1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #ifndef _INET_SADB_H 27 #define _INET_SADB_H 28 29 #pragma ident "%Z%%M% %I% %E% SMI" 30 31 #ifdef __cplusplus 32 extern "C" { 33 #endif 34 35 #include <inet/ipsec_info.h> 36 #include <sys/crypto/common.h> 37 #include <sys/crypto/api.h> 38 #include <sys/note.h> 39 40 #define IPSA_MAX_ADDRLEN 4 /* Max address len. (in 32-bits) for an SA. */ 41 42 /* 43 * Return codes of IPsec processing functions. 44 */ 45 typedef enum { 46 IPSEC_STATUS_SUCCESS = 1, 47 IPSEC_STATUS_FAILED = 2, 48 IPSEC_STATUS_PENDING = 3 49 } ipsec_status_t; 50 51 /* 52 * IP security association. Synchronization assumes 32-bit loads, so 53 * the 64-bit quantities can't even be be read w/o locking it down! 54 */ 55 56 /* keying info */ 57 typedef struct ipsa_key_s { 58 void *sak_key; /* Algorithm key. */ 59 uint_t sak_keylen; /* Algorithm key length (in bytes). */ 60 uint_t sak_keybits; /* Algorithm key length (in bits) */ 61 uint_t sak_algid; /* Algorithm ID number. */ 62 } ipsa_key_t; 63 64 /* the security association */ 65 typedef struct ipsa_s { 66 struct ipsa_s *ipsa_next; /* Next in hash bucket */ 67 struct ipsa_s **ipsa_ptpn; /* Pointer to previous next pointer. */ 68 kmutex_t *ipsa_linklock; /* Pointer to hash-chain lock. */ 69 void (*ipsa_freefunc)(struct ipsa_s *); /* freeassoc function */ 70 /* 71 * NOTE: I may need more pointers, depending on future SA 72 * requirements. 73 */ 74 ipsa_key_t ipsa_authkeydata; 75 #define ipsa_authkey ipsa_authkeydata.sak_key 76 #define ipsa_authkeylen ipsa_authkeydata.sak_keylen 77 #define ipsa_authkeybits ipsa_authkeydata.sak_keybits 78 #define ipsa_auth_alg ipsa_authkeydata.sak_algid 79 ipsa_key_t ipsa_encrkeydata; 80 #define ipsa_encrkey ipsa_encrkeydata.sak_key 81 #define ipsa_encrkeylen ipsa_encrkeydata.sak_keylen 82 #define ipsa_encrkeybits ipsa_encrkeydata.sak_keybits 83 #define ipsa_encr_alg ipsa_encrkeydata.sak_algid 84 85 struct ipsid_s *ipsa_src_cid; /* Source certificate identity */ 86 struct ipsid_s *ipsa_dst_cid; /* Destination certificate identity */ 87 uint64_t *ipsa_integ; /* Integrity bitmap */ 88 uint64_t *ipsa_sens; /* Sensitivity bitmap */ 89 mblk_t *ipsa_lpkt; /* Packet received while larval (CAS me) */ 90 91 /* 92 * PF_KEYv2 supports a replay window size of 255. Hence there is a 93 * need a bit vector to support a replay window of 255. 256 is a nice 94 * round number, so I support that. 95 * 96 * Use an array of uint64_t for best performance on 64-bit 97 * processors. (And hope that 32-bit compilers can handle things 98 * okay.) The " >> 6 " is to get the appropriate number of 64-bit 99 * ints. 100 */ 101 #define SADB_MAX_REPLAY 256 /* Must be 0 mod 64. */ 102 uint64_t ipsa_replay_arr[SADB_MAX_REPLAY >> 6]; 103 104 uint64_t ipsa_unique_id; /* Non-zero for unique SAs */ 105 uint64_t ipsa_unique_mask; /* mask value for unique_id */ 106 107 /* 108 * Reference count semantics: 109 * 110 * An SA has a reference count of 1 if something's pointing 111 * to it. This includes being in a hash table. So if an 112 * SA is in a hash table, it has a reference count of at least 1. 113 * 114 * When a ptr. to an IPSA is assigned, you MUST REFHOLD after 115 * said assignment. When a ptr. to an IPSA is released 116 * you MUST REFRELE. When the refcount hits 0, REFRELE 117 * will free the IPSA. 118 */ 119 kmutex_t ipsa_lock; /* Locks non-linkage/refcnt fields. */ 120 /* Q: Since I may be doing refcnts differently, will I need cv? */ 121 uint_t ipsa_refcnt; /* Reference count. */ 122 123 /* 124 * The following four time fields are the ones monitored by ah_ager() 125 * and esp_ager() respectively. They are all absolute wall-clock 126 * times. The times of creation (i.e. add time) and first use are 127 * pretty straightforward. The soft and hard expire times are 128 * derived from the times of first use and creation, plus the minimum 129 * expiration times in the fields that follow this. 130 * 131 * For example, if I had a hard add time of 30 seconds, and a hard 132 * use time of 15, the ipsa_hardexpiretime would be time of add, plus 133 * 30 seconds. If I USE the SA such that time of first use plus 15 134 * seconds would be earlier than the add time plus 30 seconds, then 135 * ipsa_hardexpiretime would become this earlier time. 136 */ 137 time_t ipsa_addtime; /* Time I was added. */ 138 time_t ipsa_usetime; /* Time of my first use. */ 139 time_t ipsa_lastuse; /* Time of my last use. */ 140 time_t ipsa_last_nat_t_ka; /* Time of my last NAT-T keepalive. */ 141 time_t ipsa_softexpiretime; /* Time of my first soft expire. */ 142 time_t ipsa_hardexpiretime; /* Time of my first hard expire. */ 143 144 /* 145 * The following fields are directly reflected in PF_KEYv2 LIFETIME 146 * extensions. The time_ts are in number-of-seconds, and the bytes 147 * are in... bytes. 148 */ 149 time_t ipsa_softaddlt; /* Seconds of soft lifetime after add. */ 150 time_t ipsa_softuselt; /* Seconds of soft lifetime after first use. */ 151 time_t ipsa_hardaddlt; /* Seconds of hard lifetime after add. */ 152 time_t ipsa_harduselt; /* Seconds of hard lifetime after first use. */ 153 uint64_t ipsa_softbyteslt; /* Bytes of soft lifetime. */ 154 uint64_t ipsa_hardbyteslt; /* Bytes of hard lifetime. */ 155 uint64_t ipsa_bytes; /* Bytes encrypted/authed by this SA. */ 156 157 /* 158 * "Allocations" are a concept mentioned in PF_KEYv2. We do not 159 * support them, except to record them per the PF_KEYv2 spec. 160 */ 161 uint_t ipsa_softalloc; /* Allocations allowed (soft). */ 162 uint_t ipsa_hardalloc; /* Allocations allowed (hard). */ 163 uint_t ipsa_alloc; /* Allocations made. */ 164 165 uint_t ipsa_integlen; /* Length of the integrity bitmap (bytes). */ 166 uint_t ipsa_senslen; /* Length of the sensitivity bitmap (bytes). */ 167 168 uint_t ipsa_type; /* Type of security association. (AH/etc.) */ 169 uint_t ipsa_dpd; /* Domain for sensitivity bit vectors. */ 170 uint_t ipsa_senslevel; /* Sensitivity level. */ 171 uint_t ipsa_integlevel; /* Integrity level. */ 172 uint_t ipsa_state; /* State of my association. */ 173 uint_t ipsa_replay_wsize; /* Size of replay window */ 174 uint32_t ipsa_flags; /* Flags for security association. */ 175 uint32_t ipsa_spi; /* Security parameters index. */ 176 uint32_t ipsa_replay; /* Highest seen replay value for this SA. */ 177 uint32_t ipsa_kmp; /* key management proto */ 178 uint32_t ipsa_kmc; /* key management cookie */ 179 180 boolean_t ipsa_haspeer; /* Has peer in another table. */ 181 182 /* 183 * Address storage. 184 * The source address can be INADDR_ANY, IN6ADDR_ANY, etc. 185 * 186 * Address families (per sys/socket.h) guide us. We could have just 187 * used sockaddr_storage 188 */ 189 sa_family_t ipsa_addrfam; 190 sa_family_t ipsa_innerfam; /* Inner AF can be != src/dst AF. */ 191 192 uint32_t ipsa_srcaddr[IPSA_MAX_ADDRLEN]; 193 uint32_t ipsa_dstaddr[IPSA_MAX_ADDRLEN]; 194 uint32_t ipsa_innersrc[IPSA_MAX_ADDRLEN]; 195 uint32_t ipsa_innerdst[IPSA_MAX_ADDRLEN]; 196 197 uint8_t ipsa_innersrcpfx; 198 uint8_t ipsa_innerdstpfx; 199 200 uint16_t ipsa_inbound_cksum; /* cksum correction for inbound packets */ 201 uint16_t ipsa_local_nat_port; /* Local NAT-T port. (0 --> 4500) */ 202 uint16_t ipsa_remote_nat_port; /* The other port that isn't 4500 */ 203 204 /* these can only be v4 */ 205 uint32_t ipsa_natt_addr_loc; 206 uint32_t ipsa_natt_addr_rem; 207 208 /* 209 * icmp type and code. *_end are to specify ranges. if only 210 * a single value, * and *_end are the same value. 211 */ 212 uint8_t ipsa_icmp_type; 213 uint8_t ipsa_icmp_type_end; 214 uint8_t ipsa_icmp_code; 215 uint8_t ipsa_icmp_code_end; 216 217 /* 218 * For the kernel crypto framework. 219 */ 220 crypto_key_t ipsa_kcfauthkey; /* authentication key */ 221 crypto_key_t ipsa_kcfencrkey; /* encryption key */ 222 crypto_ctx_template_t ipsa_authtmpl; /* auth context template */ 223 crypto_ctx_template_t ipsa_encrtmpl; /* encr context template */ 224 crypto_mechanism_t ipsa_amech; /* auth mech type and ICV len */ 225 crypto_mechanism_t ipsa_emech; /* encr mech type */ 226 size_t ipsa_mac_len; /* auth MAC length */ 227 size_t ipsa_iv_len; /* encr IV length */ 228 229 /* 230 * Input and output processing functions called from IP. 231 */ 232 ipsec_status_t (*ipsa_output_func)(mblk_t *); 233 ipsec_status_t (*ipsa_input_func)(mblk_t *, void *); 234 235 /* 236 * Soft reference to paired SA 237 */ 238 uint32_t ipsa_otherspi; 239 240 /* MLS boxen will probably need more fields in here. */ 241 242 netstack_t *ipsa_netstack; /* Does not have a netstack_hold */ 243 } ipsa_t; 244 245 /* 246 * ipsa_t address handling macros. We want these to be inlined, and deal 247 * with 32-bit words to avoid bcmp/bcopy calls. 248 * 249 * Assume we only have AF_INET and AF_INET6 addresses for now. Also assume 250 * that we have 32-bit alignment on everything. 251 */ 252 #define IPSA_IS_ADDR_UNSPEC(addr, fam) ((((uint32_t *)(addr))[0] == 0) && \ 253 (((fam) == AF_INET) || (((uint32_t *)(addr))[3] == 0 && \ 254 ((uint32_t *)(addr))[2] == 0 && ((uint32_t *)(addr))[1] == 0))) 255 #define IPSA_ARE_ADDR_EQUAL(addr1, addr2, fam) \ 256 ((((uint32_t *)(addr1))[0] == ((uint32_t *)(addr2))[0]) && \ 257 (((fam) == AF_INET) || \ 258 (((uint32_t *)(addr1))[3] == ((uint32_t *)(addr2))[3] && \ 259 ((uint32_t *)(addr1))[2] == ((uint32_t *)(addr2))[2] && \ 260 ((uint32_t *)(addr1))[1] == ((uint32_t *)(addr2))[1]))) 261 #define IPSA_COPY_ADDR(dstaddr, srcaddr, fam) { \ 262 ((uint32_t *)(dstaddr))[0] = ((uint32_t *)(srcaddr))[0]; \ 263 if ((fam) == AF_INET6) {\ 264 ((uint32_t *)(dstaddr))[1] = ((uint32_t *)(srcaddr))[1]; \ 265 ((uint32_t *)(dstaddr))[2] = ((uint32_t *)(srcaddr))[2]; \ 266 ((uint32_t *)(dstaddr))[3] = ((uint32_t *)(srcaddr))[3]; } } 267 268 /* 269 * ipsa_t reference hold/release macros. 270 * 271 * If you have a pointer, you REFHOLD. If you are releasing a pointer, you 272 * REFRELE. An ipsa_t that is newly inserted into the table should have 273 * a reference count of 1 (for the table's pointer), plus 1 more for every 274 * pointer that is referencing the ipsa_t. 275 */ 276 277 #define IPSA_REFHOLD(ipsa) { \ 278 atomic_add_32(&(ipsa)->ipsa_refcnt, 1); \ 279 ASSERT((ipsa)->ipsa_refcnt != 0); \ 280 } 281 282 /* 283 * Decrement the reference count on the SA. 284 * In architectures e.g sun4u, where atomic_add_32_nv is just 285 * a cas, we need to maintain the right memory barrier semantics 286 * as that of mutex_exit i.e all the loads and stores should complete 287 * before the cas is executed. membar_exit() does that here. 288 */ 289 290 #define IPSA_REFRELE(ipsa) { \ 291 ASSERT((ipsa)->ipsa_refcnt != 0); \ 292 membar_exit(); \ 293 if (atomic_add_32_nv(&(ipsa)->ipsa_refcnt, -1) == 0) \ 294 ((ipsa)->ipsa_freefunc)(ipsa); \ 295 } 296 297 /* 298 * Security association hash macros and definitions. For now, assume the 299 * IPsec model, and hash outbounds on destination address, and inbounds on 300 * SPI. 301 */ 302 303 #define IPSEC_DEFAULT_HASH_SIZE 256 304 305 #define INBOUND_HASH(sadb, spi) ((spi) % ((sadb)->sdb_hashsize)) 306 #define OUTBOUND_HASH_V4(sadb, v4addr) ((v4addr) % ((sadb)->sdb_hashsize)) 307 #define OUTBOUND_HASH_V6(sadb, v6addr) OUTBOUND_HASH_V4((sadb), \ 308 (*(uint32_t *)&(v6addr)) ^ (*(((uint32_t *)&(v6addr)) + 1)) ^ \ 309 (*(((uint32_t *)&(v6addr)) + 2)) ^ (*(((uint32_t *)&(v6addr)) + 3))) 310 311 /* 312 * Syntactic sugar to find the appropriate hash bucket directly. 313 */ 314 315 #define INBOUND_BUCKET(sadb, spi) &(((sadb)->sdb_if)[INBOUND_HASH(sadb, spi)]) 316 #define OUTBOUND_BUCKET_V4(sadb, v4addr) \ 317 &(((sadb)->sdb_of)[OUTBOUND_HASH_V4(sadb, v4addr)]) 318 #define OUTBOUND_BUCKET_V6(sadb, v6addr) \ 319 &(((sadb)->sdb_of)[OUTBOUND_HASH_V6(sadb, v6addr)]) 320 321 #define IPSA_F_PFS SADB_SAFLAGS_PFS /* PFS in use for this SA? */ 322 #define IPSA_F_NOREPFLD SADB_SAFLAGS_NOREPLAY /* No replay field, for */ 323 /* backward compat. */ 324 #define IPSA_F_USED SADB_X_SAFLAGS_USED /* SA has been used. */ 325 #define IPSA_F_UNIQUE SADB_X_SAFLAGS_UNIQUE /* SA is unique */ 326 #define IPSA_F_AALG1 SADB_X_SAFLAGS_AALG1 /* Auth alg flag 1 */ 327 #define IPSA_F_AALG2 SADB_X_SAFLAGS_AALG2 /* Auth alg flag 2 */ 328 #define IPSA_F_EALG1 SADB_X_SAFLAGS_EALG1 /* Encrypt alg flag 1 */ 329 #define IPSA_F_EALG2 SADB_X_SAFLAGS_EALG2 /* Encrypt alg flag 2 */ 330 331 #define IPSA_F_HW 0x200000 /* hwaccel capable SA */ 332 #define IPSA_F_NATT_LOC SADB_X_SAFLAGS_NATT_LOC 333 #define IPSA_F_NATT_REM SADB_X_SAFLAGS_NATT_REM 334 #define IPSA_F_NATT (SADB_X_SAFLAGS_NATT_LOC | SADB_X_SAFLAGS_NATT_REM) 335 #define IPSA_F_BEHIND_NAT SADB_X_SAFLAGS_NATTED 336 #define IPSA_F_CINVALID 0x40000 /* SA shouldn't be cached */ 337 #define IPSA_F_PAIRED SADB_X_SAFLAGS_PAIRED /* SA is one of a pair */ 338 #define IPSA_F_OUTBOUND SADB_X_SAFLAGS_OUTBOUND /* SA direction bit */ 339 #define IPSA_F_INBOUND SADB_X_SAFLAGS_INBOUND /* SA direction bit */ 340 #define IPSA_F_TUNNEL SADB_X_SAFLAGS_TUNNEL 341 342 /* SA states are important for handling UPDATE PF_KEY messages. */ 343 #define IPSA_STATE_LARVAL SADB_SASTATE_LARVAL 344 #define IPSA_STATE_MATURE SADB_SASTATE_MATURE 345 #define IPSA_STATE_DYING SADB_SASTATE_DYING 346 #define IPSA_STATE_DEAD SADB_SASTATE_DEAD 347 348 /* 349 * NOTE: If the document authors do things right in defining algorithms, we'll 350 * probably have flags for what all is here w.r.t. replay, ESP w/HMAC, 351 * etc. 352 */ 353 354 #define IPSA_T_ACQUIRE SEC_TYPE_NONE /* If this typed returned, sa needed */ 355 #define IPSA_T_AH SEC_TYPE_AH /* IPsec AH association */ 356 #define IPSA_T_ESP SEC_TYPE_ESP /* IPsec ESP association */ 357 358 #define IPSA_AALG_NONE SADB_AALG_NONE /* No auth. algorithm */ 359 #define IPSA_AALG_MD5H SADB_AALG_MD5HMAC /* MD5-HMAC algorithm */ 360 #define IPSA_AALG_SHA1H SADB_AALG_SHA1HMAC /* SHA1-HMAC algorithm */ 361 362 #define IPSA_EALG_NONE SADB_EALG_NONE /* No encryption algorithm */ 363 #define IPSA_EALG_DES_CBC SADB_EALG_DESCBC 364 #define IPSA_EALG_3DES SADB_EALG_3DESCBC 365 366 /* 367 * Protect each ipsa_t bucket (and linkage) with a lock. 368 */ 369 370 typedef struct isaf_s { 371 ipsa_t *isaf_ipsa; 372 kmutex_t isaf_lock; 373 uint64_t isaf_gen; 374 } isaf_t; 375 376 /* 377 * ACQUIRE record. If AH/ESP/whatever cannot find an association for outbound 378 * traffic, it sends up an SADB_ACQUIRE message and create an ACQUIRE record. 379 */ 380 381 #define IPSACQ_MAXPACKETS 4 /* Number of packets that can be queued up */ 382 /* waiting for an ACQUIRE to finish. */ 383 384 typedef struct ipsacq_s { 385 struct ipsacq_s *ipsacq_next; 386 struct ipsacq_s **ipsacq_ptpn; 387 kmutex_t *ipsacq_linklock; 388 struct ipsec_policy_s *ipsacq_policy; 389 struct ipsec_action_s *ipsacq_act; 390 391 sa_family_t ipsacq_addrfam; /* Address family. */ 392 sa_family_t ipsacq_inneraddrfam; /* Inner-packet address family. */ 393 int ipsacq_numpackets; /* How many packets queued up so far. */ 394 uint32_t ipsacq_seq; /* PF_KEY sequence number. */ 395 uint64_t ipsacq_unique_id; /* Unique ID for SAs that need it. */ 396 397 kmutex_t ipsacq_lock; /* Protects non-linkage fields. */ 398 time_t ipsacq_expire; /* Wall-clock time when this record expires. */ 399 mblk_t *ipsacq_mp; /* List of datagrams waiting for an SA. */ 400 401 /* These two point inside the last mblk inserted. */ 402 uint32_t *ipsacq_srcaddr; 403 uint32_t *ipsacq_dstaddr; 404 405 /* Cache these instead of point so we can mask off accordingly */ 406 uint32_t ipsacq_innersrc[IPSA_MAX_ADDRLEN]; 407 uint32_t ipsacq_innerdst[IPSA_MAX_ADDRLEN]; 408 409 /* These may change per-acquire. */ 410 uint16_t ipsacq_srcport; 411 uint16_t ipsacq_dstport; 412 uint8_t ipsacq_proto; 413 uint8_t ipsacq_inner_proto; 414 uint8_t ipsacq_innersrcpfx; 415 uint8_t ipsacq_innerdstpfx; 416 417 /* icmp type and code of triggering packet (if applicable) */ 418 uint8_t ipsacq_icmp_type; 419 uint8_t ipsacq_icmp_code; 420 } ipsacq_t; 421 422 /* 423 * Kernel-generated sequence numbers will be no less than 0x80000000 to 424 * forestall any cretinous problems with manual keying accidentally updating 425 * an ACQUIRE entry. 426 */ 427 #define IACQF_LOWEST_SEQ 0x80000000 428 429 #define SADB_AGE_INTERVAL_DEFAULT 1000 430 431 /* 432 * ACQUIRE fanout. Protect each linkage with a lock. 433 */ 434 435 typedef struct iacqf_s { 436 ipsacq_t *iacqf_ipsacq; 437 kmutex_t iacqf_lock; 438 } iacqf_t; 439 440 /* 441 * A (network protocol, ipsec protocol) specific SADB. 442 * (i.e., one each for {ah, esp} and {v4, v6}. 443 * 444 * Keep outbound assocs about the same as ire_cache entries for now. 445 * One danger point, multiple SAs for a single dest will clog a bucket. 446 * For the future, consider two-level hashing (2nd hash on IPC?), then probe. 447 */ 448 449 typedef struct sadb_s 450 { 451 isaf_t *sdb_of; 452 isaf_t *sdb_if; 453 iacqf_t *sdb_acq; 454 int sdb_hashsize; 455 } sadb_t; 456 457 /* 458 * A pair of SADB's (one for v4, one for v6), and related state (including 459 * acquire callbacks). 460 */ 461 462 typedef struct sadbp_s 463 { 464 uint32_t s_satype; 465 queue_t *s_ip_q; 466 uint32_t *s_acquire_timeout; 467 void (*s_acqfn)(ipsacq_t *, mblk_t *, netstack_t *); 468 sadb_t s_v4; 469 sadb_t s_v6; 470 } sadbp_t; 471 472 /* 473 * A pair of SA's for a single connection, the structure contains a 474 * pointer to a SA and the SA its paired with (opposite direction) as well 475 * as the SA's respective hash buckets. 476 */ 477 typedef struct ipsap_s 478 { 479 isaf_t *ipsap_bucket; 480 ipsa_t *ipsap_sa_ptr; 481 isaf_t *ipsap_pbucket; 482 ipsa_t *ipsap_psa_ptr; 483 } ipsap_t; 484 485 typedef struct templist_s 486 { 487 ipsa_t *ipsa; 488 struct templist_s *next; 489 } templist_t; 490 491 /* Pointer to an all-zeroes IPv6 address. */ 492 #define ALL_ZEROES_PTR ((uint32_t *)&ipv6_all_zeros) 493 494 /* 495 * Form unique id from ipsec_out_t 496 */ 497 498 #define SA_FORM_UNIQUE_ID(io) \ 499 SA_UNIQUE_ID((io)->ipsec_out_src_port, (io)->ipsec_out_dst_port, \ 500 ((io)->ipsec_out_tunnel ? ((io)->ipsec_out_inaf == AF_INET6 ? \ 501 IPPROTO_IPV6 : IPPROTO_ENCAP) : (io)->ipsec_out_proto), \ 502 ((io)->ipsec_out_tunnel ? (io)->ipsec_out_proto : 0)) 503 504 /* 505 * This macro is used to generate unique ids (along with the addresses, both 506 * inner and outer) for outbound datagrams that require unique SAs. 507 * 508 * N.B. casts and unsigned shift amounts discourage unwarranted 509 * sign extension of dstport, proto, and iproto. 510 * 511 * Unique ID is 64-bits allocated as follows (pardon my big-endian bias): 512 * 513 * 6 4 43 33 11 514 * 3 7 09 21 65 0 515 * +---------------*-------+-------+--------------+---------------+ 516 * | MUST-BE-ZERO |<iprot>|<proto>| <src port> | <dest port> | 517 * +---------------*-------+-------+--------------+---------------+ 518 * 519 * If there are inner addresses (tunnel mode) the ports come from the 520 * inner addresses. If there are no inner addresses, the ports come from 521 * the outer addresses (transport mode). Tunnel mode MUST have <proto> 522 * set to either IPPROTO_ENCAP or IPPPROTO_IPV6. 523 */ 524 #define SA_UNIQUE_ID(srcport, dstport, proto, iproto) \ 525 ((srcport) | ((uint64_t)(dstport) << 16U) | \ 526 ((uint64_t)(proto) << 32U) | ((uint64_t)(iproto) << 40U)) 527 528 /* 529 * SA_UNIQUE_MASK generates a mask value to use when comparing the unique value 530 * from a packet to an SA. 531 */ 532 533 #define SA_UNIQUE_MASK(srcport, dstport, proto, iproto) \ 534 SA_UNIQUE_ID((srcport != 0) ? 0xffff : 0, \ 535 (dstport != 0) ? 0xffff : 0, \ 536 (proto != 0) ? 0xff : 0, \ 537 (iproto != 0) ? 0xff : 0) 538 539 /* 540 * Decompose unique id back into its original fields. 541 */ 542 #define SA_IPROTO(ipsa) ((ipsa)->ipsa_unique_id>>40)&0xff 543 #define SA_PROTO(ipsa) ((ipsa)->ipsa_unique_id>>32)&0xff 544 #define SA_SRCPORT(ipsa) ((ipsa)->ipsa_unique_id & 0xffff) 545 #define SA_DSTPORT(ipsa) (((ipsa)->ipsa_unique_id >> 16) & 0xffff) 546 547 /* 548 * All functions that return an ipsa_t will return it with IPSA_REFHOLD() 549 * already called. 550 */ 551 552 /* SA retrieval (inbound and outbound) */ 553 ipsa_t *ipsec_getassocbyspi(isaf_t *, uint32_t, uint32_t *, uint32_t *, 554 sa_family_t); 555 ipsa_t *ipsec_getassocbyconn(isaf_t *, ipsec_out_t *, uint32_t *, uint32_t *, 556 sa_family_t, uint8_t); 557 ipsap_t *get_ipsa_pair(sadb_sa_t *, sadb_address_t *, sadb_address_t *, 558 sadbp_t *); 559 void destroy_ipsa_pair(ipsap_t *); 560 int update_pairing(ipsap_t *, keysock_in_t *, int *, sadbp_t *); 561 562 /* SA insertion. */ 563 int sadb_insertassoc(ipsa_t *, isaf_t *); 564 565 /* SA table construction and destruction. */ 566 void sadbp_init(const char *name, sadbp_t *, int, int, netstack_t *); 567 void sadbp_flush(sadbp_t *, netstack_t *); 568 void sadbp_destroy(sadbp_t *, netstack_t *); 569 570 /* SA insertion and deletion. */ 571 int sadb_insertassoc(ipsa_t *, isaf_t *); 572 void sadb_unlinkassoc(ipsa_t *); 573 574 /* Support routines to interface a keysock consumer to PF_KEY. */ 575 mblk_t *sadb_keysock_out(minor_t); 576 int sadb_hardsoftchk(sadb_lifetime_t *, sadb_lifetime_t *); 577 void sadb_pfkey_echo(queue_t *, mblk_t *, sadb_msg_t *, struct keysock_in_s *, 578 ipsa_t *); 579 void sadb_pfkey_error(queue_t *, mblk_t *, int, int, uint_t); 580 void sadb_keysock_hello(queue_t **, queue_t *, mblk_t *, void (*)(void *), 581 void *, timeout_id_t *, int); 582 int sadb_addrcheck(queue_t *, mblk_t *, sadb_ext_t *, uint_t, netstack_t *); 583 boolean_t sadb_addrfix(keysock_in_t *, queue_t *, mblk_t *, netstack_t *); 584 int sadb_addrset(ire_t *); 585 int sadb_delget_sa(mblk_t *, keysock_in_t *, sadbp_t *, int *, queue_t *, 586 uint8_t); 587 588 int sadb_purge_sa(mblk_t *, keysock_in_t *, sadb_t *, queue_t *, queue_t *); 589 int sadb_common_add(queue_t *, queue_t *, mblk_t *, sadb_msg_t *, 590 keysock_in_t *, isaf_t *, isaf_t *, ipsa_t *, boolean_t, boolean_t, int *, 591 netstack_t *, sadbp_t *); 592 void sadb_set_usetime(ipsa_t *); 593 boolean_t sadb_age_bytes(queue_t *, ipsa_t *, uint64_t, boolean_t); 594 int sadb_update_sa(mblk_t *, keysock_in_t *, sadbp_t *, 595 int *, queue_t *, int (*)(mblk_t *, keysock_in_t *, int *, netstack_t *), 596 netstack_t *, uint8_t); 597 void sadb_acquire(mblk_t *, ipsec_out_t *, boolean_t, boolean_t); 598 599 void sadb_destroy_acquire(ipsacq_t *, netstack_t *); 600 struct ipsec_stack; 601 mblk_t *sadb_setup_acquire(ipsacq_t *, uint8_t, struct ipsec_stack *); 602 ipsa_t *sadb_getspi(keysock_in_t *, uint32_t, int *, netstack_t *); 603 void sadb_in_acquire(sadb_msg_t *, sadbp_t *, queue_t *, netstack_t *); 604 boolean_t sadb_replay_check(ipsa_t *, uint32_t); 605 boolean_t sadb_replay_peek(ipsa_t *, uint32_t); 606 int sadb_dump(queue_t *, mblk_t *, minor_t, sadb_t *); 607 void sadb_replay_delete(ipsa_t *); 608 void sadb_ager(sadb_t *, queue_t *, queue_t *, int, netstack_t *); 609 610 timeout_id_t sadb_retimeout(hrtime_t, queue_t *, void (*)(void *), void *, 611 uint_t *, uint_t, short); 612 void sadb_sa_refrele(void *target); 613 void sadb_set_lpkt(ipsa_t *, mblk_t *, netstack_t *); 614 mblk_t *sadb_clear_lpkt(ipsa_t *); 615 616 /* 617 * Hw accel-related calls (downloading sadb to driver) 618 */ 619 void sadb_ill_download(ill_t *, uint_t); 620 mblk_t *sadb_fmt_sa_req(uint_t, uint_t, ipsa_t *, boolean_t); 621 /* 622 * Sub-set of the IPsec hardware acceleration capabilities functions 623 * implemented by ip_if.c 624 */ 625 extern boolean_t ipsec_capab_match(ill_t *, uint_t, boolean_t, ipsa_t *, 626 netstack_t *); 627 extern void ill_ipsec_capab_send_all(uint_t, mblk_t *, ipsa_t *, 628 netstack_t *); 629 630 631 /* 632 * One IPsec -> IP linking routine, and two IPsec rate-limiting routines. 633 */ 634 extern boolean_t sadb_t_bind_req(queue_t *, int); 635 /*PRINTFLIKE6*/ 636 extern void ipsec_rl_strlog(netstack_t *, short, short, char, 637 ushort_t, char *, ...) 638 __KPRINTFLIKE(6); 639 extern void ipsec_assocfailure(short, short, char, ushort_t, char *, uint32_t, 640 void *, int, netstack_t *); 641 642 /* 643 * Algorithm types. 644 */ 645 646 #define IPSEC_NALGTYPES 2 647 648 typedef enum ipsec_algtype { 649 IPSEC_ALG_AUTH = 0, 650 IPSEC_ALG_ENCR = 1 651 } ipsec_algtype_t; 652 653 /* 654 * Definitions as per IPsec/ISAKMP DOI. 655 */ 656 657 #define IPSEC_MAX_ALGS 256 658 #define PROTO_IPSEC_AH 2 659 #define PROTO_IPSEC_ESP 3 660 661 /* 662 * Common algorithm info. 663 */ 664 typedef struct ipsec_alginfo 665 { 666 uint8_t alg_id; 667 uint8_t alg_flags; 668 uint16_t *alg_key_sizes; 669 uint16_t *alg_block_sizes; 670 uint16_t alg_nkey_sizes; 671 uint16_t alg_nblock_sizes; 672 uint16_t alg_minbits; 673 uint16_t alg_maxbits; 674 uint16_t alg_datalen; 675 /* 676 * increment: number of bits from keysize to keysize 677 * default: # of increments from min to default key len 678 */ 679 uint16_t alg_increment; 680 uint16_t alg_default; 681 uint16_t alg_default_bits; 682 /* 683 * Min, max, and default key sizes effectively supported 684 * by the encryption framework. 685 */ 686 uint16_t alg_ef_minbits; 687 uint16_t alg_ef_maxbits; 688 uint16_t alg_ef_default; 689 uint16_t alg_ef_default_bits; 690 691 crypto_mech_type_t alg_mech_type; /* KCF mechanism type */ 692 crypto_mech_name_t alg_mech_name; /* KCF mechanism name */ 693 } ipsec_alginfo_t; 694 695 #define alg_datalen alg_block_sizes[0] 696 697 #define ALG_FLAG_VALID 0x01 698 #define ALG_VALID(_alg) ((_alg)->alg_flags & ALG_FLAG_VALID) 699 700 /* 701 * Software crypto execution mode. 702 */ 703 typedef enum { 704 IPSEC_ALGS_EXEC_SYNC = 0, 705 IPSEC_ALGS_EXEC_ASYNC = 1 706 } ipsec_algs_exec_mode_t; 707 708 extern void ipsec_alg_reg(ipsec_algtype_t, ipsec_alginfo_t *, netstack_t *); 709 extern void ipsec_alg_unreg(ipsec_algtype_t, uint8_t, netstack_t *); 710 extern void ipsec_alg_fix_min_max(ipsec_alginfo_t *, ipsec_algtype_t, 711 netstack_t *ns); 712 extern void ipsec_alg_free(ipsec_alginfo_t *); 713 extern void ipsec_register_prov_update(void); 714 extern void sadb_alg_update(ipsec_algtype_t, uint8_t, boolean_t, 715 netstack_t *); 716 717 /* 718 * Context templates management. 719 */ 720 721 #define IPSEC_CTX_TMPL_ALLOC ((crypto_ctx_template_t)-1) 722 #define IPSEC_CTX_TMPL(_sa, _which, _type, _tmpl) { \ 723 if ((_tmpl = (_sa)->_which) == IPSEC_CTX_TMPL_ALLOC) { \ 724 mutex_enter(&assoc->ipsa_lock); \ 725 if ((_sa)->_which == IPSEC_CTX_TMPL_ALLOC) { \ 726 ipsec_stack_t *ipss; \ 727 \ 728 ipss = assoc->ipsa_netstack->netstack_ipsec; \ 729 mutex_enter(&ipss->ipsec_alg_lock); \ 730 (void) ipsec_create_ctx_tmpl(_sa, _type); \ 731 mutex_exit(&ipss->ipsec_alg_lock); \ 732 } \ 733 mutex_exit(&assoc->ipsa_lock); \ 734 if ((_tmpl = (_sa)->_which) == IPSEC_CTX_TMPL_ALLOC) \ 735 _tmpl = NULL; \ 736 } \ 737 } 738 739 extern int ipsec_create_ctx_tmpl(ipsa_t *, ipsec_algtype_t); 740 extern void ipsec_destroy_ctx_tmpl(ipsa_t *, ipsec_algtype_t); 741 742 /* key checking */ 743 extern int ipsec_check_key(crypto_mech_type_t, sadb_key_t *, boolean_t, int *); 744 745 typedef struct ipsec_kstats_s { 746 kstat_named_t esp_stat_in_requests; 747 kstat_named_t esp_stat_in_discards; 748 kstat_named_t esp_stat_lookup_failure; 749 kstat_named_t ah_stat_in_requests; 750 kstat_named_t ah_stat_in_discards; 751 kstat_named_t ah_stat_lookup_failure; 752 kstat_named_t sadb_acquire_maxpackets; 753 kstat_named_t sadb_acquire_qhiwater; 754 } ipsec_kstats_t; 755 756 /* 757 * (ipss)->ipsec_kstats is equal to (ipss)->ipsec_ksp->ks_data if 758 * kstat_create_netstack for (ipss)->ipsec_ksp succeeds, but when it 759 * fails, it will be NULL. Note this is done for all stack instances, 760 * so it *could* fail. hence a non-NULL checking is done for 761 * IP_ESP_BUMP_STAT, IP_AH_BUMP_STAT and IP_ACQUIRE_STAT 762 */ 763 #define IP_ESP_BUMP_STAT(ipss, x) \ 764 do { \ 765 if ((ipss)->ipsec_kstats != NULL) \ 766 ((ipss)->ipsec_kstats->esp_stat_ ## x).value.ui64++; \ 767 _NOTE(CONSTCOND) \ 768 } while (0) 769 770 #define IP_AH_BUMP_STAT(ipss, x) \ 771 do { \ 772 if ((ipss)->ipsec_kstats != NULL) \ 773 ((ipss)->ipsec_kstats->ah_stat_ ## x).value.ui64++; \ 774 _NOTE(CONSTCOND) \ 775 } while (0) 776 777 #define IP_ACQUIRE_STAT(ipss, val, new) \ 778 do { \ 779 if ((ipss)->ipsec_kstats != NULL && \ 780 ((uint64_t)(new)) > \ 781 ((ipss)->ipsec_kstats->sadb_acquire_ ## val).value.ui64) \ 782 ((ipss)->ipsec_kstats->sadb_acquire_ ## val).value.ui64 = \ 783 ((uint64_t)(new)); \ 784 _NOTE(CONSTCOND) \ 785 } while (0) 786 787 #ifdef __cplusplus 788 } 789 #endif 790 791 #endif /* _INET_SADB_H */ 792