanism. In that case
7601 	 * we don't fail, and will generate the context template from
7602 	 * the framework callback when a software provider for that
7603 	 * mechanism registers.
7604 	 *
7605 	 * The context template is assigned the special value
7606 	 * IPSEC_CTX_TMPL_ALLOC if the allocation failed due to a
7607 	 * lack of memory. No attempt will be made to use
7608 	 * the context template if it is set to this value.
7609 	 */
7610 	if (rv == CRYPTO_HOST_MEMORY) {
7611 		*sa_tmpl = IPSEC_CTX_TMPL_ALLOC;
7612 	} else if (rv != CRYPTO_SUCCESS) {
7613 		*sa_tmpl = NULL;
7614 		if (rv != CRYPTO_MECH_NOT_SUPPORTED)
7615 			return (EINVAL);
7616 	}
7617 
7618 	return (0);
7619 }
7620 
7621 /*
7622  * Destroy the context template of the specified algorithm type
7623  * of the specified SA. Must be called while holding the SA lock.
7624  */
7625 void
7626 ipsec_destroy_ctx_tmpl(ipsa_t *sa, ipsec_algtype_t alg_type)
7627 {
7628 	ASSERT(MUTEX_HELD(&sa->ipsa_lock));
7629 
7630 	if (alg_type == IPSEC_ALG_AUTH) {
7631 		if (sa->ipsa_authtmpl == IPSEC_CTX_TMPL_ALLOC)
7632 			sa->ipsa_authtmpl = NULL;
7633 		else if (sa->ipsa_authtmpl != NULL) {
7634 			crypto_destroy_ctx_template(sa->ipsa_authtmpl);
7635 			sa->ipsa_authtmpl = NULL;
7636 		}
7637 	} else {
7638 		ASSERT(alg_type == IPSEC_ALG_ENCR);
7639 		if (sa->ipsa_encrtmpl == IPSEC_CTX_TMPL_ALLOC)
7640 			sa->ipsa_encrtmpl = NULL;
7641 		else if (sa->ipsa_encrtmpl != NULL) {
7642 			crypto_destroy_ctx_template(sa->ipsa_encrtmpl);
7643 			sa->ipsa_encrtmpl = NULL;
7644 		}
7645 	}
7646 }
7647 
7648 /*
7649  * Use the kernel crypto framework to check the validity of a key received
7650  * via keysock. Returns 0 if the key is OK, -1 otherwise.
7651  */
7652 int
7653 ipsec_check_key(crypto_mech_type_t mech_type, sadb_key_t *sadb_key,
7654     boolean_t is_auth, int *diag)
7655 {
7656 	crypto_mechanism_t mech;
7657 	crypto_key_t crypto_key;
7658 	int crypto_rc;
7659 
7660 	mech.cm_type = mech_type;
7661 	mech.cm_param = NULL;
7662 	mech.cm_param_len = 0;
7663 
7664 	crypto_key.ck_format = CRYPTO_KEY_RAW;
7665 	crypto_key.ck_data = sadb_key + 1;
7666 	crypto_key.ck_length = sadb_key->sadb_key_bits;
7667 
7668 	crypto_rc = crypto_key_check(&mech, &crypto_key);
7669 
7670 	switch (crypto_rc) {
7671 	case CRYPTO_SUCCESS:
7672 		return (0);
7673 	case CRYPTO_MECHANISM_INVALID:
7674 	case CRYPTO_MECH_NOT_SUPPORTED:
7675 		*diag = is_auth ? SADB_X_DIAGNOSTIC_BAD_AALG :
7676 		    SADB_X_DIAGNOSTIC_BAD_EALG;
7677 		break;
7678 	case CRYPTO_KEY_SIZE_RANGE:
7679 		*diag = is_auth ? SADB_X_DIAGNOSTIC_BAD_AKEYBITS :
7680 		    SADB_X_DIAGNOSTIC_BAD_EKEYBITS;
7681 		break;
7682 	case CRYPTO_WEAK_KEY:
7683 		*diag = is_auth ? SADB_X_DIAGNOSTIC_WEAK_AKEY :
7684 		    SADB_X_DIAGNOSTIC_WEAK_EKEY;
7685 		break;
7686 	}
7687 
7688 	return (-1);
7689 }
7690 
7691 /*
7692  * Whack options in the outer IP header when ipsec changes the outer label
7693  *
7694  * This is inelegant and really could use refactoring.
7695  */
7696 int
7697 sadb_whack_label(mblk_t **mpp, ipsa_t *assoc)
7698 {
7699 	int delta;
7700 	int plen;
7701 	dblk_t *db;
7702 	int hlen;
7703 	uint8_t *opt_storage = assoc->ipsa_opt_storage;
7704 	mblk_t *mp = *mpp;
7705 	ipha_t *ipha = (ipha_t *)mp->b_rptr;
7706 
7707 	plen = ntohs(ipha->ipha_length);
7708 
7709 	delta = tsol_remove_secopt(ipha, MBLKL(mp));
7710 	mp->b_wptr += delta;
7711 	plen += delta;
7712 
7713 	/* XXX XXX code copied from tsol_check_label */
7714 
7715 	/* Make sure we have room for the worst-case addition */
7716 	hlen = IPH_HDR_LENGTH(ipha) + opt_storage[IPOPT_OLEN];
7717 	hlen = (hlen + 3) & ~3;
7718 	if (hlen > IP_MAX_HDR_LENGTH)
7719 		hlen = IP_MAX_HDR_LENGTH;
7720 	hlen -= IPH_HDR_LENGTH(ipha);
7721 
7722 	db = mp->b_datap;
7723 	if ((db->db_ref != 1) || (mp->b_wptr + hlen > db->db_lim)) {
7724 		int copylen;
7725 		mblk_t *new_mp;
7726 
7727 		/* allocate enough to be meaningful, but not *too* much */
7728 		copylen = MBLKL(mp);
7729 		if (copylen > 256)
7730 			copylen = 256;
7731 		new_mp = allocb_tmpl(hlen + copylen +
7732 		    (mp->b_rptr - mp->b_datap->db_base), mp);
7733 
7734 		if (new_mp == NULL)
7735 			return (ENOMEM);
7736 
7737 		/* keep the bias */
7738 		new_mp->b_rptr += mp->b_rptr - mp->b_datap->db_base;
7739 		new_mp->b_wptr = new_mp->b_rptr + copylen;
7740 		bcopy(mp->b_rptr, new_mp->b_rptr, copylen);
7741 		new_mp->b_cont = mp;
7742 		if ((mp->b_rptr += copylen) >= mp->b_wptr) {
7743 			new_mp->b_cont = mp->b_cont;
7744 			freeb(mp);
7745 		}
7746 		*mpp = mp = new_mp;
7747 		ipha = (ipha_t *)mp->b_rptr;
7748 	}
7749 
7750 	delta = tsol_prepend_option(assoc->ipsa_opt_storage, ipha, MBLKL(mp));
7751 
7752 	ASSERT(delta != -1);
7753 
7754 	plen += delta;
7755 	mp->b_wptr += delta;
7756 
7757 	/*
7758 	 * Paranoia
7759 	 */
7760 	db = mp->b_datap;
7761 
7762 	ASSERT3P(mp->b_wptr, <=, db->db_lim);
7763 	ASSERT3P(mp->b_rptr, <=, db->db_lim);
7764 
7765 	ASSERT3P(mp->b_wptr, >=, db->db_base);
7766 	ASSERT3P(mp->b_rptr, >=, db->db_base);
7767 	/* End paranoia */
7768 
7769 	ipha->ipha_length = htons(plen);
7770 
7771 	return (0);
7772 }
7773 
7774 int
7775 sadb_whack_label_v6(mblk_t **mpp, ipsa_t *assoc)
7776 {
7777 	int delta;
7778 	int plen;
7779 	dblk_t *db;
7780 	int hlen;
7781 	uint8_t *opt_storage = assoc->ipsa_opt_storage;
7782 	uint_t sec_opt_len; /* label option length not including type, len */
7783 	mblk_t *mp = *mpp;
7784 	ip6_t *ip6h = (ip6_t *)mp->b_rptr;
7785 
7786 	plen = ntohs(ip6h->ip6_plen);
7787 
7788 	delta = tsol_remove_secopt_v6(ip6h, MBLKL(mp));
7789 	mp->b_wptr += delta;
7790 	plen += delta;
7791 
7792 	/* XXX XXX code copied from tsol_check_label_v6 */
7793 	/*
7794 	 * Make sure we have room for the worst-case addition. Add 2 bytes for
7795 	 * the hop-by-hop ext header's next header and length fields. Add
7796 	 * another 2 bytes for the label option type, len and then round
7797 	 * up to the next 8-byte multiple.
7798 	 */
7799 	sec_opt_len = opt_storage[1];
7800 
7801 	db = mp->b_datap;
7802 	hlen = (4 + sec_opt_len + 7) & ~7;
7803 
7804 	if ((db->db_ref != 1) || (mp->b_wptr + hlen > db->db_lim)) {
7805 		int copylen;
7806 		mblk_t *new_mp;
7807 		uint16_t hdr_len;
7808 
7809 		hdr_len = ip_hdr_length_v6(mp, ip6h);
7810 		/*
7811 		 * Allocate enough to be meaningful, but not *too* much.
7812 		 * Also all the IPv6 extension headers must be in the same mblk
7813 		 */
7814 		copylen = MBLKL(mp);
7815 		if (copylen > 256)
7816 			copylen = 256;
7817 		if (copylen < hdr_len)
7818 			copylen = hdr_len;
7819 		new_mp = allocb_tmpl(hlen + copylen +
7820 		    (mp->b_rptr - mp->b_datap->db_base), mp);
7821 		if (new_mp == NULL)
7822 			return (ENOMEM);
7823 
7824 		/* keep the bias */
7825 		new_mp->b_rptr += mp->b_rptr - mp->b_datap->db_base;
7826 		new_mp->b_wptr = new_mp->b_rptr + copylen;
7827 		bcopy(mp->b_rptr, new_mp->b_rptr, copylen);
7828 		new_mp->b_cont = mp;
7829 		if ((mp->b_rptr += copylen) >= mp->b_wptr) {
7830 			new_mp->b_cont = mp->b_cont;
7831 			freeb(mp);
7832 		}
7833 		*mpp = mp = new_mp;
7834 		ip6h = (ip6_t *)mp->b_rptr;
7835 	}
7836 
7837 	delta = tsol_prepend_option_v6(assoc->ipsa_opt_storage,
7838 	    ip6h, MBLKL(mp));
7839 
7840 	ASSERT(delta != -1);
7841 
7842 	plen += delta;
7843 	mp->b_wptr += delta;
7844 
7845 	/*
7846 	 * Paranoia
7847 	 */
7848 	db = mp->b_datap;
7849 
7850 	ASSERT3P(mp->b_wptr, <=, db->db_lim);
7851 	ASSERT3P(mp->b_rptr, <=, db->db_lim);
7852 
7853 	ASSERT3P(mp->b_wptr, >=, db->db_base);
7854 	ASSERT3P(mp->b_rptr, >=, db->db_base);
7855 	/* End paranoia */
7856 
7857 	ip6h->ip6_plen = htons(plen);
7858 
7859 	return (0);
7860 }
7861 
7862 
7863 
7864 /*
7865  * If this is an outgoing SA then add some fuzz to the
7866  * SOFT EXPIRE time. The reason for this is to stop
7867  * peers trying to renegotiate SOFT expiring SA's at
7868  * the same time. The amount of fuzz needs to be at
7869  * least 8 seconds which is the typical interval
7870  * sadb_ager(), although this is only a guide as it
7871  * selftunes.
7872  */
7873 static void
7874 lifetime_fuzz(ipsa_t *assoc)
7875 {
7876 	uint8_t rnd;
7877 
7878 	if (assoc->ipsa_softaddlt == 0)
7879 		return;
7880 
7881 	(void) random_get_pseudo_bytes(&rnd, sizeof (rnd));
7882 	rnd = (rnd & 0xF) + 8;
7883 	assoc->ipsa_softexpiretime -= rnd;
7884 	assoc->ipsa_softaddlt -= rnd;
7885 }
7886 
7887 static void
7888 destroy_ipsa_pair(ipsap_t *ipsapp)
7889 {
7890 	/*
7891 	 * Because of the multi-line macro nature of IPSA_REFRELE, keep
7892 	 * them in { }.
7893 	 */
7894 	if (ipsapp->ipsap_sa_ptr != NULL) {
7895 		IPSA_REFRELE(ipsapp->ipsap_sa_ptr);
7896 	}
7897 	if (ipsapp->ipsap_psa_ptr != NULL) {
7898 		IPSA_REFRELE(ipsapp->ipsap_psa_ptr);
7899 	}
7900 	init_ipsa_pair(ipsapp);
7901 }
7902 
7903 static void
7904 init_ipsa_pair(ipsap_t *ipsapp)
7905 {
7906 	ipsapp->ipsap_bucket = NULL;
7907 	ipsapp->ipsap_sa_ptr = NULL;
7908 	ipsapp->ipsap_pbucket = NULL;
7909 	ipsapp->ipsap_psa_ptr = NULL;
7910 }
7911 
7912 /*
7913  * The sadb_ager() function walks through the hash tables of SA's and ages
7914  * them, if the SA expires as a result, its marked as DEAD and will be reaped
7915  * the next time sadb_ager() runs. SA's which are paired or have a peer (same
7916  * SA appears in both the inbound and outbound tables because its not possible
7917  * to determine its direction) are placed on a list when they expire. This is
7918  * to ensure that pair/peer SA's are reaped at the same time, even if they
7919  * expire at different times.
7920  *
7921  * This function is called twice by sadb_ager(), one after processing the
7922  * inbound table, then again after processing the outbound table.
7923  */
7924 void
7925 age_pair_peer_list(templist_t *haspeerlist, sadb_t *sp, boolean_t outbound)
7926 {
7927 	templist_t *listptr;
7928 	int outhash;
7929 	isaf_t *bucket;
7930 	boolean_t haspeer;
7931 	ipsa_t *peer_assoc, *dying;
7932 	/*
7933 	 * Haspeer cases will contain both IPv4 and IPv6.  This code
7934 	 * is address independent.
7935 	 */
7936 	while (haspeerlist != NULL) {
7937 		/* "dying" contains the SA that has a peer. */
7938 		dying = haspeerlist->ipsa;
7939 		haspeer = (dying->ipsa_haspeer);
7940 		listptr = haspeerlist;
7941 		haspeerlist = listptr->next;
7942 		kmem_free(listptr, sizeof (*listptr));
7943 		/*
7944 		 * Pick peer bucket based on addrfam.
7945 		 */
7946 		if (outbound) {
7947 			if (haspeer)
7948 				bucket = INBOUND_BUCKET(sp, dying->ipsa_spi);
7949 			else
7950 				bucket = INBOUND_BUCKET(sp,
7951 				    dying->ipsa_otherspi);
7952 		} else { /* inbound */
7953 			if (haspeer) {
7954 				if (dying->ipsa_addrfam == AF_INET6) {
7955 					outhash = OUTBOUND_HASH_V6(sp,
7956 					    *((in6_addr_t *)&dying->
7957 					    ipsa_dstaddr));
7958 				} else {
7959 					outhash = OUTBOUND_HASH_V4(sp,
7960 					    *((ipaddr_t *)&dying->
7961 					    ipsa_dstaddr));
7962 				}
7963 			} else if (dying->ipsa_addrfam == AF_INET6) {
7964 				outhash = OUTBOUND_HASH_V6(sp,
7965 				    *((in6_addr_t *)&dying->
7966 				    ipsa_srcaddr));
7967 			} else {
7968 				outhash = OUTBOUND_HASH_V4(sp,
7969 				    *((ipaddr_t *)&dying->
7970 				    ipsa_srcaddr));
7971 			}
7972 		bucket = &(sp->sdb_of[outhash]);
7973 		}
7974 
7975 		mutex_enter(&bucket->isaf_lock);
7976 		/*
7977 		 * "haspeer" SA's have the same src/dst address ordering,
7978 		 * "paired" SA's have the src/dst addresses reversed.
7979 		 */
7980 		if (haspeer) {
7981 			peer_assoc = ipsec_getassocbyspi(bucket,
7982 			    dying->ipsa_spi, dying->ipsa_srcaddr,
7983 			    dying->ipsa_dstaddr, dying->ipsa_addrfam);
7984 		} else {
7985 			peer_assoc = ipsec_getassocbyspi(bucket,
7986 			    dying->ipsa_otherspi, dying->ipsa_dstaddr,
7987 			    dying->ipsa_srcaddr, dying->ipsa_addrfam);
7988 		}
7989 
7990 		mutex_exit(&bucket->isaf_lock);
7991 		if (peer_assoc != NULL) {
7992 			mutex_enter(&peer_assoc->ipsa_lock);
7993 			mutex_enter(&dying->ipsa_lock);
7994 			if (!haspeer) {
7995 				/*
7996 				 * Only SA's which have a "peer" or are
7997 				 * "paired" end up on this list, so this
7998 				 * must be a "paired" SA, update the flags
7999 				 * to break the pair.
8000 				 */
8001 				peer_assoc->ipsa_otherspi = 0;
8002 				peer_assoc->ipsa_flags &= ~IPSA_F_PAIRED;
8003 				dying->ipsa_otherspi = 0;
8004 				dying->ipsa_flags &= ~IPSA_F_PAIRED;
8005 			}
8006 			if (haspeer || outbound) {
8007 				/*
8008 				 * Update the state of the "inbound" SA when
8009 				 * the "outbound" SA has expired. Don't update
8010 				 * the "outbound" SA when the "inbound" SA
8011 				 * SA expires because setting the hard_addtime
8012 				 * below will cause this to happen.
8013 				 */
8014 				peer_assoc->ipsa_state = dying->ipsa_state;
8015 			}
8016 			if (dying->ipsa_state == IPSA_STATE_DEAD)
8017 				peer_assoc->ipsa_hardexpiretime = 1;
8018 
8019 			mutex_exit(&dying->ipsa_lock);
8020 			mutex_exit(&peer_assoc->ipsa_lock);
8021 			IPSA_REFRELE(peer_assoc);
8022 		}
8023 		IPSA_REFRELE(dying);
8024 	}
8025 }
8026 
8027 /*
8028  * Ensure that the IV used for CCM mode never repeats. The IV should
8029  * only be updated by this function. Also check to see if the IV
8030  * is about to wrap and generate a SOFT Expire. This function is only
8031  * called for outgoing packets, the IV for incomming packets is taken
8032  * from the wire. If the outgoing SA needs to be expired, update
8033  * the matching incomming SA.
8034  */
8035 boolean_t
8036 update_iv(uint8_t *iv_ptr, queue_t *pfkey_q, ipsa_t *assoc,
8037     ipsecesp_stack_t *espstack)
8038 {
8039 	boolean_t rc = B_TRUE;
8040 	isaf_t *inbound_bucket;
8041 	sadb_t *sp;
8042 	ipsa_t *pair_sa = NULL;
8043 	int sa_new_state = 0;
8044 
8045 	/* For non counter modes, the IV is random data. */
8046 	if (!(assoc->ipsa_flags & IPSA_F_COUNTERMODE)) {
8047 		(void) random_get_pseudo_bytes(iv_ptr, assoc->ipsa_iv_len);
8048 		return (rc);
8049 	}
8050 
8051 	mutex_enter(&assoc->ipsa_lock);
8052 
8053 	(*assoc->ipsa_iv)++;
8054 
8055 	if (*assoc->ipsa_iv == assoc->ipsa_iv_hardexpire) {
8056 		sa_new_state = IPSA_STATE_DEAD;
8057 		rc = B_FALSE;
8058 	} else if (*assoc->ipsa_iv == assoc->ipsa_iv_softexpire) {
8059 		if (assoc->ipsa_state != IPSA_STATE_DYING) {
8060 			/*
8061 			 * This SA may have already been expired when its
8062 			 * PAIR_SA expired.
8063 			 */
8064 			sa_new_state = IPSA_STATE_DYING;
8065 		}
8066 	}
8067 	if (sa_new_state) {
8068 		/*
8069 		 * If there is a state change, we need to update this SA
8070 		 * and its "pair", we can find the bucket for the "pair" SA
8071 		 * while holding the ipsa_t mutex, but we won't actually
8072 		 * update anything untill the ipsa_t mutex has been released
8073 		 * for _this_ SA.
8074 		 */
8075 		assoc->ipsa_state = sa_new_state;
8076 		if (assoc->ipsa_addrfam == AF_INET6) {
8077 			sp = &espstack->esp_sadb.s_v6;
8078 		} else {
8079 			sp = &espstack->esp_sadb.s_v4;
8080 		}
8081 		inbound_bucket = INBOUND_BUCKET(sp, assoc->ipsa_otherspi);
8082 		sadb_expire_assoc(pfkey_q, assoc);
8083 	}
8084 	if (rc == B_TRUE)
8085 		bcopy(assoc->ipsa_iv, iv_ptr, assoc->ipsa_iv_len);
8086 
8087 	mutex_exit(&assoc->ipsa_lock);
8088 
8089 	if (sa_new_state) {
8090 		/* Find the inbound SA, need to lock hash bucket. */
8091 		mutex_enter(&inbound_bucket->isaf_lock);
8092 		pair_sa = ipsec_getassocbyspi(inbound_bucket,
8093 		    assoc->ipsa_otherspi, assoc->ipsa_dstaddr,
8094 		    assoc->ipsa_srcaddr, assoc->ipsa_addrfam);
8095 		mutex_exit(&inbound_bucket->isaf_lock);
8096 		if (pair_sa != NULL) {
8097 			mutex_enter(&pair_sa->ipsa_lock);
8098 			pair_sa->ipsa_state = sa_new_state;
8099 			mutex_exit(&pair_sa->ipsa_lock);
8100 			IPSA_REFRELE(pair_sa);
8101 		}
8102 	}
8103 
8104 	return (rc);
8105 }
8106 
8107 void
8108 ccm_params_init(ipsa_t *assoc, uchar_t *esph, uint_t data_len, uchar_t *iv_ptr,
8109     ipsa_cm_mech_t *cm_mech, crypto_data_t *crypto_data)
8110 {
8111 	uchar_t *nonce;
8112 	crypto_mechanism_t *combined_mech;
8113 	CK_AES_CCM_PARAMS *params;
8114 
8115 	combined_mech = (crypto_mechanism_t *)cm_mech;
8116 	params = (CK_AES_CCM_PARAMS *)(combined_mech + 1);
8117 	nonce = (uchar_t *)(params + 1);
8118 	params->ulMACSize = assoc->ipsa_mac_len;
8119 	params->ulNonceSize = assoc->ipsa_nonce_len;
8120 	params->ulAuthDataSize = sizeof (esph_t);
8121 	params->ulDataSize = data_len;
8122 	params->nonce = nonce;
8123 	params->authData = esph;
8124 
8125 	cm_mech->combined_mech.cm_type = assoc->ipsa_emech.cm_type;
8126 	cm_mech->combined_mech.cm_param_len = sizeof (CK_AES_CCM_PARAMS);
8127 	cm_mech->combined_mech.cm_param = (caddr_t)params;
8128 	/* See gcm_params_init() for comments. */
8129 	bcopy(assoc->ipsa_nonce, nonce, assoc->ipsa_saltlen);
8130 	nonce += assoc->ipsa_saltlen;
8131 	bcopy(iv_ptr, nonce, assoc->ipsa_iv_len);
8132 	crypto_data->cd_miscdata = NULL;
8133 }
8134 
8135 /* ARGSUSED */
8136 void
8137 cbc_params_init(ipsa_t *assoc, uchar_t *esph, uint_t data_len, uchar_t *iv_ptr,
8138     ipsa_cm_mech_t *cm_mech, crypto_data_t *crypto_data)
8139 {
8140 	cm_mech->combined_mech.cm_type = assoc->ipsa_emech.cm_type;
8141 	cm_mech->combined_mech.cm_param_len = 0;
8142 	cm_mech->combined_mech.cm_param = NULL;
8143 	crypto_data->cd_miscdata = (char *)iv_ptr;
8144 }
8145 
8146 /* ARGSUSED */
8147 void
8148 gcm_params_init(ipsa_t *assoc, uchar_t *esph, uint_t data_len, uchar_t *iv_ptr,
8149     ipsa_cm_mech_t *cm_mech, crypto_data_t *crypto_data)
8150 {
8151 	uchar_t *nonce;
8152 	crypto_mechanism_t *combined_mech;
8153 	CK_AES_GCM_PARAMS *params;
8154 
8155 	combined_mech = (crypto_mechanism_t *)cm_mech;
8156 	params = (CK_AES_GCM_PARAMS *)(combined_mech + 1);
8157 	nonce = (uchar_t *)(params + 1);
8158 
8159 	params->pIv = nonce;
8160 	params->ulIvLen = assoc->ipsa_nonce_len;
8161 	params->ulIvBits = SADB_8TO1(assoc->ipsa_nonce_len);
8162 	params->pAAD = esph;
8163 	params->ulAADLen = sizeof (esph_t);
8164 	params->ulTagBits = SADB_8TO1(assoc->ipsa_mac_len);
8165 
8166 	cm_mech->combined_mech.cm_type = assoc->ipsa_emech.cm_type;
8167 	cm_mech->combined_mech.cm_param_len = sizeof (CK_AES_GCM_PARAMS);
8168 	cm_mech->combined_mech.cm_param = (caddr_t)params;
8169 	/*
8170 	 * Create the nonce, which is made up of the salt and the IV.
8171 	 * Copy the salt from the SA and the IV from the packet.
8172 	 * For inbound packets we copy the IV from the packet because it
8173 	 * was set by the sending system, for outbound packets we copy the IV
8174 	 * from the packet because the IV in the SA may be changed by another
8175 	 * thread, the IV in the packet was created while holding a mutex.
8176 	 */
8177 	bcopy(assoc->ipsa_nonce, nonce, assoc->ipsa_saltlen);
8178 	nonce += assoc->ipsa_saltlen;
8179 	bcopy(iv_ptr, nonce, assoc->ipsa_iv_len);
8180 	crypto_data->cd_miscdata = NULL;
8181 }
8182