xref: /titanic_51/usr/src/uts/common/inet/ip/sadb.c (revision 46b592853d0f4f11781b6b0a7533f267c6aee132)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #include <sys/types.h>
27 #include <sys/stream.h>
28 #include <sys/stropts.h>
29 #include <sys/strsubr.h>
30 #include <sys/errno.h>
31 #include <sys/ddi.h>
32 #include <sys/debug.h>
33 #include <sys/cmn_err.h>
34 #include <sys/stream.h>
35 #include <sys/strlog.h>
36 #include <sys/kmem.h>
37 #include <sys/sunddi.h>
38 #include <sys/tihdr.h>
39 #include <sys/atomic.h>
40 #include <sys/socket.h>
41 #include <sys/sysmacros.h>
42 #include <sys/crypto/common.h>
43 #include <sys/crypto/api.h>
44 #include <sys/zone.h>
45 #include <netinet/in.h>
46 #include <net/if.h>
47 #include <net/pfkeyv2.h>
48 #include <net/pfpolicy.h>
49 #include <inet/common.h>
50 #include <netinet/ip6.h>
51 #include <inet/ip.h>
52 #include <inet/ip_ire.h>
53 #include <inet/ip6.h>
54 #include <inet/ipsec_info.h>
55 #include <inet/tcp.h>
56 #include <inet/sadb.h>
57 #include <inet/ipsec_impl.h>
58 #include <inet/ipsecah.h>
59 #include <inet/ipsecesp.h>
60 #include <sys/random.h>
61 #include <sys/dlpi.h>
62 #include <sys/iphada.h>
63 #include <inet/ip_if.h>
64 #include <inet/ipdrop.h>
65 #include <inet/ipclassifier.h>
66 #include <inet/sctp_ip.h>
67 
68 /*
69  * This source file contains Security Association Database (SADB) common
70  * routines.  They are linked in with the AH module.  Since AH has no chance
71  * of falling under export control, it was safe to link it in there.
72  */
73 
74 static mblk_t *sadb_extended_acquire(ipsec_selector_t *, ipsec_policy_t *,
75     ipsec_action_t *, boolean_t, uint32_t, uint32_t, netstack_t *);
76 static void sadb_ill_df(ill_t *, mblk_t *, isaf_t *, int, boolean_t);
77 static ipsa_t *sadb_torch_assoc(isaf_t *, ipsa_t *, boolean_t, mblk_t **);
78 static void sadb_drain_torchq(queue_t *, mblk_t *);
79 static void sadb_destroy_acqlist(iacqf_t **, uint_t, boolean_t,
80 			    netstack_t *);
81 static void sadb_destroy(sadb_t *, netstack_t *);
82 static mblk_t *sadb_sa2msg(ipsa_t *, sadb_msg_t *);
83 
84 static time_t sadb_add_time(time_t, uint64_t);
85 static void lifetime_fuzz(ipsa_t *);
86 static void age_pair_peer_list(templist_t *, sadb_t *, boolean_t);
87 static void ipsa_set_replay(ipsa_t *ipsa, uint32_t offset);
88 
89 extern void (*cl_inet_getspi)(netstackid_t stack_id, uint8_t protocol,
90     uint8_t *ptr, size_t len, void *args);
91 extern int (*cl_inet_checkspi)(netstackid_t stack_id, uint8_t protocol,
92     uint32_t spi, void *args);
93 extern void (*cl_inet_deletespi)(netstackid_t stack_id, uint8_t protocol,
94     uint32_t spi, void *args);
95 /*
96  * ipsacq_maxpackets is defined here to make it tunable
97  * from /etc/system.
98  */
99 extern uint64_t ipsacq_maxpackets;
100 
101 #define	SET_EXPIRE(sa, delta, exp) {				\
102 	if (((sa)->ipsa_ ## delta) != 0) {				\
103 		(sa)->ipsa_ ## exp = sadb_add_time((sa)->ipsa_addtime,	\
104 			(sa)->ipsa_ ## delta);				\
105 	}								\
106 }
107 
108 #define	UPDATE_EXPIRE(sa, delta, exp) {					\
109 	if (((sa)->ipsa_ ## delta) != 0) {				\
110 		time_t tmp = sadb_add_time((sa)->ipsa_usetime,		\
111 			(sa)->ipsa_ ## delta);				\
112 		if (((sa)->ipsa_ ## exp) == 0)				\
113 			(sa)->ipsa_ ## exp = tmp;			\
114 		else							\
115 			(sa)->ipsa_ ## exp = 				\
116 			    MIN((sa)->ipsa_ ## exp, tmp); 		\
117 	}								\
118 }
119 
120 
121 /* wrap the macro so we can pass it as a function pointer */
122 void
123 sadb_sa_refrele(void *target)
124 {
125 	IPSA_REFRELE(((ipsa_t *)target));
126 }
127 
128 /*
129  * We presume that sizeof (long) == sizeof (time_t) and that time_t is
130  * a signed type.
131  */
132 #define	TIME_MAX LONG_MAX
133 
134 /*
135  * PF_KEY gives us lifetimes in uint64_t seconds.  We presume that
136  * time_t is defined to be a signed type with the same range as
137  * "long".  On ILP32 systems, we thus run the risk of wrapping around
138  * at end of time, as well as "overwrapping" the clock back around
139  * into a seemingly valid but incorrect future date earlier than the
140  * desired expiration.
141  *
142  * In order to avoid odd behavior (either negative lifetimes or loss
143  * of high order bits) when someone asks for bizarrely long SA
144  * lifetimes, we do a saturating add for expire times.
145  *
146  * We presume that ILP32 systems will be past end of support life when
147  * the 32-bit time_t overflows (a dangerous assumption, mind you..).
148  *
149  * On LP64, 2^64 seconds are about 5.8e11 years, at which point we
150  * will hopefully have figured out clever ways to avoid the use of
151  * fixed-sized integers in computation.
152  */
153 static time_t
154 sadb_add_time(time_t base, uint64_t delta)
155 {
156 	time_t sum;
157 
158 	/*
159 	 * Clip delta to the maximum possible time_t value to
160 	 * prevent "overwrapping" back into a shorter-than-desired
161 	 * future time.
162 	 */
163 	if (delta > TIME_MAX)
164 		delta = TIME_MAX;
165 	/*
166 	 * This sum may still overflow.
167 	 */
168 	sum = base + delta;
169 
170 	/*
171 	 * .. so if the result is less than the base, we overflowed.
172 	 */
173 	if (sum < base)
174 		sum = TIME_MAX;
175 
176 	return (sum);
177 }
178 
179 /*
180  * Callers of this function have already created a working security
181  * association, and have found the appropriate table & hash chain.  All this
182  * function does is check duplicates, and insert the SA.  The caller needs to
183  * hold the hash bucket lock and increment the refcnt before insertion.
184  *
185  * Return 0 if success, EEXIST if collision.
186  */
187 #define	SA_UNIQUE_MATCH(sa1, sa2) \
188 	(((sa1)->ipsa_unique_id & (sa1)->ipsa_unique_mask) == \
189 	((sa2)->ipsa_unique_id & (sa2)->ipsa_unique_mask))
190 
191 int
192 sadb_insertassoc(ipsa_t *ipsa, isaf_t *bucket)
193 {
194 	ipsa_t **ptpn = NULL;
195 	ipsa_t *walker;
196 	boolean_t unspecsrc;
197 
198 	ASSERT(MUTEX_HELD(&bucket->isaf_lock));
199 
200 	unspecsrc = IPSA_IS_ADDR_UNSPEC(ipsa->ipsa_srcaddr, ipsa->ipsa_addrfam);
201 
202 	walker = bucket->isaf_ipsa;
203 	ASSERT(walker == NULL || ipsa->ipsa_addrfam == walker->ipsa_addrfam);
204 
205 	/*
206 	 * Find insertion point (pointed to with **ptpn).  Insert at the head
207 	 * of the list unless there's an unspecified source address, then
208 	 * insert it after the last SA with a specified source address.
209 	 *
210 	 * BTW, you'll have to walk the whole chain, matching on {DST, SPI}
211 	 * checking for collisions.
212 	 */
213 
214 	while (walker != NULL) {
215 		if (IPSA_ARE_ADDR_EQUAL(walker->ipsa_dstaddr,
216 		    ipsa->ipsa_dstaddr, ipsa->ipsa_addrfam)) {
217 			if (walker->ipsa_spi == ipsa->ipsa_spi)
218 				return (EEXIST);
219 
220 			mutex_enter(&walker->ipsa_lock);
221 			if (ipsa->ipsa_state == IPSA_STATE_MATURE &&
222 			    (walker->ipsa_flags & IPSA_F_USED) &&
223 			    SA_UNIQUE_MATCH(walker, ipsa)) {
224 				walker->ipsa_flags |= IPSA_F_CINVALID;
225 			}
226 			mutex_exit(&walker->ipsa_lock);
227 		}
228 
229 		if (ptpn == NULL && unspecsrc) {
230 			if (IPSA_IS_ADDR_UNSPEC(walker->ipsa_srcaddr,
231 			    walker->ipsa_addrfam))
232 				ptpn = walker->ipsa_ptpn;
233 			else if (walker->ipsa_next == NULL)
234 				ptpn = &walker->ipsa_next;
235 		}
236 
237 		walker = walker->ipsa_next;
238 	}
239 
240 	if (ptpn == NULL)
241 		ptpn = &bucket->isaf_ipsa;
242 	ipsa->ipsa_next = *ptpn;
243 	ipsa->ipsa_ptpn = ptpn;
244 	if (ipsa->ipsa_next != NULL)
245 		ipsa->ipsa_next->ipsa_ptpn = &ipsa->ipsa_next;
246 	*ptpn = ipsa;
247 	ipsa->ipsa_linklock = &bucket->isaf_lock;
248 
249 	return (0);
250 }
251 #undef SA_UNIQUE_MATCH
252 
253 /*
254  * Free a security association.  Its reference count is 0, which means
255  * I must free it.  The SA must be unlocked and must not be linked into
256  * any fanout list.
257  */
258 static void
259 sadb_freeassoc(ipsa_t *ipsa)
260 {
261 	ipsec_stack_t	*ipss = ipsa->ipsa_netstack->netstack_ipsec;
262 
263 	ASSERT(ipss != NULL);
264 	ASSERT(MUTEX_NOT_HELD(&ipsa->ipsa_lock));
265 	ASSERT(ipsa->ipsa_refcnt == 0);
266 	ASSERT(ipsa->ipsa_next == NULL);
267 	ASSERT(ipsa->ipsa_ptpn == NULL);
268 
269 	mutex_enter(&ipsa->ipsa_lock);
270 	/* Don't call sadb_clear_lpkt() since we hold the ipsa_lock anyway. */
271 	ip_drop_packet(ipsa->ipsa_lpkt, B_TRUE, NULL, NULL,
272 	    DROPPER(ipss, ipds_sadb_inlarval_timeout),
273 	    &ipss->ipsec_sadb_dropper);
274 	ipsec_destroy_ctx_tmpl(ipsa, IPSEC_ALG_AUTH);
275 	ipsec_destroy_ctx_tmpl(ipsa, IPSEC_ALG_ENCR);
276 	mutex_exit(&ipsa->ipsa_lock);
277 
278 	/* bzero() these fields for paranoia's sake. */
279 	if (ipsa->ipsa_authkey != NULL) {
280 		bzero(ipsa->ipsa_authkey, ipsa->ipsa_authkeylen);
281 		kmem_free(ipsa->ipsa_authkey, ipsa->ipsa_authkeylen);
282 	}
283 	if (ipsa->ipsa_encrkey != NULL) {
284 		bzero(ipsa->ipsa_encrkey, ipsa->ipsa_encrkeylen);
285 		kmem_free(ipsa->ipsa_encrkey, ipsa->ipsa_encrkeylen);
286 	}
287 	if (ipsa->ipsa_nonce_buf != NULL) {
288 		bzero(ipsa->ipsa_nonce_buf, sizeof (ipsec_nonce_t));
289 		kmem_free(ipsa->ipsa_nonce_buf, sizeof (ipsec_nonce_t));
290 	}
291 	if (ipsa->ipsa_src_cid != NULL) {
292 		IPSID_REFRELE(ipsa->ipsa_src_cid);
293 	}
294 	if (ipsa->ipsa_dst_cid != NULL) {
295 		IPSID_REFRELE(ipsa->ipsa_dst_cid);
296 	}
297 	if (ipsa->ipsa_integ != NULL)
298 		kmem_free(ipsa->ipsa_integ, ipsa->ipsa_integlen);
299 	if (ipsa->ipsa_sens != NULL)
300 		kmem_free(ipsa->ipsa_sens, ipsa->ipsa_senslen);
301 	if (ipsa->ipsa_emech.cm_param != NULL)
302 		kmem_free(ipsa->ipsa_emech.cm_param,
303 		    ipsa->ipsa_emech.cm_param_len);
304 
305 	mutex_destroy(&ipsa->ipsa_lock);
306 	kmem_free(ipsa, sizeof (*ipsa));
307 }
308 
309 /*
310  * Unlink a security association from a hash bucket.  Assume the hash bucket
311  * lock is held, but the association's lock is not.
312  *
313  * Note that we do not bump the bucket's generation number here because
314  * we might not be making a visible change to the set of visible SA's.
315  * All callers MUST bump the bucket's generation number before they unlock
316  * the bucket if they use sadb_unlinkassoc to permanetly remove an SA which
317  * was present in the bucket at the time it was locked.
318  */
319 void
320 sadb_unlinkassoc(ipsa_t *ipsa)
321 {
322 	ASSERT(ipsa->ipsa_linklock != NULL);
323 	ASSERT(MUTEX_HELD(ipsa->ipsa_linklock));
324 
325 	/* These fields are protected by the link lock. */
326 	*(ipsa->ipsa_ptpn) = ipsa->ipsa_next;
327 	if (ipsa->ipsa_next != NULL) {
328 		ipsa->ipsa_next->ipsa_ptpn = ipsa->ipsa_ptpn;
329 		ipsa->ipsa_next = NULL;
330 	}
331 
332 	ipsa->ipsa_ptpn = NULL;
333 
334 	/* This may destroy the SA. */
335 	IPSA_REFRELE(ipsa);
336 }
337 
338 void
339 sadb_delete_cluster(ipsa_t *assoc)
340 {
341 	uint8_t protocol;
342 
343 	if (cl_inet_deletespi &&
344 	    ((assoc->ipsa_state == IPSA_STATE_LARVAL) ||
345 	    (assoc->ipsa_state == IPSA_STATE_MATURE))) {
346 		protocol = (assoc->ipsa_type == SADB_SATYPE_AH) ?
347 		    IPPROTO_AH : IPPROTO_ESP;
348 		cl_inet_deletespi(assoc->ipsa_netstack->netstack_stackid,
349 		    protocol, assoc->ipsa_spi, NULL);
350 	}
351 }
352 
353 /*
354  * Create a larval security association with the specified SPI.	 All other
355  * fields are zeroed.
356  */
357 static ipsa_t *
358 sadb_makelarvalassoc(uint32_t spi, uint32_t *src, uint32_t *dst, int addrfam,
359     netstack_t *ns)
360 {
361 	ipsa_t *newbie;
362 
363 	/*
364 	 * Allocate...
365 	 */
366 
367 	newbie = (ipsa_t *)kmem_zalloc(sizeof (ipsa_t), KM_NOSLEEP);
368 	if (newbie == NULL) {
369 		/* Can't make new larval SA. */
370 		return (NULL);
371 	}
372 
373 	/* Assigned requested SPI, assume caller does SPI allocation magic. */
374 	newbie->ipsa_spi = spi;
375 	newbie->ipsa_netstack = ns;	/* No netstack_hold */
376 
377 	/*
378 	 * Copy addresses...
379 	 */
380 
381 	IPSA_COPY_ADDR(newbie->ipsa_srcaddr, src, addrfam);
382 	IPSA_COPY_ADDR(newbie->ipsa_dstaddr, dst, addrfam);
383 
384 	newbie->ipsa_addrfam = addrfam;
385 
386 	/*
387 	 * Set common initialization values, including refcnt.
388 	 */
389 	mutex_init(&newbie->ipsa_lock, NULL, MUTEX_DEFAULT, NULL);
390 	newbie->ipsa_state = IPSA_STATE_LARVAL;
391 	newbie->ipsa_refcnt = 1;
392 	newbie->ipsa_freefunc = sadb_freeassoc;
393 
394 	/*
395 	 * There aren't a lot of other common initialization values, as
396 	 * they are copied in from the PF_KEY message.
397 	 */
398 
399 	return (newbie);
400 }
401 
402 /*
403  * Call me to initialize a security association fanout.
404  */
405 static int
406 sadb_init_fanout(isaf_t **tablep, uint_t size, int kmflag)
407 {
408 	isaf_t *table;
409 	int i;
410 
411 	table = (isaf_t *)kmem_alloc(size * sizeof (*table), kmflag);
412 	*tablep = table;
413 
414 	if (table == NULL)
415 		return (ENOMEM);
416 
417 	for (i = 0; i < size; i++) {
418 		mutex_init(&(table[i].isaf_lock), NULL, MUTEX_DEFAULT, NULL);
419 		table[i].isaf_ipsa = NULL;
420 		table[i].isaf_gen = 0;
421 	}
422 
423 	return (0);
424 }
425 
426 /*
427  * Call me to initialize an acquire fanout
428  */
429 static int
430 sadb_init_acfanout(iacqf_t **tablep, uint_t size, int kmflag)
431 {
432 	iacqf_t *table;
433 	int i;
434 
435 	table = (iacqf_t *)kmem_alloc(size * sizeof (*table), kmflag);
436 	*tablep = table;
437 
438 	if (table == NULL)
439 		return (ENOMEM);
440 
441 	for (i = 0; i < size; i++) {
442 		mutex_init(&(table[i].iacqf_lock), NULL, MUTEX_DEFAULT, NULL);
443 		table[i].iacqf_ipsacq = NULL;
444 	}
445 
446 	return (0);
447 }
448 
449 /*
450  * Attempt to initialize an SADB instance.  On failure, return ENOMEM;
451  * caller must clean up partial allocations.
452  */
453 static int
454 sadb_init_trial(sadb_t *sp, uint_t size, int kmflag)
455 {
456 	ASSERT(sp->sdb_of == NULL);
457 	ASSERT(sp->sdb_if == NULL);
458 	ASSERT(sp->sdb_acq == NULL);
459 
460 	sp->sdb_hashsize = size;
461 	if (sadb_init_fanout(&sp->sdb_of, size, kmflag) != 0)
462 		return (ENOMEM);
463 	if (sadb_init_fanout(&sp->sdb_if, size, kmflag) != 0)
464 		return (ENOMEM);
465 	if (sadb_init_acfanout(&sp->sdb_acq, size, kmflag) != 0)
466 		return (ENOMEM);
467 
468 	return (0);
469 }
470 
471 /*
472  * Call me to initialize an SADB instance; fall back to default size on failure.
473  */
474 static void
475 sadb_init(const char *name, sadb_t *sp, uint_t size, uint_t ver,
476     netstack_t *ns)
477 {
478 	ASSERT(sp->sdb_of == NULL);
479 	ASSERT(sp->sdb_if == NULL);
480 	ASSERT(sp->sdb_acq == NULL);
481 
482 	if (size < IPSEC_DEFAULT_HASH_SIZE)
483 		size = IPSEC_DEFAULT_HASH_SIZE;
484 
485 	if (sadb_init_trial(sp, size, KM_NOSLEEP) != 0) {
486 
487 		cmn_err(CE_WARN,
488 		    "Unable to allocate %u entry IPv%u %s SADB hash table",
489 		    size, ver, name);
490 
491 		sadb_destroy(sp, ns);
492 		size = IPSEC_DEFAULT_HASH_SIZE;
493 		cmn_err(CE_WARN, "Falling back to %d entries", size);
494 		(void) sadb_init_trial(sp, size, KM_SLEEP);
495 	}
496 }
497 
498 
499 /*
500  * Initialize an SADB-pair.
501  */
502 void
503 sadbp_init(const char *name, sadbp_t *sp, int type, int size, netstack_t *ns)
504 {
505 	sadb_init(name, &sp->s_v4, size, 4, ns);
506 	sadb_init(name, &sp->s_v6, size, 6, ns);
507 
508 	sp->s_satype = type;
509 
510 	ASSERT((type == SADB_SATYPE_AH) || (type == SADB_SATYPE_ESP));
511 	if (type == SADB_SATYPE_AH) {
512 		ipsec_stack_t	*ipss = ns->netstack_ipsec;
513 
514 		ip_drop_register(&ipss->ipsec_sadb_dropper, "IPsec SADB");
515 		sp->s_addflags = AH_ADD_SETTABLE_FLAGS;
516 		sp->s_updateflags = AH_UPDATE_SETTABLE_FLAGS;
517 	} else {
518 		sp->s_addflags = ESP_ADD_SETTABLE_FLAGS;
519 		sp->s_updateflags = ESP_UPDATE_SETTABLE_FLAGS;
520 	}
521 }
522 
523 /*
524  * Deliver a single SADB_DUMP message representing a single SA.  This is
525  * called many times by sadb_dump().
526  *
527  * If the return value of this is ENOBUFS (not the same as ENOMEM), then
528  * the caller should take that as a hint that dupb() on the "original answer"
529  * failed, and that perhaps the caller should try again with a copyb()ed
530  * "original answer".
531  */
532 static int
533 sadb_dump_deliver(queue_t *pfkey_q, mblk_t *original_answer, ipsa_t *ipsa,
534     sadb_msg_t *samsg)
535 {
536 	mblk_t *answer;
537 
538 	answer = dupb(original_answer);
539 	if (answer == NULL)
540 		return (ENOBUFS);
541 	answer->b_cont = sadb_sa2msg(ipsa, samsg);
542 	if (answer->b_cont == NULL) {
543 		freeb(answer);
544 		return (ENOMEM);
545 	}
546 
547 	/* Just do a putnext, and let keysock deal with flow control. */
548 	putnext(pfkey_q, answer);
549 	return (0);
550 }
551 
552 /*
553  * Common function to allocate and prepare a keysock_out_t M_CTL message.
554  */
555 mblk_t *
556 sadb_keysock_out(minor_t serial)
557 {
558 	mblk_t *mp;
559 	keysock_out_t *kso;
560 
561 	mp = allocb(sizeof (ipsec_info_t), BPRI_HI);
562 	if (mp != NULL) {
563 		mp->b_datap->db_type = M_CTL;
564 		mp->b_wptr += sizeof (ipsec_info_t);
565 		kso = (keysock_out_t *)mp->b_rptr;
566 		kso->ks_out_type = KEYSOCK_OUT;
567 		kso->ks_out_len = sizeof (*kso);
568 		kso->ks_out_serial = serial;
569 	}
570 
571 	return (mp);
572 }
573 
574 /*
575  * Perform an SADB_DUMP, spewing out every SA in an array of SA fanouts
576  * to keysock.
577  */
578 static int
579 sadb_dump_fanout(queue_t *pfkey_q, mblk_t *mp, minor_t serial, isaf_t *fanout,
580     int num_entries, boolean_t do_peers, time_t active_time)
581 {
582 	int i, error = 0;
583 	mblk_t *original_answer;
584 	ipsa_t *walker;
585 	sadb_msg_t *samsg;
586 	time_t	current;
587 
588 	/*
589 	 * For each IPSA hash bucket do:
590 	 *	- Hold the mutex
591 	 *	- Walk each entry, doing an sadb_dump_deliver() on it.
592 	 */
593 	ASSERT(mp->b_cont != NULL);
594 	samsg = (sadb_msg_t *)mp->b_cont->b_rptr;
595 
596 	original_answer = sadb_keysock_out(serial);
597 	if (original_answer == NULL)
598 		return (ENOMEM);
599 
600 	current = gethrestime_sec();
601 	for (i = 0; i < num_entries; i++) {
602 		mutex_enter(&fanout[i].isaf_lock);
603 		for (walker = fanout[i].isaf_ipsa; walker != NULL;
604 		    walker = walker->ipsa_next) {
605 			if (!do_peers && walker->ipsa_haspeer)
606 				continue;
607 			if ((active_time != 0) &&
608 			    ((current - walker->ipsa_lastuse) > active_time))
609 				continue;
610 			error = sadb_dump_deliver(pfkey_q, original_answer,
611 			    walker, samsg);
612 			if (error == ENOBUFS) {
613 				mblk_t *new_original_answer;
614 
615 				/* Ran out of dupb's.  Try a copyb. */
616 				new_original_answer = copyb(original_answer);
617 				if (new_original_answer == NULL) {
618 					error = ENOMEM;
619 				} else {
620 					freeb(original_answer);
621 					original_answer = new_original_answer;
622 					error = sadb_dump_deliver(pfkey_q,
623 					    original_answer, walker, samsg);
624 				}
625 			}
626 			if (error != 0)
627 				break;	/* out of for loop. */
628 		}
629 		mutex_exit(&fanout[i].isaf_lock);
630 		if (error != 0)
631 			break;	/* out of for loop. */
632 	}
633 
634 	freeb(original_answer);
635 	return (error);
636 }
637 
638 /*
639  * Dump an entire SADB; outbound first, then inbound.
640  */
641 
642 int
643 sadb_dump(queue_t *pfkey_q, mblk_t *mp, keysock_in_t *ksi, sadb_t *sp)
644 {
645 	int error;
646 	time_t	active_time = 0;
647 	sadb_x_edump_t	*edump =
648 	    (sadb_x_edump_t *)ksi->ks_in_extv[SADB_X_EXT_EDUMP];
649 
650 	if (edump != NULL) {
651 		active_time = edump->sadb_x_edump_timeout;
652 	}
653 
654 	/* Dump outbound */
655 	error = sadb_dump_fanout(pfkey_q, mp, ksi->ks_in_serial, sp->sdb_of,
656 	    sp->sdb_hashsize, B_TRUE, active_time);
657 	if (error)
658 		return (error);
659 
660 	/* Dump inbound */
661 	return sadb_dump_fanout(pfkey_q, mp, ksi->ks_in_serial, sp->sdb_if,
662 	    sp->sdb_hashsize, B_FALSE, active_time);
663 }
664 
665 /*
666  * Generic sadb table walker.
667  *
668  * Call "walkfn" for each SA in each bucket in "table"; pass the
669  * bucket, the entry and "cookie" to the callback function.
670  * Take care to ensure that walkfn can delete the SA without screwing
671  * up our traverse.
672  *
673  * The bucket is locked for the duration of the callback, both so that the
674  * callback can just call sadb_unlinkassoc() when it wants to delete something,
675  * and so that no new entries are added while we're walking the list.
676  */
677 static void
678 sadb_walker(isaf_t *table, uint_t numentries,
679     void (*walkfn)(isaf_t *head, ipsa_t *entry, void *cookie),
680     void *cookie)
681 {
682 	int i;
683 	for (i = 0; i < numentries; i++) {
684 		ipsa_t *entry, *next;
685 
686 		mutex_enter(&table[i].isaf_lock);
687 
688 		for (entry = table[i].isaf_ipsa; entry != NULL;
689 		    entry = next) {
690 			next = entry->ipsa_next;
691 			(*walkfn)(&table[i], entry, cookie);
692 		}
693 		mutex_exit(&table[i].isaf_lock);
694 	}
695 }
696 
697 /*
698  * From the given SA, construct a dl_ct_ipsec_key and
699  * a dl_ct_ipsec structures to be sent to the adapter as part
700  * of a DL_CONTROL_REQ.
701  *
702  * ct_sa must point to the storage allocated for the key
703  * structure and must be followed by storage allocated
704  * for the SA information that must be sent to the driver
705  * as part of the DL_CONTROL_REQ request.
706  *
707  * The is_inbound boolean indicates whether the specified
708  * SA is part of an inbound SA table.
709  *
710  * Returns B_TRUE if the corresponding SA must be passed to
711  * a provider, B_FALSE otherwise; frees *mp if it returns B_FALSE.
712  */
713 static boolean_t
714 sadb_req_from_sa(ipsa_t *sa, mblk_t *mp, boolean_t is_inbound)
715 {
716 	dl_ct_ipsec_key_t *keyp;
717 	dl_ct_ipsec_t *sap;
718 	void *ct_sa = mp->b_wptr;
719 
720 	ASSERT(MUTEX_HELD(&sa->ipsa_lock));
721 
722 	keyp = (dl_ct_ipsec_key_t *)(ct_sa);
723 	sap = (dl_ct_ipsec_t *)(keyp + 1);
724 
725 	IPSECHW_DEBUG(IPSECHW_CAPAB, ("sadb_req_from_sa: "
726 	    "is_inbound = %d\n", is_inbound));
727 
728 	/* initialize flag */
729 	sap->sadb_sa_flags = 0;
730 	if (is_inbound) {
731 		sap->sadb_sa_flags |= DL_CT_IPSEC_INBOUND;
732 		/*
733 		 * If an inbound SA has a peer, then mark it has being
734 		 * an outbound SA as well.
735 		 */
736 		if (sa->ipsa_haspeer)
737 			sap->sadb_sa_flags |= DL_CT_IPSEC_OUTBOUND;
738 	} else {
739 		/*
740 		 * If an outbound SA has a peer, then don't send it,
741 		 * since we will send the copy from the inbound table.
742 		 */
743 		if (sa->ipsa_haspeer) {
744 			freemsg(mp);
745 			return (B_FALSE);
746 		}
747 		sap->sadb_sa_flags |= DL_CT_IPSEC_OUTBOUND;
748 	}
749 
750 	keyp->dl_key_spi = sa->ipsa_spi;
751 	bcopy(sa->ipsa_dstaddr, keyp->dl_key_dest_addr,
752 	    DL_CTL_IPSEC_ADDR_LEN);
753 	keyp->dl_key_addr_family = sa->ipsa_addrfam;
754 
755 	sap->sadb_sa_auth = sa->ipsa_auth_alg;
756 	sap->sadb_sa_encrypt = sa->ipsa_encr_alg;
757 
758 	sap->sadb_key_len_a = sa->ipsa_authkeylen;
759 	sap->sadb_key_bits_a = sa->ipsa_authkeybits;
760 	bcopy(sa->ipsa_authkey,
761 	    sap->sadb_key_data_a, sap->sadb_key_len_a);
762 
763 	sap->sadb_key_len_e = sa->ipsa_encrkeylen;
764 	sap->sadb_key_bits_e = sa->ipsa_encrkeybits;
765 	bcopy(sa->ipsa_encrkey,
766 	    sap->sadb_key_data_e, sap->sadb_key_len_e);
767 
768 	mp->b_wptr += sizeof (dl_ct_ipsec_t) + sizeof (dl_ct_ipsec_key_t);
769 	return (B_TRUE);
770 }
771 
772 /*
773  * Called from AH or ESP to format a message which will be used to inform
774  * IPsec-acceleration-capable ills of a SADB change.
775  * (It is not possible to send the message to IP directly from this function
776  * since the SA, if any, is locked during the call).
777  *
778  * dl_operation: DL_CONTROL_REQ operation (add, delete, update, etc)
779  * sa_type: identifies whether the operation applies to AH or ESP
780  *	(must be one of SADB_SATYPE_AH or SADB_SATYPE_ESP)
781  * sa: Pointer to an SA.  Must be non-NULL and locked
782  *	for ADD, DELETE, GET, and UPDATE operations.
783  * This function returns an mblk chain that must be passed to IP
784  * for forwarding to the IPsec capable providers.
785  */
786 mblk_t *
787 sadb_fmt_sa_req(uint_t dl_operation, uint_t sa_type, ipsa_t *sa,
788     boolean_t is_inbound)
789 {
790 	mblk_t *mp;
791 	dl_control_req_t *ctrl;
792 	boolean_t need_key = B_FALSE;
793 	mblk_t *ctl_mp = NULL;
794 	ipsec_ctl_t *ctl;
795 
796 	/*
797 	 * 1 allocate and initialize DL_CONTROL_REQ M_PROTO
798 	 * 2 if a key is needed for the operation
799 	 *    2.1 initialize key
800 	 *    2.2 if a full SA is needed for the operation
801 	 *	2.2.1 initialize full SA info
802 	 * 3 return message; caller will call ill_ipsec_capab_send_all()
803 	 * to send the resulting message to IPsec capable ills.
804 	 */
805 
806 	ASSERT(sa_type == SADB_SATYPE_AH || sa_type == SADB_SATYPE_ESP);
807 
808 	/*
809 	 * Allocate DL_CONTROL_REQ M_PROTO
810 	 * We allocate room for the SA even if it's not needed
811 	 * by some of the operations (for example flush)
812 	 */
813 	mp = allocb(sizeof (dl_control_req_t) +
814 	    sizeof (dl_ct_ipsec_key_t) + sizeof (dl_ct_ipsec_t), BPRI_HI);
815 	if (mp == NULL)
816 		return (NULL);
817 	mp->b_datap->db_type = M_PROTO;
818 
819 	/* initialize dl_control_req_t */
820 	ctrl = (dl_control_req_t *)mp->b_wptr;
821 	ctrl->dl_primitive = DL_CONTROL_REQ;
822 	ctrl->dl_operation = dl_operation;
823 	ctrl->dl_type = sa_type == SADB_SATYPE_AH ? DL_CT_IPSEC_AH :
824 	    DL_CT_IPSEC_ESP;
825 	ctrl->dl_key_offset = sizeof (dl_control_req_t);
826 	ctrl->dl_key_length = sizeof (dl_ct_ipsec_key_t);
827 	ctrl->dl_data_offset = sizeof (dl_control_req_t) +
828 	    sizeof (dl_ct_ipsec_key_t);
829 	ctrl->dl_data_length = sizeof (dl_ct_ipsec_t);
830 	mp->b_wptr += sizeof (dl_control_req_t);
831 
832 	if ((dl_operation == DL_CO_SET) || (dl_operation == DL_CO_DELETE)) {
833 		ASSERT(sa != NULL);
834 		ASSERT(MUTEX_HELD(&sa->ipsa_lock));
835 
836 		need_key = B_TRUE;
837 
838 		/*
839 		 * Initialize key and SA data. Note that for some
840 		 * operations the SA data is ignored by the provider
841 		 * (delete, etc.)
842 		 */
843 		if (!sadb_req_from_sa(sa, mp, is_inbound))
844 			return (NULL);
845 	}
846 
847 	/* construct control message */
848 	ctl_mp = allocb(sizeof (ipsec_ctl_t), BPRI_HI);
849 	if (ctl_mp == NULL) {
850 		cmn_err(CE_WARN, "sadb_fmt_sa_req: allocb failed\n");
851 		freemsg(mp);
852 		return (NULL);
853 	}
854 
855 	ctl_mp->b_datap->db_type = M_CTL;
856 	ctl_mp->b_wptr += sizeof (ipsec_ctl_t);
857 	ctl_mp->b_cont = mp;
858 
859 	ctl = (ipsec_ctl_t *)ctl_mp->b_rptr;
860 	ctl->ipsec_ctl_type = IPSEC_CTL;
861 	ctl->ipsec_ctl_len  = sizeof (ipsec_ctl_t);
862 	ctl->ipsec_ctl_sa_type = sa_type;
863 
864 	if (need_key) {
865 		/*
866 		 * Keep an additional reference on SA, since it will be
867 		 * needed by IP to send control messages corresponding
868 		 * to that SA from its perimeter. IP will do a
869 		 * IPSA_REFRELE when done with the request.
870 		 */
871 		ASSERT(MUTEX_HELD(&sa->ipsa_lock));
872 		IPSA_REFHOLD(sa);
873 		ctl->ipsec_ctl_sa = sa;
874 	} else
875 		ctl->ipsec_ctl_sa = NULL;
876 
877 	return (ctl_mp);
878 }
879 
880 
881 /*
882  * Called by sadb_ill_download() to dump the entries for a specific
883  * fanout table.  For each SA entry in the table passed as argument,
884  * use mp as a template and constructs a full DL_CONTROL message, and
885  * call ill_dlpi_send(), provided by IP, to send the resulting
886  * messages to the ill.
887  */
888 static void
889 sadb_ill_df(ill_t *ill, mblk_t *mp, isaf_t *fanout, int num_entries,
890     boolean_t is_inbound)
891 {
892 	ipsa_t *walker;
893 	mblk_t *nmp, *salist;
894 	int i, error = 0;
895 	ip_stack_t	*ipst = ill->ill_ipst;
896 	netstack_t	*ns = ipst->ips_netstack;
897 
898 	IPSECHW_DEBUG(IPSECHW_SADB, ("sadb_ill_df: fanout at 0x%p ne=%d\n",
899 	    (void *)fanout, num_entries));
900 	/*
901 	 * For each IPSA hash bucket do:
902 	 *	- Hold the mutex
903 	 *	- Walk each entry, sending a corresponding request to IP
904 	 *	  for it.
905 	 */
906 	ASSERT(mp->b_datap->db_type == M_PROTO);
907 
908 	for (i = 0; i < num_entries; i++) {
909 		mutex_enter(&fanout[i].isaf_lock);
910 		salist = NULL;
911 
912 		for (walker = fanout[i].isaf_ipsa; walker != NULL;
913 		    walker = walker->ipsa_next) {
914 			IPSECHW_DEBUG(IPSECHW_SADB,
915 			    ("sadb_ill_df: sending SA to ill via IP \n"));
916 			/*
917 			 * Duplicate the template mp passed and
918 			 * complete DL_CONTROL_REQ data.
919 			 * To be more memory efficient, we could use
920 			 * dupb() for the M_CTL and copyb() for the M_PROTO
921 			 * as the M_CTL, since the M_CTL is the same for
922 			 * every SA entry passed down to IP for the same ill.
923 			 *
924 			 * Note that copymsg/copyb ensure that the new mblk
925 			 * is at least as large as the source mblk even if it's
926 			 * not using all its storage -- therefore, nmp
927 			 * has trailing space for sadb_req_from_sa to add
928 			 * the SA-specific bits.
929 			 */
930 			mutex_enter(&walker->ipsa_lock);
931 			if (ipsec_capab_match(ill,
932 			    ill->ill_phyint->phyint_ifindex, ill->ill_isv6,
933 			    walker, ns)) {
934 				nmp = copymsg(mp);
935 				if (nmp == NULL) {
936 					IPSECHW_DEBUG(IPSECHW_SADB,
937 					    ("sadb_ill_df: alloc error\n"));
938 					error = ENOMEM;
939 					mutex_exit(&walker->ipsa_lock);
940 					break;
941 				}
942 				if (sadb_req_from_sa(walker, nmp, is_inbound)) {
943 					nmp->b_next = salist;
944 					salist = nmp;
945 				}
946 			}
947 			mutex_exit(&walker->ipsa_lock);
948 		}
949 		mutex_exit(&fanout[i].isaf_lock);
950 		while (salist != NULL) {
951 			nmp = salist;
952 			salist = nmp->b_next;
953 			nmp->b_next = NULL;
954 			ill_dlpi_send(ill, nmp);
955 		}
956 		if (error != 0)
957 			break;	/* out of for loop. */
958 	}
959 }
960 
961 /*
962  * Called by ill_ipsec_capab_add(). Sends a copy of the SADB of
963  * the type specified by sa_type to the specified ill.
964  *
965  * We call for each fanout table defined by the SADB (one per
966  * protocol). sadb_ill_df() finally calls ill_dlpi_send() for
967  * each SADB entry in order to send a corresponding DL_CONTROL_REQ
968  * message to the ill.
969  */
970 void
971 sadb_ill_download(ill_t *ill, uint_t sa_type)
972 {
973 	mblk_t *protomp;	/* prototype message */
974 	dl_control_req_t *ctrl;
975 	sadbp_t *spp;
976 	sadb_t *sp;
977 	int dlt;
978 	ip_stack_t	*ipst = ill->ill_ipst;
979 	netstack_t	*ns = ipst->ips_netstack;
980 
981 	ASSERT(sa_type == SADB_SATYPE_AH || sa_type == SADB_SATYPE_ESP);
982 
983 	/*
984 	 * Allocate and initialize prototype answer. A duplicate for
985 	 * each SA is sent down to the interface.
986 	 */
987 
988 	/* DL_CONTROL_REQ M_PROTO mblk_t */
989 	protomp = allocb(sizeof (dl_control_req_t) +
990 	    sizeof (dl_ct_ipsec_key_t) + sizeof (dl_ct_ipsec_t), BPRI_HI);
991 	if (protomp == NULL)
992 		return;
993 	protomp->b_datap->db_type = M_PROTO;
994 
995 	dlt = (sa_type == SADB_SATYPE_AH) ? DL_CT_IPSEC_AH : DL_CT_IPSEC_ESP;
996 	if (sa_type == SADB_SATYPE_ESP) {
997 		ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
998 
999 		spp = &espstack->esp_sadb;
1000 	} else {
1001 		ipsecah_stack_t	*ahstack = ns->netstack_ipsecah;
1002 
1003 		spp = &ahstack->ah_sadb;
1004 	}
1005 
1006 	ctrl = (dl_control_req_t *)protomp->b_wptr;
1007 	ctrl->dl_primitive = DL_CONTROL_REQ;
1008 	ctrl->dl_operation = DL_CO_SET;
1009 	ctrl->dl_type = dlt;
1010 	ctrl->dl_key_offset = sizeof (dl_control_req_t);
1011 	ctrl->dl_key_length = sizeof (dl_ct_ipsec_key_t);
1012 	ctrl->dl_data_offset = sizeof (dl_control_req_t) +
1013 	    sizeof (dl_ct_ipsec_key_t);
1014 	ctrl->dl_data_length = sizeof (dl_ct_ipsec_t);
1015 	protomp->b_wptr += sizeof (dl_control_req_t);
1016 
1017 	/*
1018 	 * then for each SADB entry, we fill out the dl_ct_ipsec_key_t
1019 	 * and dl_ct_ipsec_t
1020 	 */
1021 	sp = ill->ill_isv6 ? &(spp->s_v6) : &(spp->s_v4);
1022 	sadb_ill_df(ill, protomp, sp->sdb_of, sp->sdb_hashsize, B_FALSE);
1023 	sadb_ill_df(ill, protomp, sp->sdb_if, sp->sdb_hashsize, B_TRUE);
1024 	freemsg(protomp);
1025 }
1026 
1027 /*
1028  * Call me to free up a security association fanout.  Use the forever
1029  * variable to indicate freeing up the SAs (forever == B_FALSE, e.g.
1030  * an SADB_FLUSH message), or destroying everything (forever == B_TRUE,
1031  * when a module is unloaded).
1032  */
1033 static void
1034 sadb_destroyer(isaf_t **tablep, uint_t numentries, boolean_t forever,
1035     boolean_t inbound)
1036 {
1037 	int i;
1038 	isaf_t *table = *tablep;
1039 	uint8_t protocol;
1040 	ipsa_t *sa;
1041 	netstackid_t sid;
1042 
1043 	if (table == NULL)
1044 		return;
1045 
1046 	for (i = 0; i < numentries; i++) {
1047 		mutex_enter(&table[i].isaf_lock);
1048 		while ((sa = table[i].isaf_ipsa) != NULL) {
1049 			if (inbound && cl_inet_deletespi &&
1050 			    (sa->ipsa_state != IPSA_STATE_ACTIVE_ELSEWHERE) &&
1051 			    (sa->ipsa_state != IPSA_STATE_IDLE)) {
1052 				protocol = (sa->ipsa_type == SADB_SATYPE_AH) ?
1053 				    IPPROTO_AH : IPPROTO_ESP;
1054 				sid = sa->ipsa_netstack->netstack_stackid;
1055 				cl_inet_deletespi(sid, protocol, sa->ipsa_spi,
1056 				    NULL);
1057 			}
1058 			sadb_unlinkassoc(sa);
1059 		}
1060 		table[i].isaf_gen++;
1061 		mutex_exit(&table[i].isaf_lock);
1062 		if (forever)
1063 			mutex_destroy(&(table[i].isaf_lock));
1064 	}
1065 
1066 	if (forever) {
1067 		*tablep = NULL;
1068 		kmem_free(table, numentries * sizeof (*table));
1069 	}
1070 }
1071 
1072 /*
1073  * Entry points to sadb_destroyer().
1074  */
1075 static void
1076 sadb_flush(sadb_t *sp, netstack_t *ns)
1077 {
1078 	/*
1079 	 * Flush out each bucket, one at a time.  Were it not for keysock's
1080 	 * enforcement, there would be a subtlety where I could add on the
1081 	 * heels of a flush.  With keysock's enforcement, however, this
1082 	 * makes ESP's job easy.
1083 	 */
1084 	sadb_destroyer(&sp->sdb_of, sp->sdb_hashsize, B_FALSE, B_FALSE);
1085 	sadb_destroyer(&sp->sdb_if, sp->sdb_hashsize, B_FALSE, B_TRUE);
1086 
1087 	/* For each acquire, destroy it; leave the bucket mutex alone. */
1088 	sadb_destroy_acqlist(&sp->sdb_acq, sp->sdb_hashsize, B_FALSE, ns);
1089 }
1090 
1091 static void
1092 sadb_destroy(sadb_t *sp, netstack_t *ns)
1093 {
1094 	sadb_destroyer(&sp->sdb_of, sp->sdb_hashsize, B_TRUE, B_FALSE);
1095 	sadb_destroyer(&sp->sdb_if, sp->sdb_hashsize, B_TRUE, B_TRUE);
1096 
1097 	/* For each acquire, destroy it, including the bucket mutex. */
1098 	sadb_destroy_acqlist(&sp->sdb_acq, sp->sdb_hashsize, B_TRUE, ns);
1099 
1100 	ASSERT(sp->sdb_of == NULL);
1101 	ASSERT(sp->sdb_if == NULL);
1102 	ASSERT(sp->sdb_acq == NULL);
1103 }
1104 
1105 static void
1106 sadb_send_flush_req(sadbp_t *spp)
1107 {
1108 	mblk_t *ctl_mp;
1109 
1110 	/*
1111 	 * we've been unplumbed, or never were plumbed; don't go there.
1112 	 */
1113 	if (spp->s_ip_q == NULL)
1114 		return;
1115 
1116 	/* have IP send a flush msg to the IPsec accelerators */
1117 	ctl_mp = sadb_fmt_sa_req(DL_CO_FLUSH, spp->s_satype, NULL, B_TRUE);
1118 	if (ctl_mp != NULL)
1119 		putnext(spp->s_ip_q, ctl_mp);
1120 }
1121 
1122 void
1123 sadbp_flush(sadbp_t *spp, netstack_t *ns)
1124 {
1125 	sadb_flush(&spp->s_v4, ns);
1126 	sadb_flush(&spp->s_v6, ns);
1127 
1128 	sadb_send_flush_req(spp);
1129 }
1130 
1131 void
1132 sadbp_destroy(sadbp_t *spp, netstack_t *ns)
1133 {
1134 	sadb_destroy(&spp->s_v4, ns);
1135 	sadb_destroy(&spp->s_v6, ns);
1136 
1137 	sadb_send_flush_req(spp);
1138 	if (spp->s_satype == SADB_SATYPE_AH) {
1139 		ipsec_stack_t	*ipss = ns->netstack_ipsec;
1140 
1141 		ip_drop_unregister(&ipss->ipsec_sadb_dropper);
1142 	}
1143 }
1144 
1145 
1146 /*
1147  * Check hard vs. soft lifetimes.  If there's a reality mismatch (e.g.
1148  * soft lifetimes > hard lifetimes) return an appropriate diagnostic for
1149  * EINVAL.
1150  */
1151 int
1152 sadb_hardsoftchk(sadb_lifetime_t *hard, sadb_lifetime_t *soft,
1153     sadb_lifetime_t *idle)
1154 {
1155 	if (hard == NULL || soft == NULL)
1156 		return (0);
1157 
1158 	if (hard->sadb_lifetime_allocations != 0 &&
1159 	    soft->sadb_lifetime_allocations != 0 &&
1160 	    hard->sadb_lifetime_allocations < soft->sadb_lifetime_allocations)
1161 		return (SADB_X_DIAGNOSTIC_ALLOC_HSERR);
1162 
1163 	if (hard->sadb_lifetime_bytes != 0 &&
1164 	    soft->sadb_lifetime_bytes != 0 &&
1165 	    hard->sadb_lifetime_bytes < soft->sadb_lifetime_bytes)
1166 		return (SADB_X_DIAGNOSTIC_BYTES_HSERR);
1167 
1168 	if (hard->sadb_lifetime_addtime != 0 &&
1169 	    soft->sadb_lifetime_addtime != 0 &&
1170 	    hard->sadb_lifetime_addtime < soft->sadb_lifetime_addtime)
1171 		return (SADB_X_DIAGNOSTIC_ADDTIME_HSERR);
1172 
1173 	if (hard->sadb_lifetime_usetime != 0 &&
1174 	    soft->sadb_lifetime_usetime != 0 &&
1175 	    hard->sadb_lifetime_usetime < soft->sadb_lifetime_usetime)
1176 		return (SADB_X_DIAGNOSTIC_USETIME_HSERR);
1177 
1178 	if (idle != NULL) {
1179 		if (hard->sadb_lifetime_addtime != 0 &&
1180 		    idle->sadb_lifetime_addtime != 0 &&
1181 		    hard->sadb_lifetime_addtime < idle->sadb_lifetime_addtime)
1182 			return (SADB_X_DIAGNOSTIC_ADDTIME_HSERR);
1183 
1184 		if (soft->sadb_lifetime_addtime != 0 &&
1185 		    idle->sadb_lifetime_addtime != 0 &&
1186 		    soft->sadb_lifetime_addtime < idle->sadb_lifetime_addtime)
1187 			return (SADB_X_DIAGNOSTIC_ADDTIME_HSERR);
1188 
1189 		if (hard->sadb_lifetime_usetime != 0 &&
1190 		    idle->sadb_lifetime_usetime != 0 &&
1191 		    hard->sadb_lifetime_usetime < idle->sadb_lifetime_usetime)
1192 			return (SADB_X_DIAGNOSTIC_USETIME_HSERR);
1193 
1194 		if (soft->sadb_lifetime_usetime != 0 &&
1195 		    idle->sadb_lifetime_usetime != 0 &&
1196 		    soft->sadb_lifetime_usetime < idle->sadb_lifetime_usetime)
1197 			return (SADB_X_DIAGNOSTIC_USETIME_HSERR);
1198 	}
1199 
1200 	return (0);
1201 }
1202 
1203 /*
1204  * Clone a security association for the purposes of inserting a single SA
1205  * into inbound and outbound tables respectively. This function should only
1206  * be called from sadb_common_add().
1207  */
1208 static ipsa_t *
1209 sadb_cloneassoc(ipsa_t *ipsa)
1210 {
1211 	ipsa_t *newbie;
1212 	boolean_t error = B_FALSE;
1213 
1214 	ASSERT(MUTEX_NOT_HELD(&(ipsa->ipsa_lock)));
1215 
1216 	newbie = kmem_alloc(sizeof (ipsa_t), KM_NOSLEEP);
1217 	if (newbie == NULL)
1218 		return (NULL);
1219 
1220 	/* Copy over what we can. */
1221 	*newbie = *ipsa;
1222 
1223 	/* bzero and initialize locks, in case *_init() allocates... */
1224 	mutex_init(&newbie->ipsa_lock, NULL, MUTEX_DEFAULT, NULL);
1225 
1226 	/*
1227 	 * While somewhat dain-bramaged, the most graceful way to
1228 	 * recover from errors is to keep plowing through the
1229 	 * allocations, and getting what I can.  It's easier to call
1230 	 * sadb_freeassoc() on the stillborn clone when all the
1231 	 * pointers aren't pointing to the parent's data.
1232 	 */
1233 
1234 	if (ipsa->ipsa_authkey != NULL) {
1235 		newbie->ipsa_authkey = kmem_alloc(newbie->ipsa_authkeylen,
1236 		    KM_NOSLEEP);
1237 		if (newbie->ipsa_authkey == NULL) {
1238 			error = B_TRUE;
1239 		} else {
1240 			bcopy(ipsa->ipsa_authkey, newbie->ipsa_authkey,
1241 			    newbie->ipsa_authkeylen);
1242 
1243 			newbie->ipsa_kcfauthkey.ck_data =
1244 			    newbie->ipsa_authkey;
1245 		}
1246 
1247 		if (newbie->ipsa_amech.cm_param != NULL) {
1248 			newbie->ipsa_amech.cm_param =
1249 			    (char *)&newbie->ipsa_mac_len;
1250 		}
1251 	}
1252 
1253 	if (ipsa->ipsa_encrkey != NULL) {
1254 		newbie->ipsa_encrkey = kmem_alloc(newbie->ipsa_encrkeylen,
1255 		    KM_NOSLEEP);
1256 		if (newbie->ipsa_encrkey == NULL) {
1257 			error = B_TRUE;
1258 		} else {
1259 			bcopy(ipsa->ipsa_encrkey, newbie->ipsa_encrkey,
1260 			    newbie->ipsa_encrkeylen);
1261 
1262 			newbie->ipsa_kcfencrkey.ck_data =
1263 			    newbie->ipsa_encrkey;
1264 		}
1265 	}
1266 
1267 	newbie->ipsa_authtmpl = NULL;
1268 	newbie->ipsa_encrtmpl = NULL;
1269 	newbie->ipsa_haspeer = B_TRUE;
1270 
1271 	if (ipsa->ipsa_integ != NULL) {
1272 		newbie->ipsa_integ = kmem_alloc(newbie->ipsa_integlen,
1273 		    KM_NOSLEEP);
1274 		if (newbie->ipsa_integ == NULL) {
1275 			error = B_TRUE;
1276 		} else {
1277 			bcopy(ipsa->ipsa_integ, newbie->ipsa_integ,
1278 			    newbie->ipsa_integlen);
1279 		}
1280 	}
1281 
1282 	if (ipsa->ipsa_sens != NULL) {
1283 		newbie->ipsa_sens = kmem_alloc(newbie->ipsa_senslen,
1284 		    KM_NOSLEEP);
1285 		if (newbie->ipsa_sens == NULL) {
1286 			error = B_TRUE;
1287 		} else {
1288 			bcopy(ipsa->ipsa_sens, newbie->ipsa_sens,
1289 			    newbie->ipsa_senslen);
1290 		}
1291 	}
1292 
1293 	if (ipsa->ipsa_src_cid != NULL) {
1294 		newbie->ipsa_src_cid = ipsa->ipsa_src_cid;
1295 		IPSID_REFHOLD(ipsa->ipsa_src_cid);
1296 	}
1297 
1298 	if (ipsa->ipsa_dst_cid != NULL) {
1299 		newbie->ipsa_dst_cid = ipsa->ipsa_dst_cid;
1300 		IPSID_REFHOLD(ipsa->ipsa_dst_cid);
1301 	}
1302 
1303 	if (error) {
1304 		sadb_freeassoc(newbie);
1305 		return (NULL);
1306 	}
1307 
1308 	return (newbie);
1309 }
1310 
1311 /*
1312  * Initialize a SADB address extension at the address specified by addrext.
1313  * Return a pointer to the end of the new address extension.
1314  */
1315 static uint8_t *
1316 sadb_make_addr_ext(uint8_t *start, uint8_t *end, uint16_t exttype,
1317     sa_family_t af, uint32_t *addr, uint16_t port, uint8_t proto, int prefix)
1318 {
1319 	struct sockaddr_in *sin;
1320 	struct sockaddr_in6 *sin6;
1321 	uint8_t *cur = start;
1322 	int addrext_len;
1323 	int sin_len;
1324 	sadb_address_t *addrext	= (sadb_address_t *)cur;
1325 
1326 	if (cur == NULL)
1327 		return (NULL);
1328 
1329 	cur += sizeof (*addrext);
1330 	if (cur > end)
1331 		return (NULL);
1332 
1333 	addrext->sadb_address_proto = proto;
1334 	addrext->sadb_address_prefixlen = prefix;
1335 	addrext->sadb_address_reserved = 0;
1336 	addrext->sadb_address_exttype = exttype;
1337 
1338 	switch (af) {
1339 	case AF_INET:
1340 		sin = (struct sockaddr_in *)cur;
1341 		sin_len = sizeof (*sin);
1342 		cur += sin_len;
1343 		if (cur > end)
1344 			return (NULL);
1345 
1346 		sin->sin_family = af;
1347 		bzero(sin->sin_zero, sizeof (sin->sin_zero));
1348 		sin->sin_port = port;
1349 		IPSA_COPY_ADDR(&sin->sin_addr, addr, af);
1350 		break;
1351 	case AF_INET6:
1352 		sin6 = (struct sockaddr_in6 *)cur;
1353 		sin_len = sizeof (*sin6);
1354 		cur += sin_len;
1355 		if (cur > end)
1356 			return (NULL);
1357 
1358 		bzero(sin6, sizeof (*sin6));
1359 		sin6->sin6_family = af;
1360 		sin6->sin6_port = port;
1361 		IPSA_COPY_ADDR(&sin6->sin6_addr, addr, af);
1362 		break;
1363 	}
1364 
1365 	addrext_len = roundup(cur - start, sizeof (uint64_t));
1366 	addrext->sadb_address_len = SADB_8TO64(addrext_len);
1367 
1368 	cur = start + addrext_len;
1369 	if (cur > end)
1370 		cur = NULL;
1371 
1372 	return (cur);
1373 }
1374 
1375 /*
1376  * Construct a key management cookie extension.
1377  */
1378 
1379 static uint8_t *
1380 sadb_make_kmc_ext(uint8_t *cur, uint8_t *end, uint32_t kmp, uint32_t kmc)
1381 {
1382 	sadb_x_kmc_t *kmcext = (sadb_x_kmc_t *)cur;
1383 
1384 	if (cur == NULL)
1385 		return (NULL);
1386 
1387 	cur += sizeof (*kmcext);
1388 
1389 	if (cur > end)
1390 		return (NULL);
1391 
1392 	kmcext->sadb_x_kmc_len = SADB_8TO64(sizeof (*kmcext));
1393 	kmcext->sadb_x_kmc_exttype = SADB_X_EXT_KM_COOKIE;
1394 	kmcext->sadb_x_kmc_proto = kmp;
1395 	kmcext->sadb_x_kmc_cookie = kmc;
1396 	kmcext->sadb_x_kmc_reserved = 0;
1397 
1398 	return (cur);
1399 }
1400 
1401 /*
1402  * Given an original message header with sufficient space following it, and an
1403  * SA, construct a full PF_KEY message with all of the relevant extensions.
1404  * This is mostly used for SADB_GET, and SADB_DUMP.
1405  */
1406 static mblk_t *
1407 sadb_sa2msg(ipsa_t *ipsa, sadb_msg_t *samsg)
1408 {
1409 	int alloclen, addrsize, paddrsize, authsize, encrsize;
1410 	int srcidsize, dstidsize;
1411 	sa_family_t fam, pfam;	/* Address family for SADB_EXT_ADDRESS */
1412 				/* src/dst and proxy sockaddrs. */
1413 	/*
1414 	 * The following are pointers into the PF_KEY message this PF_KEY
1415 	 * message creates.
1416 	 */
1417 	sadb_msg_t *newsamsg;
1418 	sadb_sa_t *assoc;
1419 	sadb_lifetime_t *lt;
1420 	sadb_key_t *key;
1421 	sadb_ident_t *ident;
1422 	sadb_sens_t *sens;
1423 	sadb_ext_t *walker;	/* For when we need a generic ext. pointer. */
1424 	sadb_x_replay_ctr_t *repl_ctr;
1425 	sadb_x_pair_t *pair_ext;
1426 
1427 	mblk_t *mp;
1428 	uint64_t *bitmap;
1429 	uint8_t *cur, *end;
1430 	/* These indicate the presence of the above extension fields. */
1431 	boolean_t soft, hard, isrc, idst, auth, encr, sensinteg, srcid, dstid;
1432 	boolean_t idle;
1433 	boolean_t paired;
1434 	uint32_t otherspi;
1435 
1436 	/* First off, figure out the allocation length for this message. */
1437 
1438 	/*
1439 	 * Constant stuff.  This includes base, SA, address (src, dst),
1440 	 * and lifetime (current).
1441 	 */
1442 	alloclen = sizeof (sadb_msg_t) + sizeof (sadb_sa_t) +
1443 	    sizeof (sadb_lifetime_t);
1444 
1445 	fam = ipsa->ipsa_addrfam;
1446 	switch (fam) {
1447 	case AF_INET:
1448 		addrsize = roundup(sizeof (struct sockaddr_in) +
1449 		    sizeof (sadb_address_t), sizeof (uint64_t));
1450 		break;
1451 	case AF_INET6:
1452 		addrsize = roundup(sizeof (struct sockaddr_in6) +
1453 		    sizeof (sadb_address_t), sizeof (uint64_t));
1454 		break;
1455 	default:
1456 		return (NULL);
1457 	}
1458 	/*
1459 	 * Allocate TWO address extensions, for source and destination.
1460 	 * (Thus, the * 2.)
1461 	 */
1462 	alloclen += addrsize * 2;
1463 	if (ipsa->ipsa_flags & IPSA_F_NATT_REM)
1464 		alloclen += addrsize;
1465 	if (ipsa->ipsa_flags & IPSA_F_NATT_LOC)
1466 		alloclen += addrsize;
1467 
1468 	if (ipsa->ipsa_flags & IPSA_F_PAIRED) {
1469 		paired = B_TRUE;
1470 		alloclen += sizeof (sadb_x_pair_t);
1471 		otherspi = ipsa->ipsa_otherspi;
1472 	} else {
1473 		paired = B_FALSE;
1474 	}
1475 
1476 	/* How 'bout other lifetimes? */
1477 	if (ipsa->ipsa_softaddlt != 0 || ipsa->ipsa_softuselt != 0 ||
1478 	    ipsa->ipsa_softbyteslt != 0 || ipsa->ipsa_softalloc != 0) {
1479 		alloclen += sizeof (sadb_lifetime_t);
1480 		soft = B_TRUE;
1481 	} else {
1482 		soft = B_FALSE;
1483 	}
1484 
1485 	if (ipsa->ipsa_hardaddlt != 0 || ipsa->ipsa_harduselt != 0 ||
1486 	    ipsa->ipsa_hardbyteslt != 0 || ipsa->ipsa_hardalloc != 0) {
1487 		alloclen += sizeof (sadb_lifetime_t);
1488 		hard = B_TRUE;
1489 	} else {
1490 		hard = B_FALSE;
1491 	}
1492 
1493 	if (ipsa->ipsa_idleaddlt != 0 || ipsa->ipsa_idleuselt != 0) {
1494 		alloclen += sizeof (sadb_lifetime_t);
1495 		idle = B_TRUE;
1496 	} else {
1497 		idle = B_FALSE;
1498 	}
1499 
1500 	/* Inner addresses. */
1501 	if (ipsa->ipsa_innerfam == 0) {
1502 		isrc = B_FALSE;
1503 		idst = B_FALSE;
1504 	} else {
1505 		pfam = ipsa->ipsa_innerfam;
1506 		switch (pfam) {
1507 		case AF_INET6:
1508 			paddrsize = roundup(sizeof (struct sockaddr_in6) +
1509 			    sizeof (sadb_address_t), sizeof (uint64_t));
1510 			break;
1511 		case AF_INET:
1512 			paddrsize = roundup(sizeof (struct sockaddr_in) +
1513 			    sizeof (sadb_address_t), sizeof (uint64_t));
1514 			break;
1515 		default:
1516 			cmn_err(CE_PANIC,
1517 			    "IPsec SADB: Proxy length failure.\n");
1518 			break;
1519 		}
1520 		isrc = B_TRUE;
1521 		idst = B_TRUE;
1522 		alloclen += 2 * paddrsize;
1523 	}
1524 
1525 	/* For the following fields, assume that length != 0 ==> stuff */
1526 	if (ipsa->ipsa_authkeylen != 0) {
1527 		authsize = roundup(sizeof (sadb_key_t) + ipsa->ipsa_authkeylen,
1528 		    sizeof (uint64_t));
1529 		alloclen += authsize;
1530 		auth = B_TRUE;
1531 	} else {
1532 		auth = B_FALSE;
1533 	}
1534 
1535 	if (ipsa->ipsa_encrkeylen != 0) {
1536 		encrsize = roundup(sizeof (sadb_key_t) + ipsa->ipsa_encrkeylen +
1537 		    ipsa->ipsa_nonce_len, sizeof (uint64_t));
1538 		alloclen += encrsize;
1539 		encr = B_TRUE;
1540 	} else {
1541 		encr = B_FALSE;
1542 	}
1543 
1544 	/* No need for roundup on sens and integ. */
1545 	if (ipsa->ipsa_integlen != 0 || ipsa->ipsa_senslen != 0) {
1546 		alloclen += sizeof (sadb_key_t) + ipsa->ipsa_integlen +
1547 		    ipsa->ipsa_senslen;
1548 		sensinteg = B_TRUE;
1549 	} else {
1550 		sensinteg = B_FALSE;
1551 	}
1552 
1553 	/*
1554 	 * Must use strlen() here for lengths.	Identities use NULL
1555 	 * pointers to indicate their nonexistence.
1556 	 */
1557 	if (ipsa->ipsa_src_cid != NULL) {
1558 		srcidsize = roundup(sizeof (sadb_ident_t) +
1559 		    strlen(ipsa->ipsa_src_cid->ipsid_cid) + 1,
1560 		    sizeof (uint64_t));
1561 		alloclen += srcidsize;
1562 		srcid = B_TRUE;
1563 	} else {
1564 		srcid = B_FALSE;
1565 	}
1566 
1567 	if (ipsa->ipsa_dst_cid != NULL) {
1568 		dstidsize = roundup(sizeof (sadb_ident_t) +
1569 		    strlen(ipsa->ipsa_dst_cid->ipsid_cid) + 1,
1570 		    sizeof (uint64_t));
1571 		alloclen += dstidsize;
1572 		dstid = B_TRUE;
1573 	} else {
1574 		dstid = B_FALSE;
1575 	}
1576 
1577 	if ((ipsa->ipsa_kmp != 0) || (ipsa->ipsa_kmc != 0))
1578 		alloclen += sizeof (sadb_x_kmc_t);
1579 
1580 	if (ipsa->ipsa_replay != 0) {
1581 		alloclen += sizeof (sadb_x_replay_ctr_t);
1582 	}
1583 
1584 	/* Make sure the allocation length is a multiple of 8 bytes. */
1585 	ASSERT((alloclen & 0x7) == 0);
1586 
1587 	/* XXX Possibly make it esballoc, with a bzero-ing free_ftn. */
1588 	mp = allocb(alloclen, BPRI_HI);
1589 	if (mp == NULL)
1590 		return (NULL);
1591 
1592 	mp->b_wptr += alloclen;
1593 	end = mp->b_wptr;
1594 	newsamsg = (sadb_msg_t *)mp->b_rptr;
1595 	*newsamsg = *samsg;
1596 	newsamsg->sadb_msg_len = (uint16_t)SADB_8TO64(alloclen);
1597 
1598 	mutex_enter(&ipsa->ipsa_lock);	/* Since I'm grabbing SA fields... */
1599 
1600 	newsamsg->sadb_msg_satype = ipsa->ipsa_type;
1601 
1602 	assoc = (sadb_sa_t *)(newsamsg + 1);
1603 	assoc->sadb_sa_len = SADB_8TO64(sizeof (*assoc));
1604 	assoc->sadb_sa_exttype = SADB_EXT_SA;
1605 	assoc->sadb_sa_spi = ipsa->ipsa_spi;
1606 	assoc->sadb_sa_replay = ipsa->ipsa_replay_wsize;
1607 	assoc->sadb_sa_state = ipsa->ipsa_state;
1608 	assoc->sadb_sa_auth = ipsa->ipsa_auth_alg;
1609 	assoc->sadb_sa_encrypt = ipsa->ipsa_encr_alg;
1610 	assoc->sadb_sa_flags = ipsa->ipsa_flags;
1611 
1612 	lt = (sadb_lifetime_t *)(assoc + 1);
1613 	lt->sadb_lifetime_len = SADB_8TO64(sizeof (*lt));
1614 	lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
1615 	/* We do not support the concept. */
1616 	lt->sadb_lifetime_allocations = 0;
1617 	lt->sadb_lifetime_bytes = ipsa->ipsa_bytes;
1618 	lt->sadb_lifetime_addtime = ipsa->ipsa_addtime;
1619 	lt->sadb_lifetime_usetime = ipsa->ipsa_usetime;
1620 
1621 	if (hard) {
1622 		lt++;
1623 		lt->sadb_lifetime_len = SADB_8TO64(sizeof (*lt));
1624 		lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
1625 		lt->sadb_lifetime_allocations = ipsa->ipsa_hardalloc;
1626 		lt->sadb_lifetime_bytes = ipsa->ipsa_hardbyteslt;
1627 		lt->sadb_lifetime_addtime = ipsa->ipsa_hardaddlt;
1628 		lt->sadb_lifetime_usetime = ipsa->ipsa_harduselt;
1629 	}
1630 
1631 	if (soft) {
1632 		lt++;
1633 		lt->sadb_lifetime_len = SADB_8TO64(sizeof (*lt));
1634 		lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT;
1635 		lt->sadb_lifetime_allocations = ipsa->ipsa_softalloc;
1636 		lt->sadb_lifetime_bytes = ipsa->ipsa_softbyteslt;
1637 		lt->sadb_lifetime_addtime = ipsa->ipsa_softaddlt;
1638 		lt->sadb_lifetime_usetime = ipsa->ipsa_softuselt;
1639 	}
1640 
1641 	if (idle) {
1642 		lt++;
1643 		lt->sadb_lifetime_len = SADB_8TO64(sizeof (*lt));
1644 		lt->sadb_lifetime_exttype = SADB_X_EXT_LIFETIME_IDLE;
1645 		lt->sadb_lifetime_addtime = ipsa->ipsa_idleaddlt;
1646 		lt->sadb_lifetime_usetime = ipsa->ipsa_idleuselt;
1647 	}
1648 
1649 	cur = (uint8_t *)(lt + 1);
1650 
1651 	/* NOTE:  Don't fill in ports here if we are a tunnel-mode SA. */
1652 	cur = sadb_make_addr_ext(cur, end, SADB_EXT_ADDRESS_SRC, fam,
1653 	    ipsa->ipsa_srcaddr, (!isrc && !idst) ? SA_SRCPORT(ipsa) : 0,
1654 	    SA_PROTO(ipsa), 0);
1655 	if (cur == NULL) {
1656 		freemsg(mp);
1657 		mp = NULL;
1658 		goto bail;
1659 	}
1660 
1661 	cur = sadb_make_addr_ext(cur, end, SADB_EXT_ADDRESS_DST, fam,
1662 	    ipsa->ipsa_dstaddr, (!isrc && !idst) ? SA_DSTPORT(ipsa) : 0,
1663 	    SA_PROTO(ipsa), 0);
1664 	if (cur == NULL) {
1665 		freemsg(mp);
1666 		mp = NULL;
1667 		goto bail;
1668 	}
1669 
1670 	if (ipsa->ipsa_flags & IPSA_F_NATT_LOC) {
1671 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_NATT_LOC,
1672 		    fam, &ipsa->ipsa_natt_addr_loc, ipsa->ipsa_local_nat_port,
1673 		    IPPROTO_UDP, 0);
1674 		if (cur == NULL) {
1675 			freemsg(mp);
1676 			mp = NULL;
1677 			goto bail;
1678 		}
1679 	}
1680 
1681 	if (ipsa->ipsa_flags & IPSA_F_NATT_REM) {
1682 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_NATT_REM,
1683 		    fam, &ipsa->ipsa_natt_addr_rem, ipsa->ipsa_remote_nat_port,
1684 		    IPPROTO_UDP, 0);
1685 		if (cur == NULL) {
1686 			freemsg(mp);
1687 			mp = NULL;
1688 			goto bail;
1689 		}
1690 	}
1691 
1692 	/* If we are a tunnel-mode SA, fill in the inner-selectors. */
1693 	if (isrc) {
1694 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_INNER_SRC,
1695 		    pfam, ipsa->ipsa_innersrc, SA_SRCPORT(ipsa),
1696 		    SA_IPROTO(ipsa), ipsa->ipsa_innersrcpfx);
1697 		if (cur == NULL) {
1698 			freemsg(mp);
1699 			mp = NULL;
1700 			goto bail;
1701 		}
1702 	}
1703 
1704 	if (idst) {
1705 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_INNER_DST,
1706 		    pfam, ipsa->ipsa_innerdst, SA_DSTPORT(ipsa),
1707 		    SA_IPROTO(ipsa), ipsa->ipsa_innerdstpfx);
1708 		if (cur == NULL) {
1709 			freemsg(mp);
1710 			mp = NULL;
1711 			goto bail;
1712 		}
1713 	}
1714 
1715 	if ((ipsa->ipsa_kmp != 0) || (ipsa->ipsa_kmc != 0)) {
1716 		cur = sadb_make_kmc_ext(cur, end,
1717 		    ipsa->ipsa_kmp, ipsa->ipsa_kmc);
1718 		if (cur == NULL) {
1719 			freemsg(mp);
1720 			mp = NULL;
1721 			goto bail;
1722 		}
1723 	}
1724 
1725 	walker = (sadb_ext_t *)cur;
1726 	if (auth) {
1727 		key = (sadb_key_t *)walker;
1728 		key->sadb_key_len = SADB_8TO64(authsize);
1729 		key->sadb_key_exttype = SADB_EXT_KEY_AUTH;
1730 		key->sadb_key_bits = ipsa->ipsa_authkeybits;
1731 		key->sadb_key_reserved = 0;
1732 		bcopy(ipsa->ipsa_authkey, key + 1, ipsa->ipsa_authkeylen);
1733 		walker = (sadb_ext_t *)((uint64_t *)walker +
1734 		    walker->sadb_ext_len);
1735 	}
1736 
1737 	if (encr) {
1738 		uint8_t *buf_ptr;
1739 		key = (sadb_key_t *)walker;
1740 		key->sadb_key_len = SADB_8TO64(encrsize);
1741 		key->sadb_key_exttype = SADB_EXT_KEY_ENCRYPT;
1742 		key->sadb_key_bits = ipsa->ipsa_encrkeybits;
1743 		key->sadb_key_reserved = ipsa->ipsa_saltbits;
1744 		buf_ptr = (uint8_t *)(key + 1);
1745 		bcopy(ipsa->ipsa_encrkey, buf_ptr, ipsa->ipsa_encrkeylen);
1746 		if (ipsa->ipsa_salt != NULL) {
1747 			buf_ptr += ipsa->ipsa_encrkeylen;
1748 			bcopy(ipsa->ipsa_salt, buf_ptr, ipsa->ipsa_saltlen);
1749 		}
1750 		walker = (sadb_ext_t *)((uint64_t *)walker +
1751 		    walker->sadb_ext_len);
1752 	}
1753 
1754 	if (srcid) {
1755 		ident = (sadb_ident_t *)walker;
1756 		ident->sadb_ident_len = SADB_8TO64(srcidsize);
1757 		ident->sadb_ident_exttype = SADB_EXT_IDENTITY_SRC;
1758 		ident->sadb_ident_type = ipsa->ipsa_src_cid->ipsid_type;
1759 		ident->sadb_ident_id = 0;
1760 		ident->sadb_ident_reserved = 0;
1761 		(void) strcpy((char *)(ident + 1),
1762 		    ipsa->ipsa_src_cid->ipsid_cid);
1763 		walker = (sadb_ext_t *)((uint64_t *)walker +
1764 		    walker->sadb_ext_len);
1765 	}
1766 
1767 	if (dstid) {
1768 		ident = (sadb_ident_t *)walker;
1769 		ident->sadb_ident_len = SADB_8TO64(dstidsize);
1770 		ident->sadb_ident_exttype = SADB_EXT_IDENTITY_DST;
1771 		ident->sadb_ident_type = ipsa->ipsa_dst_cid->ipsid_type;
1772 		ident->sadb_ident_id = 0;
1773 		ident->sadb_ident_reserved = 0;
1774 		(void) strcpy((char *)(ident + 1),
1775 		    ipsa->ipsa_dst_cid->ipsid_cid);
1776 		walker = (sadb_ext_t *)((uint64_t *)walker +
1777 		    walker->sadb_ext_len);
1778 	}
1779 
1780 	if (sensinteg) {
1781 		sens = (sadb_sens_t *)walker;
1782 		sens->sadb_sens_len = SADB_8TO64(sizeof (sadb_sens_t *) +
1783 		    ipsa->ipsa_senslen + ipsa->ipsa_integlen);
1784 		sens->sadb_sens_dpd = ipsa->ipsa_dpd;
1785 		sens->sadb_sens_sens_level = ipsa->ipsa_senslevel;
1786 		sens->sadb_sens_integ_level = ipsa->ipsa_integlevel;
1787 		sens->sadb_sens_sens_len = SADB_8TO64(ipsa->ipsa_senslen);
1788 		sens->sadb_sens_integ_len = SADB_8TO64(ipsa->ipsa_integlen);
1789 		sens->sadb_sens_reserved = 0;
1790 		bitmap = (uint64_t *)(sens + 1);
1791 		if (ipsa->ipsa_sens != NULL) {
1792 			bcopy(ipsa->ipsa_sens, bitmap, ipsa->ipsa_senslen);
1793 			bitmap += sens->sadb_sens_sens_len;
1794 		}
1795 		if (ipsa->ipsa_integ != NULL)
1796 			bcopy(ipsa->ipsa_integ, bitmap, ipsa->ipsa_integlen);
1797 		walker = (sadb_ext_t *)((uint64_t *)walker +
1798 		    walker->sadb_ext_len);
1799 	}
1800 
1801 	if (paired) {
1802 		pair_ext = (sadb_x_pair_t *)walker;
1803 
1804 		pair_ext->sadb_x_pair_len = SADB_8TO64(sizeof (sadb_x_pair_t));
1805 		pair_ext->sadb_x_pair_exttype = SADB_X_EXT_PAIR;
1806 		pair_ext->sadb_x_pair_spi = otherspi;
1807 
1808 		walker = (sadb_ext_t *)((uint64_t *)walker +
1809 		    walker->sadb_ext_len);
1810 	}
1811 
1812 	if (ipsa->ipsa_replay != 0) {
1813 		repl_ctr = (sadb_x_replay_ctr_t *)walker;
1814 		repl_ctr->sadb_x_rc_len = SADB_8TO64(sizeof (*repl_ctr));
1815 		repl_ctr->sadb_x_rc_exttype = SADB_X_EXT_REPLAY_VALUE;
1816 		repl_ctr->sadb_x_rc_replay32 = ipsa->ipsa_replay;
1817 		repl_ctr->sadb_x_rc_replay64 = 0;
1818 		walker = (sadb_ext_t *)(repl_ctr + 1);
1819 	}
1820 
1821 bail:
1822 	/* Pardon any delays... */
1823 	mutex_exit(&ipsa->ipsa_lock);
1824 
1825 	return (mp);
1826 }
1827 
1828 /*
1829  * Strip out key headers or unmarked headers (SADB_EXT_KEY_*, SADB_EXT_UNKNOWN)
1830  * and adjust base message accordingly.
1831  *
1832  * Assume message is pulled up in one piece of contiguous memory.
1833  *
1834  * Say if we start off with:
1835  *
1836  * +------+----+-------------+-----------+---------------+---------------+
1837  * | base | SA | source addr | dest addr | rsrvd. or key | soft lifetime |
1838  * +------+----+-------------+-----------+---------------+---------------+
1839  *
1840  * we will end up with
1841  *
1842  * +------+----+-------------+-----------+---------------+
1843  * | base | SA | source addr | dest addr | soft lifetime |
1844  * +------+----+-------------+-----------+---------------+
1845  */
1846 static void
1847 sadb_strip(sadb_msg_t *samsg)
1848 {
1849 	sadb_ext_t *ext;
1850 	uint8_t *target = NULL;
1851 	uint8_t *msgend;
1852 	int sofar = SADB_8TO64(sizeof (*samsg));
1853 	int copylen;
1854 
1855 	ext = (sadb_ext_t *)(samsg + 1);
1856 	msgend = (uint8_t *)samsg;
1857 	msgend += SADB_64TO8(samsg->sadb_msg_len);
1858 	while ((uint8_t *)ext < msgend) {
1859 		if (ext->sadb_ext_type == SADB_EXT_RESERVED ||
1860 		    ext->sadb_ext_type == SADB_EXT_KEY_AUTH ||
1861 		    ext->sadb_ext_type == SADB_X_EXT_EDUMP ||
1862 		    ext->sadb_ext_type == SADB_EXT_KEY_ENCRYPT) {
1863 			/*
1864 			 * Aha!	 I found a header to be erased.
1865 			 */
1866 
1867 			if (target != NULL) {
1868 				/*
1869 				 * If I had a previous header to be erased,
1870 				 * copy over it.  I can get away with just
1871 				 * copying backwards because the target will
1872 				 * always be 8 bytes behind the source.
1873 				 */
1874 				copylen = ((uint8_t *)ext) - (target +
1875 				    SADB_64TO8(
1876 				    ((sadb_ext_t *)target)->sadb_ext_len));
1877 				ovbcopy(((uint8_t *)ext - copylen), target,
1878 				    copylen);
1879 				target += copylen;
1880 				((sadb_ext_t *)target)->sadb_ext_len =
1881 				    SADB_8TO64(((uint8_t *)ext) - target +
1882 				    SADB_64TO8(ext->sadb_ext_len));
1883 			} else {
1884 				target = (uint8_t *)ext;
1885 			}
1886 		} else {
1887 			sofar += ext->sadb_ext_len;
1888 		}
1889 
1890 		ext = (sadb_ext_t *)(((uint64_t *)ext) + ext->sadb_ext_len);
1891 	}
1892 
1893 	ASSERT((uint8_t *)ext == msgend);
1894 
1895 	if (target != NULL) {
1896 		copylen = ((uint8_t *)ext) - (target +
1897 		    SADB_64TO8(((sadb_ext_t *)target)->sadb_ext_len));
1898 		if (copylen != 0)
1899 			ovbcopy(((uint8_t *)ext - copylen), target, copylen);
1900 	}
1901 
1902 	/* Adjust samsg. */
1903 	samsg->sadb_msg_len = (uint16_t)sofar;
1904 
1905 	/* Assume all of the rest is cleared by caller in sadb_pfkey_echo(). */
1906 }
1907 
1908 /*
1909  * AH needs to send an error to PF_KEY.	 Assume mp points to an M_CTL
1910  * followed by an M_DATA with a PF_KEY message in it.  The serial of
1911  * the sending keysock instance is included.
1912  */
1913 void
1914 sadb_pfkey_error(queue_t *pfkey_q, mblk_t *mp, int error, int diagnostic,
1915     uint_t serial)
1916 {
1917 	mblk_t *msg = mp->b_cont;
1918 	sadb_msg_t *samsg;
1919 	keysock_out_t *kso;
1920 
1921 	/*
1922 	 * Enough functions call this to merit a NULL queue check.
1923 	 */
1924 	if (pfkey_q == NULL) {
1925 		freemsg(mp);
1926 		return;
1927 	}
1928 
1929 	ASSERT(msg != NULL);
1930 	ASSERT((mp->b_wptr - mp->b_rptr) == sizeof (ipsec_info_t));
1931 	ASSERT((msg->b_wptr - msg->b_rptr) >= sizeof (sadb_msg_t));
1932 	samsg = (sadb_msg_t *)msg->b_rptr;
1933 	kso = (keysock_out_t *)mp->b_rptr;
1934 
1935 	kso->ks_out_type = KEYSOCK_OUT;
1936 	kso->ks_out_len = sizeof (*kso);
1937 	kso->ks_out_serial = serial;
1938 
1939 	/*
1940 	 * Only send the base message up in the event of an error.
1941 	 * Don't worry about bzero()-ing, because it was probably bogus
1942 	 * anyway.
1943 	 */
1944 	msg->b_wptr = msg->b_rptr + sizeof (*samsg);
1945 	samsg = (sadb_msg_t *)msg->b_rptr;
1946 	samsg->sadb_msg_len = SADB_8TO64(sizeof (*samsg));
1947 	samsg->sadb_msg_errno = (uint8_t)error;
1948 	if (diagnostic != SADB_X_DIAGNOSTIC_PRESET)
1949 		samsg->sadb_x_msg_diagnostic = (uint16_t)diagnostic;
1950 
1951 	putnext(pfkey_q, mp);
1952 }
1953 
1954 /*
1955  * Send a successful return packet back to keysock via the queue in pfkey_q.
1956  *
1957  * Often, an SA is associated with the reply message, it's passed in if needed,
1958  * and NULL if not.  BTW, that ipsa will have its refcnt appropriately held,
1959  * and the caller will release said refcnt.
1960  */
1961 void
1962 sadb_pfkey_echo(queue_t *pfkey_q, mblk_t *mp, sadb_msg_t *samsg,
1963     keysock_in_t *ksi, ipsa_t *ipsa)
1964 {
1965 	keysock_out_t *kso;
1966 	mblk_t *mp1;
1967 	sadb_msg_t *newsamsg;
1968 	uint8_t *oldend;
1969 
1970 	ASSERT((mp->b_cont != NULL) &&
1971 	    ((void *)samsg == (void *)mp->b_cont->b_rptr) &&
1972 	    ((void *)mp->b_rptr == (void *)ksi));
1973 
1974 	switch (samsg->sadb_msg_type) {
1975 	case SADB_ADD:
1976 	case SADB_UPDATE:
1977 	case SADB_X_UPDATEPAIR:
1978 	case SADB_X_DELPAIR_STATE:
1979 	case SADB_FLUSH:
1980 	case SADB_DUMP:
1981 		/*
1982 		 * I have all of the message already.  I just need to strip
1983 		 * out the keying material and echo the message back.
1984 		 *
1985 		 * NOTE: for SADB_DUMP, the function sadb_dump() did the
1986 		 * work.  When DUMP reaches here, it should only be a base
1987 		 * message.
1988 		 */
1989 	justecho:
1990 		if (ksi->ks_in_extv[SADB_EXT_KEY_AUTH] != NULL ||
1991 		    ksi->ks_in_extv[SADB_EXT_KEY_ENCRYPT] != NULL ||
1992 		    ksi->ks_in_extv[SADB_X_EXT_EDUMP] != NULL) {
1993 			sadb_strip(samsg);
1994 			/* Assume PF_KEY message is contiguous. */
1995 			ASSERT(mp->b_cont->b_cont == NULL);
1996 			oldend = mp->b_cont->b_wptr;
1997 			mp->b_cont->b_wptr = mp->b_cont->b_rptr +
1998 			    SADB_64TO8(samsg->sadb_msg_len);
1999 			bzero(mp->b_cont->b_wptr, oldend - mp->b_cont->b_wptr);
2000 		}
2001 		break;
2002 	case SADB_GET:
2003 		/*
2004 		 * Do a lot of work here, because of the ipsa I just found.
2005 		 * First construct the new PF_KEY message, then abandon
2006 		 * the old one.
2007 		 */
2008 		mp1 = sadb_sa2msg(ipsa, samsg);
2009 		if (mp1 == NULL) {
2010 			sadb_pfkey_error(pfkey_q, mp, ENOMEM,
2011 			    SADB_X_DIAGNOSTIC_NONE, ksi->ks_in_serial);
2012 			return;
2013 		}
2014 		freemsg(mp->b_cont);
2015 		mp->b_cont = mp1;
2016 		break;
2017 	case SADB_DELETE:
2018 	case SADB_X_DELPAIR:
2019 		if (ipsa == NULL)
2020 			goto justecho;
2021 		/*
2022 		 * Because listening KMds may require more info, treat
2023 		 * DELETE like a special case of GET.
2024 		 */
2025 		mp1 = sadb_sa2msg(ipsa, samsg);
2026 		if (mp1 == NULL) {
2027 			sadb_pfkey_error(pfkey_q, mp, ENOMEM,
2028 			    SADB_X_DIAGNOSTIC_NONE, ksi->ks_in_serial);
2029 			return;
2030 		}
2031 		newsamsg = (sadb_msg_t *)mp1->b_rptr;
2032 		sadb_strip(newsamsg);
2033 		oldend = mp1->b_wptr;
2034 		mp1->b_wptr = mp1->b_rptr + SADB_64TO8(newsamsg->sadb_msg_len);
2035 		bzero(mp1->b_wptr, oldend - mp1->b_wptr);
2036 		freemsg(mp->b_cont);
2037 		mp->b_cont = mp1;
2038 		break;
2039 	default:
2040 		if (mp != NULL)
2041 			freemsg(mp);
2042 		return;
2043 	}
2044 
2045 	/* ksi is now null and void. */
2046 	kso = (keysock_out_t *)ksi;
2047 	kso->ks_out_type = KEYSOCK_OUT;
2048 	kso->ks_out_len = sizeof (*kso);
2049 	kso->ks_out_serial = ksi->ks_in_serial;
2050 	/* We're ready to send... */
2051 	putnext(pfkey_q, mp);
2052 }
2053 
2054 /*
2055  * Set up a global pfkey_q instance for AH, ESP, or some other consumer.
2056  */
2057 void
2058 sadb_keysock_hello(queue_t **pfkey_qp, queue_t *q, mblk_t *mp,
2059     void (*ager)(void *), void *agerarg, timeout_id_t *top, int satype)
2060 {
2061 	keysock_hello_ack_t *kha;
2062 	queue_t *oldq;
2063 
2064 	ASSERT(OTHERQ(q) != NULL);
2065 
2066 	/*
2067 	 * First, check atomically that I'm the first and only keysock
2068 	 * instance.
2069 	 *
2070 	 * Use OTHERQ(q), because qreply(q, mp) == putnext(OTHERQ(q), mp),
2071 	 * and I want this module to say putnext(*_pfkey_q, mp) for PF_KEY
2072 	 * messages.
2073 	 */
2074 
2075 	oldq = casptr((void **)pfkey_qp, NULL, OTHERQ(q));
2076 	if (oldq != NULL) {
2077 		ASSERT(oldq != q);
2078 		cmn_err(CE_WARN, "Danger!  Multiple keysocks on top of %s.\n",
2079 		    (satype == SADB_SATYPE_ESP)? "ESP" : "AH or other");
2080 		freemsg(mp);
2081 		return;
2082 	}
2083 
2084 	kha = (keysock_hello_ack_t *)mp->b_rptr;
2085 	kha->ks_hello_len = sizeof (keysock_hello_ack_t);
2086 	kha->ks_hello_type = KEYSOCK_HELLO_ACK;
2087 	kha->ks_hello_satype = (uint8_t)satype;
2088 
2089 	/*
2090 	 * If we made it past the casptr, then we have "exclusive" access
2091 	 * to the timeout handle.  Fire it off after the default ager
2092 	 * interval.
2093 	 */
2094 	*top = qtimeout(*pfkey_qp, ager, agerarg,
2095 	    drv_usectohz(SADB_AGE_INTERVAL_DEFAULT * 1000));
2096 
2097 	putnext(*pfkey_qp, mp);
2098 }
2099 
2100 /*
2101  * Normalize IPv4-mapped IPv6 addresses (and prefixes) as appropriate.
2102  *
2103  * Check addresses themselves for wildcard or multicast.
2104  * Check ire table for local/non-local/broadcast.
2105  */
2106 int
2107 sadb_addrcheck(queue_t *pfkey_q, mblk_t *mp, sadb_ext_t *ext, uint_t serial,
2108     netstack_t *ns)
2109 {
2110 	sadb_address_t *addr = (sadb_address_t *)ext;
2111 	struct sockaddr_in *sin;
2112 	struct sockaddr_in6 *sin6;
2113 	ire_t *ire;
2114 	int diagnostic, type;
2115 	boolean_t normalized = B_FALSE;
2116 
2117 	ASSERT(ext != NULL);
2118 	ASSERT((ext->sadb_ext_type == SADB_EXT_ADDRESS_SRC) ||
2119 	    (ext->sadb_ext_type == SADB_EXT_ADDRESS_DST) ||
2120 	    (ext->sadb_ext_type == SADB_X_EXT_ADDRESS_INNER_SRC) ||
2121 	    (ext->sadb_ext_type == SADB_X_EXT_ADDRESS_INNER_DST) ||
2122 	    (ext->sadb_ext_type == SADB_X_EXT_ADDRESS_NATT_LOC) ||
2123 	    (ext->sadb_ext_type == SADB_X_EXT_ADDRESS_NATT_REM));
2124 
2125 	/* Assign both sockaddrs, the compiler will do the right thing. */
2126 	sin = (struct sockaddr_in *)(addr + 1);
2127 	sin6 = (struct sockaddr_in6 *)(addr + 1);
2128 
2129 	if (sin6->sin6_family == AF_INET6) {
2130 		if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
2131 			/*
2132 			 * Convert to an AF_INET sockaddr.  This means the
2133 			 * return messages will have the extra space, but have
2134 			 * AF_INET sockaddrs instead of AF_INET6.
2135 			 *
2136 			 * Yes, RFC 2367 isn't clear on what to do here w.r.t.
2137 			 * mapped addresses, but since AF_INET6 ::ffff:<v4> is
2138 			 * equal to AF_INET <v4>, it shouldnt be a huge
2139 			 * problem.
2140 			 */
2141 			sin->sin_family = AF_INET;
2142 			IN6_V4MAPPED_TO_INADDR(&sin6->sin6_addr,
2143 			    &sin->sin_addr);
2144 			bzero(&sin->sin_zero, sizeof (sin->sin_zero));
2145 			normalized = B_TRUE;
2146 		}
2147 	} else if (sin->sin_family != AF_INET) {
2148 		switch (ext->sadb_ext_type) {
2149 		case SADB_EXT_ADDRESS_SRC:
2150 			diagnostic = SADB_X_DIAGNOSTIC_BAD_SRC_AF;
2151 			break;
2152 		case SADB_EXT_ADDRESS_DST:
2153 			diagnostic = SADB_X_DIAGNOSTIC_BAD_DST_AF;
2154 			break;
2155 		case SADB_X_EXT_ADDRESS_INNER_SRC:
2156 			diagnostic = SADB_X_DIAGNOSTIC_BAD_PROXY_AF;
2157 			break;
2158 		case SADB_X_EXT_ADDRESS_INNER_DST:
2159 			diagnostic = SADB_X_DIAGNOSTIC_BAD_INNER_DST_AF;
2160 			break;
2161 		case SADB_X_EXT_ADDRESS_NATT_LOC:
2162 			diagnostic = SADB_X_DIAGNOSTIC_BAD_NATT_LOC_AF;
2163 			break;
2164 		case SADB_X_EXT_ADDRESS_NATT_REM:
2165 			diagnostic = SADB_X_DIAGNOSTIC_BAD_NATT_REM_AF;
2166 			break;
2167 			/* There is no default, see above ASSERT. */
2168 		}
2169 bail:
2170 		if (pfkey_q != NULL) {
2171 			sadb_pfkey_error(pfkey_q, mp, EINVAL, diagnostic,
2172 			    serial);
2173 		} else {
2174 			/*
2175 			 * Scribble in sadb_msg that we got passed in.
2176 			 * Overload "mp" to be an sadb_msg pointer.
2177 			 */
2178 			sadb_msg_t *samsg = (sadb_msg_t *)mp;
2179 
2180 			samsg->sadb_msg_errno = EINVAL;
2181 			samsg->sadb_x_msg_diagnostic = diagnostic;
2182 		}
2183 		return (KS_IN_ADDR_UNKNOWN);
2184 	}
2185 
2186 	if (ext->sadb_ext_type == SADB_X_EXT_ADDRESS_INNER_SRC ||
2187 	    ext->sadb_ext_type == SADB_X_EXT_ADDRESS_INNER_DST) {
2188 		/*
2189 		 * We need only check for prefix issues.
2190 		 */
2191 
2192 		/* Set diagnostic now, in case we need it later. */
2193 		diagnostic =
2194 		    (ext->sadb_ext_type == SADB_X_EXT_ADDRESS_INNER_SRC) ?
2195 		    SADB_X_DIAGNOSTIC_PREFIX_INNER_SRC :
2196 		    SADB_X_DIAGNOSTIC_PREFIX_INNER_DST;
2197 
2198 		if (normalized)
2199 			addr->sadb_address_prefixlen -= 96;
2200 
2201 		/*
2202 		 * Verify and mask out inner-addresses based on prefix length.
2203 		 */
2204 		if (sin->sin_family == AF_INET) {
2205 			if (addr->sadb_address_prefixlen > 32)
2206 				goto bail;
2207 			sin->sin_addr.s_addr &=
2208 			    ip_plen_to_mask(addr->sadb_address_prefixlen);
2209 		} else {
2210 			in6_addr_t mask;
2211 
2212 			ASSERT(sin->sin_family == AF_INET6);
2213 			/*
2214 			 * ip_plen_to_mask_v6() returns NULL if the value in
2215 			 * question is out of range.
2216 			 */
2217 			if (ip_plen_to_mask_v6(addr->sadb_address_prefixlen,
2218 			    &mask) == NULL)
2219 				goto bail;
2220 			sin6->sin6_addr.s6_addr32[0] &= mask.s6_addr32[0];
2221 			sin6->sin6_addr.s6_addr32[1] &= mask.s6_addr32[1];
2222 			sin6->sin6_addr.s6_addr32[2] &= mask.s6_addr32[2];
2223 			sin6->sin6_addr.s6_addr32[3] &= mask.s6_addr32[3];
2224 		}
2225 
2226 		/* We don't care in these cases. */
2227 		return (KS_IN_ADDR_DONTCARE);
2228 	}
2229 
2230 	if (sin->sin_family == AF_INET6) {
2231 		/* Check the easy ones now. */
2232 		if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr))
2233 			return (KS_IN_ADDR_MBCAST);
2234 		if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr))
2235 			return (KS_IN_ADDR_UNSPEC);
2236 		/*
2237 		 * At this point, we're a unicast IPv6 address.
2238 		 *
2239 		 * A ctable lookup for local is sufficient here.  If we're
2240 		 * local, return KS_IN_ADDR_ME, otherwise KS_IN_ADDR_NOTME.
2241 		 *
2242 		 * XXX Zones alert -> me/notme decision needs to be tempered
2243 		 * by what zone we're in when we go to zone-aware IPsec.
2244 		 */
2245 		ire = ire_ctable_lookup_v6(&sin6->sin6_addr, NULL,
2246 		    IRE_LOCAL, NULL, ALL_ZONES, NULL, MATCH_IRE_TYPE,
2247 		    ns->netstack_ip);
2248 		if (ire != NULL) {
2249 			/* Hey hey, it's local. */
2250 			IRE_REFRELE(ire);
2251 			return (KS_IN_ADDR_ME);
2252 		}
2253 	} else {
2254 		ASSERT(sin->sin_family == AF_INET);
2255 		if (sin->sin_addr.s_addr == INADDR_ANY)
2256 			return (KS_IN_ADDR_UNSPEC);
2257 		if (CLASSD(sin->sin_addr.s_addr))
2258 			return (KS_IN_ADDR_MBCAST);
2259 		/*
2260 		 * At this point we're a unicast or broadcast IPv4 address.
2261 		 *
2262 		 * Lookup on the ctable for IRE_BROADCAST or IRE_LOCAL.
2263 		 * A NULL return value is NOTME, otherwise, look at the
2264 		 * returned ire for broadcast or not and return accordingly.
2265 		 *
2266 		 * XXX Zones alert -> me/notme decision needs to be tempered
2267 		 * by what zone we're in when we go to zone-aware IPsec.
2268 		 */
2269 		ire = ire_ctable_lookup(sin->sin_addr.s_addr, 0,
2270 		    IRE_LOCAL | IRE_BROADCAST, NULL, ALL_ZONES, NULL,
2271 		    MATCH_IRE_TYPE, ns->netstack_ip);
2272 		if (ire != NULL) {
2273 			/* Check for local or broadcast */
2274 			type = ire->ire_type;
2275 			IRE_REFRELE(ire);
2276 			ASSERT(type == IRE_LOCAL || type == IRE_BROADCAST);
2277 			return ((type == IRE_LOCAL) ? KS_IN_ADDR_ME :
2278 			    KS_IN_ADDR_MBCAST);
2279 		}
2280 	}
2281 
2282 	return (KS_IN_ADDR_NOTME);
2283 }
2284 
2285 /*
2286  * Address normalizations and reality checks for inbound PF_KEY messages.
2287  *
2288  * For the case of src == unspecified AF_INET6, and dst == AF_INET, convert
2289  * the source to AF_INET.  Do the same for the inner sources.
2290  */
2291 boolean_t
2292 sadb_addrfix(keysock_in_t *ksi, queue_t *pfkey_q, mblk_t *mp, netstack_t *ns)
2293 {
2294 	struct sockaddr_in *src, *isrc;
2295 	struct sockaddr_in6 *dst, *idst;
2296 	sadb_address_t *srcext, *dstext;
2297 	uint16_t sport;
2298 	sadb_ext_t **extv = ksi->ks_in_extv;
2299 	int rc;
2300 
2301 	if (extv[SADB_EXT_ADDRESS_SRC] != NULL) {
2302 		rc = sadb_addrcheck(pfkey_q, mp, extv[SADB_EXT_ADDRESS_SRC],
2303 		    ksi->ks_in_serial, ns);
2304 		if (rc == KS_IN_ADDR_UNKNOWN)
2305 			return (B_FALSE);
2306 		if (rc == KS_IN_ADDR_MBCAST) {
2307 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2308 			    SADB_X_DIAGNOSTIC_BAD_SRC, ksi->ks_in_serial);
2309 			return (B_FALSE);
2310 		}
2311 		ksi->ks_in_srctype = rc;
2312 	}
2313 
2314 	if (extv[SADB_EXT_ADDRESS_DST] != NULL) {
2315 		rc = sadb_addrcheck(pfkey_q, mp, extv[SADB_EXT_ADDRESS_DST],
2316 		    ksi->ks_in_serial, ns);
2317 		if (rc == KS_IN_ADDR_UNKNOWN)
2318 			return (B_FALSE);
2319 		if (rc == KS_IN_ADDR_UNSPEC) {
2320 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2321 			    SADB_X_DIAGNOSTIC_BAD_DST, ksi->ks_in_serial);
2322 			return (B_FALSE);
2323 		}
2324 		ksi->ks_in_dsttype = rc;
2325 	}
2326 
2327 	/*
2328 	 * NAT-Traversal addrs are simple enough to not require all of
2329 	 * the checks in sadb_addrcheck().  Just normalize or reject if not
2330 	 * AF_INET.
2331 	 */
2332 	if (extv[SADB_X_EXT_ADDRESS_NATT_LOC] != NULL) {
2333 		rc = sadb_addrcheck(pfkey_q, mp,
2334 		    extv[SADB_X_EXT_ADDRESS_NATT_LOC], ksi->ks_in_serial, ns);
2335 
2336 		/*
2337 		 * Local NAT-T addresses never use an IRE_LOCAL, so it should
2338 		 * always be NOTME, or UNSPEC (to handle both tunnel mode
2339 		 * AND local-port flexibility).
2340 		 */
2341 		if (rc != KS_IN_ADDR_NOTME && rc != KS_IN_ADDR_UNSPEC) {
2342 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2343 			    SADB_X_DIAGNOSTIC_MALFORMED_NATT_LOC,
2344 			    ksi->ks_in_serial);
2345 			return (B_FALSE);
2346 		}
2347 		src = (struct sockaddr_in *)
2348 		    (((sadb_address_t *)extv[SADB_X_EXT_ADDRESS_NATT_LOC]) + 1);
2349 		if (src->sin_family != AF_INET) {
2350 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2351 			    SADB_X_DIAGNOSTIC_BAD_NATT_LOC_AF,
2352 			    ksi->ks_in_serial);
2353 			return (B_FALSE);
2354 		}
2355 	}
2356 
2357 	if (extv[SADB_X_EXT_ADDRESS_NATT_REM] != NULL) {
2358 		rc = sadb_addrcheck(pfkey_q, mp,
2359 		    extv[SADB_X_EXT_ADDRESS_NATT_REM], ksi->ks_in_serial, ns);
2360 
2361 		/*
2362 		 * Remote NAT-T addresses never use an IRE_LOCAL, so it should
2363 		 * always be NOTME, or UNSPEC if it's a tunnel-mode SA.
2364 		 */
2365 		if (rc != KS_IN_ADDR_NOTME &&
2366 		    !(extv[SADB_X_EXT_ADDRESS_INNER_SRC] != NULL &&
2367 		    rc == KS_IN_ADDR_UNSPEC)) {
2368 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2369 			    SADB_X_DIAGNOSTIC_MALFORMED_NATT_REM,
2370 			    ksi->ks_in_serial);
2371 			return (B_FALSE);
2372 		}
2373 		src = (struct sockaddr_in *)
2374 		    (((sadb_address_t *)extv[SADB_X_EXT_ADDRESS_NATT_REM]) + 1);
2375 		if (src->sin_family != AF_INET) {
2376 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2377 			    SADB_X_DIAGNOSTIC_BAD_NATT_REM_AF,
2378 			    ksi->ks_in_serial);
2379 			return (B_FALSE);
2380 		}
2381 	}
2382 
2383 	if (extv[SADB_X_EXT_ADDRESS_INNER_SRC] != NULL) {
2384 		if (extv[SADB_X_EXT_ADDRESS_INNER_DST] == NULL) {
2385 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2386 			    SADB_X_DIAGNOSTIC_MISSING_INNER_DST,
2387 			    ksi->ks_in_serial);
2388 			return (B_FALSE);
2389 		}
2390 
2391 		if (sadb_addrcheck(pfkey_q, mp,
2392 		    extv[SADB_X_EXT_ADDRESS_INNER_DST], ksi->ks_in_serial, ns)
2393 		    == KS_IN_ADDR_UNKNOWN ||
2394 		    sadb_addrcheck(pfkey_q, mp,
2395 		    extv[SADB_X_EXT_ADDRESS_INNER_SRC], ksi->ks_in_serial, ns)
2396 		    == KS_IN_ADDR_UNKNOWN)
2397 			return (B_FALSE);
2398 
2399 		isrc = (struct sockaddr_in *)
2400 		    (((sadb_address_t *)extv[SADB_X_EXT_ADDRESS_INNER_SRC]) +
2401 		    1);
2402 		idst = (struct sockaddr_in6 *)
2403 		    (((sadb_address_t *)extv[SADB_X_EXT_ADDRESS_INNER_DST]) +
2404 		    1);
2405 		if (isrc->sin_family != idst->sin6_family) {
2406 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2407 			    SADB_X_DIAGNOSTIC_INNER_AF_MISMATCH,
2408 			    ksi->ks_in_serial);
2409 			return (B_FALSE);
2410 		}
2411 	} else if (extv[SADB_X_EXT_ADDRESS_INNER_DST] != NULL) {
2412 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2413 			    SADB_X_DIAGNOSTIC_MISSING_INNER_SRC,
2414 			    ksi->ks_in_serial);
2415 			return (B_FALSE);
2416 	} else {
2417 		isrc = NULL;	/* For inner/outer port check below. */
2418 	}
2419 
2420 	dstext = (sadb_address_t *)extv[SADB_EXT_ADDRESS_DST];
2421 	srcext = (sadb_address_t *)extv[SADB_EXT_ADDRESS_SRC];
2422 
2423 	if (dstext == NULL || srcext == NULL)
2424 		return (B_TRUE);
2425 
2426 	dst = (struct sockaddr_in6 *)(dstext + 1);
2427 	src = (struct sockaddr_in *)(srcext + 1);
2428 
2429 	if (isrc != NULL &&
2430 	    (isrc->sin_port != 0 || idst->sin6_port != 0) &&
2431 	    (src->sin_port != 0 || dst->sin6_port != 0)) {
2432 		/* Can't set inner and outer ports in one SA. */
2433 		sadb_pfkey_error(pfkey_q, mp, EINVAL,
2434 		    SADB_X_DIAGNOSTIC_DUAL_PORT_SETS,
2435 		    ksi->ks_in_serial);
2436 		return (B_FALSE);
2437 	}
2438 
2439 	if (dst->sin6_family == src->sin_family)
2440 		return (B_TRUE);
2441 
2442 	if (srcext->sadb_address_proto != dstext->sadb_address_proto) {
2443 		if (srcext->sadb_address_proto == 0) {
2444 			srcext->sadb_address_proto = dstext->sadb_address_proto;
2445 		} else if (dstext->sadb_address_proto == 0) {
2446 			dstext->sadb_address_proto = srcext->sadb_address_proto;
2447 		} else {
2448 			/* Inequal protocols, neither were 0.  Report error. */
2449 			sadb_pfkey_error(pfkey_q, mp, EINVAL,
2450 			    SADB_X_DIAGNOSTIC_PROTO_MISMATCH,
2451 			    ksi->ks_in_serial);
2452 			return (B_FALSE);
2453 		}
2454 	}
2455 
2456 	/*
2457 	 * With the exception of an unspec IPv6 source and an IPv4
2458 	 * destination, address families MUST me matched.
2459 	 */
2460 	if (src->sin_family == AF_INET ||
2461 	    ksi->ks_in_srctype != KS_IN_ADDR_UNSPEC) {
2462 		sadb_pfkey_error(pfkey_q, mp, EINVAL,
2463 		    SADB_X_DIAGNOSTIC_AF_MISMATCH, ksi->ks_in_serial);
2464 		return (B_FALSE);
2465 	}
2466 
2467 	/*
2468 	 * Convert "src" to AF_INET INADDR_ANY.  We rely on sin_port being
2469 	 * in the same place for sockaddr_in and sockaddr_in6.
2470 	 */
2471 	sport = src->sin_port;
2472 	bzero(src, sizeof (*src));
2473 	src->sin_family = AF_INET;
2474 	src->sin_port = sport;
2475 
2476 	return (B_TRUE);
2477 }
2478 
2479 /*
2480  * Set the results in "addrtype", given an IRE as requested by
2481  * sadb_addrcheck().
2482  */
2483 int
2484 sadb_addrset(ire_t *ire)
2485 {
2486 	if ((ire->ire_type & IRE_BROADCAST) ||
2487 	    (ire->ire_ipversion == IPV4_VERSION && CLASSD(ire->ire_addr)) ||
2488 	    (ire->ire_ipversion == IPV6_VERSION &&
2489 	    IN6_IS_ADDR_MULTICAST(&(ire->ire_addr_v6))))
2490 		return (KS_IN_ADDR_MBCAST);
2491 	if (ire->ire_type & (IRE_LOCAL | IRE_LOOPBACK))
2492 		return (KS_IN_ADDR_ME);
2493 	return (KS_IN_ADDR_NOTME);
2494 }
2495 
2496 
2497 /*
2498  * Walker callback function to delete sa's based on src/dst address.
2499  * Assumes that we're called with *head locked, no other locks held;
2500  * Conveniently, and not coincidentally, this is both what sadb_walker
2501  * gives us and also what sadb_unlinkassoc expects.
2502  */
2503 
2504 struct sadb_purge_state
2505 {
2506 	uint32_t *src;
2507 	uint32_t *dst;
2508 	sa_family_t af;
2509 	boolean_t inbnd;
2510 	char *sidstr;
2511 	char *didstr;
2512 	uint16_t sidtype;
2513 	uint16_t didtype;
2514 	uint32_t kmproto;
2515 	uint8_t sadb_sa_state;
2516 	mblk_t *mq;
2517 	sadb_t *sp;
2518 };
2519 
2520 static void
2521 sadb_purge_cb(isaf_t *head, ipsa_t *entry, void *cookie)
2522 {
2523 	struct sadb_purge_state *ps = (struct sadb_purge_state *)cookie;
2524 
2525 	ASSERT(MUTEX_HELD(&head->isaf_lock));
2526 
2527 	mutex_enter(&entry->ipsa_lock);
2528 
2529 	if ((entry->ipsa_state == IPSA_STATE_LARVAL) ||
2530 	    (ps->src != NULL &&
2531 	    !IPSA_ARE_ADDR_EQUAL(entry->ipsa_srcaddr, ps->src, ps->af)) ||
2532 	    (ps->dst != NULL &&
2533 	    !IPSA_ARE_ADDR_EQUAL(entry->ipsa_dstaddr, ps->dst, ps->af)) ||
2534 	    (ps->didstr != NULL && (entry->ipsa_dst_cid != NULL) &&
2535 	    !(ps->didtype == entry->ipsa_dst_cid->ipsid_type &&
2536 	    strcmp(ps->didstr, entry->ipsa_dst_cid->ipsid_cid) == 0)) ||
2537 	    (ps->sidstr != NULL && (entry->ipsa_src_cid != NULL) &&
2538 	    !(ps->sidtype == entry->ipsa_src_cid->ipsid_type &&
2539 	    strcmp(ps->sidstr, entry->ipsa_src_cid->ipsid_cid) == 0)) ||
2540 	    (ps->kmproto <= SADB_X_KMP_MAX && ps->kmproto != entry->ipsa_kmp)) {
2541 		mutex_exit(&entry->ipsa_lock);
2542 		return;
2543 	}
2544 
2545 	if (ps->inbnd) {
2546 		sadb_delete_cluster(entry);
2547 	}
2548 	entry->ipsa_state = IPSA_STATE_DEAD;
2549 	(void) sadb_torch_assoc(head, entry, ps->inbnd, &ps->mq);
2550 }
2551 
2552 /*
2553  * Common code to purge an SA with a matching src or dst address.
2554  * Don't kill larval SA's in such a purge.
2555  */
2556 int
2557 sadb_purge_sa(mblk_t *mp, keysock_in_t *ksi, sadb_t *sp, queue_t *pfkey_q,
2558     queue_t *ip_q)
2559 {
2560 	sadb_address_t *dstext =
2561 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
2562 	sadb_address_t *srcext =
2563 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_SRC];
2564 	sadb_ident_t *dstid =
2565 	    (sadb_ident_t *)ksi->ks_in_extv[SADB_EXT_IDENTITY_DST];
2566 	sadb_ident_t *srcid =
2567 	    (sadb_ident_t *)ksi->ks_in_extv[SADB_EXT_IDENTITY_SRC];
2568 	sadb_x_kmc_t *kmc =
2569 	    (sadb_x_kmc_t *)ksi->ks_in_extv[SADB_X_EXT_KM_COOKIE];
2570 	struct sockaddr_in *src, *dst;
2571 	struct sockaddr_in6 *src6, *dst6;
2572 	struct sadb_purge_state ps;
2573 
2574 	/*
2575 	 * Don't worry about IPv6 v4-mapped addresses, sadb_addrcheck()
2576 	 * takes care of them.
2577 	 */
2578 
2579 	/* enforced by caller */
2580 	ASSERT((dstext != NULL) || (srcext != NULL));
2581 
2582 	ps.src = NULL;
2583 	ps.dst = NULL;
2584 #ifdef DEBUG
2585 	ps.af = (sa_family_t)-1;
2586 #endif
2587 	ps.mq = NULL;
2588 	ps.sidstr = NULL;
2589 	ps.didstr = NULL;
2590 	ps.kmproto = SADB_X_KMP_MAX + 1;
2591 
2592 	if (dstext != NULL) {
2593 		dst = (struct sockaddr_in *)(dstext + 1);
2594 		ps.af = dst->sin_family;
2595 		if (dst->sin_family == AF_INET6) {
2596 			dst6 = (struct sockaddr_in6 *)dst;
2597 			ps.dst = (uint32_t *)&dst6->sin6_addr;
2598 		} else {
2599 			ps.dst = (uint32_t *)&dst->sin_addr;
2600 		}
2601 	}
2602 
2603 	if (srcext != NULL) {
2604 		src = (struct sockaddr_in *)(srcext + 1);
2605 		ps.af = src->sin_family;
2606 		if (src->sin_family == AF_INET6) {
2607 			src6 = (struct sockaddr_in6 *)(srcext + 1);
2608 			ps.src = (uint32_t *)&src6->sin6_addr;
2609 		} else {
2610 			ps.src = (uint32_t *)&src->sin_addr;
2611 		}
2612 		ASSERT(dstext == NULL || src->sin_family == dst->sin_family);
2613 	}
2614 
2615 	ASSERT(ps.af != (sa_family_t)-1);
2616 
2617 	if (dstid != NULL) {
2618 		/*
2619 		 * NOTE:  May need to copy string in the future
2620 		 * if the inbound keysock message disappears for some strange
2621 		 * reason.
2622 		 */
2623 		ps.didstr = (char *)(dstid + 1);
2624 		ps.didtype = dstid->sadb_ident_type;
2625 	}
2626 
2627 	if (srcid != NULL) {
2628 		/*
2629 		 * NOTE:  May need to copy string in the future
2630 		 * if the inbound keysock message disappears for some strange
2631 		 * reason.
2632 		 */
2633 		ps.sidstr = (char *)(srcid + 1);
2634 		ps.sidtype = srcid->sadb_ident_type;
2635 	}
2636 
2637 	if (kmc != NULL)
2638 		ps.kmproto = kmc->sadb_x_kmc_proto;
2639 
2640 	/*
2641 	 * This is simple, crude, and effective.
2642 	 * Unimplemented optimizations (TBD):
2643 	 * - we can limit how many places we search based on where we
2644 	 * think the SA is filed.
2645 	 * - if we get a dst address, we can hash based on dst addr to find
2646 	 * the correct bucket in the outbound table.
2647 	 */
2648 	ps.inbnd = B_TRUE;
2649 	sadb_walker(sp->sdb_if, sp->sdb_hashsize, sadb_purge_cb, &ps);
2650 	ps.inbnd = B_FALSE;
2651 	sadb_walker(sp->sdb_of, sp->sdb_hashsize, sadb_purge_cb, &ps);
2652 
2653 	if (ps.mq != NULL)
2654 		sadb_drain_torchq(ip_q, ps.mq);
2655 
2656 	ASSERT(mp->b_cont != NULL);
2657 	sadb_pfkey_echo(pfkey_q, mp, (sadb_msg_t *)mp->b_cont->b_rptr, ksi,
2658 	    NULL);
2659 	return (0);
2660 }
2661 
2662 static void
2663 sadb_delpair_state(isaf_t *head, ipsa_t *entry, void *cookie)
2664 {
2665 	struct sadb_purge_state *ps = (struct sadb_purge_state *)cookie;
2666 	isaf_t  *inbound_bucket;
2667 	ipsa_t *peer_assoc;
2668 
2669 	ASSERT(MUTEX_HELD(&head->isaf_lock));
2670 
2671 	mutex_enter(&entry->ipsa_lock);
2672 
2673 	if ((entry->ipsa_state != ps->sadb_sa_state) ||
2674 	    ((ps->src != NULL) &&
2675 	    !IPSA_ARE_ADDR_EQUAL(entry->ipsa_srcaddr, ps->src, ps->af))) {
2676 		mutex_exit(&entry->ipsa_lock);
2677 		return;
2678 	}
2679 
2680 	/*
2681 	 * The isaf_t *, which is passed in , is always an outbound bucket,
2682 	 * and we are preserving the outbound-then-inbound hash-bucket lock
2683 	 * ordering. The sadb_walker() which triggers this function is called
2684 	 * only on the outbound fanout, and the corresponding inbound bucket
2685 	 * lock is safe to acquire here.
2686 	 */
2687 
2688 	if (entry->ipsa_haspeer) {
2689 		inbound_bucket = INBOUND_BUCKET(ps->sp, entry->ipsa_spi);
2690 		mutex_enter(&inbound_bucket->isaf_lock);
2691 		peer_assoc = ipsec_getassocbyspi(inbound_bucket,
2692 		    entry->ipsa_spi, entry->ipsa_srcaddr,
2693 		    entry->ipsa_dstaddr, entry->ipsa_addrfam);
2694 	} else {
2695 		inbound_bucket = INBOUND_BUCKET(ps->sp, entry->ipsa_otherspi);
2696 		mutex_enter(&inbound_bucket->isaf_lock);
2697 		peer_assoc = ipsec_getassocbyspi(inbound_bucket,
2698 		    entry->ipsa_otherspi, entry->ipsa_dstaddr,
2699 		    entry->ipsa_srcaddr, entry->ipsa_addrfam);
2700 	}
2701 
2702 	entry->ipsa_state = IPSA_STATE_DEAD;
2703 	(void) sadb_torch_assoc(head, entry, B_FALSE, &ps->mq);
2704 	if (peer_assoc != NULL) {
2705 		mutex_enter(&peer_assoc->ipsa_lock);
2706 		peer_assoc->ipsa_state = IPSA_STATE_DEAD;
2707 		(void) sadb_torch_assoc(inbound_bucket, peer_assoc,
2708 		    B_FALSE, &ps->mq);
2709 	}
2710 	mutex_exit(&inbound_bucket->isaf_lock);
2711 }
2712 
2713 /*
2714  * Common code to delete/get an SA.
2715  */
2716 int
2717 sadb_delget_sa(mblk_t *mp, keysock_in_t *ksi, sadbp_t *spp,
2718     int *diagnostic, queue_t *pfkey_q, uint8_t sadb_msg_type)
2719 {
2720 	sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
2721 	sadb_address_t *srcext =
2722 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_SRC];
2723 	sadb_address_t *dstext =
2724 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
2725 	ipsa_t *echo_target = NULL;
2726 	ipsap_t *ipsapp;
2727 	mblk_t *torchq = NULL;
2728 	uint_t	error = 0;
2729 
2730 	if (assoc == NULL) {
2731 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_SA;
2732 		return (EINVAL);
2733 	}
2734 
2735 	if (sadb_msg_type == SADB_X_DELPAIR_STATE) {
2736 		struct sockaddr_in *src;
2737 		struct sockaddr_in6 *src6;
2738 		struct sadb_purge_state ps;
2739 
2740 		if (srcext == NULL) {
2741 			*diagnostic = SADB_X_DIAGNOSTIC_MISSING_SRC;
2742 			return (EINVAL);
2743 		}
2744 		ps.src = NULL;
2745 		ps.mq = NULL;
2746 		src = (struct sockaddr_in *)(srcext + 1);
2747 		ps.af = src->sin_family;
2748 		if (src->sin_family == AF_INET6) {
2749 			src6 = (struct sockaddr_in6 *)(srcext + 1);
2750 			ps.src = (uint32_t *)&src6->sin6_addr;
2751 			ps.sp = &spp->s_v6;
2752 		} else {
2753 			ps.src = (uint32_t *)&src->sin_addr;
2754 			ps.sp = &spp->s_v4;
2755 		}
2756 		ps.inbnd = B_FALSE;
2757 		ps.sadb_sa_state = assoc->sadb_sa_state;
2758 		sadb_walker(ps.sp->sdb_of, ps.sp->sdb_hashsize,
2759 		    sadb_delpair_state, &ps);
2760 
2761 		if (ps.mq != NULL)
2762 			sadb_drain_torchq(pfkey_q, ps.mq);
2763 
2764 		ASSERT(mp->b_cont != NULL);
2765 		sadb_pfkey_echo(pfkey_q, mp, (sadb_msg_t *)mp->b_cont->b_rptr,
2766 		    ksi, NULL);
2767 		return (0);
2768 	}
2769 
2770 	if (dstext == NULL) {
2771 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_DST;
2772 		return (EINVAL);
2773 	}
2774 
2775 	ipsapp = get_ipsa_pair(assoc, srcext, dstext, spp);
2776 	if (ipsapp == NULL) {
2777 		*diagnostic = SADB_X_DIAGNOSTIC_SA_NOTFOUND;
2778 		return (ESRCH);
2779 	}
2780 
2781 	echo_target = ipsapp->ipsap_sa_ptr;
2782 	if (echo_target == NULL)
2783 		echo_target = ipsapp->ipsap_psa_ptr;
2784 
2785 	if (sadb_msg_type == SADB_DELETE || sadb_msg_type == SADB_X_DELPAIR) {
2786 		/*
2787 		 * Bucket locks will be required if SA is actually unlinked.
2788 		 * get_ipsa_pair() returns valid hash bucket pointers even
2789 		 * if it can't find a pair SA pointer. To prevent a potential
2790 		 * deadlock, always lock the outbound bucket before the inbound.
2791 		 */
2792 		if (ipsapp->in_inbound_table) {
2793 			mutex_enter(&ipsapp->ipsap_pbucket->isaf_lock);
2794 			mutex_enter(&ipsapp->ipsap_bucket->isaf_lock);
2795 		} else {
2796 			mutex_enter(&ipsapp->ipsap_bucket->isaf_lock);
2797 			mutex_enter(&ipsapp->ipsap_pbucket->isaf_lock);
2798 		}
2799 
2800 		if (ipsapp->ipsap_sa_ptr != NULL) {
2801 			mutex_enter(&ipsapp->ipsap_sa_ptr->ipsa_lock);
2802 			if (ipsapp->ipsap_sa_ptr->ipsa_flags & IPSA_F_INBOUND) {
2803 				sadb_delete_cluster(ipsapp->ipsap_sa_ptr);
2804 			}
2805 			ipsapp->ipsap_sa_ptr->ipsa_state = IPSA_STATE_DEAD;
2806 			(void) sadb_torch_assoc(ipsapp->ipsap_bucket,
2807 			    ipsapp->ipsap_sa_ptr, B_FALSE, &torchq);
2808 			/*
2809 			 * sadb_torch_assoc() releases the ipsa_lock
2810 			 * and calls sadb_unlinkassoc() which does a
2811 			 * IPSA_REFRELE.
2812 			 */
2813 		}
2814 		if (ipsapp->ipsap_psa_ptr != NULL) {
2815 			mutex_enter(&ipsapp->ipsap_psa_ptr->ipsa_lock);
2816 			if (sadb_msg_type == SADB_X_DELPAIR ||
2817 			    ipsapp->ipsap_psa_ptr->ipsa_haspeer) {
2818 				if (ipsapp->ipsap_psa_ptr->ipsa_flags &
2819 				    IPSA_F_INBOUND) {
2820 					sadb_delete_cluster(
2821 					    ipsapp->ipsap_psa_ptr);
2822 				}
2823 				ipsapp->ipsap_psa_ptr->ipsa_state =
2824 				    IPSA_STATE_DEAD;
2825 				(void) sadb_torch_assoc(ipsapp->ipsap_pbucket,
2826 				    ipsapp->ipsap_psa_ptr, B_FALSE, &torchq);
2827 			} else {
2828 				/*
2829 				 * Only half of the "pair" has been deleted.
2830 				 * Update the remaining SA and remove references
2831 				 * to its pair SA, which is now gone.
2832 				 */
2833 				ipsapp->ipsap_psa_ptr->ipsa_otherspi = 0;
2834 				ipsapp->ipsap_psa_ptr->ipsa_flags &=
2835 				    ~IPSA_F_PAIRED;
2836 				mutex_exit(&ipsapp->ipsap_psa_ptr->ipsa_lock);
2837 			}
2838 		} else if (sadb_msg_type == SADB_X_DELPAIR) {
2839 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_SA_NOTFOUND;
2840 			error = ESRCH;
2841 		}
2842 		mutex_exit(&ipsapp->ipsap_bucket->isaf_lock);
2843 		mutex_exit(&ipsapp->ipsap_pbucket->isaf_lock);
2844 	}
2845 
2846 	if (torchq != NULL)
2847 		sadb_drain_torchq(spp->s_ip_q, torchq);
2848 
2849 	ASSERT(mp->b_cont != NULL);
2850 
2851 	if (error == 0)
2852 		sadb_pfkey_echo(pfkey_q, mp, (sadb_msg_t *)
2853 		    mp->b_cont->b_rptr, ksi, echo_target);
2854 
2855 	destroy_ipsa_pair(ipsapp);
2856 
2857 	return (error);
2858 }
2859 
2860 /*
2861  * This function takes a sadb_sa_t and finds the ipsa_t structure
2862  * and the isaf_t (hash bucket) that its stored under. If the security
2863  * association has a peer, the ipsa_t structure and bucket for that security
2864  * association are also searched for. The "pair" of ipsa_t's and isaf_t's
2865  * are returned as a ipsap_t.
2866  *
2867  * The hash buckets are returned for convenience, if the calling function
2868  * needs to use the hash bucket locks, say to remove the SA's, it should
2869  * take care to observe the convention of locking outbound bucket then
2870  * inbound bucket. The flag in_inbound_table provides direction.
2871  *
2872  * Note that a "pair" is defined as one (but not both) of the following:
2873  *
2874  * A security association which has a soft reference to another security
2875  * association via its SPI.
2876  *
2877  * A security association that is not obviously "inbound" or "outbound" so
2878  * it appears in both hash tables, the "peer" being the same security
2879  * association in the other hash table.
2880  *
2881  * This function will return NULL if the ipsa_t can't be found in the
2882  * inbound or outbound  hash tables (not found). If only one ipsa_t is
2883  * found, the pair ipsa_t will be NULL. Both isaf_t values are valid
2884  * provided at least one ipsa_t is found.
2885  */
2886 ipsap_t *
2887 get_ipsa_pair(sadb_sa_t *assoc, sadb_address_t *srcext, sadb_address_t *dstext,
2888     sadbp_t *spp)
2889 {
2890 	struct sockaddr_in *src, *dst;
2891 	struct sockaddr_in6 *src6, *dst6;
2892 	sadb_t *sp;
2893 	uint32_t *srcaddr, *dstaddr;
2894 	isaf_t *outbound_bucket, *inbound_bucket;
2895 	ipsap_t *ipsapp;
2896 	sa_family_t af;
2897 
2898 	uint32_t pair_srcaddr[IPSA_MAX_ADDRLEN];
2899 	uint32_t pair_dstaddr[IPSA_MAX_ADDRLEN];
2900 	uint32_t pair_spi;
2901 
2902 	ipsapp = kmem_zalloc(sizeof (*ipsapp), KM_NOSLEEP);
2903 	if (ipsapp == NULL)
2904 		return (NULL);
2905 
2906 	ipsapp->in_inbound_table = B_FALSE;
2907 
2908 	/*
2909 	 * Don't worry about IPv6 v4-mapped addresses, sadb_addrcheck()
2910 	 * takes care of them.
2911 	 */
2912 
2913 	dst = (struct sockaddr_in *)(dstext + 1);
2914 	af = dst->sin_family;
2915 	if (af == AF_INET6) {
2916 		sp = &spp->s_v6;
2917 		dst6 = (struct sockaddr_in6 *)dst;
2918 		dstaddr = (uint32_t *)&dst6->sin6_addr;
2919 		if (srcext != NULL) {
2920 			src6 = (struct sockaddr_in6 *)(srcext + 1);
2921 			srcaddr = (uint32_t *)&src6->sin6_addr;
2922 			ASSERT(src6->sin6_family == af);
2923 			ASSERT(src6->sin6_family == AF_INET6);
2924 		} else {
2925 			srcaddr = ALL_ZEROES_PTR;
2926 		}
2927 		outbound_bucket = OUTBOUND_BUCKET_V6(sp,
2928 		    *(uint32_t *)dstaddr);
2929 	} else {
2930 		sp = &spp->s_v4;
2931 		dstaddr = (uint32_t *)&dst->sin_addr;
2932 		if (srcext != NULL) {
2933 			src = (struct sockaddr_in *)(srcext + 1);
2934 			srcaddr = (uint32_t *)&src->sin_addr;
2935 			ASSERT(src->sin_family == af);
2936 			ASSERT(src->sin_family == AF_INET);
2937 		} else {
2938 			srcaddr = ALL_ZEROES_PTR;
2939 		}
2940 		outbound_bucket = OUTBOUND_BUCKET_V4(sp,
2941 		    *(uint32_t *)dstaddr);
2942 	}
2943 
2944 	inbound_bucket = INBOUND_BUCKET(sp, assoc->sadb_sa_spi);
2945 
2946 	/* Lock down both buckets. */
2947 	mutex_enter(&outbound_bucket->isaf_lock);
2948 	mutex_enter(&inbound_bucket->isaf_lock);
2949 
2950 	if (assoc->sadb_sa_flags & IPSA_F_INBOUND) {
2951 		ipsapp->ipsap_sa_ptr = ipsec_getassocbyspi(inbound_bucket,
2952 		    assoc->sadb_sa_spi, srcaddr, dstaddr, af);
2953 		if (ipsapp->ipsap_sa_ptr != NULL) {
2954 			ipsapp->ipsap_bucket = inbound_bucket;
2955 			ipsapp->ipsap_pbucket = outbound_bucket;
2956 			ipsapp->in_inbound_table = B_TRUE;
2957 		} else {
2958 			ipsapp->ipsap_sa_ptr =
2959 			    ipsec_getassocbyspi(outbound_bucket,
2960 			    assoc->sadb_sa_spi, srcaddr, dstaddr, af);
2961 			ipsapp->ipsap_bucket = outbound_bucket;
2962 			ipsapp->ipsap_pbucket = inbound_bucket;
2963 		}
2964 	} else {
2965 		/* IPSA_F_OUTBOUND is set *or* no directions flags set. */
2966 		ipsapp->ipsap_sa_ptr =
2967 		    ipsec_getassocbyspi(outbound_bucket,
2968 		    assoc->sadb_sa_spi, srcaddr, dstaddr, af);
2969 		if (ipsapp->ipsap_sa_ptr != NULL) {
2970 			ipsapp->ipsap_bucket = outbound_bucket;
2971 			ipsapp->ipsap_pbucket = inbound_bucket;
2972 		} else {
2973 			ipsapp->ipsap_sa_ptr =
2974 			    ipsec_getassocbyspi(inbound_bucket,
2975 			    assoc->sadb_sa_spi, srcaddr, dstaddr, af);
2976 			ipsapp->ipsap_bucket = inbound_bucket;
2977 			ipsapp->ipsap_pbucket = outbound_bucket;
2978 			if (ipsapp->ipsap_sa_ptr != NULL)
2979 				ipsapp->in_inbound_table = B_TRUE;
2980 		}
2981 	}
2982 
2983 	if (ipsapp->ipsap_sa_ptr == NULL) {
2984 		mutex_exit(&outbound_bucket->isaf_lock);
2985 		mutex_exit(&inbound_bucket->isaf_lock);
2986 		kmem_free(ipsapp, sizeof (*ipsapp));
2987 		return (NULL);
2988 	}
2989 
2990 	if ((ipsapp->ipsap_sa_ptr->ipsa_state == IPSA_STATE_LARVAL) &&
2991 	    ipsapp->in_inbound_table) {
2992 		mutex_exit(&outbound_bucket->isaf_lock);
2993 		mutex_exit(&inbound_bucket->isaf_lock);
2994 		return (ipsapp);
2995 	}
2996 
2997 	mutex_enter(&ipsapp->ipsap_sa_ptr->ipsa_lock);
2998 	if (ipsapp->ipsap_sa_ptr->ipsa_haspeer) {
2999 		/*
3000 		 * haspeer implies no sa_pairing, look for same spi
3001 		 * in other hashtable.
3002 		 */
3003 		ipsapp->ipsap_psa_ptr =
3004 		    ipsec_getassocbyspi(ipsapp->ipsap_pbucket,
3005 		    assoc->sadb_sa_spi, srcaddr, dstaddr, af);
3006 		mutex_exit(&ipsapp->ipsap_sa_ptr->ipsa_lock);
3007 		mutex_exit(&outbound_bucket->isaf_lock);
3008 		mutex_exit(&inbound_bucket->isaf_lock);
3009 		return (ipsapp);
3010 	}
3011 	pair_spi = ipsapp->ipsap_sa_ptr->ipsa_otherspi;
3012 	IPSA_COPY_ADDR(&pair_srcaddr,
3013 	    ipsapp->ipsap_sa_ptr->ipsa_srcaddr, af);
3014 	IPSA_COPY_ADDR(&pair_dstaddr,
3015 	    ipsapp->ipsap_sa_ptr->ipsa_dstaddr, af);
3016 	mutex_exit(&ipsapp->ipsap_sa_ptr->ipsa_lock);
3017 	mutex_exit(&outbound_bucket->isaf_lock);
3018 	mutex_exit(&inbound_bucket->isaf_lock);
3019 
3020 	if (pair_spi == 0) {
3021 		ASSERT(ipsapp->ipsap_bucket != NULL);
3022 		ASSERT(ipsapp->ipsap_pbucket != NULL);
3023 		return (ipsapp);
3024 	}
3025 
3026 	/* found sa in outbound sadb, peer should be inbound */
3027 
3028 	if (ipsapp->in_inbound_table) {
3029 		/* Found SA in inbound table, pair will be in outbound. */
3030 		if (af == AF_INET6) {
3031 			ipsapp->ipsap_pbucket = OUTBOUND_BUCKET_V6(sp,
3032 			    *(uint32_t *)pair_srcaddr);
3033 		} else {
3034 			ipsapp->ipsap_pbucket = OUTBOUND_BUCKET_V4(sp,
3035 			    *(uint32_t *)pair_srcaddr);
3036 		}
3037 	} else {
3038 		ipsapp->ipsap_pbucket = INBOUND_BUCKET(sp, pair_spi);
3039 	}
3040 	mutex_enter(&ipsapp->ipsap_pbucket->isaf_lock);
3041 	ipsapp->ipsap_psa_ptr = ipsec_getassocbyspi(ipsapp->ipsap_pbucket,
3042 	    pair_spi, pair_dstaddr, pair_srcaddr, af);
3043 	mutex_exit(&ipsapp->ipsap_pbucket->isaf_lock);
3044 	ASSERT(ipsapp->ipsap_bucket != NULL);
3045 	ASSERT(ipsapp->ipsap_pbucket != NULL);
3046 	return (ipsapp);
3047 }
3048 
3049 /*
3050  * Perform NAT-traversal cached checksum offset calculations here.
3051  */
3052 static void
3053 sadb_nat_calculations(ipsa_t *newbie, sadb_address_t *natt_loc_ext,
3054     sadb_address_t *natt_rem_ext, uint32_t *src_addr_ptr,
3055     uint32_t *dst_addr_ptr)
3056 {
3057 	struct sockaddr_in *natt_loc, *natt_rem;
3058 	uint32_t *natt_loc_ptr = NULL, *natt_rem_ptr = NULL;
3059 	uint32_t running_sum = 0;
3060 
3061 #define	DOWN_SUM(x) (x) = ((x) & 0xFFFF) +	 ((x) >> 16)
3062 
3063 	if (natt_rem_ext != NULL) {
3064 		uint32_t l_src;
3065 		uint32_t l_rem;
3066 
3067 		natt_rem = (struct sockaddr_in *)(natt_rem_ext + 1);
3068 
3069 		/* Ensured by sadb_addrfix(). */
3070 		ASSERT(natt_rem->sin_family == AF_INET);
3071 
3072 		natt_rem_ptr = (uint32_t *)(&natt_rem->sin_addr);
3073 		newbie->ipsa_remote_nat_port = natt_rem->sin_port;
3074 		l_src = *src_addr_ptr;
3075 		l_rem = *natt_rem_ptr;
3076 
3077 		/* Instead of IPSA_COPY_ADDR(), just copy first 32 bits. */
3078 		newbie->ipsa_natt_addr_rem = *natt_rem_ptr;
3079 
3080 		l_src = ntohl(l_src);
3081 		DOWN_SUM(l_src);
3082 		DOWN_SUM(l_src);
3083 		l_rem = ntohl(l_rem);
3084 		DOWN_SUM(l_rem);
3085 		DOWN_SUM(l_rem);
3086 
3087 		/*
3088 		 * We're 1's complement for checksums, so check for wraparound
3089 		 * here.
3090 		 */
3091 		if (l_rem > l_src)
3092 			l_src--;
3093 
3094 		running_sum += l_src - l_rem;
3095 
3096 		DOWN_SUM(running_sum);
3097 		DOWN_SUM(running_sum);
3098 	}
3099 
3100 	if (natt_loc_ext != NULL) {
3101 		natt_loc = (struct sockaddr_in *)(natt_loc_ext + 1);
3102 
3103 		/* Ensured by sadb_addrfix(). */
3104 		ASSERT(natt_loc->sin_family == AF_INET);
3105 
3106 		natt_loc_ptr = (uint32_t *)(&natt_loc->sin_addr);
3107 		newbie->ipsa_local_nat_port = natt_loc->sin_port;
3108 
3109 		/* Instead of IPSA_COPY_ADDR(), just copy first 32 bits. */
3110 		newbie->ipsa_natt_addr_loc = *natt_loc_ptr;
3111 
3112 		/*
3113 		 * NAT-T port agility means we may have natt_loc_ext, but
3114 		 * only for a local-port change.
3115 		 */
3116 		if (natt_loc->sin_addr.s_addr != INADDR_ANY) {
3117 			uint32_t l_dst = ntohl(*dst_addr_ptr);
3118 			uint32_t l_loc = ntohl(*natt_loc_ptr);
3119 
3120 			DOWN_SUM(l_loc);
3121 			DOWN_SUM(l_loc);
3122 			DOWN_SUM(l_dst);
3123 			DOWN_SUM(l_dst);
3124 
3125 			/*
3126 			 * We're 1's complement for checksums, so check for
3127 			 * wraparound here.
3128 			 */
3129 			if (l_loc > l_dst)
3130 				l_dst--;
3131 
3132 			running_sum += l_dst - l_loc;
3133 			DOWN_SUM(running_sum);
3134 			DOWN_SUM(running_sum);
3135 		}
3136 	}
3137 
3138 	newbie->ipsa_inbound_cksum = running_sum;
3139 #undef DOWN_SUM
3140 }
3141 
3142 /*
3143  * This function is called from consumers that need to insert a fully-grown
3144  * security association into its tables.  This function takes into account that
3145  * SAs can be "inbound", "outbound", or "both".	 The "primary" and "secondary"
3146  * hash bucket parameters are set in order of what the SA will be most of the
3147  * time.  (For example, an SA with an unspecified source, and a multicast
3148  * destination will primarily be an outbound SA.  OTOH, if that destination
3149  * is unicast for this node, then the SA will primarily be inbound.)
3150  *
3151  * It takes a lot of parameters because even if clone is B_FALSE, this needs
3152  * to check both buckets for purposes of collision.
3153  *
3154  * Return 0 upon success.  Return various errnos (ENOMEM, EEXIST) for
3155  * various error conditions.  We may need to set samsg->sadb_x_msg_diagnostic
3156  * with additional diagnostic information because there is at least one EINVAL
3157  * case here.
3158  */
3159 int
3160 sadb_common_add(queue_t *ip_q, queue_t *pfkey_q, mblk_t *mp, sadb_msg_t *samsg,
3161     keysock_in_t *ksi, isaf_t *primary, isaf_t *secondary,
3162     ipsa_t *newbie, boolean_t clone, boolean_t is_inbound, int *diagnostic,
3163     netstack_t *ns, sadbp_t *spp)
3164 {
3165 	ipsa_t *newbie_clone = NULL, *scratch;
3166 	ipsap_t *ipsapp = NULL;
3167 	sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
3168 	sadb_address_t *srcext =
3169 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_SRC];
3170 	sadb_address_t *dstext =
3171 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
3172 	sadb_address_t *isrcext =
3173 	    (sadb_address_t *)ksi->ks_in_extv[SADB_X_EXT_ADDRESS_INNER_SRC];
3174 	sadb_address_t *idstext =
3175 	    (sadb_address_t *)ksi->ks_in_extv[SADB_X_EXT_ADDRESS_INNER_DST];
3176 	sadb_x_kmc_t *kmcext =
3177 	    (sadb_x_kmc_t *)ksi->ks_in_extv[SADB_X_EXT_KM_COOKIE];
3178 	sadb_key_t *akey = (sadb_key_t *)ksi->ks_in_extv[SADB_EXT_KEY_AUTH];
3179 	sadb_key_t *ekey = (sadb_key_t *)ksi->ks_in_extv[SADB_EXT_KEY_ENCRYPT];
3180 	sadb_x_pair_t *pair_ext =
3181 	    (sadb_x_pair_t *)ksi->ks_in_extv[SADB_X_EXT_PAIR];
3182 	sadb_x_replay_ctr_t *replayext =
3183 	    (sadb_x_replay_ctr_t *)ksi->ks_in_extv[SADB_X_EXT_REPLAY_VALUE];
3184 	uint8_t protocol =
3185 	    (samsg->sadb_msg_satype == SADB_SATYPE_AH) ? IPPROTO_AH:IPPROTO_ESP;
3186 	int salt_offset;
3187 	uint8_t *buf_ptr;
3188 #if 0
3189 	/*
3190 	 * XXXMLS - When Trusted Solaris or Multi-Level Secure functionality
3191 	 * comes to ON, examine these if 0'ed fragments.  Look for XXXMLS.
3192 	 */
3193 	sadb_sens_t *sens = (sadb_sens_t *);
3194 #endif
3195 	struct sockaddr_in *src, *dst, *isrc, *idst;
3196 	struct sockaddr_in6 *src6, *dst6, *isrc6, *idst6;
3197 	sadb_lifetime_t *soft =
3198 	    (sadb_lifetime_t *)ksi->ks_in_extv[SADB_EXT_LIFETIME_SOFT];
3199 	sadb_lifetime_t *hard =
3200 	    (sadb_lifetime_t *)ksi->ks_in_extv[SADB_EXT_LIFETIME_HARD];
3201 	sadb_lifetime_t	*idle =
3202 	    (sadb_lifetime_t *)ksi->ks_in_extv[SADB_X_EXT_LIFETIME_IDLE];
3203 	sa_family_t af;
3204 	int error = 0;
3205 	boolean_t isupdate = (newbie != NULL);
3206 	uint32_t *src_addr_ptr, *dst_addr_ptr, *isrc_addr_ptr, *idst_addr_ptr;
3207 	mblk_t *ctl_mp = NULL;
3208 	ipsec_stack_t	*ipss = ns->netstack_ipsec;
3209 	ipsec_alginfo_t *alg;
3210 	int		rcode;
3211 
3212 	if (srcext == NULL) {
3213 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_SRC;
3214 		return (EINVAL);
3215 	}
3216 	if (dstext == NULL) {
3217 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_DST;
3218 		return (EINVAL);
3219 	}
3220 	if (assoc == NULL) {
3221 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_SA;
3222 		return (EINVAL);
3223 	}
3224 
3225 	src = (struct sockaddr_in *)(srcext + 1);
3226 	src6 = (struct sockaddr_in6 *)(srcext + 1);
3227 	dst = (struct sockaddr_in *)(dstext + 1);
3228 	dst6 = (struct sockaddr_in6 *)(dstext + 1);
3229 	if (isrcext != NULL) {
3230 		isrc = (struct sockaddr_in *)(isrcext + 1);
3231 		isrc6 = (struct sockaddr_in6 *)(isrcext + 1);
3232 		ASSERT(idstext != NULL);
3233 		idst = (struct sockaddr_in *)(idstext + 1);
3234 		idst6 = (struct sockaddr_in6 *)(idstext + 1);
3235 	} else {
3236 		isrc = NULL;
3237 		isrc6 = NULL;
3238 	}
3239 
3240 	af = src->sin_family;
3241 
3242 	if (af == AF_INET) {
3243 		src_addr_ptr = (uint32_t *)&src->sin_addr;
3244 		dst_addr_ptr = (uint32_t *)&dst->sin_addr;
3245 	} else {
3246 		ASSERT(af == AF_INET6);
3247 		src_addr_ptr = (uint32_t *)&src6->sin6_addr;
3248 		dst_addr_ptr = (uint32_t *)&dst6->sin6_addr;
3249 	}
3250 
3251 	if (!isupdate && (clone == B_TRUE || is_inbound == B_TRUE) &&
3252 	    cl_inet_checkspi &&
3253 	    (assoc->sadb_sa_state != SADB_X_SASTATE_ACTIVE_ELSEWHERE)) {
3254 		rcode = cl_inet_checkspi(ns->netstack_stackid, protocol,
3255 		    assoc->sadb_sa_spi, NULL);
3256 		if (rcode == -1) {
3257 			return (EEXIST);
3258 		}
3259 	}
3260 
3261 	/*
3262 	 * Check to see if the new SA will be cloned AND paired. The
3263 	 * reason a SA will be cloned is the source or destination addresses
3264 	 * are not specific enough to determine if the SA goes in the outbound
3265 	 * or the inbound hash table, so its cloned and put in both. If
3266 	 * the SA is paired, it's soft linked to another SA for the other
3267 	 * direction. Keeping track and looking up SA's that are direction
3268 	 * unspecific and linked is too hard.
3269 	 */
3270 	if (clone && (pair_ext != NULL)) {
3271 		*diagnostic = SADB_X_DIAGNOSTIC_PAIR_INAPPROPRIATE;
3272 		return (EINVAL);
3273 	}
3274 
3275 	if (!isupdate) {
3276 		newbie = sadb_makelarvalassoc(assoc->sadb_sa_spi,
3277 		    src_addr_ptr, dst_addr_ptr, af, ns);
3278 		if (newbie == NULL)
3279 			return (ENOMEM);
3280 	}
3281 
3282 	mutex_enter(&newbie->ipsa_lock);
3283 
3284 	if (isrc != NULL) {
3285 		if (isrc->sin_family == AF_INET) {
3286 			if (srcext->sadb_address_proto != IPPROTO_ENCAP) {
3287 				if (srcext->sadb_address_proto != 0) {
3288 					/*
3289 					 * Mismatched outer-packet protocol
3290 					 * and inner-packet address family.
3291 					 */
3292 					mutex_exit(&newbie->ipsa_lock);
3293 					error = EPROTOTYPE;
3294 					*diagnostic =
3295 					    SADB_X_DIAGNOSTIC_INNER_AF_MISMATCH;
3296 					goto error;
3297 				} else {
3298 					/* Fill in with explicit protocol. */
3299 					srcext->sadb_address_proto =
3300 					    IPPROTO_ENCAP;
3301 					dstext->sadb_address_proto =
3302 					    IPPROTO_ENCAP;
3303 				}
3304 			}
3305 			isrc_addr_ptr = (uint32_t *)&isrc->sin_addr;
3306 			idst_addr_ptr = (uint32_t *)&idst->sin_addr;
3307 		} else {
3308 			ASSERT(isrc->sin_family == AF_INET6);
3309 			if (srcext->sadb_address_proto != IPPROTO_IPV6) {
3310 				if (srcext->sadb_address_proto != 0) {
3311 					/*
3312 					 * Mismatched outer-packet protocol
3313 					 * and inner-packet address family.
3314 					 */
3315 					mutex_exit(&newbie->ipsa_lock);
3316 					error = EPROTOTYPE;
3317 					*diagnostic =
3318 					    SADB_X_DIAGNOSTIC_INNER_AF_MISMATCH;
3319 					goto error;
3320 				} else {
3321 					/* Fill in with explicit protocol. */
3322 					srcext->sadb_address_proto =
3323 					    IPPROTO_IPV6;
3324 					dstext->sadb_address_proto =
3325 					    IPPROTO_IPV6;
3326 				}
3327 			}
3328 			isrc_addr_ptr = (uint32_t *)&isrc6->sin6_addr;
3329 			idst_addr_ptr = (uint32_t *)&idst6->sin6_addr;
3330 		}
3331 		newbie->ipsa_innerfam = isrc->sin_family;
3332 
3333 		IPSA_COPY_ADDR(newbie->ipsa_innersrc, isrc_addr_ptr,
3334 		    newbie->ipsa_innerfam);
3335 		IPSA_COPY_ADDR(newbie->ipsa_innerdst, idst_addr_ptr,
3336 		    newbie->ipsa_innerfam);
3337 		newbie->ipsa_innersrcpfx = isrcext->sadb_address_prefixlen;
3338 		newbie->ipsa_innerdstpfx = idstext->sadb_address_prefixlen;
3339 
3340 		/* Unique value uses inner-ports for Tunnel Mode... */
3341 		newbie->ipsa_unique_id = SA_UNIQUE_ID(isrc->sin_port,
3342 		    idst->sin_port, dstext->sadb_address_proto,
3343 		    idstext->sadb_address_proto);
3344 		newbie->ipsa_unique_mask = SA_UNIQUE_MASK(isrc->sin_port,
3345 		    idst->sin_port, dstext->sadb_address_proto,
3346 		    idstext->sadb_address_proto);
3347 	} else {
3348 		/* ... and outer-ports for Transport Mode. */
3349 		newbie->ipsa_unique_id = SA_UNIQUE_ID(src->sin_port,
3350 		    dst->sin_port, dstext->sadb_address_proto, 0);
3351 		newbie->ipsa_unique_mask = SA_UNIQUE_MASK(src->sin_port,
3352 		    dst->sin_port, dstext->sadb_address_proto, 0);
3353 	}
3354 	if (newbie->ipsa_unique_mask != (uint64_t)0)
3355 		newbie->ipsa_flags |= IPSA_F_UNIQUE;
3356 
3357 	sadb_nat_calculations(newbie,
3358 	    (sadb_address_t *)ksi->ks_in_extv[SADB_X_EXT_ADDRESS_NATT_LOC],
3359 	    (sadb_address_t *)ksi->ks_in_extv[SADB_X_EXT_ADDRESS_NATT_REM],
3360 	    src_addr_ptr, dst_addr_ptr);
3361 
3362 	newbie->ipsa_type = samsg->sadb_msg_satype;
3363 
3364 	ASSERT((assoc->sadb_sa_state == SADB_SASTATE_MATURE) ||
3365 	    (assoc->sadb_sa_state == SADB_X_SASTATE_ACTIVE_ELSEWHERE));
3366 	newbie->ipsa_auth_alg = assoc->sadb_sa_auth;
3367 	newbie->ipsa_encr_alg = assoc->sadb_sa_encrypt;
3368 
3369 	newbie->ipsa_flags |= assoc->sadb_sa_flags;
3370 	if (newbie->ipsa_flags & SADB_X_SAFLAGS_NATT_LOC &&
3371 	    ksi->ks_in_extv[SADB_X_EXT_ADDRESS_NATT_LOC] == NULL) {
3372 		mutex_exit(&newbie->ipsa_lock);
3373 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_NATT_LOC;
3374 		error = EINVAL;
3375 		goto error;
3376 	}
3377 	if (newbie->ipsa_flags & SADB_X_SAFLAGS_NATT_REM &&
3378 	    ksi->ks_in_extv[SADB_X_EXT_ADDRESS_NATT_REM] == NULL) {
3379 		mutex_exit(&newbie->ipsa_lock);
3380 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_NATT_REM;
3381 		error = EINVAL;
3382 		goto error;
3383 	}
3384 	if (newbie->ipsa_flags & SADB_X_SAFLAGS_TUNNEL &&
3385 	    ksi->ks_in_extv[SADB_X_EXT_ADDRESS_INNER_SRC] == NULL) {
3386 		mutex_exit(&newbie->ipsa_lock);
3387 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_INNER_SRC;
3388 		error = EINVAL;
3389 		goto error;
3390 	}
3391 	/*
3392 	 * If unspecified source address, force replay_wsize to 0.
3393 	 * This is because an SA that has multiple sources of secure
3394 	 * traffic cannot enforce a replay counter w/o synchronizing the
3395 	 * senders.
3396 	 */
3397 	if (ksi->ks_in_srctype != KS_IN_ADDR_UNSPEC)
3398 		newbie->ipsa_replay_wsize = assoc->sadb_sa_replay;
3399 	else
3400 		newbie->ipsa_replay_wsize = 0;
3401 
3402 	newbie->ipsa_addtime = gethrestime_sec();
3403 
3404 	if (kmcext != NULL) {
3405 		newbie->ipsa_kmp = kmcext->sadb_x_kmc_proto;
3406 		newbie->ipsa_kmc = kmcext->sadb_x_kmc_cookie;
3407 	}
3408 
3409 	/*
3410 	 * XXX CURRENT lifetime checks MAY BE needed for an UPDATE.
3411 	 * The spec says that one can update current lifetimes, but
3412 	 * that seems impractical, especially in the larval-to-mature
3413 	 * update that this function performs.
3414 	 */
3415 	if (soft != NULL) {
3416 		newbie->ipsa_softaddlt = soft->sadb_lifetime_addtime;
3417 		newbie->ipsa_softuselt = soft->sadb_lifetime_usetime;
3418 		newbie->ipsa_softbyteslt = soft->sadb_lifetime_bytes;
3419 		newbie->ipsa_softalloc = soft->sadb_lifetime_allocations;
3420 		SET_EXPIRE(newbie, softaddlt, softexpiretime);
3421 	}
3422 	if (hard != NULL) {
3423 		newbie->ipsa_hardaddlt = hard->sadb_lifetime_addtime;
3424 		newbie->ipsa_harduselt = hard->sadb_lifetime_usetime;
3425 		newbie->ipsa_hardbyteslt = hard->sadb_lifetime_bytes;
3426 		newbie->ipsa_hardalloc = hard->sadb_lifetime_allocations;
3427 		SET_EXPIRE(newbie, hardaddlt, hardexpiretime);
3428 	}
3429 	if (idle != NULL) {
3430 		newbie->ipsa_idleaddlt = idle->sadb_lifetime_addtime;
3431 		newbie->ipsa_idleuselt = idle->sadb_lifetime_usetime;
3432 		newbie->ipsa_idleexpiretime = newbie->ipsa_addtime +
3433 		    newbie->ipsa_idleaddlt;
3434 		newbie->ipsa_idletime = newbie->ipsa_idleaddlt;
3435 	}
3436 
3437 	newbie->ipsa_authtmpl = NULL;
3438 	newbie->ipsa_encrtmpl = NULL;
3439 
3440 	if (akey != NULL) {
3441 		newbie->ipsa_authkeybits = akey->sadb_key_bits;
3442 		newbie->ipsa_authkeylen = SADB_1TO8(akey->sadb_key_bits);
3443 		/* In case we have to round up to the next byte... */
3444 		if ((akey->sadb_key_bits & 0x7) != 0)
3445 			newbie->ipsa_authkeylen++;
3446 		newbie->ipsa_authkey = kmem_alloc(newbie->ipsa_authkeylen,
3447 		    KM_NOSLEEP);
3448 		if (newbie->ipsa_authkey == NULL) {
3449 			error = ENOMEM;
3450 			mutex_exit(&newbie->ipsa_lock);
3451 			goto error;
3452 		}
3453 		bcopy(akey + 1, newbie->ipsa_authkey, newbie->ipsa_authkeylen);
3454 		bzero(akey + 1, newbie->ipsa_authkeylen);
3455 
3456 		/*
3457 		 * Pre-initialize the kernel crypto framework key
3458 		 * structure.
3459 		 */
3460 		newbie->ipsa_kcfauthkey.ck_format = CRYPTO_KEY_RAW;
3461 		newbie->ipsa_kcfauthkey.ck_length = newbie->ipsa_authkeybits;
3462 		newbie->ipsa_kcfauthkey.ck_data = newbie->ipsa_authkey;
3463 
3464 		mutex_enter(&ipss->ipsec_alg_lock);
3465 		alg = ipss->ipsec_alglists[IPSEC_ALG_AUTH]
3466 		    [newbie->ipsa_auth_alg];
3467 		if (alg != NULL && ALG_VALID(alg)) {
3468 			newbie->ipsa_amech.cm_type = alg->alg_mech_type;
3469 			newbie->ipsa_amech.cm_param =
3470 			    (char *)&newbie->ipsa_mac_len;
3471 			newbie->ipsa_amech.cm_param_len = sizeof (size_t);
3472 			newbie->ipsa_mac_len = (size_t)alg->alg_datalen;
3473 		} else {
3474 			newbie->ipsa_amech.cm_type = CRYPTO_MECHANISM_INVALID;
3475 		}
3476 		error = ipsec_create_ctx_tmpl(newbie, IPSEC_ALG_AUTH);
3477 		mutex_exit(&ipss->ipsec_alg_lock);
3478 		if (error != 0) {
3479 			mutex_exit(&newbie->ipsa_lock);
3480 			/*
3481 			 * An error here indicates that alg is the wrong type
3482 			 * (IE: not authentication) or its not in the alg tables
3483 			 * created by ipsecalgs(1m), or Kcf does not like the
3484 			 * parameters passed in with this algorithm, which is
3485 			 * probably a coding error!
3486 			 */
3487 			*diagnostic = SADB_X_DIAGNOSTIC_BAD_CTX;
3488 
3489 			goto error;
3490 		}
3491 	}
3492 
3493 	if (ekey != NULL) {
3494 		mutex_enter(&ipss->ipsec_alg_lock);
3495 		alg = ipss->ipsec_alglists[IPSEC_ALG_ENCR]
3496 		    [newbie->ipsa_encr_alg];
3497 
3498 		if (alg != NULL && ALG_VALID(alg)) {
3499 			newbie->ipsa_emech.cm_type = alg->alg_mech_type;
3500 			newbie->ipsa_datalen = alg->alg_datalen;
3501 			if (alg->alg_flags & ALG_FLAG_COUNTERMODE)
3502 				newbie->ipsa_flags |= IPSA_F_COUNTERMODE;
3503 
3504 			if (alg->alg_flags & ALG_FLAG_COMBINED) {
3505 				newbie->ipsa_flags |= IPSA_F_COMBINED;
3506 				newbie->ipsa_mac_len =  alg->alg_icvlen;
3507 			}
3508 
3509 			if (alg->alg_flags & ALG_FLAG_CCM)
3510 				newbie->ipsa_noncefunc = ccm_params_init;
3511 			else if (alg->alg_flags & ALG_FLAG_GCM)
3512 				newbie->ipsa_noncefunc = gcm_params_init;
3513 			else newbie->ipsa_noncefunc = cbc_params_init;
3514 
3515 			newbie->ipsa_saltlen = alg->alg_saltlen;
3516 			newbie->ipsa_saltbits = SADB_8TO1(newbie->ipsa_saltlen);
3517 			newbie->ipsa_iv_len = alg->alg_ivlen;
3518 			newbie->ipsa_nonce_len = newbie->ipsa_saltlen +
3519 			    newbie->ipsa_iv_len;
3520 			newbie->ipsa_emech.cm_param = NULL;
3521 			newbie->ipsa_emech.cm_param_len = 0;
3522 		} else {
3523 			newbie->ipsa_emech.cm_type = CRYPTO_MECHANISM_INVALID;
3524 		}
3525 		mutex_exit(&ipss->ipsec_alg_lock);
3526 
3527 		/*
3528 		 * The byte stream following the sadb_key_t is made up of:
3529 		 * key bytes, [salt bytes], [IV initial value]
3530 		 * All of these have variable length. The IV is typically
3531 		 * randomly generated by this function and not passed in.
3532 		 * By supporting the injection of a known IV, the whole
3533 		 * IPsec subsystem and the underlying crypto subsystem
3534 		 * can be tested with known test vectors.
3535 		 *
3536 		 * The keying material has been checked by ext_check()
3537 		 * and ipsec_valid_key_size(), after removing salt/IV
3538 		 * bits, whats left is the encryption key. If this is too
3539 		 * short, ipsec_create_ctx_tmpl() will fail and the SA
3540 		 * won't get created.
3541 		 *
3542 		 * set ipsa_encrkeylen to length of key only.
3543 		 */
3544 		newbie->ipsa_encrkeybits = ekey->sadb_key_bits;
3545 		newbie->ipsa_encrkeybits -= ekey->sadb_key_reserved;
3546 		newbie->ipsa_encrkeybits -= newbie->ipsa_saltbits;
3547 		newbie->ipsa_encrkeylen = SADB_1TO8(newbie->ipsa_encrkeybits);
3548 
3549 		/* In case we have to round up to the next byte... */
3550 		if ((ekey->sadb_key_bits & 0x7) != 0)
3551 			newbie->ipsa_encrkeylen++;
3552 
3553 		newbie->ipsa_encrkey = kmem_alloc(newbie->ipsa_encrkeylen,
3554 		    KM_NOSLEEP);
3555 		if (newbie->ipsa_encrkey == NULL) {
3556 			error = ENOMEM;
3557 			mutex_exit(&newbie->ipsa_lock);
3558 			goto error;
3559 		}
3560 
3561 		buf_ptr = (uint8_t *)(ekey + 1);
3562 		bcopy(buf_ptr, newbie->ipsa_encrkey, newbie->ipsa_encrkeylen);
3563 
3564 		if (newbie->ipsa_flags & IPSA_F_COMBINED) {
3565 			/*
3566 			 * Combined mode algs need a nonce. Copy the salt and
3567 			 * IV into a buffer. The ipsa_nonce is a pointer into
3568 			 * this buffer, some bytes at the start of the buffer
3569 			 * may be unused, depends on the salt length. The IV
3570 			 * is 64 bit aligned so it can be incremented as a
3571 			 * uint64_t. Zero out key in samsg_t before freeing.
3572 			 */
3573 
3574 			newbie->ipsa_nonce_buf = kmem_alloc(
3575 			    sizeof (ipsec_nonce_t), KM_NOSLEEP);
3576 			if (newbie->ipsa_nonce_buf == NULL) {
3577 				error = ENOMEM;
3578 				mutex_exit(&newbie->ipsa_lock);
3579 				goto error;
3580 			}
3581 			/*
3582 			 * Initialize nonce and salt pointers to point
3583 			 * to the nonce buffer. This is just in case we get
3584 			 * bad data, the pointers will be valid, the data
3585 			 * won't be.
3586 			 *
3587 			 * See sadb.h for layout of nonce.
3588 			 */
3589 			newbie->ipsa_iv = &newbie->ipsa_nonce_buf->iv;
3590 			newbie->ipsa_salt = (uint8_t *)newbie->ipsa_nonce_buf;
3591 			newbie->ipsa_nonce = newbie->ipsa_salt;
3592 			if (newbie->ipsa_saltlen != 0) {
3593 				salt_offset = MAXSALTSIZE -
3594 				    newbie->ipsa_saltlen;
3595 				newbie->ipsa_salt = (uint8_t *)
3596 				    &newbie->ipsa_nonce_buf->salt[salt_offset];
3597 				newbie->ipsa_nonce = newbie->ipsa_salt;
3598 				buf_ptr += newbie->ipsa_encrkeylen;
3599 				bcopy(buf_ptr, newbie->ipsa_salt,
3600 				    newbie->ipsa_saltlen);
3601 			}
3602 			/*
3603 			 * The IV for CCM/GCM mode increments, it should not
3604 			 * repeat. Get a random value for the IV, make a
3605 			 * copy, the SA will expire when/if the IV ever
3606 			 * wraps back to the initial value. If an Initial IV
3607 			 * is passed in via PF_KEY, save this in the SA.
3608 			 * Initialising IV for inbound is pointless as its
3609 			 * taken from the inbound packet.
3610 			 */
3611 			if (!is_inbound) {
3612 				if (ekey->sadb_key_reserved != 0) {
3613 					buf_ptr += newbie->ipsa_saltlen;
3614 					bcopy(buf_ptr, (uint8_t *)newbie->
3615 					    ipsa_iv, SADB_1TO8(ekey->
3616 					    sadb_key_reserved));
3617 				} else {
3618 					(void) random_get_pseudo_bytes(
3619 					    (uint8_t *)newbie->ipsa_iv,
3620 					    newbie->ipsa_iv_len);
3621 				}
3622 				newbie->ipsa_iv_softexpire =
3623 				    (*newbie->ipsa_iv) << 9;
3624 				newbie->ipsa_iv_hardexpire = *newbie->ipsa_iv;
3625 			}
3626 		}
3627 		bzero((ekey + 1), SADB_1TO8(ekey->sadb_key_bits));
3628 
3629 		/*
3630 		 * Pre-initialize the kernel crypto framework key
3631 		 * structure.
3632 		 */
3633 		newbie->ipsa_kcfencrkey.ck_format = CRYPTO_KEY_RAW;
3634 		newbie->ipsa_kcfencrkey.ck_length = newbie->ipsa_encrkeybits;
3635 		newbie->ipsa_kcfencrkey.ck_data = newbie->ipsa_encrkey;
3636 
3637 		mutex_enter(&ipss->ipsec_alg_lock);
3638 		error = ipsec_create_ctx_tmpl(newbie, IPSEC_ALG_ENCR);
3639 		mutex_exit(&ipss->ipsec_alg_lock);
3640 		if (error != 0) {
3641 			mutex_exit(&newbie->ipsa_lock);
3642 			/* See above for error explanation. */
3643 			*diagnostic = SADB_X_DIAGNOSTIC_BAD_CTX;
3644 			goto error;
3645 		}
3646 	}
3647 
3648 	/*
3649 	 * Ptrs to processing functions.
3650 	 */
3651 	if (newbie->ipsa_type == SADB_SATYPE_ESP)
3652 		ipsecesp_init_funcs(newbie);
3653 	else
3654 		ipsecah_init_funcs(newbie);
3655 	ASSERT(newbie->ipsa_output_func != NULL &&
3656 	    newbie->ipsa_input_func != NULL);
3657 
3658 	/*
3659 	 * Certificate ID stuff.
3660 	 */
3661 	if (ksi->ks_in_extv[SADB_EXT_IDENTITY_SRC] != NULL) {
3662 		sadb_ident_t *id =
3663 		    (sadb_ident_t *)ksi->ks_in_extv[SADB_EXT_IDENTITY_SRC];
3664 
3665 		/*
3666 		 * Can assume strlen() will return okay because ext_check() in
3667 		 * keysock.c prepares the string for us.
3668 		 */
3669 		newbie->ipsa_src_cid = ipsid_lookup(id->sadb_ident_type,
3670 		    (char *)(id+1), ns);
3671 		if (newbie->ipsa_src_cid == NULL) {
3672 			error = ENOMEM;
3673 			mutex_exit(&newbie->ipsa_lock);
3674 			goto error;
3675 		}
3676 	}
3677 
3678 	if (ksi->ks_in_extv[SADB_EXT_IDENTITY_DST] != NULL) {
3679 		sadb_ident_t *id =
3680 		    (sadb_ident_t *)ksi->ks_in_extv[SADB_EXT_IDENTITY_DST];
3681 
3682 		/*
3683 		 * Can assume strlen() will return okay because ext_check() in
3684 		 * keysock.c prepares the string for us.
3685 		 */
3686 		newbie->ipsa_dst_cid = ipsid_lookup(id->sadb_ident_type,
3687 		    (char *)(id+1), ns);
3688 		if (newbie->ipsa_dst_cid == NULL) {
3689 			error = ENOMEM;
3690 			mutex_exit(&newbie->ipsa_lock);
3691 			goto error;
3692 		}
3693 	}
3694 
3695 #if 0
3696 	/* XXXMLS  SENSITIVITY handling code. */
3697 	if (sens != NULL) {
3698 		int i;
3699 		uint64_t *bitmap = (uint64_t *)(sens + 1);
3700 
3701 		newbie->ipsa_dpd = sens->sadb_sens_dpd;
3702 		newbie->ipsa_senslevel = sens->sadb_sens_sens_level;
3703 		newbie->ipsa_integlevel = sens->sadb_sens_integ_level;
3704 		newbie->ipsa_senslen = SADB_64TO8(sens->sadb_sens_sens_len);
3705 		newbie->ipsa_integlen = SADB_64TO8(sens->sadb_sens_integ_len);
3706 		newbie->ipsa_integ = kmem_alloc(newbie->ipsa_integlen,
3707 		    KM_NOSLEEP);
3708 		if (newbie->ipsa_integ == NULL) {
3709 			error = ENOMEM;
3710 			mutex_exit(&newbie->ipsa_lock);
3711 			goto error;
3712 		}
3713 		newbie->ipsa_sens = kmem_alloc(newbie->ipsa_senslen,
3714 		    KM_NOSLEEP);
3715 		if (newbie->ipsa_sens == NULL) {
3716 			error = ENOMEM;
3717 			mutex_exit(&newbie->ipsa_lock);
3718 			goto error;
3719 		}
3720 		for (i = 0; i < sens->sadb_sens_sens_len; i++) {
3721 			newbie->ipsa_sens[i] = *bitmap;
3722 			bitmap++;
3723 		}
3724 		for (i = 0; i < sens->sadb_sens_integ_len; i++) {
3725 			newbie->ipsa_integ[i] = *bitmap;
3726 			bitmap++;
3727 		}
3728 	}
3729 
3730 #endif
3731 
3732 	if (replayext != NULL) {
3733 		if ((replayext->sadb_x_rc_replay32 == 0) &&
3734 		    (replayext->sadb_x_rc_replay64 != 0)) {
3735 			error = EOPNOTSUPP;
3736 			*diagnostic = SADB_X_DIAGNOSTIC_INVALID_REPLAY;
3737 			mutex_exit(&newbie->ipsa_lock);
3738 			goto error;
3739 		}
3740 		newbie->ipsa_replay = replayext->sadb_x_rc_replay32;
3741 	}
3742 
3743 	/* now that the SA has been updated, set its new state */
3744 	newbie->ipsa_state = assoc->sadb_sa_state;
3745 
3746 	if (clone) {
3747 		newbie->ipsa_haspeer = B_TRUE;
3748 	} else {
3749 		if (!is_inbound) {
3750 			lifetime_fuzz(newbie);
3751 		}
3752 	}
3753 	/*
3754 	 * The less locks I hold when doing an insertion and possible cloning,
3755 	 * the better!
3756 	 */
3757 	mutex_exit(&newbie->ipsa_lock);
3758 
3759 	if (clone) {
3760 		newbie_clone = sadb_cloneassoc(newbie);
3761 
3762 		if (newbie_clone == NULL) {
3763 			error = ENOMEM;
3764 			goto error;
3765 		}
3766 	}
3767 
3768 	/*
3769 	 * Enter the bucket locks.  The order of entry is outbound,
3770 	 * inbound.  We map "primary" and "secondary" into outbound and inbound
3771 	 * based on the destination address type.  If the destination address
3772 	 * type is for a node that isn't mine (or potentially mine), the
3773 	 * "primary" bucket is the outbound one.
3774 	 */
3775 	if (!is_inbound) {
3776 		/* primary == outbound */
3777 		mutex_enter(&primary->isaf_lock);
3778 		mutex_enter(&secondary->isaf_lock);
3779 	} else {
3780 		/* primary == inbound */
3781 		mutex_enter(&secondary->isaf_lock);
3782 		mutex_enter(&primary->isaf_lock);
3783 	}
3784 
3785 	IPSECHW_DEBUG(IPSECHW_SADB, ("sadb_common_add: spi = 0x%x\n",
3786 	    newbie->ipsa_spi));
3787 
3788 	/*
3789 	 * sadb_insertassoc() doesn't increment the reference
3790 	 * count.  We therefore have to increment the
3791 	 * reference count one more time to reflect the
3792 	 * pointers of the table that reference this SA.
3793 	 */
3794 	IPSA_REFHOLD(newbie);
3795 
3796 	if (isupdate) {
3797 		/*
3798 		 * Unlink from larval holding cell in the "inbound" fanout.
3799 		 */
3800 		ASSERT(newbie->ipsa_linklock == &primary->isaf_lock ||
3801 		    newbie->ipsa_linklock == &secondary->isaf_lock);
3802 		sadb_unlinkassoc(newbie);
3803 	}
3804 
3805 	mutex_enter(&newbie->ipsa_lock);
3806 	error = sadb_insertassoc(newbie, primary);
3807 	if (error == 0) {
3808 		ctl_mp = sadb_fmt_sa_req(DL_CO_SET, newbie->ipsa_type, newbie,
3809 		    is_inbound);
3810 	}
3811 	mutex_exit(&newbie->ipsa_lock);
3812 
3813 	if (error != 0) {
3814 		/*
3815 		 * Since sadb_insertassoc() failed, we must decrement the
3816 		 * refcount again so the cleanup code will actually free
3817 		 * the offending SA.
3818 		 */
3819 		IPSA_REFRELE(newbie);
3820 		goto error_unlock;
3821 	}
3822 
3823 	if (newbie_clone != NULL) {
3824 		mutex_enter(&newbie_clone->ipsa_lock);
3825 		error = sadb_insertassoc(newbie_clone, secondary);
3826 		mutex_exit(&newbie_clone->ipsa_lock);
3827 		if (error != 0) {
3828 			/* Collision in secondary table. */
3829 			sadb_unlinkassoc(newbie);  /* This does REFRELE. */
3830 			goto error_unlock;
3831 		}
3832 		IPSA_REFHOLD(newbie_clone);
3833 	} else {
3834 		ASSERT(primary != secondary);
3835 		scratch = ipsec_getassocbyspi(secondary, newbie->ipsa_spi,
3836 		    ALL_ZEROES_PTR, newbie->ipsa_dstaddr, af);
3837 		if (scratch != NULL) {
3838 			/* Collision in secondary table. */
3839 			sadb_unlinkassoc(newbie);  /* This does REFRELE. */
3840 			/* Set the error, since ipsec_getassocbyspi() can't. */
3841 			error = EEXIST;
3842 			goto error_unlock;
3843 		}
3844 	}
3845 
3846 	/* OKAY!  So let's do some reality check assertions. */
3847 
3848 	ASSERT(MUTEX_NOT_HELD(&newbie->ipsa_lock));
3849 	ASSERT(newbie_clone == NULL ||
3850 	    (MUTEX_NOT_HELD(&newbie_clone->ipsa_lock)));
3851 	/*
3852 	 * If hardware acceleration could happen, send it.
3853 	 */
3854 	if (ctl_mp != NULL) {
3855 		putnext(ip_q, ctl_mp);
3856 		ctl_mp = NULL;
3857 	}
3858 
3859 error_unlock:
3860 
3861 	/*
3862 	 * We can exit the locks in any order.	Only entrance needs to
3863 	 * follow any protocol.
3864 	 */
3865 	mutex_exit(&secondary->isaf_lock);
3866 	mutex_exit(&primary->isaf_lock);
3867 
3868 	if (pair_ext != NULL && error == 0) {
3869 		/* update pair_spi if it exists. */
3870 		ipsapp = get_ipsa_pair(assoc, srcext, dstext, spp);
3871 		if (ipsapp == NULL) {
3872 			error = ESRCH;
3873 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_SA_NOTFOUND;
3874 		} else if (ipsapp->ipsap_psa_ptr != NULL) {
3875 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_ALREADY;
3876 			error = EINVAL;
3877 		} else {
3878 			/* update_pairing() sets diagnostic */
3879 			error = update_pairing(ipsapp, ksi, diagnostic, spp);
3880 		}
3881 	}
3882 	/* Common error point for this routine. */
3883 error:
3884 	if (newbie != NULL) {
3885 		if (error != 0) {
3886 			/* This SA is broken, let the reaper clean up. */
3887 			mutex_enter(&newbie->ipsa_lock);
3888 			newbie->ipsa_state = IPSA_STATE_DEAD;
3889 			newbie->ipsa_hardexpiretime = 1;
3890 			mutex_exit(&newbie->ipsa_lock);
3891 		}
3892 		IPSA_REFRELE(newbie);
3893 	}
3894 	if (newbie_clone != NULL) {
3895 		IPSA_REFRELE(newbie_clone);
3896 	}
3897 	if (ctl_mp != NULL)
3898 		freemsg(ctl_mp);
3899 
3900 	if (error == 0) {
3901 		/*
3902 		 * Construct favorable PF_KEY return message and send to
3903 		 * keysock. Update the flags in the original keysock message
3904 		 * to reflect the actual flags in the new SA.
3905 		 *  (Q:  Do I need to pass "newbie"?  If I do,
3906 		 * make sure to REFHOLD, call, then REFRELE.)
3907 		 */
3908 		assoc->sadb_sa_flags = newbie->ipsa_flags;
3909 		sadb_pfkey_echo(pfkey_q, mp, samsg, ksi, NULL);
3910 	}
3911 
3912 	destroy_ipsa_pair(ipsapp);
3913 	return (error);
3914 }
3915 
3916 /*
3917  * Set the time of first use for a security association.  Update any
3918  * expiration times as a result.
3919  */
3920 void
3921 sadb_set_usetime(ipsa_t *assoc)
3922 {
3923 	time_t snapshot = gethrestime_sec();
3924 
3925 	mutex_enter(&assoc->ipsa_lock);
3926 	assoc->ipsa_lastuse = snapshot;
3927 	assoc->ipsa_idleexpiretime = snapshot + assoc->ipsa_idletime;
3928 
3929 	/*
3930 	 * Caller does check usetime before calling me usually, and
3931 	 * double-checking is better than a mutex_enter/exit hit.
3932 	 */
3933 	if (assoc->ipsa_usetime == 0) {
3934 		/*
3935 		 * This is redundant for outbound SA's, as
3936 		 * ipsec_getassocbyconn() sets the IPSA_F_USED flag already.
3937 		 * Inbound SAs, however, have no such protection.
3938 		 */
3939 		assoc->ipsa_flags |= IPSA_F_USED;
3940 		assoc->ipsa_usetime = snapshot;
3941 
3942 		/*
3943 		 * After setting the use time, see if we have a use lifetime
3944 		 * that would cause the actual SA expiration time to shorten.
3945 		 */
3946 		UPDATE_EXPIRE(assoc, softuselt, softexpiretime);
3947 		UPDATE_EXPIRE(assoc, harduselt, hardexpiretime);
3948 	}
3949 	mutex_exit(&assoc->ipsa_lock);
3950 }
3951 
3952 /*
3953  * Send up a PF_KEY expire message for this association.
3954  */
3955 static void
3956 sadb_expire_assoc(queue_t *pfkey_q, ipsa_t *assoc)
3957 {
3958 	mblk_t *mp, *mp1;
3959 	int alloclen, af;
3960 	sadb_msg_t *samsg;
3961 	sadb_lifetime_t *current, *expire;
3962 	sadb_sa_t *saext;
3963 	uint8_t *end;
3964 	boolean_t tunnel_mode;
3965 
3966 	ASSERT(MUTEX_HELD(&assoc->ipsa_lock));
3967 
3968 	/* Don't bother sending if there's no queue. */
3969 	if (pfkey_q == NULL)
3970 		return;
3971 
3972 	/* If the SA is one of a pair, only SOFT expire the OUTBOUND SA */
3973 	if (assoc->ipsa_state == IPSA_STATE_DYING &&
3974 	    (assoc->ipsa_flags & IPSA_F_PAIRED) &&
3975 	    !(assoc->ipsa_flags & IPSA_F_OUTBOUND)) {
3976 		return;
3977 	}
3978 
3979 	mp = sadb_keysock_out(0);
3980 	if (mp == NULL) {
3981 		/* cmn_err(CE_WARN, */
3982 		/*	"sadb_expire_assoc: Can't allocate KEYSOCK_OUT.\n"); */
3983 		return;
3984 	}
3985 
3986 	alloclen = sizeof (*samsg) + sizeof (*current) + sizeof (*expire) +
3987 	    2 * sizeof (sadb_address_t) + sizeof (*saext);
3988 
3989 	af = assoc->ipsa_addrfam;
3990 	switch (af) {
3991 	case AF_INET:
3992 		alloclen += 2 * sizeof (struct sockaddr_in);
3993 		break;
3994 	case AF_INET6:
3995 		alloclen += 2 * sizeof (struct sockaddr_in6);
3996 		break;
3997 	default:
3998 		/* Won't happen unless there's a kernel bug. */
3999 		freeb(mp);
4000 		cmn_err(CE_WARN,
4001 		    "sadb_expire_assoc: Unknown address length.\n");
4002 		return;
4003 	}
4004 
4005 	tunnel_mode = (assoc->ipsa_flags & IPSA_F_TUNNEL);
4006 	if (tunnel_mode) {
4007 		alloclen += 2 * sizeof (sadb_address_t);
4008 		switch (assoc->ipsa_innerfam) {
4009 		case AF_INET:
4010 			alloclen += 2 * sizeof (struct sockaddr_in);
4011 			break;
4012 		case AF_INET6:
4013 			alloclen += 2 * sizeof (struct sockaddr_in6);
4014 			break;
4015 		default:
4016 			/* Won't happen unless there's a kernel bug. */
4017 			freeb(mp);
4018 			cmn_err(CE_WARN, "sadb_expire_assoc: "
4019 			    "Unknown inner address length.\n");
4020 			return;
4021 		}
4022 	}
4023 
4024 	mp->b_cont = allocb(alloclen, BPRI_HI);
4025 	if (mp->b_cont == NULL) {
4026 		freeb(mp);
4027 		/* cmn_err(CE_WARN, */
4028 		/*	"sadb_expire_assoc: Can't allocate message.\n"); */
4029 		return;
4030 	}
4031 
4032 	mp1 = mp;
4033 	mp = mp->b_cont;
4034 	end = mp->b_wptr + alloclen;
4035 
4036 	samsg = (sadb_msg_t *)mp->b_wptr;
4037 	mp->b_wptr += sizeof (*samsg);
4038 	samsg->sadb_msg_version = PF_KEY_V2;
4039 	samsg->sadb_msg_type = SADB_EXPIRE;
4040 	samsg->sadb_msg_errno = 0;
4041 	samsg->sadb_msg_satype = assoc->ipsa_type;
4042 	samsg->sadb_msg_len = SADB_8TO64(alloclen);
4043 	samsg->sadb_msg_reserved = 0;
4044 	samsg->sadb_msg_seq = 0;
4045 	samsg->sadb_msg_pid = 0;
4046 
4047 	saext = (sadb_sa_t *)mp->b_wptr;
4048 	mp->b_wptr += sizeof (*saext);
4049 	saext->sadb_sa_len = SADB_8TO64(sizeof (*saext));
4050 	saext->sadb_sa_exttype = SADB_EXT_SA;
4051 	saext->sadb_sa_spi = assoc->ipsa_spi;
4052 	saext->sadb_sa_replay = assoc->ipsa_replay_wsize;
4053 	saext->sadb_sa_state = assoc->ipsa_state;
4054 	saext->sadb_sa_auth = assoc->ipsa_auth_alg;
4055 	saext->sadb_sa_encrypt = assoc->ipsa_encr_alg;
4056 	saext->sadb_sa_flags = assoc->ipsa_flags;
4057 
4058 	current = (sadb_lifetime_t *)mp->b_wptr;
4059 	mp->b_wptr += sizeof (sadb_lifetime_t);
4060 	current->sadb_lifetime_len = SADB_8TO64(sizeof (*current));
4061 	current->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
4062 	/* We do not support the concept. */
4063 	current->sadb_lifetime_allocations = 0;
4064 	current->sadb_lifetime_bytes = assoc->ipsa_bytes;
4065 	current->sadb_lifetime_addtime = assoc->ipsa_addtime;
4066 	current->sadb_lifetime_usetime = assoc->ipsa_usetime;
4067 
4068 	expire = (sadb_lifetime_t *)mp->b_wptr;
4069 	mp->b_wptr += sizeof (*expire);
4070 	expire->sadb_lifetime_len = SADB_8TO64(sizeof (*expire));
4071 
4072 	if (assoc->ipsa_state == IPSA_STATE_DEAD) {
4073 		expire->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
4074 		expire->sadb_lifetime_allocations = assoc->ipsa_hardalloc;
4075 		expire->sadb_lifetime_bytes = assoc->ipsa_hardbyteslt;
4076 		expire->sadb_lifetime_addtime = assoc->ipsa_hardaddlt;
4077 		expire->sadb_lifetime_usetime = assoc->ipsa_harduselt;
4078 	} else if (assoc->ipsa_state == IPSA_STATE_DYING) {
4079 		expire->sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT;
4080 		expire->sadb_lifetime_allocations = assoc->ipsa_softalloc;
4081 		expire->sadb_lifetime_bytes = assoc->ipsa_softbyteslt;
4082 		expire->sadb_lifetime_addtime = assoc->ipsa_softaddlt;
4083 		expire->sadb_lifetime_usetime = assoc->ipsa_softuselt;
4084 	} else {
4085 		ASSERT(assoc->ipsa_state == IPSA_STATE_MATURE);
4086 		expire->sadb_lifetime_exttype = SADB_X_EXT_LIFETIME_IDLE;
4087 		expire->sadb_lifetime_allocations = 0;
4088 		expire->sadb_lifetime_bytes = 0;
4089 		expire->sadb_lifetime_addtime = assoc->ipsa_idleaddlt;
4090 		expire->sadb_lifetime_usetime = assoc->ipsa_idleuselt;
4091 	}
4092 
4093 	mp->b_wptr = sadb_make_addr_ext(mp->b_wptr, end, SADB_EXT_ADDRESS_SRC,
4094 	    af, assoc->ipsa_srcaddr, tunnel_mode ? 0 : SA_SRCPORT(assoc),
4095 	    SA_PROTO(assoc), 0);
4096 	ASSERT(mp->b_wptr != NULL);
4097 
4098 	mp->b_wptr = sadb_make_addr_ext(mp->b_wptr, end, SADB_EXT_ADDRESS_DST,
4099 	    af, assoc->ipsa_dstaddr, tunnel_mode ? 0 : SA_DSTPORT(assoc),
4100 	    SA_PROTO(assoc), 0);
4101 	ASSERT(mp->b_wptr != NULL);
4102 
4103 	if (tunnel_mode) {
4104 		mp->b_wptr = sadb_make_addr_ext(mp->b_wptr, end,
4105 		    SADB_X_EXT_ADDRESS_INNER_SRC, assoc->ipsa_innerfam,
4106 		    assoc->ipsa_innersrc, SA_SRCPORT(assoc), SA_IPROTO(assoc),
4107 		    assoc->ipsa_innersrcpfx);
4108 		ASSERT(mp->b_wptr != NULL);
4109 		mp->b_wptr = sadb_make_addr_ext(mp->b_wptr, end,
4110 		    SADB_X_EXT_ADDRESS_INNER_DST, assoc->ipsa_innerfam,
4111 		    assoc->ipsa_innerdst, SA_DSTPORT(assoc), SA_IPROTO(assoc),
4112 		    assoc->ipsa_innerdstpfx);
4113 		ASSERT(mp->b_wptr != NULL);
4114 	}
4115 
4116 	/* Can just putnext, we're ready to go! */
4117 	putnext(pfkey_q, mp1);
4118 }
4119 
4120 /*
4121  * "Age" the SA with the number of bytes that was used to protect traffic.
4122  * Send an SADB_EXPIRE message if appropriate.	Return B_TRUE if there was
4123  * enough "charge" left in the SA to protect the data.	Return B_FALSE
4124  * otherwise.  (If B_FALSE is returned, the association either was, or became
4125  * DEAD.)
4126  */
4127 boolean_t
4128 sadb_age_bytes(queue_t *pfkey_q, ipsa_t *assoc, uint64_t bytes,
4129     boolean_t sendmsg)
4130 {
4131 	boolean_t rc = B_TRUE;
4132 	uint64_t newtotal;
4133 
4134 	mutex_enter(&assoc->ipsa_lock);
4135 	newtotal = assoc->ipsa_bytes + bytes;
4136 	if (assoc->ipsa_hardbyteslt != 0 &&
4137 	    newtotal >= assoc->ipsa_hardbyteslt) {
4138 		if (assoc->ipsa_state != IPSA_STATE_DEAD) {
4139 			sadb_delete_cluster(assoc);
4140 			/*
4141 			 * Send EXPIRE message to PF_KEY.  May wish to pawn
4142 			 * this off on another non-interrupt thread.  Also
4143 			 * unlink this SA immediately.
4144 			 */
4145 			assoc->ipsa_state = IPSA_STATE_DEAD;
4146 			if (sendmsg)
4147 				sadb_expire_assoc(pfkey_q, assoc);
4148 			/*
4149 			 * Set non-zero expiration time so sadb_age_assoc()
4150 			 * will work when reaping.
4151 			 */
4152 			assoc->ipsa_hardexpiretime = (time_t)1;
4153 		} /* Else someone beat me to it! */
4154 		rc = B_FALSE;
4155 	} else if (assoc->ipsa_softbyteslt != 0 &&
4156 	    (newtotal >= assoc->ipsa_softbyteslt)) {
4157 		if (assoc->ipsa_state < IPSA_STATE_DYING) {
4158 			/*
4159 			 * Send EXPIRE message to PF_KEY.  May wish to pawn
4160 			 * this off on another non-interrupt thread.
4161 			 */
4162 			assoc->ipsa_state = IPSA_STATE_DYING;
4163 			assoc->ipsa_bytes = newtotal;
4164 			if (sendmsg)
4165 				sadb_expire_assoc(pfkey_q, assoc);
4166 		} /* Else someone beat me to it! */
4167 	}
4168 	if (rc == B_TRUE)
4169 		assoc->ipsa_bytes = newtotal;
4170 	mutex_exit(&assoc->ipsa_lock);
4171 	return (rc);
4172 }
4173 
4174 /*
4175  * Push one or more DL_CO_DELETE messages queued up by
4176  * sadb_torch_assoc down to the underlying driver now that it's a
4177  * convenient time for it (i.e., ipsa bucket locks not held).
4178  */
4179 static void
4180 sadb_drain_torchq(queue_t *q, mblk_t *mp)
4181 {
4182 	while (mp != NULL) {
4183 		mblk_t *next = mp->b_next;
4184 		mp->b_next = NULL;
4185 		if (q != NULL)
4186 			putnext(q, mp);
4187 		else
4188 			freemsg(mp);
4189 		mp = next;
4190 	}
4191 }
4192 
4193 /*
4194  * "Torch" an individual SA.  Returns NULL, so it can be tail-called from
4195  *     sadb_age_assoc().
4196  *
4197  * If SA is hardware-accelerated, and we can't allocate the mblk
4198  * containing the DL_CO_DELETE, just return; it will remain in the
4199  * table and be swept up by sadb_ager() in a subsequent pass.
4200  */
4201 static ipsa_t *
4202 sadb_torch_assoc(isaf_t *head, ipsa_t *sa, boolean_t inbnd, mblk_t **mq)
4203 {
4204 	mblk_t *mp;
4205 
4206 	ASSERT(MUTEX_HELD(&head->isaf_lock));
4207 	ASSERT(MUTEX_HELD(&sa->ipsa_lock));
4208 	ASSERT(sa->ipsa_state == IPSA_STATE_DEAD);
4209 
4210 	/*
4211 	 * Force cached SAs to be revalidated..
4212 	 */
4213 	head->isaf_gen++;
4214 
4215 	if (sa->ipsa_flags & IPSA_F_HW) {
4216 		mp = sadb_fmt_sa_req(DL_CO_DELETE, sa->ipsa_type, sa, inbnd);
4217 		if (mp == NULL) {
4218 			mutex_exit(&sa->ipsa_lock);
4219 			return (NULL);
4220 		}
4221 		mp->b_next = *mq;
4222 		*mq = mp;
4223 	}
4224 	mutex_exit(&sa->ipsa_lock);
4225 	sadb_unlinkassoc(sa);
4226 
4227 	return (NULL);
4228 }
4229 
4230 /*
4231  * Do various SA-is-idle activities depending on delta (the number of idle
4232  * seconds on the SA) and/or other properties of the SA.
4233  *
4234  * Return B_TRUE if I've sent a packet, because I have to drop the
4235  * association's mutex before sending a packet out the wire.
4236  */
4237 /* ARGSUSED */
4238 static boolean_t
4239 sadb_idle_activities(ipsa_t *assoc, time_t delta, boolean_t inbound)
4240 {
4241 	ipsecesp_stack_t *espstack = assoc->ipsa_netstack->netstack_ipsecesp;
4242 	int nat_t_interval = espstack->ipsecesp_nat_keepalive_interval;
4243 
4244 	ASSERT(MUTEX_HELD(&assoc->ipsa_lock));
4245 
4246 	if (!inbound && (assoc->ipsa_flags & IPSA_F_NATT_LOC) &&
4247 	    delta >= nat_t_interval &&
4248 	    gethrestime_sec() - assoc->ipsa_last_nat_t_ka >= nat_t_interval) {
4249 		ASSERT(assoc->ipsa_type == SADB_SATYPE_ESP);
4250 		assoc->ipsa_last_nat_t_ka = gethrestime_sec();
4251 		mutex_exit(&assoc->ipsa_lock);
4252 		ipsecesp_send_keepalive(assoc);
4253 		return (B_TRUE);
4254 	}
4255 	return (B_FALSE);
4256 }
4257 
4258 /*
4259  * Return "assoc" if haspeer is true and I send an expire.  This allows
4260  * the consumers' aging functions to tidy up an expired SA's peer.
4261  */
4262 static ipsa_t *
4263 sadb_age_assoc(isaf_t *head, queue_t *pfkey_q, ipsa_t *assoc,
4264     time_t current, int reap_delay, boolean_t inbound, mblk_t **mq)
4265 {
4266 	ipsa_t *retval = NULL;
4267 	boolean_t dropped_mutex = B_FALSE;
4268 
4269 	ASSERT(MUTEX_HELD(&head->isaf_lock));
4270 
4271 	mutex_enter(&assoc->ipsa_lock);
4272 
4273 	if (((assoc->ipsa_state == IPSA_STATE_LARVAL) ||
4274 	    ((assoc->ipsa_state == IPSA_STATE_IDLE) ||
4275 	    (assoc->ipsa_state == IPSA_STATE_ACTIVE_ELSEWHERE) &&
4276 	    (assoc->ipsa_hardexpiretime != 0))) &&
4277 	    (assoc->ipsa_hardexpiretime <= current)) {
4278 		assoc->ipsa_state = IPSA_STATE_DEAD;
4279 		return (sadb_torch_assoc(head, assoc, inbound, mq));
4280 	}
4281 
4282 	/*
4283 	 * Check lifetimes.  Fortunately, SA setup is done
4284 	 * such that there are only two times to look at,
4285 	 * softexpiretime, and hardexpiretime.
4286 	 *
4287 	 * Check hard first.
4288 	 */
4289 
4290 	if (assoc->ipsa_hardexpiretime != 0 &&
4291 	    assoc->ipsa_hardexpiretime <= current) {
4292 		if (assoc->ipsa_state == IPSA_STATE_DEAD)
4293 			return (sadb_torch_assoc(head, assoc, inbound, mq));
4294 
4295 		if (inbound) {
4296 			sadb_delete_cluster(assoc);
4297 		}
4298 
4299 		/*
4300 		 * Send SADB_EXPIRE with hard lifetime, delay for unlinking.
4301 		 */
4302 		assoc->ipsa_state = IPSA_STATE_DEAD;
4303 		if (assoc->ipsa_haspeer || assoc->ipsa_otherspi != 0) {
4304 			/*
4305 			 * If the SA is paired or peered with another, put
4306 			 * a copy on a list which can be processed later, the
4307 			 * pair/peer SA needs to be updated so the both die
4308 			 * at the same time.
4309 			 *
4310 			 * If I return assoc, I have to bump up its reference
4311 			 * count to keep with the ipsa_t reference count
4312 			 * semantics.
4313 			 */
4314 			IPSA_REFHOLD(assoc);
4315 			retval = assoc;
4316 		}
4317 		sadb_expire_assoc(pfkey_q, assoc);
4318 		assoc->ipsa_hardexpiretime = current + reap_delay;
4319 	} else if (assoc->ipsa_softexpiretime != 0 &&
4320 	    assoc->ipsa_softexpiretime <= current &&
4321 	    assoc->ipsa_state < IPSA_STATE_DYING) {
4322 		/*
4323 		 * Send EXPIRE message to PF_KEY.  May wish to pawn
4324 		 * this off on another non-interrupt thread.
4325 		 */
4326 		assoc->ipsa_state = IPSA_STATE_DYING;
4327 		if (assoc->ipsa_haspeer) {
4328 			/*
4329 			 * If the SA has a peer, update the peer's state
4330 			 * on SOFT_EXPIRE, this is mostly to prevent two
4331 			 * expire messages from effectively the same SA.
4332 			 *
4333 			 * Don't care about paired SA's, then can (and should)
4334 			 * be able to soft expire at different times.
4335 			 *
4336 			 * If I return assoc, I have to bump up its
4337 			 * reference count to keep with the ipsa_t reference
4338 			 * count semantics.
4339 			 */
4340 			IPSA_REFHOLD(assoc);
4341 			retval = assoc;
4342 		}
4343 		sadb_expire_assoc(pfkey_q, assoc);
4344 	} else if (assoc->ipsa_idletime != 0 &&
4345 	    assoc->ipsa_idleexpiretime <= current) {
4346 		if (assoc->ipsa_state == IPSA_STATE_ACTIVE_ELSEWHERE) {
4347 			assoc->ipsa_state = IPSA_STATE_IDLE;
4348 		}
4349 
4350 		/*
4351 		 * Need to handle Mature case
4352 		 */
4353 		if (assoc->ipsa_state == IPSA_STATE_MATURE) {
4354 			sadb_expire_assoc(pfkey_q, assoc);
4355 		}
4356 	} else {
4357 		/* Check idle time activities. */
4358 		dropped_mutex = sadb_idle_activities(assoc,
4359 		    current - assoc->ipsa_lastuse, inbound);
4360 	}
4361 
4362 	if (!dropped_mutex)
4363 		mutex_exit(&assoc->ipsa_lock);
4364 	return (retval);
4365 }
4366 
4367 /*
4368  * Called by a consumer protocol to do ther dirty work of reaping dead
4369  * Security Associations.
4370  *
4371  * NOTE: sadb_age_assoc() marks expired SA's as DEAD but only removed
4372  * SA's that are already marked DEAD, so expired SA's are only reaped
4373  * the second time sadb_ager() runs.
4374  */
4375 void
4376 sadb_ager(sadb_t *sp, queue_t *pfkey_q, queue_t *ip_q, int reap_delay,
4377     netstack_t *ns)
4378 {
4379 	int i;
4380 	isaf_t *bucket;
4381 	ipsa_t *assoc, *spare;
4382 	iacqf_t *acqlist;
4383 	ipsacq_t *acqrec, *spareacq;
4384 	templist_t *haspeerlist, *newbie;
4385 	/* Snapshot current time now. */
4386 	time_t current = gethrestime_sec();
4387 	mblk_t *mq = NULL;
4388 	haspeerlist = NULL;
4389 
4390 	/*
4391 	 * Do my dirty work.  This includes aging real entries, aging
4392 	 * larvals, and aging outstanding ACQUIREs.
4393 	 *
4394 	 * I hope I don't tie up resources for too long.
4395 	 */
4396 
4397 	/* Age acquires. */
4398 
4399 	for (i = 0; i < sp->sdb_hashsize; i++) {
4400 		acqlist = &sp->sdb_acq[i];
4401 		mutex_enter(&acqlist->iacqf_lock);
4402 		for (acqrec = acqlist->iacqf_ipsacq; acqrec != NULL;
4403 		    acqrec = spareacq) {
4404 			spareacq = acqrec->ipsacq_next;
4405 			if (current > acqrec->ipsacq_expire)
4406 				sadb_destroy_acquire(acqrec, ns);
4407 		}
4408 		mutex_exit(&acqlist->iacqf_lock);
4409 	}
4410 
4411 	/* Age inbound associations. */
4412 	for (i = 0; i < sp->sdb_hashsize; i++) {
4413 		bucket = &(sp->sdb_if[i]);
4414 		mutex_enter(&bucket->isaf_lock);
4415 		for (assoc = bucket->isaf_ipsa; assoc != NULL;
4416 		    assoc = spare) {
4417 			spare = assoc->ipsa_next;
4418 			if (sadb_age_assoc(bucket, pfkey_q, assoc, current,
4419 			    reap_delay, B_TRUE, &mq) != NULL) {
4420 				/*
4421 				 * Put SA's which have a peer or SA's which
4422 				 * are paired on a list for processing after
4423 				 * all the hash tables have been walked.
4424 				 *
4425 				 * sadb_age_assoc() increments the refcnt,
4426 				 * effectively doing an IPSA_REFHOLD().
4427 				 */
4428 				newbie = kmem_alloc(sizeof (*newbie),
4429 				    KM_NOSLEEP);
4430 				if (newbie == NULL) {
4431 					/*
4432 					 * Don't forget to REFRELE().
4433 					 */
4434 					IPSA_REFRELE(assoc);
4435 					continue;	/* for loop... */
4436 				}
4437 				newbie->next = haspeerlist;
4438 				newbie->ipsa = assoc;
4439 				haspeerlist = newbie;
4440 			}
4441 		}
4442 		mutex_exit(&bucket->isaf_lock);
4443 	}
4444 
4445 	if (mq != NULL) {
4446 		sadb_drain_torchq(ip_q, mq);
4447 		mq = NULL;
4448 	}
4449 	age_pair_peer_list(haspeerlist, sp, B_FALSE);
4450 	haspeerlist = NULL;
4451 
4452 	/* Age outbound associations. */
4453 	for (i = 0; i < sp->sdb_hashsize; i++) {
4454 		bucket = &(sp->sdb_of[i]);
4455 		mutex_enter(&bucket->isaf_lock);
4456 		for (assoc = bucket->isaf_ipsa; assoc != NULL;
4457 		    assoc = spare) {
4458 			spare = assoc->ipsa_next;
4459 			if (sadb_age_assoc(bucket, pfkey_q, assoc, current,
4460 			    reap_delay, B_FALSE, &mq) != NULL) {
4461 				/*
4462 				 * sadb_age_assoc() increments the refcnt,
4463 				 * effectively doing an IPSA_REFHOLD().
4464 				 */
4465 				newbie = kmem_alloc(sizeof (*newbie),
4466 				    KM_NOSLEEP);
4467 				if (newbie == NULL) {
4468 					/*
4469 					 * Don't forget to REFRELE().
4470 					 */
4471 					IPSA_REFRELE(assoc);
4472 					continue;	/* for loop... */
4473 				}
4474 				newbie->next = haspeerlist;
4475 				newbie->ipsa = assoc;
4476 				haspeerlist = newbie;
4477 			}
4478 		}
4479 		mutex_exit(&bucket->isaf_lock);
4480 	}
4481 	if (mq != NULL) {
4482 		sadb_drain_torchq(ip_q, mq);
4483 		mq = NULL;
4484 	}
4485 
4486 	age_pair_peer_list(haspeerlist, sp, B_TRUE);
4487 
4488 	/*
4489 	 * Run a GC pass to clean out dead identities.
4490 	 */
4491 	ipsid_gc(ns);
4492 }
4493 
4494 /*
4495  * Figure out when to reschedule the ager.
4496  */
4497 timeout_id_t
4498 sadb_retimeout(hrtime_t begin, queue_t *pfkey_q, void (*ager)(void *),
4499     void *agerarg, uint_t *intp, uint_t intmax, short mid)
4500 {
4501 	hrtime_t end = gethrtime();
4502 	uint_t interval = *intp;
4503 
4504 	/*
4505 	 * See how long this took.  If it took too long, increase the
4506 	 * aging interval.
4507 	 */
4508 	if ((end - begin) > (hrtime_t)interval * (hrtime_t)1000000) {
4509 		if (interval >= intmax) {
4510 			/* XXX Rate limit this?  Or recommend flush? */
4511 			(void) strlog(mid, 0, 0, SL_ERROR | SL_WARN,
4512 			    "Too many SA's to age out in %d msec.\n",
4513 			    intmax);
4514 		} else {
4515 			/* Double by shifting by one bit. */
4516 			interval <<= 1;
4517 			interval = min(interval, intmax);
4518 		}
4519 	} else if ((end - begin) <= (hrtime_t)interval * (hrtime_t)500000 &&
4520 	    interval > SADB_AGE_INTERVAL_DEFAULT) {
4521 		/*
4522 		 * If I took less than half of the interval, then I should
4523 		 * ratchet the interval back down.  Never automatically
4524 		 * shift below the default aging interval.
4525 		 *
4526 		 * NOTE:This even overrides manual setting of the age
4527 		 *	interval using NDD to lower the setting past the
4528 		 *	default.  In other words, if you set the interval
4529 		 *	lower than the default, and your SADB gets too big,
4530 		 *	the interval will only self-lower back to the default.
4531 		 */
4532 		/* Halve by shifting one bit. */
4533 		interval >>= 1;
4534 		interval = max(interval, SADB_AGE_INTERVAL_DEFAULT);
4535 	}
4536 	*intp = interval;
4537 	return (qtimeout(pfkey_q, ager, agerarg,
4538 	    drv_usectohz(interval * 1000)));
4539 }
4540 
4541 
4542 /*
4543  * Update the lifetime values of an SA.	 This is the path an SADB_UPDATE
4544  * message takes when updating a MATURE or DYING SA.
4545  */
4546 static void
4547 sadb_update_lifetimes(ipsa_t *assoc, sadb_lifetime_t *hard,
4548     sadb_lifetime_t *soft, sadb_lifetime_t *idle, boolean_t outbound)
4549 {
4550 	mutex_enter(&assoc->ipsa_lock);
4551 
4552 	/*
4553 	 * XXX RFC 2367 mentions how an SADB_EXT_LIFETIME_CURRENT can be
4554 	 * passed in during an update message.	We currently don't handle
4555 	 * these.
4556 	 */
4557 
4558 	if (hard != NULL) {
4559 		if (hard->sadb_lifetime_bytes != 0)
4560 			assoc->ipsa_hardbyteslt = hard->sadb_lifetime_bytes;
4561 		if (hard->sadb_lifetime_usetime != 0)
4562 			assoc->ipsa_harduselt = hard->sadb_lifetime_usetime;
4563 		if (hard->sadb_lifetime_addtime != 0)
4564 			assoc->ipsa_hardaddlt = hard->sadb_lifetime_addtime;
4565 		if (assoc->ipsa_hardaddlt != 0) {
4566 			assoc->ipsa_hardexpiretime =
4567 			    assoc->ipsa_addtime + assoc->ipsa_hardaddlt;
4568 		}
4569 		if (assoc->ipsa_harduselt != 0 &&
4570 		    assoc->ipsa_flags & IPSA_F_USED) {
4571 			UPDATE_EXPIRE(assoc, harduselt, hardexpiretime);
4572 		}
4573 		if (hard->sadb_lifetime_allocations != 0)
4574 			assoc->ipsa_hardalloc = hard->sadb_lifetime_allocations;
4575 	}
4576 
4577 	if (soft != NULL) {
4578 		if (soft->sadb_lifetime_bytes != 0) {
4579 			if (soft->sadb_lifetime_bytes >
4580 			    assoc->ipsa_hardbyteslt) {
4581 				assoc->ipsa_softbyteslt =
4582 				    assoc->ipsa_hardbyteslt;
4583 			} else {
4584 				assoc->ipsa_softbyteslt =
4585 				    soft->sadb_lifetime_bytes;
4586 			}
4587 		}
4588 		if (soft->sadb_lifetime_usetime != 0) {
4589 			if (soft->sadb_lifetime_usetime >
4590 			    assoc->ipsa_harduselt) {
4591 				assoc->ipsa_softuselt =
4592 				    assoc->ipsa_harduselt;
4593 			} else {
4594 				assoc->ipsa_softuselt =
4595 				    soft->sadb_lifetime_usetime;
4596 			}
4597 		}
4598 		if (soft->sadb_lifetime_addtime != 0) {
4599 			if (soft->sadb_lifetime_addtime >
4600 			    assoc->ipsa_hardexpiretime) {
4601 				assoc->ipsa_softexpiretime =
4602 				    assoc->ipsa_hardexpiretime;
4603 			} else {
4604 				assoc->ipsa_softaddlt =
4605 				    soft->sadb_lifetime_addtime;
4606 			}
4607 		}
4608 		if (assoc->ipsa_softaddlt != 0) {
4609 			assoc->ipsa_softexpiretime =
4610 			    assoc->ipsa_addtime + assoc->ipsa_softaddlt;
4611 		}
4612 		if (assoc->ipsa_softuselt != 0 &&
4613 		    assoc->ipsa_flags & IPSA_F_USED) {
4614 			UPDATE_EXPIRE(assoc, softuselt, softexpiretime);
4615 		}
4616 		if (outbound && assoc->ipsa_softexpiretime != 0) {
4617 			if (assoc->ipsa_state == IPSA_STATE_MATURE)
4618 				lifetime_fuzz(assoc);
4619 		}
4620 
4621 		if (soft->sadb_lifetime_allocations != 0)
4622 			assoc->ipsa_softalloc = soft->sadb_lifetime_allocations;
4623 	}
4624 
4625 	if (idle != NULL) {
4626 		time_t current = gethrestime_sec();
4627 		if ((assoc->ipsa_idleexpiretime <= current) &&
4628 		    (assoc->ipsa_idleaddlt == idle->sadb_lifetime_addtime)) {
4629 			assoc->ipsa_idleexpiretime =
4630 			    current + assoc->ipsa_idleaddlt;
4631 		}
4632 		if (idle->sadb_lifetime_addtime != 0)
4633 			assoc->ipsa_idleaddlt = idle->sadb_lifetime_addtime;
4634 		if (idle->sadb_lifetime_usetime != 0)
4635 			assoc->ipsa_idleuselt = idle->sadb_lifetime_usetime;
4636 		if (assoc->ipsa_idleaddlt != 0) {
4637 			assoc->ipsa_idleexpiretime =
4638 			    current + idle->sadb_lifetime_addtime;
4639 			assoc->ipsa_idletime = idle->sadb_lifetime_addtime;
4640 		}
4641 		if (assoc->ipsa_idleuselt != 0) {
4642 			if (assoc->ipsa_idletime != 0) {
4643 				assoc->ipsa_idletime = min(assoc->ipsa_idletime,
4644 				    assoc->ipsa_idleuselt);
4645 			assoc->ipsa_idleexpiretime =
4646 			    current + assoc->ipsa_idletime;
4647 			} else {
4648 				assoc->ipsa_idleexpiretime =
4649 				    current + assoc->ipsa_idleuselt;
4650 				assoc->ipsa_idletime = assoc->ipsa_idleuselt;
4651 			}
4652 		}
4653 	}
4654 	mutex_exit(&assoc->ipsa_lock);
4655 }
4656 
4657 static int
4658 sadb_update_state(ipsa_t *assoc, uint_t new_state, mblk_t **ipkt_lst)
4659 {
4660 	int rcode = 0;
4661 	time_t current = gethrestime_sec();
4662 
4663 	mutex_enter(&assoc->ipsa_lock);
4664 
4665 	switch (new_state) {
4666 	case SADB_X_SASTATE_ACTIVE_ELSEWHERE:
4667 		if (assoc->ipsa_state == SADB_X_SASTATE_IDLE) {
4668 			assoc->ipsa_state = IPSA_STATE_ACTIVE_ELSEWHERE;
4669 			assoc->ipsa_idleexpiretime =
4670 			    current + assoc->ipsa_idletime;
4671 		}
4672 		break;
4673 	case SADB_X_SASTATE_IDLE:
4674 		if (assoc->ipsa_state == SADB_X_SASTATE_ACTIVE_ELSEWHERE) {
4675 			assoc->ipsa_state = IPSA_STATE_IDLE;
4676 			assoc->ipsa_idleexpiretime =
4677 			    current + assoc->ipsa_idletime;
4678 		} else {
4679 			rcode = EINVAL;
4680 		}
4681 		break;
4682 
4683 	case SADB_X_SASTATE_ACTIVE:
4684 		if (assoc->ipsa_state != SADB_X_SASTATE_IDLE) {
4685 			rcode = EINVAL;
4686 			break;
4687 		}
4688 		assoc->ipsa_state = IPSA_STATE_MATURE;
4689 		assoc->ipsa_idleexpiretime = current + assoc->ipsa_idletime;
4690 
4691 		if (ipkt_lst == NULL) {
4692 			break;
4693 		}
4694 
4695 		if (assoc->ipsa_bpkt_head != NULL) {
4696 			*ipkt_lst = assoc->ipsa_bpkt_head;
4697 			assoc->ipsa_bpkt_head = assoc->ipsa_bpkt_tail = NULL;
4698 			assoc->ipsa_mblkcnt = 0;
4699 		} else {
4700 			*ipkt_lst = NULL;
4701 		}
4702 		break;
4703 	default:
4704 		rcode = EINVAL;
4705 		break;
4706 	}
4707 
4708 	mutex_exit(&assoc->ipsa_lock);
4709 	return (rcode);
4710 }
4711 
4712 /*
4713  * Common code to update an SA.
4714  */
4715 
4716 int
4717 sadb_update_sa(mblk_t *mp, keysock_in_t *ksi, mblk_t **ipkt_lst,
4718     sadbp_t *spp, int *diagnostic, queue_t *pfkey_q,
4719     int (*add_sa_func)(mblk_t *, keysock_in_t *, int *, netstack_t *),
4720     netstack_t *ns, uint8_t sadb_msg_type)
4721 {
4722 	sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
4723 	sadb_address_t *srcext =
4724 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_SRC];
4725 	sadb_address_t *dstext =
4726 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
4727 	sadb_x_kmc_t *kmcext =
4728 	    (sadb_x_kmc_t *)ksi->ks_in_extv[SADB_X_EXT_KM_COOKIE];
4729 	sadb_key_t *akey = (sadb_key_t *)ksi->ks_in_extv[SADB_EXT_KEY_AUTH];
4730 	sadb_key_t *ekey = (sadb_key_t *)ksi->ks_in_extv[SADB_EXT_KEY_ENCRYPT];
4731 	sadb_x_replay_ctr_t *replext =
4732 	    (sadb_x_replay_ctr_t *)ksi->ks_in_extv[SADB_X_EXT_REPLAY_VALUE];
4733 	sadb_lifetime_t *soft =
4734 	    (sadb_lifetime_t *)ksi->ks_in_extv[SADB_EXT_LIFETIME_SOFT];
4735 	sadb_lifetime_t *hard =
4736 	    (sadb_lifetime_t *)ksi->ks_in_extv[SADB_EXT_LIFETIME_HARD];
4737 	sadb_lifetime_t *idle =
4738 	    (sadb_lifetime_t *)ksi->ks_in_extv[SADB_X_EXT_LIFETIME_IDLE];
4739 	sadb_x_pair_t *pair_ext =
4740 	    (sadb_x_pair_t *)ksi->ks_in_extv[SADB_X_EXT_PAIR];
4741 	ipsa_t *echo_target = NULL;
4742 	int error = 0;
4743 	ipsap_t *ipsapp = NULL;
4744 	uint32_t kmp = 0, kmc = 0;
4745 	time_t current = gethrestime_sec();
4746 
4747 
4748 	/* I need certain extensions present for either UPDATE message. */
4749 	if (srcext == NULL) {
4750 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_SRC;
4751 		return (EINVAL);
4752 	}
4753 	if (dstext == NULL) {
4754 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_DST;
4755 		return (EINVAL);
4756 	}
4757 	if (assoc == NULL) {
4758 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_SA;
4759 		return (EINVAL);
4760 	}
4761 
4762 	if (kmcext != NULL) {
4763 		kmp = kmcext->sadb_x_kmc_proto;
4764 		kmc = kmcext->sadb_x_kmc_cookie;
4765 	}
4766 
4767 	ipsapp = get_ipsa_pair(assoc, srcext, dstext, spp);
4768 	if (ipsapp == NULL) {
4769 		*diagnostic = SADB_X_DIAGNOSTIC_SA_NOTFOUND;
4770 		return (ESRCH);
4771 	}
4772 
4773 	if (ipsapp->ipsap_psa_ptr == NULL && ipsapp->ipsap_sa_ptr != NULL) {
4774 		if (ipsapp->ipsap_sa_ptr->ipsa_state == IPSA_STATE_LARVAL) {
4775 			/*
4776 			 * REFRELE the target and let the add_sa_func()
4777 			 * deal with updating a larval SA.
4778 			 */
4779 			destroy_ipsa_pair(ipsapp);
4780 			return (add_sa_func(mp, ksi, diagnostic, ns));
4781 		}
4782 	}
4783 
4784 	/*
4785 	 * At this point we have an UPDATE to a MATURE SA. There should
4786 	 * not be any keying material present.
4787 	 */
4788 	if (akey != NULL) {
4789 		*diagnostic = SADB_X_DIAGNOSTIC_AKEY_PRESENT;
4790 		error = EINVAL;
4791 		goto bail;
4792 	}
4793 	if (ekey != NULL) {
4794 		*diagnostic = SADB_X_DIAGNOSTIC_EKEY_PRESENT;
4795 		error = EINVAL;
4796 		goto bail;
4797 	}
4798 
4799 	if (assoc->sadb_sa_state == SADB_X_SASTATE_ACTIVE_ELSEWHERE) {
4800 		if (ipsapp->ipsap_sa_ptr != NULL &&
4801 		    ipsapp->ipsap_sa_ptr->ipsa_state == IPSA_STATE_IDLE) {
4802 			if ((error = sadb_update_state(ipsapp->ipsap_sa_ptr,
4803 			    assoc->sadb_sa_state, NULL)) != 0) {
4804 				*diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
4805 				goto bail;
4806 			}
4807 		}
4808 		if (ipsapp->ipsap_psa_ptr != NULL &&
4809 		    ipsapp->ipsap_psa_ptr->ipsa_state == IPSA_STATE_IDLE) {
4810 			if ((error = sadb_update_state(ipsapp->ipsap_psa_ptr,
4811 			    assoc->sadb_sa_state, NULL)) != 0) {
4812 				*diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
4813 				goto bail;
4814 			}
4815 		}
4816 	}
4817 	if (assoc->sadb_sa_state == SADB_X_SASTATE_ACTIVE) {
4818 		if (ipsapp->ipsap_sa_ptr != NULL) {
4819 			error = sadb_update_state(ipsapp->ipsap_sa_ptr,
4820 			    assoc->sadb_sa_state,
4821 			    (ipsapp->ipsap_sa_ptr->ipsa_flags &
4822 			    IPSA_F_INBOUND) ? ipkt_lst : NULL);
4823 			if (error) {
4824 				*diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
4825 				goto bail;
4826 			}
4827 		}
4828 		if (ipsapp->ipsap_psa_ptr != NULL) {
4829 			error = sadb_update_state(ipsapp->ipsap_psa_ptr,
4830 			    assoc->sadb_sa_state,
4831 			    (ipsapp->ipsap_psa_ptr->ipsa_flags &
4832 			    IPSA_F_INBOUND) ? ipkt_lst : NULL);
4833 			if (error) {
4834 				*diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
4835 				goto bail;
4836 			}
4837 		}
4838 		sadb_pfkey_echo(pfkey_q, mp, (sadb_msg_t *)mp->b_cont->b_rptr,
4839 		    ksi, echo_target);
4840 		goto bail;
4841 	}
4842 
4843 	/*
4844 	 * Reality checks for updates of active associations.
4845 	 * Sundry first-pass UPDATE-specific reality checks.
4846 	 * Have to do the checks here, because it's after the add_sa code.
4847 	 * XXX STATS : logging/stats here?
4848 	 */
4849 
4850 	if (!((assoc->sadb_sa_state == SADB_SASTATE_MATURE) ||
4851 	    (assoc->sadb_sa_state == SADB_X_SASTATE_ACTIVE_ELSEWHERE))) {
4852 		*diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
4853 		error = EINVAL;
4854 		goto bail;
4855 	}
4856 
4857 	if (assoc->sadb_sa_flags & ~spp->s_updateflags) {
4858 		*diagnostic = SADB_X_DIAGNOSTIC_BAD_SAFLAGS;
4859 		error = EINVAL;
4860 		goto bail;
4861 	}
4862 
4863 	if (ksi->ks_in_extv[SADB_EXT_LIFETIME_CURRENT] != NULL) {
4864 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_LIFETIME;
4865 		error = EOPNOTSUPP;
4866 		goto bail;
4867 	}
4868 
4869 	if ((*diagnostic = sadb_hardsoftchk(hard, soft, idle)) != 0) {
4870 		error = EINVAL;
4871 		goto bail;
4872 	}
4873 
4874 	if (ipsapp->ipsap_sa_ptr != NULL) {
4875 		if (ipsapp->ipsap_sa_ptr->ipsa_state == IPSA_STATE_DEAD) {
4876 			error = ESRCH;	/* DEAD == Not there, in this case. */
4877 			*diagnostic = SADB_X_DIAGNOSTIC_SA_EXPIRED;
4878 			goto bail;
4879 		}
4880 		if ((kmp != 0) &&
4881 		    ((ipsapp->ipsap_sa_ptr->ipsa_kmp != 0) ||
4882 		    (ipsapp->ipsap_sa_ptr->ipsa_kmp != kmp))) {
4883 			*diagnostic = SADB_X_DIAGNOSTIC_DUPLICATE_KMP;
4884 			error = EINVAL;
4885 			goto bail;
4886 		}
4887 		if ((kmc != 0) &&
4888 		    ((ipsapp->ipsap_sa_ptr->ipsa_kmc != 0) ||
4889 		    (ipsapp->ipsap_sa_ptr->ipsa_kmc != kmc))) {
4890 			*diagnostic = SADB_X_DIAGNOSTIC_DUPLICATE_KMC;
4891 			error = EINVAL;
4892 			goto bail;
4893 		}
4894 		/*
4895 		 * Do not allow replay value change for MATURE or LARVAL SA.
4896 		 */
4897 
4898 		if ((replext != NULL) &&
4899 		    ((ipsapp->ipsap_sa_ptr->ipsa_state == IPSA_STATE_LARVAL) ||
4900 		    (ipsapp->ipsap_sa_ptr->ipsa_state == IPSA_STATE_MATURE))) {
4901 			*diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
4902 			error = EINVAL;
4903 			goto bail;
4904 		}
4905 	}
4906 
4907 	if (ipsapp->ipsap_psa_ptr != NULL) {
4908 		if (ipsapp->ipsap_psa_ptr->ipsa_state == IPSA_STATE_DEAD) {
4909 			*diagnostic = SADB_X_DIAGNOSTIC_SA_EXPIRED;
4910 			error = ESRCH;	/* DEAD == Not there, in this case. */
4911 			goto bail;
4912 		}
4913 		if ((kmp != 0) &&
4914 		    ((ipsapp->ipsap_psa_ptr->ipsa_kmp != 0) ||
4915 		    (ipsapp->ipsap_psa_ptr->ipsa_kmp != kmp))) {
4916 			*diagnostic = SADB_X_DIAGNOSTIC_DUPLICATE_KMP;
4917 			error = EINVAL;
4918 			goto bail;
4919 		}
4920 		if ((kmc != 0) &&
4921 		    ((ipsapp->ipsap_psa_ptr->ipsa_kmc != 0) ||
4922 		    (ipsapp->ipsap_psa_ptr->ipsa_kmc != kmc))) {
4923 			*diagnostic = SADB_X_DIAGNOSTIC_DUPLICATE_KMC;
4924 			error = EINVAL;
4925 			goto bail;
4926 		}
4927 	}
4928 
4929 	if (ipsapp->ipsap_sa_ptr != NULL) {
4930 		sadb_update_lifetimes(ipsapp->ipsap_sa_ptr, hard, soft,
4931 		    idle, B_TRUE);
4932 		if (kmp != 0)
4933 			ipsapp->ipsap_sa_ptr->ipsa_kmp = kmp;
4934 		if (kmc != 0)
4935 			ipsapp->ipsap_sa_ptr->ipsa_kmc = kmc;
4936 		if ((replext != NULL) &&
4937 		    (ipsapp->ipsap_sa_ptr->ipsa_replay_wsize != 0)) {
4938 			/*
4939 			 * If an inbound SA, update the replay counter
4940 			 * and check off all the other sequence number
4941 			 */
4942 			if (ksi->ks_in_dsttype == KS_IN_ADDR_ME) {
4943 				if (!sadb_replay_check(ipsapp->ipsap_sa_ptr,
4944 				    replext->sadb_x_rc_replay32)) {
4945 					*diagnostic =
4946 					    SADB_X_DIAGNOSTIC_INVALID_REPLAY;
4947 					error = EINVAL;
4948 					goto bail;
4949 				}
4950 				mutex_enter(&ipsapp->ipsap_sa_ptr->ipsa_lock);
4951 				ipsapp->ipsap_sa_ptr->ipsa_idleexpiretime =
4952 				    current +
4953 				    ipsapp->ipsap_sa_ptr->ipsa_idletime;
4954 				mutex_exit(&ipsapp->ipsap_sa_ptr->ipsa_lock);
4955 			} else {
4956 				mutex_enter(&ipsapp->ipsap_sa_ptr->ipsa_lock);
4957 				ipsapp->ipsap_sa_ptr->ipsa_replay =
4958 				    replext->sadb_x_rc_replay32;
4959 				ipsapp->ipsap_sa_ptr->ipsa_idleexpiretime =
4960 				    current +
4961 				    ipsapp->ipsap_sa_ptr->ipsa_idletime;
4962 				mutex_exit(&ipsapp->ipsap_sa_ptr->ipsa_lock);
4963 			}
4964 		}
4965 	}
4966 
4967 	if (sadb_msg_type == SADB_X_UPDATEPAIR) {
4968 		if (ipsapp->ipsap_psa_ptr != NULL) {
4969 			sadb_update_lifetimes(ipsapp->ipsap_psa_ptr, hard, soft,
4970 			    idle, B_FALSE);
4971 			if (kmp != 0)
4972 				ipsapp->ipsap_psa_ptr->ipsa_kmp = kmp;
4973 			if (kmc != 0)
4974 				ipsapp->ipsap_psa_ptr->ipsa_kmc = kmc;
4975 		} else {
4976 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_SA_NOTFOUND;
4977 			error = ESRCH;
4978 			goto bail;
4979 		}
4980 	}
4981 
4982 	if (pair_ext != NULL)
4983 		error = update_pairing(ipsapp, ksi, diagnostic, spp);
4984 
4985 	if (error == 0)
4986 		sadb_pfkey_echo(pfkey_q, mp, (sadb_msg_t *)mp->b_cont->b_rptr,
4987 		    ksi, echo_target);
4988 bail:
4989 
4990 	destroy_ipsa_pair(ipsapp);
4991 
4992 	return (error);
4993 }
4994 
4995 
4996 int
4997 update_pairing(ipsap_t *ipsapp, keysock_in_t *ksi, int *diagnostic,
4998     sadbp_t *spp)
4999 {
5000 	sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
5001 	sadb_address_t *srcext =
5002 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_SRC];
5003 	sadb_address_t *dstext =
5004 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
5005 	sadb_x_pair_t *pair_ext =
5006 	    (sadb_x_pair_t *)ksi->ks_in_extv[SADB_X_EXT_PAIR];
5007 	int error = 0;
5008 	ipsap_t *oipsapp = NULL;
5009 	boolean_t undo_pair = B_FALSE;
5010 	uint32_t ipsa_flags;
5011 
5012 	if (pair_ext->sadb_x_pair_spi == 0 || pair_ext->sadb_x_pair_spi ==
5013 	    assoc->sadb_sa_spi) {
5014 		*diagnostic = SADB_X_DIAGNOSTIC_PAIR_INAPPROPRIATE;
5015 		return (EINVAL);
5016 	}
5017 
5018 	/*
5019 	 * Assume for now that the spi value provided in the SADB_UPDATE
5020 	 * message was valid, update the SA with its pair spi value.
5021 	 * If the spi turns out to be bogus or the SA no longer exists
5022 	 * then this will be detected when the reverse update is made
5023 	 * below.
5024 	 */
5025 	mutex_enter(&ipsapp->ipsap_sa_ptr->ipsa_lock);
5026 	ipsapp->ipsap_sa_ptr->ipsa_flags |= IPSA_F_PAIRED;
5027 	ipsapp->ipsap_sa_ptr->ipsa_otherspi = pair_ext->sadb_x_pair_spi;
5028 	mutex_exit(&ipsapp->ipsap_sa_ptr->ipsa_lock);
5029 
5030 	/*
5031 	 * After updating the ipsa_otherspi element of the SA, get_ipsa_pair()
5032 	 * should now return pointers to the SA *AND* its pair, if this is not
5033 	 * the case, the "otherspi" either did not exist or was deleted. Also
5034 	 * check that "otherspi" is not already paired. If everything looks
5035 	 * good, complete the update. IPSA_REFRELE the first pair_pointer
5036 	 * after this update to ensure its not deleted until we are done.
5037 	 */
5038 	oipsapp = get_ipsa_pair(assoc, srcext, dstext, spp);
5039 	if (oipsapp == NULL) {
5040 		/*
5041 		 * This should never happen, calling function still has
5042 		 * IPSA_REFHELD on the SA we just updated.
5043 		 */
5044 		*diagnostic = SADB_X_DIAGNOSTIC_PAIR_SA_NOTFOUND;
5045 		return (EINVAL);
5046 	}
5047 
5048 	if (oipsapp->ipsap_psa_ptr == NULL) {
5049 		*diagnostic = SADB_X_DIAGNOSTIC_PAIR_INAPPROPRIATE;
5050 		error = EINVAL;
5051 		undo_pair = B_TRUE;
5052 	} else {
5053 		ipsa_flags = oipsapp->ipsap_psa_ptr->ipsa_flags;
5054 		if ((oipsapp->ipsap_psa_ptr->ipsa_state == IPSA_STATE_DEAD) ||
5055 		    (oipsapp->ipsap_psa_ptr->ipsa_state == IPSA_STATE_DYING)) {
5056 			/* Its dead Jim! */
5057 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_INAPPROPRIATE;
5058 			undo_pair = B_TRUE;
5059 		} else if ((ipsa_flags & (IPSA_F_OUTBOUND | IPSA_F_INBOUND)) ==
5060 		    (IPSA_F_OUTBOUND | IPSA_F_INBOUND)) {
5061 			/* This SA is in both hashtables. */
5062 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_INAPPROPRIATE;
5063 			undo_pair = B_TRUE;
5064 		} else if (ipsa_flags & IPSA_F_PAIRED) {
5065 			/* This SA is already paired with another. */
5066 			*diagnostic = SADB_X_DIAGNOSTIC_PAIR_ALREADY;
5067 			undo_pair = B_TRUE;
5068 		}
5069 	}
5070 
5071 	if (undo_pair) {
5072 		/* The pair SA does not exist. */
5073 		mutex_enter(&ipsapp->ipsap_sa_ptr->ipsa_lock);
5074 		ipsapp->ipsap_sa_ptr->ipsa_flags &= ~IPSA_F_PAIRED;
5075 		ipsapp->ipsap_sa_ptr->ipsa_otherspi = 0;
5076 		mutex_exit(&ipsapp->ipsap_sa_ptr->ipsa_lock);
5077 	} else {
5078 		mutex_enter(&oipsapp->ipsap_psa_ptr->ipsa_lock);
5079 		oipsapp->ipsap_psa_ptr->ipsa_otherspi = assoc->sadb_sa_spi;
5080 		oipsapp->ipsap_psa_ptr->ipsa_flags |= IPSA_F_PAIRED;
5081 		mutex_exit(&oipsapp->ipsap_psa_ptr->ipsa_lock);
5082 	}
5083 
5084 	destroy_ipsa_pair(oipsapp);
5085 	return (error);
5086 }
5087 
5088 /*
5089  * The following functions deal with ACQUIRE LISTS.  An ACQUIRE list is
5090  * a list of outstanding SADB_ACQUIRE messages.	 If ipsec_getassocbyconn() fails
5091  * for an outbound datagram, that datagram is queued up on an ACQUIRE record,
5092  * and an SADB_ACQUIRE message is sent up.  Presumably, a user-space key
5093  * management daemon will process the ACQUIRE, use a SADB_GETSPI to reserve
5094  * an SPI value and a larval SA, then SADB_UPDATE the larval SA, and ADD the
5095  * other direction's SA.
5096  */
5097 
5098 /*
5099  * Check the ACQUIRE lists.  If there's an existing ACQUIRE record,
5100  * grab it, lock it, and return it.  Otherwise return NULL.
5101  */
5102 static ipsacq_t *
5103 sadb_checkacquire(iacqf_t *bucket, ipsec_action_t *ap, ipsec_policy_t *pp,
5104     uint32_t *src, uint32_t *dst, uint32_t *isrc, uint32_t *idst,
5105     uint64_t unique_id)
5106 {
5107 	ipsacq_t *walker;
5108 	sa_family_t fam;
5109 	uint32_t blank_address[4] = {0, 0, 0, 0};
5110 
5111 	if (isrc == NULL) {
5112 		ASSERT(idst == NULL);
5113 		isrc = idst = blank_address;
5114 	}
5115 
5116 	/*
5117 	 * Scan list for duplicates.  Check for UNIQUE, src/dest, policy.
5118 	 *
5119 	 * XXX May need search for duplicates based on other things too!
5120 	 */
5121 	for (walker = bucket->iacqf_ipsacq; walker != NULL;
5122 	    walker = walker->ipsacq_next) {
5123 		mutex_enter(&walker->ipsacq_lock);
5124 		fam = walker->ipsacq_addrfam;
5125 		if (IPSA_ARE_ADDR_EQUAL(dst, walker->ipsacq_dstaddr, fam) &&
5126 		    IPSA_ARE_ADDR_EQUAL(src, walker->ipsacq_srcaddr, fam) &&
5127 		    ip_addr_match((uint8_t *)isrc, walker->ipsacq_innersrcpfx,
5128 		    (in6_addr_t *)walker->ipsacq_innersrc) &&
5129 		    ip_addr_match((uint8_t *)idst, walker->ipsacq_innerdstpfx,
5130 		    (in6_addr_t *)walker->ipsacq_innerdst) &&
5131 		    (ap == walker->ipsacq_act) &&
5132 		    (pp == walker->ipsacq_policy) &&
5133 		    /* XXX do deep compares of ap/pp? */
5134 		    (unique_id == walker->ipsacq_unique_id))
5135 			break;			/* everything matched */
5136 		mutex_exit(&walker->ipsacq_lock);
5137 	}
5138 
5139 	return (walker);
5140 }
5141 
5142 /*
5143  * For this mblk, insert a new acquire record.  Assume bucket contains addrs
5144  * of all of the same length.  Give up (and drop) if memory
5145  * cannot be allocated for a new one; otherwise, invoke callback to
5146  * send the acquire up..
5147  *
5148  * In cases where we need both AH and ESP, add the SA to the ESP ACQUIRE
5149  * list.  The ah_add_sa_finish() routines can look at the packet's ipsec_out_t
5150  * and handle this case specially.
5151  */
5152 void
5153 sadb_acquire(mblk_t *mp, ipsec_out_t *io, boolean_t need_ah, boolean_t need_esp)
5154 {
5155 	sadbp_t *spp;
5156 	sadb_t *sp;
5157 	ipsacq_t *newbie;
5158 	iacqf_t *bucket;
5159 	mblk_t *datamp = mp->b_cont;
5160 	mblk_t *extended;
5161 	ipha_t *ipha = (ipha_t *)datamp->b_rptr;
5162 	ip6_t *ip6h = (ip6_t *)datamp->b_rptr;
5163 	uint32_t *src, *dst, *isrc, *idst;
5164 	ipsec_policy_t *pp = io->ipsec_out_policy;
5165 	ipsec_action_t *ap = io->ipsec_out_act;
5166 	sa_family_t af;
5167 	int hashoffset;
5168 	uint32_t seq;
5169 	uint64_t unique_id = 0;
5170 	ipsec_selector_t sel;
5171 	boolean_t tunnel_mode = io->ipsec_out_tunnel;
5172 	netstack_t	*ns = io->ipsec_out_ns;
5173 	ipsec_stack_t	*ipss = ns->netstack_ipsec;
5174 
5175 	ASSERT((pp != NULL) || (ap != NULL));
5176 
5177 	ASSERT(need_ah != NULL || need_esp != NULL);
5178 	/* Assign sadb pointers */
5179 	if (need_esp) { /* ESP for AH+ESP */
5180 		ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
5181 
5182 		spp = &espstack->esp_sadb;
5183 	} else {
5184 		ipsecah_stack_t	*ahstack = ns->netstack_ipsecah;
5185 
5186 		spp = &ahstack->ah_sadb;
5187 	}
5188 	sp = io->ipsec_out_v4 ? &spp->s_v4 : &spp->s_v6;
5189 
5190 	if (ap == NULL)
5191 		ap = pp->ipsp_act;
5192 
5193 	ASSERT(ap != NULL);
5194 
5195 	if (ap->ipa_act.ipa_apply.ipp_use_unique || tunnel_mode)
5196 		unique_id = SA_FORM_UNIQUE_ID(io);
5197 
5198 	/*
5199 	 * Set up an ACQUIRE record.
5200 	 *
5201 	 * Immediately, make sure the ACQUIRE sequence number doesn't slip
5202 	 * below the lowest point allowed in the kernel.  (In other words,
5203 	 * make sure the high bit on the sequence number is set.)
5204 	 */
5205 
5206 	seq = keysock_next_seq(ns) | IACQF_LOWEST_SEQ;
5207 
5208 	if (IPH_HDR_VERSION(ipha) == IP_VERSION) {
5209 		src = (uint32_t *)&ipha->ipha_src;
5210 		dst = (uint32_t *)&ipha->ipha_dst;
5211 		af = AF_INET;
5212 		hashoffset = OUTBOUND_HASH_V4(sp, ipha->ipha_dst);
5213 		ASSERT(io->ipsec_out_v4 == B_TRUE);
5214 	} else {
5215 		ASSERT(IPH_HDR_VERSION(ipha) == IPV6_VERSION);
5216 		src = (uint32_t *)&ip6h->ip6_src;
5217 		dst = (uint32_t *)&ip6h->ip6_dst;
5218 		af = AF_INET6;
5219 		hashoffset = OUTBOUND_HASH_V6(sp, ip6h->ip6_dst);
5220 		ASSERT(io->ipsec_out_v4 == B_FALSE);
5221 	}
5222 
5223 	if (tunnel_mode) {
5224 		if (pp == NULL) {
5225 			/*
5226 			 * Tunnel mode with no policy pointer means this is a
5227 			 * reflected ICMP (like a ECHO REQUEST) that came in
5228 			 * with self-encapsulated protection.  Until we better
5229 			 * support this, drop the packet.
5230 			 */
5231 			ip_drop_packet(mp, B_FALSE, NULL, NULL,
5232 			    DROPPER(ipss, ipds_spd_got_selfencap),
5233 			    &ipss->ipsec_spd_dropper);
5234 			return;
5235 		}
5236 		/* Snag inner addresses. */
5237 		isrc = io->ipsec_out_insrc;
5238 		idst = io->ipsec_out_indst;
5239 	} else {
5240 		isrc = idst = NULL;
5241 	}
5242 
5243 	/*
5244 	 * Check buckets to see if there is an existing entry.  If so,
5245 	 * grab it.  sadb_checkacquire locks newbie if found.
5246 	 */
5247 	bucket = &(sp->sdb_acq[hashoffset]);
5248 	mutex_enter(&bucket->iacqf_lock);
5249 	newbie = sadb_checkacquire(bucket, ap, pp, src, dst, isrc, idst,
5250 	    unique_id);
5251 
5252 	if (newbie == NULL) {
5253 		/*
5254 		 * Otherwise, allocate a new one.
5255 		 */
5256 		newbie = kmem_zalloc(sizeof (*newbie), KM_NOSLEEP);
5257 		if (newbie == NULL) {
5258 			mutex_exit(&bucket->iacqf_lock);
5259 			ip_drop_packet(mp, B_FALSE, NULL, NULL,
5260 			    DROPPER(ipss, ipds_sadb_acquire_nomem),
5261 			    &ipss->ipsec_sadb_dropper);
5262 			return;
5263 		}
5264 		newbie->ipsacq_policy = pp;
5265 		if (pp != NULL) {
5266 			IPPOL_REFHOLD(pp);
5267 		}
5268 		IPACT_REFHOLD(ap);
5269 		newbie->ipsacq_act = ap;
5270 		newbie->ipsacq_linklock = &bucket->iacqf_lock;
5271 		newbie->ipsacq_next = bucket->iacqf_ipsacq;
5272 		newbie->ipsacq_ptpn = &bucket->iacqf_ipsacq;
5273 		if (newbie->ipsacq_next != NULL)
5274 			newbie->ipsacq_next->ipsacq_ptpn = &newbie->ipsacq_next;
5275 		bucket->iacqf_ipsacq = newbie;
5276 		mutex_init(&newbie->ipsacq_lock, NULL, MUTEX_DEFAULT, NULL);
5277 		mutex_enter(&newbie->ipsacq_lock);
5278 	}
5279 
5280 	mutex_exit(&bucket->iacqf_lock);
5281 
5282 	/*
5283 	 * This assert looks silly for now, but we may need to enter newbie's
5284 	 * mutex during a search.
5285 	 */
5286 	ASSERT(MUTEX_HELD(&newbie->ipsacq_lock));
5287 
5288 	mp->b_next = NULL;
5289 	/* Queue up packet.  Use b_next. */
5290 	if (newbie->ipsacq_numpackets == 0) {
5291 		/* First one. */
5292 		newbie->ipsacq_mp = mp;
5293 		newbie->ipsacq_numpackets = 1;
5294 		newbie->ipsacq_expire = gethrestime_sec();
5295 		/*
5296 		 * Extended ACQUIRE with both AH+ESP will use ESP's timeout
5297 		 * value.
5298 		 */
5299 		newbie->ipsacq_expire += *spp->s_acquire_timeout;
5300 		newbie->ipsacq_seq = seq;
5301 		newbie->ipsacq_addrfam = af;
5302 
5303 		newbie->ipsacq_srcport = io->ipsec_out_src_port;
5304 		newbie->ipsacq_dstport = io->ipsec_out_dst_port;
5305 		newbie->ipsacq_icmp_type = io->ipsec_out_icmp_type;
5306 		newbie->ipsacq_icmp_code = io->ipsec_out_icmp_code;
5307 		if (tunnel_mode) {
5308 			newbie->ipsacq_inneraddrfam = io->ipsec_out_inaf;
5309 			newbie->ipsacq_proto = io->ipsec_out_inaf == AF_INET6 ?
5310 			    IPPROTO_IPV6 : IPPROTO_ENCAP;
5311 			newbie->ipsacq_innersrcpfx = io->ipsec_out_insrcpfx;
5312 			newbie->ipsacq_innerdstpfx = io->ipsec_out_indstpfx;
5313 			IPSA_COPY_ADDR(newbie->ipsacq_innersrc,
5314 			    io->ipsec_out_insrc, io->ipsec_out_inaf);
5315 			IPSA_COPY_ADDR(newbie->ipsacq_innerdst,
5316 			    io->ipsec_out_indst, io->ipsec_out_inaf);
5317 		} else {
5318 			newbie->ipsacq_proto = io->ipsec_out_proto;
5319 		}
5320 		newbie->ipsacq_unique_id = unique_id;
5321 	} else {
5322 		/* Scan to the end of the list & insert. */
5323 		mblk_t *lastone = newbie->ipsacq_mp;
5324 
5325 		while (lastone->b_next != NULL)
5326 			lastone = lastone->b_next;
5327 		lastone->b_next = mp;
5328 		if (newbie->ipsacq_numpackets++ == ipsacq_maxpackets) {
5329 			newbie->ipsacq_numpackets = ipsacq_maxpackets;
5330 			lastone = newbie->ipsacq_mp;
5331 			newbie->ipsacq_mp = lastone->b_next;
5332 			lastone->b_next = NULL;
5333 			ip_drop_packet(lastone, B_FALSE, NULL, NULL,
5334 			    DROPPER(ipss, ipds_sadb_acquire_toofull),
5335 			    &ipss->ipsec_sadb_dropper);
5336 		} else {
5337 			IP_ACQUIRE_STAT(ipss, qhiwater,
5338 			    newbie->ipsacq_numpackets);
5339 		}
5340 	}
5341 
5342 	/*
5343 	 * Reset addresses.  Set them to the most recently added mblk chain,
5344 	 * so that the address pointers in the acquire record will point
5345 	 * at an mblk still attached to the acquire list.
5346 	 */
5347 
5348 	newbie->ipsacq_srcaddr = src;
5349 	newbie->ipsacq_dstaddr = dst;
5350 
5351 	/*
5352 	 * If the acquire record has more than one queued packet, we've
5353 	 * already sent an ACQUIRE, and don't need to repeat ourself.
5354 	 */
5355 	if (newbie->ipsacq_seq != seq || newbie->ipsacq_numpackets > 1) {
5356 		/* I have an acquire outstanding already! */
5357 		mutex_exit(&newbie->ipsacq_lock);
5358 		return;
5359 	}
5360 
5361 	if (keysock_extended_reg(ns)) {
5362 		/*
5363 		 * Construct an extended ACQUIRE.  There are logging
5364 		 * opportunities here in failure cases.
5365 		 */
5366 
5367 		(void) memset(&sel, 0, sizeof (sel));
5368 		sel.ips_isv4 = io->ipsec_out_v4;
5369 		if (tunnel_mode) {
5370 			sel.ips_protocol = (io->ipsec_out_inaf == AF_INET) ?
5371 			    IPPROTO_ENCAP : IPPROTO_IPV6;
5372 		} else {
5373 			sel.ips_protocol = io->ipsec_out_proto;
5374 			sel.ips_local_port = io->ipsec_out_src_port;
5375 			sel.ips_remote_port = io->ipsec_out_dst_port;
5376 		}
5377 		sel.ips_icmp_type = io->ipsec_out_icmp_type;
5378 		sel.ips_icmp_code = io->ipsec_out_icmp_code;
5379 		sel.ips_is_icmp_inv_acq = 0;
5380 		if (af == AF_INET) {
5381 			sel.ips_local_addr_v4 = ipha->ipha_src;
5382 			sel.ips_remote_addr_v4 = ipha->ipha_dst;
5383 		} else {
5384 			sel.ips_local_addr_v6 = ip6h->ip6_src;
5385 			sel.ips_remote_addr_v6 = ip6h->ip6_dst;
5386 		}
5387 
5388 		extended = sadb_keysock_out(0);
5389 		if (extended != NULL) {
5390 			extended->b_cont = sadb_extended_acquire(&sel, pp, ap,
5391 			    tunnel_mode, seq, 0, ns);
5392 			if (extended->b_cont == NULL) {
5393 				freeb(extended);
5394 				extended = NULL;
5395 			}
5396 		}
5397 	} else
5398 		extended = NULL;
5399 
5400 	/*
5401 	 * Send an ACQUIRE message (and possible an extended ACQUIRE) based on
5402 	 * this new record.  The send-acquire callback assumes that acqrec is
5403 	 * already locked.
5404 	 */
5405 	(*spp->s_acqfn)(newbie, extended, ns);
5406 }
5407 
5408 /*
5409  * Unlink and free an acquire record.
5410  */
5411 void
5412 sadb_destroy_acquire(ipsacq_t *acqrec, netstack_t *ns)
5413 {
5414 	mblk_t *mp;
5415 	ipsec_stack_t	*ipss = ns->netstack_ipsec;
5416 
5417 	ASSERT(MUTEX_HELD(acqrec->ipsacq_linklock));
5418 
5419 	if (acqrec->ipsacq_policy != NULL) {
5420 		IPPOL_REFRELE(acqrec->ipsacq_policy, ns);
5421 	}
5422 	if (acqrec->ipsacq_act != NULL) {
5423 		IPACT_REFRELE(acqrec->ipsacq_act);
5424 	}
5425 
5426 	/* Unlink */
5427 	*(acqrec->ipsacq_ptpn) = acqrec->ipsacq_next;
5428 	if (acqrec->ipsacq_next != NULL)
5429 		acqrec->ipsacq_next->ipsacq_ptpn = acqrec->ipsacq_ptpn;
5430 
5431 	/*
5432 	 * Free hanging mp's.
5433 	 *
5434 	 * XXX Instead of freemsg(), perhaps use IPSEC_REQ_FAILED.
5435 	 */
5436 
5437 	mutex_enter(&acqrec->ipsacq_lock);
5438 	while (acqrec->ipsacq_mp != NULL) {
5439 		mp = acqrec->ipsacq_mp;
5440 		acqrec->ipsacq_mp = mp->b_next;
5441 		mp->b_next = NULL;
5442 		ip_drop_packet(mp, B_FALSE, NULL, NULL,
5443 		    DROPPER(ipss, ipds_sadb_acquire_timeout),
5444 		    &ipss->ipsec_sadb_dropper);
5445 	}
5446 	mutex_exit(&acqrec->ipsacq_lock);
5447 
5448 	/* Free */
5449 	mutex_destroy(&acqrec->ipsacq_lock);
5450 	kmem_free(acqrec, sizeof (*acqrec));
5451 }
5452 
5453 /*
5454  * Destroy an acquire list fanout.
5455  */
5456 static void
5457 sadb_destroy_acqlist(iacqf_t **listp, uint_t numentries, boolean_t forever,
5458     netstack_t *ns)
5459 {
5460 	int i;
5461 	iacqf_t *list = *listp;
5462 
5463 	if (list == NULL)
5464 		return;
5465 
5466 	for (i = 0; i < numentries; i++) {
5467 		mutex_enter(&(list[i].iacqf_lock));
5468 		while (list[i].iacqf_ipsacq != NULL)
5469 			sadb_destroy_acquire(list[i].iacqf_ipsacq, ns);
5470 		mutex_exit(&(list[i].iacqf_lock));
5471 		if (forever)
5472 			mutex_destroy(&(list[i].iacqf_lock));
5473 	}
5474 
5475 	if (forever) {
5476 		*listp = NULL;
5477 		kmem_free(list, numentries * sizeof (*list));
5478 	}
5479 }
5480 
5481 /*
5482  * Create an algorithm descriptor for an extended ACQUIRE.  Filter crypto
5483  * framework's view of reality vs. IPsec's.  EF's wins, BTW.
5484  */
5485 static uint8_t *
5486 sadb_new_algdesc(uint8_t *start, uint8_t *limit,
5487     sadb_x_ecomb_t *ecomb, uint8_t satype, uint8_t algtype,
5488     uint8_t alg, uint16_t minbits, uint16_t maxbits, ipsec_stack_t *ipss)
5489 {
5490 	uint8_t *cur = start;
5491 	ipsec_alginfo_t *algp;
5492 	sadb_x_algdesc_t *algdesc = (sadb_x_algdesc_t *)cur;
5493 
5494 	cur += sizeof (*algdesc);
5495 	if (cur >= limit)
5496 		return (NULL);
5497 
5498 	ecomb->sadb_x_ecomb_numalgs++;
5499 
5500 	/*
5501 	 * Normalize vs. crypto framework's limits.  This way, you can specify
5502 	 * a stronger policy, and when the framework loads a stronger version,
5503 	 * you can just keep plowing w/o rewhacking your SPD.
5504 	 */
5505 	mutex_enter(&ipss->ipsec_alg_lock);
5506 	algp = ipss->ipsec_alglists[(algtype == SADB_X_ALGTYPE_AUTH) ?
5507 	    IPSEC_ALG_AUTH : IPSEC_ALG_ENCR][alg];
5508 	if (algp == NULL) {
5509 		mutex_exit(&ipss->ipsec_alg_lock);
5510 		return (NULL);	/* Algorithm doesn't exist.  Fail gracefully. */
5511 	}
5512 	if (minbits < algp->alg_ef_minbits)
5513 		minbits = algp->alg_ef_minbits;
5514 	if (maxbits > algp->alg_ef_maxbits)
5515 		maxbits = algp->alg_ef_maxbits;
5516 	mutex_exit(&ipss->ipsec_alg_lock);
5517 
5518 	algdesc->sadb_x_algdesc_reserved = SADB_8TO1(algp->alg_saltlen);
5519 	algdesc->sadb_x_algdesc_satype = satype;
5520 	algdesc->sadb_x_algdesc_algtype = algtype;
5521 	algdesc->sadb_x_algdesc_alg = alg;
5522 	algdesc->sadb_x_algdesc_minbits = minbits;
5523 	algdesc->sadb_x_algdesc_maxbits = maxbits;
5524 
5525 	return (cur);
5526 }
5527 
5528 /*
5529  * Convert the given ipsec_action_t into an ecomb starting at *ecomb
5530  * which must fit before *limit
5531  *
5532  * return NULL if we ran out of room or a pointer to the end of the ecomb.
5533  */
5534 static uint8_t *
5535 sadb_action_to_ecomb(uint8_t *start, uint8_t *limit, ipsec_action_t *act,
5536     netstack_t *ns)
5537 {
5538 	uint8_t *cur = start;
5539 	sadb_x_ecomb_t *ecomb = (sadb_x_ecomb_t *)cur;
5540 	ipsec_prot_t *ipp;
5541 	ipsec_stack_t *ipss = ns->netstack_ipsec;
5542 
5543 	cur += sizeof (*ecomb);
5544 	if (cur >= limit)
5545 		return (NULL);
5546 
5547 	ASSERT(act->ipa_act.ipa_type == IPSEC_ACT_APPLY);
5548 
5549 	ipp = &act->ipa_act.ipa_apply;
5550 
5551 	ecomb->sadb_x_ecomb_numalgs = 0;
5552 	ecomb->sadb_x_ecomb_reserved = 0;
5553 	ecomb->sadb_x_ecomb_reserved2 = 0;
5554 	/*
5555 	 * No limits on allocations, since we really don't support that
5556 	 * concept currently.
5557 	 */
5558 	ecomb->sadb_x_ecomb_soft_allocations = 0;
5559 	ecomb->sadb_x_ecomb_hard_allocations = 0;
5560 
5561 	/*
5562 	 * XXX TBD: Policy or global parameters will eventually be
5563 	 * able to fill in some of these.
5564 	 */
5565 	ecomb->sadb_x_ecomb_flags = 0;
5566 	ecomb->sadb_x_ecomb_soft_bytes = 0;
5567 	ecomb->sadb_x_ecomb_hard_bytes = 0;
5568 	ecomb->sadb_x_ecomb_soft_addtime = 0;
5569 	ecomb->sadb_x_ecomb_hard_addtime = 0;
5570 	ecomb->sadb_x_ecomb_soft_usetime = 0;
5571 	ecomb->sadb_x_ecomb_hard_usetime = 0;
5572 
5573 	if (ipp->ipp_use_ah) {
5574 		cur = sadb_new_algdesc(cur, limit, ecomb,
5575 		    SADB_SATYPE_AH, SADB_X_ALGTYPE_AUTH, ipp->ipp_auth_alg,
5576 		    ipp->ipp_ah_minbits, ipp->ipp_ah_maxbits, ipss);
5577 		if (cur == NULL)
5578 			return (NULL);
5579 		ipsecah_fill_defs(ecomb, ns);
5580 	}
5581 
5582 	if (ipp->ipp_use_esp) {
5583 		if (ipp->ipp_use_espa) {
5584 			cur = sadb_new_algdesc(cur, limit, ecomb,
5585 			    SADB_SATYPE_ESP, SADB_X_ALGTYPE_AUTH,
5586 			    ipp->ipp_esp_auth_alg,
5587 			    ipp->ipp_espa_minbits,
5588 			    ipp->ipp_espa_maxbits, ipss);
5589 			if (cur == NULL)
5590 				return (NULL);
5591 		}
5592 
5593 		cur = sadb_new_algdesc(cur, limit, ecomb,
5594 		    SADB_SATYPE_ESP, SADB_X_ALGTYPE_CRYPT,
5595 		    ipp->ipp_encr_alg,
5596 		    ipp->ipp_espe_minbits,
5597 		    ipp->ipp_espe_maxbits, ipss);
5598 		if (cur == NULL)
5599 			return (NULL);
5600 		/* Fill in lifetimes if and only if AH didn't already... */
5601 		if (!ipp->ipp_use_ah)
5602 			ipsecesp_fill_defs(ecomb, ns);
5603 	}
5604 
5605 	return (cur);
5606 }
5607 
5608 /*
5609  * Construct an extended ACQUIRE message based on a selector and the resulting
5610  * IPsec action.
5611  *
5612  * NOTE: This is used by both inverse ACQUIRE and actual ACQUIRE
5613  * generation. As a consequence, expect this function to evolve
5614  * rapidly.
5615  */
5616 static mblk_t *
5617 sadb_extended_acquire(ipsec_selector_t *sel, ipsec_policy_t *pol,
5618     ipsec_action_t *act, boolean_t tunnel_mode, uint32_t seq, uint32_t pid,
5619     netstack_t *ns)
5620 {
5621 	mblk_t *mp;
5622 	sadb_msg_t *samsg;
5623 	uint8_t *start, *cur, *end;
5624 	uint32_t *saddrptr, *daddrptr;
5625 	sa_family_t af;
5626 	sadb_prop_t *eprop;
5627 	ipsec_action_t *ap, *an;
5628 	ipsec_selkey_t *ipsl;
5629 	uint8_t proto, pfxlen;
5630 	uint16_t lport, rport;
5631 	uint32_t kmp, kmc;
5632 
5633 	/*
5634 	 * Find the action we want sooner rather than later..
5635 	 */
5636 	an = NULL;
5637 	if (pol == NULL) {
5638 		ap = act;
5639 	} else {
5640 		ap = pol->ipsp_act;
5641 
5642 		if (ap != NULL)
5643 			an = ap->ipa_next;
5644 	}
5645 
5646 	/*
5647 	 * Just take a swag for the allocation for now.	 We can always
5648 	 * alter it later.
5649 	 */
5650 #define	SADB_EXTENDED_ACQUIRE_SIZE	4096
5651 	mp = allocb(SADB_EXTENDED_ACQUIRE_SIZE, BPRI_HI);
5652 	if (mp == NULL)
5653 		return (NULL);
5654 
5655 	start = mp->b_rptr;
5656 	end = start + SADB_EXTENDED_ACQUIRE_SIZE;
5657 
5658 	cur = start;
5659 
5660 	samsg = (sadb_msg_t *)cur;
5661 	cur += sizeof (*samsg);
5662 
5663 	samsg->sadb_msg_version = PF_KEY_V2;
5664 	samsg->sadb_msg_type = SADB_ACQUIRE;
5665 	samsg->sadb_msg_errno = 0;
5666 	samsg->sadb_msg_reserved = 0;
5667 	samsg->sadb_msg_satype = 0;
5668 	samsg->sadb_msg_seq = seq;
5669 	samsg->sadb_msg_pid = pid;
5670 
5671 	if (tunnel_mode) {
5672 		/*
5673 		 * Form inner address extensions based NOT on the inner
5674 		 * selectors (i.e. the packet data), but on the policy's
5675 		 * selector key (i.e. the policy's selector information).
5676 		 *
5677 		 * NOTE:  The position of IPv4 and IPv6 addresses is the
5678 		 * same in ipsec_selkey_t (unless the compiler does very
5679 		 * strange things with unions, consult your local C language
5680 		 * lawyer for details).
5681 		 */
5682 		ASSERT(pol != NULL);
5683 
5684 		ipsl = &(pol->ipsp_sel->ipsl_key);
5685 		if (ipsl->ipsl_valid & IPSL_IPV4) {
5686 			af = AF_INET;
5687 			ASSERT(sel->ips_protocol == IPPROTO_ENCAP);
5688 			ASSERT(!(ipsl->ipsl_valid & IPSL_IPV6));
5689 		} else {
5690 			af = AF_INET6;
5691 			ASSERT(sel->ips_protocol == IPPROTO_IPV6);
5692 			ASSERT(ipsl->ipsl_valid & IPSL_IPV6);
5693 		}
5694 
5695 		if (ipsl->ipsl_valid & IPSL_LOCAL_ADDR) {
5696 			saddrptr = (uint32_t *)(&ipsl->ipsl_local);
5697 			pfxlen = ipsl->ipsl_local_pfxlen;
5698 		} else {
5699 			saddrptr = (uint32_t *)(&ipv6_all_zeros);
5700 			pfxlen = 0;
5701 		}
5702 		/* XXX What about ICMP type/code? */
5703 		lport = (ipsl->ipsl_valid & IPSL_LOCAL_PORT) ?
5704 		    ipsl->ipsl_lport : 0;
5705 		proto = (ipsl->ipsl_valid & IPSL_PROTOCOL) ?
5706 		    ipsl->ipsl_proto : 0;
5707 
5708 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_INNER_SRC,
5709 		    af, saddrptr, lport, proto, pfxlen);
5710 		if (cur == NULL) {
5711 			freeb(mp);
5712 			return (NULL);
5713 		}
5714 
5715 		if (ipsl->ipsl_valid & IPSL_REMOTE_ADDR) {
5716 			daddrptr = (uint32_t *)(&ipsl->ipsl_remote);
5717 			pfxlen = ipsl->ipsl_remote_pfxlen;
5718 		} else {
5719 			daddrptr = (uint32_t *)(&ipv6_all_zeros);
5720 			pfxlen = 0;
5721 		}
5722 		/* XXX What about ICMP type/code? */
5723 		rport = (ipsl->ipsl_valid & IPSL_REMOTE_PORT) ?
5724 		    ipsl->ipsl_rport : 0;
5725 
5726 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_INNER_DST,
5727 		    af, daddrptr, rport, proto, pfxlen);
5728 		if (cur == NULL) {
5729 			freeb(mp);
5730 			return (NULL);
5731 		}
5732 		/*
5733 		 * TODO  - if we go to 3408's dream of transport mode IP-in-IP
5734 		 * _with_ inner-packet address selectors, we'll need to further
5735 		 * distinguish tunnel mode here.  For now, having inner
5736 		 * addresses and/or ports is sufficient.
5737 		 *
5738 		 * Meanwhile, whack proto/ports to reflect IP-in-IP for the
5739 		 * outer addresses.
5740 		 */
5741 		proto = sel->ips_protocol;	/* Either _ENCAP or _IPV6 */
5742 		lport = rport = 0;
5743 	} else if ((ap != NULL) && (!ap->ipa_want_unique)) {
5744 		proto = 0;
5745 		lport = 0;
5746 		rport = 0;
5747 		if (pol != NULL) {
5748 			ipsl = &(pol->ipsp_sel->ipsl_key);
5749 			if (ipsl->ipsl_valid & IPSL_PROTOCOL)
5750 				proto = ipsl->ipsl_proto;
5751 			if (ipsl->ipsl_valid & IPSL_REMOTE_PORT)
5752 				rport = ipsl->ipsl_rport;
5753 			if (ipsl->ipsl_valid & IPSL_LOCAL_PORT)
5754 				lport = ipsl->ipsl_lport;
5755 		}
5756 	} else {
5757 		proto = sel->ips_protocol;
5758 		lport = sel->ips_local_port;
5759 		rport = sel->ips_remote_port;
5760 	}
5761 
5762 	af = sel->ips_isv4 ? AF_INET : AF_INET6;
5763 
5764 	/*
5765 	 * NOTE:  The position of IPv4 and IPv6 addresses is the same in
5766 	 * ipsec_selector_t.
5767 	 */
5768 	cur = sadb_make_addr_ext(cur, end, SADB_EXT_ADDRESS_SRC, af,
5769 	    (uint32_t *)(&sel->ips_local_addr_v6), lport, proto, 0);
5770 
5771 	if (cur == NULL) {
5772 		freeb(mp);
5773 		return (NULL);
5774 	}
5775 
5776 	cur = sadb_make_addr_ext(cur, end, SADB_EXT_ADDRESS_DST, af,
5777 	    (uint32_t *)(&sel->ips_remote_addr_v6), rport, proto, 0);
5778 
5779 	if (cur == NULL) {
5780 		freeb(mp);
5781 		return (NULL);
5782 	}
5783 
5784 	/*
5785 	 * This section will change a lot as policy evolves.
5786 	 * For now, it'll be relatively simple.
5787 	 */
5788 	eprop = (sadb_prop_t *)cur;
5789 	cur += sizeof (*eprop);
5790 	if (cur > end) {
5791 		/* no space left */
5792 		freeb(mp);
5793 		return (NULL);
5794 	}
5795 
5796 	eprop->sadb_prop_exttype = SADB_X_EXT_EPROP;
5797 	eprop->sadb_x_prop_ereserved = 0;
5798 	eprop->sadb_x_prop_numecombs = 0;
5799 	eprop->sadb_prop_replay = 32;	/* default */
5800 
5801 	kmc = kmp = 0;
5802 
5803 	for (; ap != NULL; ap = an) {
5804 		an = (pol != NULL) ? ap->ipa_next : NULL;
5805 
5806 		/*
5807 		 * Skip non-IPsec policies
5808 		 */
5809 		if (ap->ipa_act.ipa_type != IPSEC_ACT_APPLY)
5810 			continue;
5811 
5812 		if (ap->ipa_act.ipa_apply.ipp_km_proto)
5813 			kmp = ap->ipa_act.ipa_apply.ipp_km_proto;
5814 		if (ap->ipa_act.ipa_apply.ipp_km_cookie)
5815 			kmc = ap->ipa_act.ipa_apply.ipp_km_cookie;
5816 		if (ap->ipa_act.ipa_apply.ipp_replay_depth) {
5817 			eprop->sadb_prop_replay =
5818 			    ap->ipa_act.ipa_apply.ipp_replay_depth;
5819 		}
5820 
5821 		cur = sadb_action_to_ecomb(cur, end, ap, ns);
5822 		if (cur == NULL) { /* no space */
5823 			freeb(mp);
5824 			return (NULL);
5825 		}
5826 		eprop->sadb_x_prop_numecombs++;
5827 	}
5828 
5829 	if (eprop->sadb_x_prop_numecombs == 0) {
5830 		/*
5831 		 * This will happen if we fail to find a policy
5832 		 * allowing for IPsec processing.
5833 		 * Construct an error message.
5834 		 */
5835 		samsg->sadb_msg_len = SADB_8TO64(sizeof (*samsg));
5836 		samsg->sadb_msg_errno = ENOENT;
5837 		samsg->sadb_x_msg_diagnostic = 0;
5838 		return (mp);
5839 	}
5840 
5841 	if ((kmp != 0) || (kmc != 0)) {
5842 		cur = sadb_make_kmc_ext(cur, end, kmp, kmc);
5843 		if (cur == NULL) {
5844 			freeb(mp);
5845 			return (NULL);
5846 		}
5847 	}
5848 
5849 	eprop->sadb_prop_len = SADB_8TO64(cur - (uint8_t *)eprop);
5850 	samsg->sadb_msg_len = SADB_8TO64(cur - start);
5851 	mp->b_wptr = cur;
5852 
5853 	return (mp);
5854 }
5855 
5856 /*
5857  * Generic setup of an RFC 2367 ACQUIRE message.  Caller sets satype.
5858  *
5859  * NOTE: This function acquires alg_lock as a side-effect if-and-only-if we
5860  * succeed (i.e. return non-NULL).  Caller MUST release it.  This is to
5861  * maximize code consolidation while preventing algorithm changes from messing
5862  * with the callers finishing touches on the ACQUIRE itself.
5863  */
5864 mblk_t *
5865 sadb_setup_acquire(ipsacq_t *acqrec, uint8_t satype, ipsec_stack_t *ipss)
5866 {
5867 	uint_t allocsize;
5868 	mblk_t *pfkeymp, *msgmp;
5869 	sa_family_t af;
5870 	uint8_t *cur, *end;
5871 	sadb_msg_t *samsg;
5872 	uint16_t sport_typecode;
5873 	uint16_t dport_typecode;
5874 	uint8_t check_proto;
5875 	boolean_t tunnel_mode = (acqrec->ipsacq_inneraddrfam != 0);
5876 
5877 	ASSERT(MUTEX_HELD(&acqrec->ipsacq_lock));
5878 
5879 	pfkeymp = sadb_keysock_out(0);
5880 	if (pfkeymp == NULL)
5881 		return (NULL);
5882 
5883 	/*
5884 	 * First, allocate a basic ACQUIRE message
5885 	 */
5886 	allocsize = sizeof (sadb_msg_t) + sizeof (sadb_address_t) +
5887 	    sizeof (sadb_address_t) + sizeof (sadb_prop_t);
5888 
5889 	/* Make sure there's enough to cover both AF_INET and AF_INET6. */
5890 	allocsize += 2 * sizeof (struct sockaddr_in6);
5891 
5892 	mutex_enter(&ipss->ipsec_alg_lock);
5893 	/* NOTE:  The lock is now held through to this function's return. */
5894 	allocsize += ipss->ipsec_nalgs[IPSEC_ALG_AUTH] *
5895 	    ipss->ipsec_nalgs[IPSEC_ALG_ENCR] * sizeof (sadb_comb_t);
5896 
5897 	if (tunnel_mode) {
5898 		/* Tunnel mode! */
5899 		allocsize += 2 * sizeof (sadb_address_t);
5900 		/* Enough to cover both AF_INET and AF_INET6. */
5901 		allocsize += 2 * sizeof (struct sockaddr_in6);
5902 	}
5903 
5904 	msgmp = allocb(allocsize, BPRI_HI);
5905 	if (msgmp == NULL) {
5906 		freeb(pfkeymp);
5907 		mutex_exit(&ipss->ipsec_alg_lock);
5908 		return (NULL);
5909 	}
5910 
5911 	pfkeymp->b_cont = msgmp;
5912 	cur = msgmp->b_rptr;
5913 	end = cur + allocsize;
5914 	samsg = (sadb_msg_t *)cur;
5915 	cur += sizeof (sadb_msg_t);
5916 
5917 	af = acqrec->ipsacq_addrfam;
5918 	switch (af) {
5919 	case AF_INET:
5920 		check_proto = IPPROTO_ICMP;
5921 		break;
5922 	case AF_INET6:
5923 		check_proto = IPPROTO_ICMPV6;
5924 		break;
5925 	default:
5926 		/* This should never happen unless we have kernel bugs. */
5927 		cmn_err(CE_WARN,
5928 		    "sadb_setup_acquire:  corrupt ACQUIRE record.\n");
5929 		ASSERT(0);
5930 		mutex_exit(&ipss->ipsec_alg_lock);
5931 		return (NULL);
5932 	}
5933 
5934 	samsg->sadb_msg_version = PF_KEY_V2;
5935 	samsg->sadb_msg_type = SADB_ACQUIRE;
5936 	samsg->sadb_msg_satype = satype;
5937 	samsg->sadb_msg_errno = 0;
5938 	samsg->sadb_msg_pid = 0;
5939 	samsg->sadb_msg_reserved = 0;
5940 	samsg->sadb_msg_seq = acqrec->ipsacq_seq;
5941 
5942 	ASSERT(MUTEX_HELD(&acqrec->ipsacq_lock));
5943 
5944 	if ((acqrec->ipsacq_proto == check_proto) || tunnel_mode) {
5945 		sport_typecode = dport_typecode = 0;
5946 	} else {
5947 		sport_typecode = acqrec->ipsacq_srcport;
5948 		dport_typecode = acqrec->ipsacq_dstport;
5949 	}
5950 
5951 	cur = sadb_make_addr_ext(cur, end, SADB_EXT_ADDRESS_SRC, af,
5952 	    acqrec->ipsacq_srcaddr, sport_typecode, acqrec->ipsacq_proto, 0);
5953 
5954 	cur = sadb_make_addr_ext(cur, end, SADB_EXT_ADDRESS_DST, af,
5955 	    acqrec->ipsacq_dstaddr, dport_typecode, acqrec->ipsacq_proto, 0);
5956 
5957 	if (tunnel_mode) {
5958 		sport_typecode = acqrec->ipsacq_srcport;
5959 		dport_typecode = acqrec->ipsacq_dstport;
5960 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_INNER_SRC,
5961 		    acqrec->ipsacq_inneraddrfam, acqrec->ipsacq_innersrc,
5962 		    sport_typecode, acqrec->ipsacq_inner_proto,
5963 		    acqrec->ipsacq_innersrcpfx);
5964 		cur = sadb_make_addr_ext(cur, end, SADB_X_EXT_ADDRESS_INNER_DST,
5965 		    acqrec->ipsacq_inneraddrfam, acqrec->ipsacq_innerdst,
5966 		    dport_typecode, acqrec->ipsacq_inner_proto,
5967 		    acqrec->ipsacq_innerdstpfx);
5968 	}
5969 
5970 	/* XXX Insert identity information here. */
5971 
5972 	/* XXXMLS Insert sensitivity information here. */
5973 
5974 	if (cur != NULL)
5975 		samsg->sadb_msg_len = SADB_8TO64(cur - msgmp->b_rptr);
5976 	else
5977 		mutex_exit(&ipss->ipsec_alg_lock);
5978 
5979 	return (pfkeymp);
5980 }
5981 
5982 /*
5983  * Given an SADB_GETSPI message, find an appropriately ranged SA and
5984  * allocate an SA.  If there are message improprieties, return (ipsa_t *)-1.
5985  * If there was a memory allocation error, return NULL.	 (Assume NULL !=
5986  * (ipsa_t *)-1).
5987  *
5988  * master_spi is passed in host order.
5989  */
5990 ipsa_t *
5991 sadb_getspi(keysock_in_t *ksi, uint32_t master_spi, int *diagnostic,
5992     netstack_t *ns, uint_t sa_type)
5993 {
5994 	sadb_address_t *src =
5995 	    (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_SRC],
5996 	    *dst = (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
5997 	sadb_spirange_t *range =
5998 	    (sadb_spirange_t *)ksi->ks_in_extv[SADB_EXT_SPIRANGE];
5999 	struct sockaddr_in *ssa, *dsa;
6000 	struct sockaddr_in6 *ssa6, *dsa6;
6001 	uint32_t *srcaddr, *dstaddr;
6002 	sa_family_t af;
6003 	uint32_t add, min, max;
6004 	uint8_t protocol =
6005 	    (sa_type == SADB_SATYPE_AH) ? IPPROTO_AH : IPPROTO_ESP;
6006 
6007 	if (src == NULL) {
6008 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_SRC;
6009 		return ((ipsa_t *)-1);
6010 	}
6011 	if (dst == NULL) {
6012 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_DST;
6013 		return ((ipsa_t *)-1);
6014 	}
6015 	if (range == NULL) {
6016 		*diagnostic = SADB_X_DIAGNOSTIC_MISSING_RANGE;
6017 		return ((ipsa_t *)-1);
6018 	}
6019 
6020 	min = ntohl(range->sadb_spirange_min);
6021 	max = ntohl(range->sadb_spirange_max);
6022 	dsa = (struct sockaddr_in *)(dst + 1);
6023 	dsa6 = (struct sockaddr_in6 *)dsa;
6024 
6025 	ssa = (struct sockaddr_in *)(src + 1);
6026 	ssa6 = (struct sockaddr_in6 *)ssa;
6027 	ASSERT(dsa->sin_family == ssa->sin_family);
6028 
6029 	srcaddr = ALL_ZEROES_PTR;
6030 	af = dsa->sin_family;
6031 	switch (af) {
6032 	case AF_INET:
6033 		if (src != NULL)
6034 			srcaddr = (uint32_t *)(&ssa->sin_addr);
6035 		dstaddr = (uint32_t *)(&dsa->sin_addr);
6036 		break;
6037 	case AF_INET6:
6038 		if (src != NULL)
6039 			srcaddr = (uint32_t *)(&ssa6->sin6_addr);
6040 		dstaddr = (uint32_t *)(&dsa6->sin6_addr);
6041 		break;
6042 	default:
6043 		*diagnostic = SADB_X_DIAGNOSTIC_BAD_DST_AF;
6044 		return ((ipsa_t *)-1);
6045 	}
6046 
6047 	if (master_spi < min || master_spi > max) {
6048 		/* Return a random value in the range. */
6049 		if (cl_inet_getspi) {
6050 			cl_inet_getspi(ns->netstack_stackid, protocol,
6051 			    (uint8_t *)&add, sizeof (add), NULL);
6052 		} else {
6053 			(void) random_get_pseudo_bytes((uint8_t *)&add,
6054 			    sizeof (add));
6055 		}
6056 		master_spi = min + (add % (max - min + 1));
6057 	}
6058 
6059 	/*
6060 	 * Since master_spi is passed in host order, we need to htonl() it
6061 	 * for the purposes of creating a new SA.
6062 	 */
6063 	return (sadb_makelarvalassoc(htonl(master_spi), srcaddr, dstaddr, af,
6064 	    ns));
6065 }
6066 
6067 /*
6068  *
6069  * Locate an ACQUIRE and nuke it.  If I have an samsg that's larger than the
6070  * base header, just ignore it.	 Otherwise, lock down the whole ACQUIRE list
6071  * and scan for the sequence number in question.  I may wish to accept an
6072  * address pair with it, for easier searching.
6073  *
6074  * Caller frees the message, so we don't have to here.
6075  *
6076  * NOTE:	The ip_q parameter may be used in the future for ACQUIRE
6077  *		failures.
6078  */
6079 /* ARGSUSED */
6080 void
6081 sadb_in_acquire(sadb_msg_t *samsg, sadbp_t *sp, queue_t *ip_q, netstack_t *ns)
6082 {
6083 	int i;
6084 	ipsacq_t *acqrec;
6085 	iacqf_t *bucket;
6086 
6087 	/*
6088 	 * I only accept the base header for this!
6089 	 * Though to be honest, requiring the dst address would help
6090 	 * immensely.
6091 	 *
6092 	 * XXX	There are already cases where I can get the dst address.
6093 	 */
6094 	if (samsg->sadb_msg_len > SADB_8TO64(sizeof (*samsg)))
6095 		return;
6096 
6097 	/*
6098 	 * Using the samsg->sadb_msg_seq, find the ACQUIRE record, delete it,
6099 	 * (and in the future send a message to IP with the appropriate error
6100 	 * number).
6101 	 *
6102 	 * Q: Do I want to reject if pid != 0?
6103 	 */
6104 
6105 	for (i = 0; i < sp->s_v4.sdb_hashsize; i++) {
6106 		bucket = &sp->s_v4.sdb_acq[i];
6107 		mutex_enter(&bucket->iacqf_lock);
6108 		for (acqrec = bucket->iacqf_ipsacq; acqrec != NULL;
6109 		    acqrec = acqrec->ipsacq_next) {
6110 			if (samsg->sadb_msg_seq == acqrec->ipsacq_seq)
6111 				break;	/* for acqrec... loop. */
6112 		}
6113 		if (acqrec != NULL)
6114 			break;	/* for i = 0... loop. */
6115 
6116 		mutex_exit(&bucket->iacqf_lock);
6117 	}
6118 
6119 	if (acqrec == NULL) {
6120 		for (i = 0; i < sp->s_v6.sdb_hashsize; i++) {
6121 			bucket = &sp->s_v6.sdb_acq[i];
6122 			mutex_enter(&bucket->iacqf_lock);
6123 			for (acqrec = bucket->iacqf_ipsacq; acqrec != NULL;
6124 			    acqrec = acqrec->ipsacq_next) {
6125 				if (samsg->sadb_msg_seq == acqrec->ipsacq_seq)
6126 					break;	/* for acqrec... loop. */
6127 			}
6128 			if (acqrec != NULL)
6129 				break;	/* for i = 0... loop. */
6130 
6131 			mutex_exit(&bucket->iacqf_lock);
6132 		}
6133 	}
6134 
6135 
6136 	if (acqrec == NULL)
6137 		return;
6138 
6139 	/*
6140 	 * What do I do with the errno and IP?	I may need mp's services a
6141 	 * little more.	 See sadb_destroy_acquire() for future directions
6142 	 * beyond free the mblk chain on the acquire record.
6143 	 */
6144 
6145 	ASSERT(&bucket->iacqf_lock == acqrec->ipsacq_linklock);
6146 	sadb_destroy_acquire(acqrec, ns);
6147 	/* Have to exit mutex here, because of breaking out of for loop. */
6148 	mutex_exit(&bucket->iacqf_lock);
6149 }
6150 
6151 /*
6152  * The following functions work with the replay windows of an SA.  They assume
6153  * the ipsa->ipsa_replay_arr is an array of uint64_t, and that the bit vector
6154  * represents the highest sequence number packet received, and back
6155  * (ipsa->ipsa_replay_wsize) packets.
6156  */
6157 
6158 /*
6159  * Is the replay bit set?
6160  */
6161 static boolean_t
6162 ipsa_is_replay_set(ipsa_t *ipsa, uint32_t offset)
6163 {
6164 	uint64_t bit = (uint64_t)1 << (uint64_t)(offset & 63);
6165 
6166 	return ((bit & ipsa->ipsa_replay_arr[offset >> 6]) ? B_TRUE : B_FALSE);
6167 }
6168 
6169 /*
6170  * Shift the bits of the replay window over.
6171  */
6172 static void
6173 ipsa_shift_replay(ipsa_t *ipsa, uint32_t shift)
6174 {
6175 	int i;
6176 	int jump = ((shift - 1) >> 6) + 1;
6177 
6178 	if (shift == 0)
6179 		return;
6180 
6181 	for (i = (ipsa->ipsa_replay_wsize - 1) >> 6; i >= 0; i--) {
6182 		if (i + jump <= (ipsa->ipsa_replay_wsize - 1) >> 6) {
6183 			ipsa->ipsa_replay_arr[i + jump] |=
6184 			    ipsa->ipsa_replay_arr[i] >> (64 - (shift & 63));
6185 		}
6186 		ipsa->ipsa_replay_arr[i] <<= shift;
6187 	}
6188 }
6189 
6190 /*
6191  * Set a bit in the bit vector.
6192  */
6193 static void
6194 ipsa_set_replay(ipsa_t *ipsa, uint32_t offset)
6195 {
6196 	uint64_t bit = (uint64_t)1 << (uint64_t)(offset & 63);
6197 
6198 	ipsa->ipsa_replay_arr[offset >> 6] |= bit;
6199 }
6200 
6201 #define	SADB_MAX_REPLAY_VALUE 0xffffffff
6202 
6203 /*
6204  * Assume caller has NOT done ntohl() already on seq.  Check to see
6205  * if replay sequence number "seq" has been seen already.
6206  */
6207 boolean_t
6208 sadb_replay_check(ipsa_t *ipsa, uint32_t seq)
6209 {
6210 	boolean_t rc;
6211 	uint32_t diff;
6212 
6213 	if (ipsa->ipsa_replay_wsize == 0)
6214 		return (B_TRUE);
6215 
6216 	/*
6217 	 * NOTE:  I've already checked for 0 on the wire in sadb_replay_peek().
6218 	 */
6219 
6220 	/* Convert sequence number into host order before holding the mutex. */
6221 	seq = ntohl(seq);
6222 
6223 	mutex_enter(&ipsa->ipsa_lock);
6224 
6225 	/* Initialize inbound SA's ipsa_replay field to last one received. */
6226 	if (ipsa->ipsa_replay == 0)
6227 		ipsa->ipsa_replay = 1;
6228 
6229 	if (seq > ipsa->ipsa_replay) {
6230 		/*
6231 		 * I have received a new "highest value received".  Shift
6232 		 * the replay window over.
6233 		 */
6234 		diff = seq - ipsa->ipsa_replay;
6235 		if (diff < ipsa->ipsa_replay_wsize) {
6236 			/* In replay window, shift bits over. */
6237 			ipsa_shift_replay(ipsa, diff);
6238 		} else {
6239 			/* WAY FAR AHEAD, clear bits and start again. */
6240 			bzero(ipsa->ipsa_replay_arr,
6241 			    sizeof (ipsa->ipsa_replay_arr));
6242 		}
6243 		ipsa_set_replay(ipsa, 0);
6244 		ipsa->ipsa_replay = seq;
6245 		rc = B_TRUE;
6246 		goto done;
6247 	}
6248 	diff = ipsa->ipsa_replay - seq;
6249 	if (diff >= ipsa->ipsa_replay_wsize || ipsa_is_replay_set(ipsa, diff)) {
6250 		rc = B_FALSE;
6251 		goto done;
6252 	}
6253 	/* Set this packet as seen. */
6254 	ipsa_set_replay(ipsa, diff);
6255 
6256 	rc = B_TRUE;
6257 done:
6258 	mutex_exit(&ipsa->ipsa_lock);
6259 	return (rc);
6260 }
6261 
6262 /*
6263  * "Peek" and see if we should even bother going through the effort of
6264  * running an authentication check on the sequence number passed in.
6265  * this takes into account packets that are below the replay window,
6266  * and collisions with already replayed packets.  Return B_TRUE if it
6267  * is okay to proceed, B_FALSE if this packet should be dropped immediately.
6268  * Assume same byte-ordering as sadb_replay_check.
6269  */
6270 boolean_t
6271 sadb_replay_peek(ipsa_t *ipsa, uint32_t seq)
6272 {
6273 	boolean_t rc = B_FALSE;
6274 	uint32_t diff;
6275 
6276 	if (ipsa->ipsa_replay_wsize == 0)
6277 		return (B_TRUE);
6278 
6279 	/*
6280 	 * 0 is 0, regardless of byte order... :)
6281 	 *
6282 	 * If I get 0 on the wire (and there is a replay window) then the
6283 	 * sender most likely wrapped.	This ipsa may need to be marked or
6284 	 * something.
6285 	 */
6286 	if (seq == 0)
6287 		return (B_FALSE);
6288 
6289 	seq = ntohl(seq);
6290 	mutex_enter(&ipsa->ipsa_lock);
6291 	if (seq < ipsa->ipsa_replay - ipsa->ipsa_replay_wsize &&
6292 	    ipsa->ipsa_replay >= ipsa->ipsa_replay_wsize)
6293 		goto done;
6294 
6295 	/*
6296 	 * If I've hit 0xffffffff, then quite honestly, I don't need to
6297 	 * bother with formalities.  I'm not accepting any more packets
6298 	 * on this SA.
6299 	 */
6300 	if (ipsa->ipsa_replay == SADB_MAX_REPLAY_VALUE) {
6301 		/*
6302 		 * Since we're already holding the lock, update the
6303 		 * expire time ala. sadb_replay_delete() and return.
6304 		 */
6305 		ipsa->ipsa_hardexpiretime = (time_t)1;
6306 		goto done;
6307 	}
6308 
6309 	if (seq <= ipsa->ipsa_replay) {
6310 		/*
6311 		 * This seq is in the replay window.  I'm not below it,
6312 		 * because I already checked for that above!
6313 		 */
6314 		diff = ipsa->ipsa_replay - seq;
6315 		if (ipsa_is_replay_set(ipsa, diff))
6316 			goto done;
6317 	}
6318 	/* Else return B_TRUE, I'm going to advance the window. */
6319 
6320 	rc = B_TRUE;
6321 done:
6322 	mutex_exit(&ipsa->ipsa_lock);
6323 	return (rc);
6324 }
6325 
6326 /*
6327  * Delete a single SA.
6328  *
6329  * For now, use the quick-and-dirty trick of making the association's
6330  * hard-expire lifetime (time_t)1, ensuring deletion by the *_ager().
6331  */
6332 void
6333 sadb_replay_delete(ipsa_t *assoc)
6334 {
6335 	mutex_enter(&assoc->ipsa_lock);
6336 	assoc->ipsa_hardexpiretime = (time_t)1;
6337 	mutex_exit(&assoc->ipsa_lock);
6338 }
6339 
6340 /*
6341  * Given a queue that presumably points to IP, send a T_BIND_REQ for _proto_
6342  * down.  The caller will handle the T_BIND_ACK locally.
6343  */
6344 boolean_t
6345 sadb_t_bind_req(queue_t *q, int proto)
6346 {
6347 	struct T_bind_req *tbr;
6348 	mblk_t *mp;
6349 
6350 	mp = allocb_cred(sizeof (struct T_bind_req) + 1, kcred, NOPID);
6351 	if (mp == NULL) {
6352 		/* cmn_err(CE_WARN, */
6353 		/* "sadb_t_bind_req(%d): couldn't allocate mblk\n", proto); */
6354 		return (B_FALSE);
6355 	}
6356 	mp->b_datap->db_type = M_PCPROTO;
6357 	tbr = (struct T_bind_req *)mp->b_rptr;
6358 	mp->b_wptr += sizeof (struct T_bind_req);
6359 	tbr->PRIM_type = T_BIND_REQ;
6360 	tbr->ADDR_length = 0;
6361 	tbr->ADDR_offset = 0;
6362 	tbr->CONIND_number = 0;
6363 	*mp->b_wptr = (uint8_t)proto;
6364 	mp->b_wptr++;
6365 
6366 	putnext(q, mp);
6367 	return (B_TRUE);
6368 }
6369 
6370 /*
6371  * Special front-end to ipsec_rl_strlog() dealing with SA failure.
6372  * this is designed to take only a format string with "* %x * %s *", so
6373  * that "spi" is printed first, then "addr" is converted using inet_pton().
6374  *
6375  * This is abstracted out to save the stack space for only when inet_pton()
6376  * is called.  Make sure "spi" is in network order; it usually is when this
6377  * would get called.
6378  */
6379 void
6380 ipsec_assocfailure(short mid, short sid, char level, ushort_t sl, char *fmt,
6381     uint32_t spi, void *addr, int af, netstack_t *ns)
6382 {
6383 	char buf[INET6_ADDRSTRLEN];
6384 
6385 	ASSERT(af == AF_INET6 || af == AF_INET);
6386 
6387 	ipsec_rl_strlog(ns, mid, sid, level, sl, fmt, ntohl(spi),
6388 	    inet_ntop(af, addr, buf, sizeof (buf)));
6389 }
6390 
6391 /*
6392  * Fills in a reference to the policy, if any, from the conn, in *ppp
6393  * Releases a reference to the passed conn_t.
6394  */
6395 static void
6396 ipsec_conn_pol(ipsec_selector_t *sel, conn_t *connp, ipsec_policy_t **ppp)
6397 {
6398 	ipsec_policy_t	*pp;
6399 	ipsec_latch_t	*ipl = connp->conn_latch;
6400 
6401 	if ((ipl != NULL) && (ipl->ipl_out_policy != NULL)) {
6402 		pp = ipl->ipl_out_policy;
6403 		IPPOL_REFHOLD(pp);
6404 	} else {
6405 		pp = ipsec_find_policy(IPSEC_TYPE_OUTBOUND, connp, NULL, sel,
6406 		    connp->conn_netstack);
6407 	}
6408 	*ppp = pp;
6409 	CONN_DEC_REF(connp);
6410 }
6411 
6412 /*
6413  * The following functions scan through active conn_t structures
6414  * and return a reference to the best-matching policy it can find.
6415  * Caller must release the reference.
6416  */
6417 static void
6418 ipsec_udp_pol(ipsec_selector_t *sel, ipsec_policy_t **ppp, ip_stack_t *ipst)
6419 {
6420 	connf_t *connfp;
6421 	conn_t *connp = NULL;
6422 	ipsec_selector_t portonly;
6423 
6424 	bzero((void *)&portonly, sizeof (portonly));
6425 
6426 	if (sel->ips_local_port == 0)
6427 		return;
6428 
6429 	connfp = &ipst->ips_ipcl_udp_fanout[IPCL_UDP_HASH(sel->ips_local_port,
6430 	    ipst)];
6431 	mutex_enter(&connfp->connf_lock);
6432 
6433 	if (sel->ips_isv4) {
6434 		connp = connfp->connf_head;
6435 		while (connp != NULL) {
6436 			if (IPCL_UDP_MATCH(connp, sel->ips_local_port,
6437 			    sel->ips_local_addr_v4, sel->ips_remote_port,
6438 			    sel->ips_remote_addr_v4))
6439 				break;
6440 			connp = connp->conn_next;
6441 		}
6442 
6443 		if (connp == NULL) {
6444 			/* Try port-only match in IPv6. */
6445 			portonly.ips_local_port = sel->ips_local_port;
6446 			sel = &portonly;
6447 		}
6448 	}
6449 
6450 	if (connp == NULL) {
6451 		connp = connfp->connf_head;
6452 		while (connp != NULL) {
6453 			if (IPCL_UDP_MATCH_V6(connp, sel->ips_local_port,
6454 			    sel->ips_local_addr_v6, sel->ips_remote_port,
6455 			    sel->ips_remote_addr_v6))
6456 				break;
6457 			connp = connp->conn_next;
6458 		}
6459 
6460 		if (connp == NULL) {
6461 			mutex_exit(&connfp->connf_lock);
6462 			return;
6463 		}
6464 	}
6465 
6466 	CONN_INC_REF(connp);
6467 	mutex_exit(&connfp->connf_lock);
6468 
6469 	ipsec_conn_pol(sel, connp, ppp);
6470 }
6471 
6472 static conn_t *
6473 ipsec_find_listen_conn(uint16_t *pptr, ipsec_selector_t *sel, ip_stack_t *ipst)
6474 {
6475 	connf_t *connfp;
6476 	conn_t *connp = NULL;
6477 	const in6_addr_t *v6addrmatch = &sel->ips_local_addr_v6;
6478 
6479 	if (sel->ips_local_port == 0)
6480 		return (NULL);
6481 
6482 	connfp = &ipst->ips_ipcl_bind_fanout[
6483 	    IPCL_BIND_HASH(sel->ips_local_port, ipst)];
6484 	mutex_enter(&connfp->connf_lock);
6485 
6486 	if (sel->ips_isv4) {
6487 		connp = connfp->connf_head;
6488 		while (connp != NULL) {
6489 			if (IPCL_BIND_MATCH(connp, IPPROTO_TCP,
6490 			    sel->ips_local_addr_v4, pptr[1]))
6491 				break;
6492 			connp = connp->conn_next;
6493 		}
6494 
6495 		if (connp == NULL) {
6496 			/* Match to all-zeroes. */
6497 			v6addrmatch = &ipv6_all_zeros;
6498 		}
6499 	}
6500 
6501 	if (connp == NULL) {
6502 		connp = connfp->connf_head;
6503 		while (connp != NULL) {
6504 			if (IPCL_BIND_MATCH_V6(connp, IPPROTO_TCP,
6505 			    *v6addrmatch, pptr[1]))
6506 				break;
6507 			connp = connp->conn_next;
6508 		}
6509 
6510 		if (connp == NULL) {
6511 			mutex_exit(&connfp->connf_lock);
6512 			return (NULL);
6513 		}
6514 	}
6515 
6516 	CONN_INC_REF(connp);
6517 	mutex_exit(&connfp->connf_lock);
6518 	return (connp);
6519 }
6520 
6521 static void
6522 ipsec_tcp_pol(ipsec_selector_t *sel, ipsec_policy_t **ppp, ip_stack_t *ipst)
6523 {
6524 	connf_t 	*connfp;
6525 	conn_t		*connp;
6526 	uint32_t	ports;
6527 	uint16_t	*pptr = (uint16_t *)&ports;
6528 
6529 	/*
6530 	 * Find TCP state in the following order:
6531 	 * 1.) Connected conns.
6532 	 * 2.) Listeners.
6533 	 *
6534 	 * Even though #2 will be the common case for inbound traffic, only
6535 	 * following this order insures correctness.
6536 	 */
6537 
6538 	if (sel->ips_local_port == 0)
6539 		return;
6540 
6541 	/*
6542 	 * 0 should be fport, 1 should be lport.  SRC is the local one here.
6543 	 * See ipsec_construct_inverse_acquire() for details.
6544 	 */
6545 	pptr[0] = sel->ips_remote_port;
6546 	pptr[1] = sel->ips_local_port;
6547 
6548 	connfp = &ipst->ips_ipcl_conn_fanout[
6549 	    IPCL_CONN_HASH(sel->ips_remote_addr_v4, ports, ipst)];
6550 	mutex_enter(&connfp->connf_lock);
6551 	connp = connfp->connf_head;
6552 
6553 	if (sel->ips_isv4) {
6554 		while (connp != NULL) {
6555 			if (IPCL_CONN_MATCH(connp, IPPROTO_TCP,
6556 			    sel->ips_remote_addr_v4, sel->ips_local_addr_v4,
6557 			    ports))
6558 				break;
6559 			connp = connp->conn_next;
6560 		}
6561 	} else {
6562 		while (connp != NULL) {
6563 			if (IPCL_CONN_MATCH_V6(connp, IPPROTO_TCP,
6564 			    sel->ips_remote_addr_v6, sel->ips_local_addr_v6,
6565 			    ports))
6566 				break;
6567 			connp = connp->conn_next;
6568 		}
6569 	}
6570 
6571 	if (connp != NULL) {
6572 		CONN_INC_REF(connp);
6573 		mutex_exit(&connfp->connf_lock);
6574 	} else {
6575 		mutex_exit(&connfp->connf_lock);
6576 
6577 		/* Try the listen hash. */
6578 		if ((connp = ipsec_find_listen_conn(pptr, sel, ipst)) == NULL)
6579 			return;
6580 	}
6581 
6582 	ipsec_conn_pol(sel, connp, ppp);
6583 }
6584 
6585 static void
6586 ipsec_sctp_pol(ipsec_selector_t *sel, ipsec_policy_t **ppp,
6587     ip_stack_t *ipst)
6588 {
6589 	conn_t		*connp;
6590 	uint32_t	ports;
6591 	uint16_t	*pptr = (uint16_t *)&ports;
6592 
6593 	/*
6594 	 * Find SCP state in the following order:
6595 	 * 1.) Connected conns.
6596 	 * 2.) Listeners.
6597 	 *
6598 	 * Even though #2 will be the common case for inbound traffic, only
6599 	 * following this order insures correctness.
6600 	 */
6601 
6602 	if (sel->ips_local_port == 0)
6603 		return;
6604 
6605 	/*
6606 	 * 0 should be fport, 1 should be lport.  SRC is the local one here.
6607 	 * See ipsec_construct_inverse_acquire() for details.
6608 	 */
6609 	pptr[0] = sel->ips_remote_port;
6610 	pptr[1] = sel->ips_local_port;
6611 
6612 	if (sel->ips_isv4) {
6613 		in6_addr_t	src, dst;
6614 
6615 		IN6_IPADDR_TO_V4MAPPED(sel->ips_remote_addr_v4, &dst);
6616 		IN6_IPADDR_TO_V4MAPPED(sel->ips_local_addr_v4, &src);
6617 		connp = sctp_find_conn(&dst, &src, ports, ALL_ZONES,
6618 		    ipst->ips_netstack->netstack_sctp);
6619 	} else {
6620 		connp = sctp_find_conn(&sel->ips_remote_addr_v6,
6621 		    &sel->ips_local_addr_v6, ports, ALL_ZONES,
6622 		    ipst->ips_netstack->netstack_sctp);
6623 	}
6624 	if (connp == NULL)
6625 		return;
6626 	ipsec_conn_pol(sel, connp, ppp);
6627 }
6628 
6629 /*
6630  * Fill in a query for the SPD (in "sel") using two PF_KEY address extensions.
6631  * Returns 0 or errno, and always sets *diagnostic to something appropriate
6632  * to PF_KEY.
6633  *
6634  * NOTE:  For right now, this function (and ipsec_selector_t for that matter),
6635  * ignore prefix lengths in the address extension.  Since we match on first-
6636  * entered policies, this shouldn't matter.  Also, since we normalize prefix-
6637  * set addresses to mask out the lower bits, we should get a suitable search
6638  * key for the SPD anyway.  This is the function to change if the assumption
6639  * about suitable search keys is wrong.
6640  */
6641 static int
6642 ipsec_get_inverse_acquire_sel(ipsec_selector_t *sel, sadb_address_t *srcext,
6643     sadb_address_t *dstext, int *diagnostic)
6644 {
6645 	struct sockaddr_in *src, *dst;
6646 	struct sockaddr_in6 *src6, *dst6;
6647 
6648 	*diagnostic = 0;
6649 
6650 	bzero(sel, sizeof (*sel));
6651 	sel->ips_protocol = srcext->sadb_address_proto;
6652 	dst = (struct sockaddr_in *)(dstext + 1);
6653 	if (dst->sin_family == AF_INET6) {
6654 		dst6 = (struct sockaddr_in6 *)dst;
6655 		src6 = (struct sockaddr_in6 *)(srcext + 1);
6656 		if (src6->sin6_family != AF_INET6) {
6657 			*diagnostic = SADB_X_DIAGNOSTIC_AF_MISMATCH;
6658 			return (EINVAL);
6659 		}
6660 		sel->ips_remote_addr_v6 = dst6->sin6_addr;
6661 		sel->ips_local_addr_v6 = src6->sin6_addr;
6662 		if (sel->ips_protocol == IPPROTO_ICMPV6) {
6663 			sel->ips_is_icmp_inv_acq = 1;
6664 		} else {
6665 			sel->ips_remote_port = dst6->sin6_port;
6666 			sel->ips_local_port = src6->sin6_port;
6667 		}
6668 		sel->ips_isv4 = B_FALSE;
6669 	} else {
6670 		src = (struct sockaddr_in *)(srcext + 1);
6671 		if (src->sin_family != AF_INET) {
6672 			*diagnostic = SADB_X_DIAGNOSTIC_AF_MISMATCH;
6673 			return (EINVAL);
6674 		}
6675 		sel->ips_remote_addr_v4 = dst->sin_addr.s_addr;
6676 		sel->ips_local_addr_v4 = src->sin_addr.s_addr;
6677 		if (sel->ips_protocol == IPPROTO_ICMP) {
6678 			sel->ips_is_icmp_inv_acq = 1;
6679 		} else {
6680 			sel->ips_remote_port = dst->sin_port;
6681 			sel->ips_local_port = src->sin_port;
6682 		}
6683 		sel->ips_isv4 = B_TRUE;
6684 	}
6685 	return (0);
6686 }
6687 
6688 /*
6689  * We have encapsulation.
6690  * - Lookup tun_t by address and look for an associated
6691  *   tunnel policy
6692  * - If there are inner selectors
6693  *   - check ITPF_P_TUNNEL and ITPF_P_ACTIVE
6694  *   - Look up tunnel policy based on selectors
6695  * - Else
6696  *   - Sanity check the negotation
6697  *   - If appropriate, fall through to global policy
6698  */
6699 static int
6700 ipsec_tun_pol(ipsec_selector_t *sel, ipsec_policy_t **ppp,
6701     sadb_address_t *innsrcext, sadb_address_t *inndstext, ipsec_tun_pol_t *itp,
6702     int *diagnostic, netstack_t *ns)
6703 {
6704 	int err;
6705 	ipsec_policy_head_t *polhead;
6706 
6707 	*diagnostic = 0;
6708 
6709 	/* Check for inner selectors and act appropriately */
6710 
6711 	if (innsrcext != NULL) {
6712 		/* Inner selectors present */
6713 		ASSERT(inndstext != NULL);
6714 		if ((itp == NULL) ||
6715 		    (itp->itp_flags & (ITPF_P_ACTIVE | ITPF_P_TUNNEL)) !=
6716 		    (ITPF_P_ACTIVE | ITPF_P_TUNNEL)) {
6717 			/*
6718 			 * If inner packet selectors, we must have negotiate
6719 			 * tunnel and active policy.  If the tunnel has
6720 			 * transport-mode policy set on it, or has no policy,
6721 			 * fail.
6722 			 */
6723 			return (ENOENT);
6724 		} else {
6725 			/*
6726 			 * Reset "sel" to indicate inner selectors.  Pass
6727 			 * inner PF_KEY address extensions for this to happen.
6728 			 */
6729 			if ((err = ipsec_get_inverse_acquire_sel(sel,
6730 			    innsrcext, inndstext, diagnostic)) != 0)
6731 				return (err);
6732 			/*
6733 			 * Now look for a tunnel policy based on those inner
6734 			 * selectors.  (Common code is below.)
6735 			 */
6736 		}
6737 	} else {
6738 		/* No inner selectors present */
6739 		if ((itp == NULL) || !(itp->itp_flags & ITPF_P_ACTIVE)) {
6740 			/*
6741 			 * Transport mode negotiation with no tunnel policy
6742 			 * configured - return to indicate a global policy
6743 			 * check is needed.
6744 			 */
6745 			return (0);
6746 		} else if (itp->itp_flags & ITPF_P_TUNNEL) {
6747 			/* Tunnel mode set with no inner selectors. */
6748 			return (ENOENT);
6749 		}
6750 		/*
6751 		 * Else, this is a tunnel policy configured with ifconfig(1m)
6752 		 * or "negotiate transport" with ipsecconf(1m).  We have an
6753 		 * itp with policy set based on any match, so don't bother
6754 		 * changing fields in "sel".
6755 		 */
6756 	}
6757 
6758 	ASSERT(itp != NULL);
6759 	polhead = itp->itp_policy;
6760 	ASSERT(polhead != NULL);
6761 	rw_enter(&polhead->iph_lock, RW_READER);
6762 	*ppp = ipsec_find_policy_head(NULL, polhead,
6763 	    IPSEC_TYPE_INBOUND, sel, ns);
6764 	rw_exit(&polhead->iph_lock);
6765 
6766 	/*
6767 	 * Don't default to global if we didn't find a matching policy entry.
6768 	 * Instead, send ENOENT, just like if we hit a transport-mode tunnel.
6769 	 */
6770 	if (*ppp == NULL)
6771 		return (ENOENT);
6772 
6773 	return (0);
6774 }
6775 
6776 static void
6777 ipsec_oth_pol(ipsec_selector_t *sel, ipsec_policy_t **ppp,
6778     ip_stack_t *ipst)
6779 {
6780 	boolean_t	isv4 = sel->ips_isv4;
6781 	connf_t		*connfp;
6782 	conn_t		*connp;
6783 
6784 	if (isv4) {
6785 		connfp = &ipst->ips_ipcl_proto_fanout[sel->ips_protocol];
6786 	} else {
6787 		connfp = &ipst->ips_ipcl_proto_fanout_v6[sel->ips_protocol];
6788 	}
6789 
6790 	mutex_enter(&connfp->connf_lock);
6791 	for (connp = connfp->connf_head; connp != NULL;
6792 	    connp = connp->conn_next) {
6793 		if (!((isv4 && !((connp->conn_src == 0 ||
6794 		    connp->conn_src == sel->ips_local_addr_v4) &&
6795 		    (connp->conn_rem == 0 ||
6796 		    connp->conn_rem == sel->ips_remote_addr_v4))) ||
6797 		    (!isv4 && !((IN6_IS_ADDR_UNSPECIFIED(&connp->conn_srcv6) ||
6798 		    IN6_ARE_ADDR_EQUAL(&connp->conn_srcv6,
6799 		    &sel->ips_local_addr_v6)) &&
6800 		    (IN6_IS_ADDR_UNSPECIFIED(&connp->conn_remv6) ||
6801 		    IN6_ARE_ADDR_EQUAL(&connp->conn_remv6,
6802 		    &sel->ips_remote_addr_v6)))))) {
6803 			break;
6804 		}
6805 	}
6806 	if (connp == NULL) {
6807 		mutex_exit(&connfp->connf_lock);
6808 		return;
6809 	}
6810 
6811 	CONN_INC_REF(connp);
6812 	mutex_exit(&connfp->connf_lock);
6813 
6814 	ipsec_conn_pol(sel, connp, ppp);
6815 }
6816 
6817 /*
6818  * Construct an inverse ACQUIRE reply based on:
6819  *
6820  * 1.) Current global policy.
6821  * 2.) An conn_t match depending on what all was passed in the extv[].
6822  * 3.) A tunnel's policy head.
6823  * ...
6824  * N.) Other stuff TBD (e.g. identities)
6825  *
6826  * If there is an error, set sadb_msg_errno and sadb_x_msg_diagnostic
6827  * in this function so the caller can extract them where appropriately.
6828  *
6829  * The SRC address is the local one - just like an outbound ACQUIRE message.
6830  */
6831 mblk_t *
6832 ipsec_construct_inverse_acquire(sadb_msg_t *samsg, sadb_ext_t *extv[],
6833     netstack_t *ns)
6834 {
6835 	int err;
6836 	int diagnostic;
6837 	sadb_address_t *srcext = (sadb_address_t *)extv[SADB_EXT_ADDRESS_SRC],
6838 	    *dstext = (sadb_address_t *)extv[SADB_EXT_ADDRESS_DST],
6839 	    *innsrcext = (sadb_address_t *)extv[SADB_X_EXT_ADDRESS_INNER_SRC],
6840 	    *inndstext = (sadb_address_t *)extv[SADB_X_EXT_ADDRESS_INNER_DST];
6841 	struct sockaddr_in6 *src, *dst;
6842 	struct sockaddr_in6 *isrc, *idst;
6843 	ipsec_tun_pol_t *itp = NULL;
6844 	ipsec_policy_t *pp = NULL;
6845 	ipsec_selector_t sel, isel;
6846 	mblk_t *retmp = NULL;
6847 	ip_stack_t	*ipst = ns->netstack_ip;
6848 
6849 	/* Normalize addresses */
6850 	if (sadb_addrcheck(NULL, (mblk_t *)samsg, (sadb_ext_t *)srcext, 0, ns)
6851 	    == KS_IN_ADDR_UNKNOWN) {
6852 		err = EINVAL;
6853 		diagnostic = SADB_X_DIAGNOSTIC_BAD_SRC;
6854 		goto bail;
6855 	}
6856 	src = (struct sockaddr_in6 *)(srcext + 1);
6857 	if (sadb_addrcheck(NULL, (mblk_t *)samsg, (sadb_ext_t *)dstext, 0, ns)
6858 	    == KS_IN_ADDR_UNKNOWN) {
6859 		err = EINVAL;
6860 		diagnostic = SADB_X_DIAGNOSTIC_BAD_DST;
6861 		goto bail;
6862 	}
6863 	dst = (struct sockaddr_in6 *)(dstext + 1);
6864 	if (src->sin6_family != dst->sin6_family) {
6865 		err = EINVAL;
6866 		diagnostic = SADB_X_DIAGNOSTIC_AF_MISMATCH;
6867 		goto bail;
6868 	}
6869 
6870 	/* Check for tunnel mode and act appropriately */
6871 	if (innsrcext != NULL) {
6872 		if (inndstext == NULL) {
6873 			err = EINVAL;
6874 			diagnostic = SADB_X_DIAGNOSTIC_MISSING_INNER_DST;
6875 			goto bail;
6876 		}
6877 		if (sadb_addrcheck(NULL, (mblk_t *)samsg,
6878 		    (sadb_ext_t *)innsrcext, 0, ns) == KS_IN_ADDR_UNKNOWN) {
6879 			err = EINVAL;
6880 			diagnostic = SADB_X_DIAGNOSTIC_MALFORMED_INNER_SRC;
6881 			goto bail;
6882 		}
6883 		isrc = (struct sockaddr_in6 *)(innsrcext + 1);
6884 		if (sadb_addrcheck(NULL, (mblk_t *)samsg,
6885 		    (sadb_ext_t *)inndstext, 0, ns) == KS_IN_ADDR_UNKNOWN) {
6886 			err = EINVAL;
6887 			diagnostic = SADB_X_DIAGNOSTIC_MALFORMED_INNER_DST;
6888 			goto bail;
6889 		}
6890 		idst = (struct sockaddr_in6 *)(inndstext + 1);
6891 		if (isrc->sin6_family != idst->sin6_family) {
6892 			err = EINVAL;
6893 			diagnostic = SADB_X_DIAGNOSTIC_INNER_AF_MISMATCH;
6894 			goto bail;
6895 		}
6896 		if (isrc->sin6_family != AF_INET &&
6897 		    isrc->sin6_family != AF_INET6) {
6898 			err = EINVAL;
6899 			diagnostic = SADB_X_DIAGNOSTIC_BAD_INNER_SRC_AF;
6900 			goto bail;
6901 		}
6902 	} else if (inndstext != NULL) {
6903 		err = EINVAL;
6904 		diagnostic = SADB_X_DIAGNOSTIC_MISSING_INNER_SRC;
6905 		goto bail;
6906 	}
6907 
6908 	/* Get selectors first, based on outer addresses */
6909 	err = ipsec_get_inverse_acquire_sel(&sel, srcext, dstext, &diagnostic);
6910 	if (err != 0)
6911 		goto bail;
6912 
6913 	/* Check for tunnel mode mismatches. */
6914 	if (innsrcext != NULL &&
6915 	    ((isrc->sin6_family == AF_INET &&
6916 	    sel.ips_protocol != IPPROTO_ENCAP && sel.ips_protocol != 0) ||
6917 	    (isrc->sin6_family == AF_INET6 &&
6918 	    sel.ips_protocol != IPPROTO_IPV6 && sel.ips_protocol != 0))) {
6919 		err = EPROTOTYPE;
6920 		goto bail;
6921 	}
6922 
6923 	/*
6924 	 * Okay, we have the addresses and other selector information.
6925 	 * Let's first find a conn...
6926 	 */
6927 	pp = NULL;
6928 	switch (sel.ips_protocol) {
6929 	case IPPROTO_TCP:
6930 		ipsec_tcp_pol(&sel, &pp, ipst);
6931 		break;
6932 	case IPPROTO_UDP:
6933 		ipsec_udp_pol(&sel, &pp, ipst);
6934 		break;
6935 	case IPPROTO_SCTP:
6936 		ipsec_sctp_pol(&sel, &pp, ipst);
6937 		break;
6938 	case IPPROTO_ENCAP:
6939 	case IPPROTO_IPV6:
6940 		/*
6941 		 * Assume sel.ips_remote_addr_* has the right address at
6942 		 * that exact position.
6943 		 */
6944 		itp = itp_get_byaddr((uint32_t *)(&sel.ips_local_addr_v6),
6945 		    (uint32_t *)(&sel.ips_remote_addr_v6), src->sin6_family,
6946 		    ipst);
6947 
6948 		if (innsrcext == NULL) {
6949 			/*
6950 			 * Transport-mode tunnel, make sure we fake out isel
6951 			 * to contain something based on the outer protocol.
6952 			 */
6953 			bzero(&isel, sizeof (isel));
6954 			isel.ips_isv4 = (sel.ips_protocol == IPPROTO_ENCAP);
6955 		} /* Else isel is initialized by ipsec_tun_pol(). */
6956 		err = ipsec_tun_pol(&isel, &pp, innsrcext, inndstext, itp,
6957 		    &diagnostic, ns);
6958 		/*
6959 		 * NOTE:  isel isn't used for now, but in RFC 430x IPsec, it
6960 		 * may be.
6961 		 */
6962 		if (err != 0)
6963 			goto bail;
6964 		break;
6965 	default:
6966 		ipsec_oth_pol(&sel, &pp, ipst);
6967 		break;
6968 	}
6969 
6970 	/*
6971 	 * If we didn't find a matching conn_t or other policy head, take a
6972 	 * look in the global policy.
6973 	 */
6974 	if (pp == NULL) {
6975 		pp = ipsec_find_policy(IPSEC_TYPE_OUTBOUND, NULL, NULL, &sel,
6976 		    ns);
6977 		if (pp == NULL) {
6978 			/* There's no global policy. */
6979 			err = ENOENT;
6980 			diagnostic = 0;
6981 			goto bail;
6982 		}
6983 	}
6984 
6985 	/*
6986 	 * Now that we have a policy entry/widget, construct an ACQUIRE
6987 	 * message based on that, fix fields where appropriate,
6988 	 * and return the message.
6989 	 */
6990 	retmp = sadb_extended_acquire(&sel, pp, NULL,
6991 	    (itp != NULL && (itp->itp_flags & ITPF_P_TUNNEL)),
6992 	    samsg->sadb_msg_seq, samsg->sadb_msg_pid, ns);
6993 	if (pp != NULL) {
6994 		IPPOL_REFRELE(pp, ns);
6995 	}
6996 	ASSERT(err == 0 && diagnostic == 0);
6997 	if (retmp == NULL)
6998 		err = ENOMEM;
6999 bail:
7000 	if (itp != NULL) {
7001 		ITP_REFRELE(itp, ns);
7002 	}
7003 	samsg->sadb_msg_errno = (uint8_t)err;
7004 	samsg->sadb_x_msg_diagnostic = (uint16_t)diagnostic;
7005 	return (retmp);
7006 }
7007 
7008 /*
7009  * ipsa_lpkt is a one-element queue, only manipulated by the next two
7010  * functions.  They have to hold the ipsa_lock because of potential races
7011  * between key management using SADB_UPDATE, and inbound packets that may
7012  * queue up on the larval SA (hence the 'l' in "lpkt").
7013  */
7014 
7015 /*
7016  * sadb_set_lpkt: Return TRUE if we can swap in a value to ipsa->ipsa_lpkt and
7017  * freemsg the previous value.  Return FALSE if we lost the race and the SA is
7018  * in a non-LARVAL state.  free clue: ip_drop_packet(NULL) is safe.
7019  */
7020 boolean_t
7021 sadb_set_lpkt(ipsa_t *ipsa, mblk_t *npkt, netstack_t *ns)
7022 {
7023 	mblk_t *opkt;
7024 	ipsec_stack_t	*ipss = ns->netstack_ipsec;
7025 	boolean_t is_larval;
7026 
7027 	/*
7028 	 * Check the packet's netstack id in case we go asynch with a
7029 	 * taskq_dispatch.
7030 	 */
7031 	ASSERT(((ipsec_in_t *)npkt->b_rptr)->ipsec_in_type == IPSEC_IN);
7032 	ASSERT(((ipsec_in_t *)npkt->b_rptr)->ipsec_in_stackid ==
7033 	    ns->netstack_stackid);
7034 
7035 	mutex_enter(&ipsa->ipsa_lock);
7036 	is_larval = (ipsa->ipsa_state == IPSA_STATE_LARVAL);
7037 	if (is_larval) {
7038 		opkt = ipsa->ipsa_lpkt;
7039 		ipsa->ipsa_lpkt = npkt;
7040 	} else {
7041 		/* We lost the race. */
7042 		opkt = NULL;
7043 	}
7044 	mutex_exit(&ipsa->ipsa_lock);
7045 
7046 	ip_drop_packet(opkt, B_TRUE, NULL, NULL,
7047 	    DROPPER(ipss, ipds_sadb_inlarval_replace),
7048 	    &ipss->ipsec_sadb_dropper);
7049 	return (is_larval);
7050 }
7051 
7052 /*
7053  * sadb_clear_lpkt: Atomically clear ipsa->ipsa_lpkt and return the
7054  * previous value.
7055  */
7056 mblk_t *
7057 sadb_clear_lpkt(ipsa_t *ipsa)
7058 {
7059 	mblk_t *opkt;
7060 
7061 	mutex_enter(&ipsa->ipsa_lock);
7062 	opkt = ipsa->ipsa_lpkt;
7063 	ipsa->ipsa_lpkt = NULL;
7064 	mutex_exit(&ipsa->ipsa_lock);
7065 
7066 	return (opkt);
7067 }
7068 
7069 /*
7070  * Buffer a packet that's in IDLE state as set by Solaris Clustering.
7071  */
7072 void
7073 sadb_buf_pkt(ipsa_t *ipsa, mblk_t *bpkt, netstack_t *ns)
7074 {
7075 	ipsec_stack_t   *ipss = ns->netstack_ipsec;
7076 	extern void (*cl_inet_idlesa)(netstackid_t, uint8_t, uint32_t,
7077 	    sa_family_t, in6_addr_t, in6_addr_t, void *);
7078 	in6_addr_t *srcaddr = (in6_addr_t *)(&ipsa->ipsa_srcaddr);
7079 	in6_addr_t *dstaddr = (in6_addr_t *)(&ipsa->ipsa_dstaddr);
7080 
7081 	ASSERT(ipsa->ipsa_state == IPSA_STATE_IDLE);
7082 
7083 	if (cl_inet_idlesa == NULL) {
7084 		ip_drop_packet(bpkt, B_TRUE, NULL, NULL,
7085 		    DROPPER(ipss, ipds_sadb_inidle_overflow),
7086 		    &ipss->ipsec_sadb_dropper);
7087 		return;
7088 	}
7089 
7090 	cl_inet_idlesa(ns->netstack_stackid,
7091 	    (ipsa->ipsa_type == SADB_SATYPE_AH) ? IPPROTO_AH : IPPROTO_ESP,
7092 	    ipsa->ipsa_spi, ipsa->ipsa_addrfam, *srcaddr, *dstaddr, NULL);
7093 
7094 	/*
7095 	 * Check the packet's netstack id in case we go asynch with a
7096 	 * taskq_dispatch.
7097 	 */
7098 	ASSERT(((ipsec_in_t *)bpkt->b_rptr)->ipsec_in_type == IPSEC_IN);
7099 	ASSERT(((ipsec_in_t *)bpkt->b_rptr)->ipsec_in_stackid ==
7100 	    ns->netstack_stackid);
7101 
7102 	mutex_enter(&ipsa->ipsa_lock);
7103 	ipsa->ipsa_mblkcnt++;
7104 	if (ipsa->ipsa_bpkt_head == NULL) {
7105 		ipsa->ipsa_bpkt_head = ipsa->ipsa_bpkt_tail = bpkt;
7106 	} else {
7107 		ipsa->ipsa_bpkt_tail->b_next = bpkt;
7108 		ipsa->ipsa_bpkt_tail = bpkt;
7109 		if (ipsa->ipsa_mblkcnt > SADB_MAX_IDLEPKTS) {
7110 			mblk_t *tmp;
7111 			tmp = ipsa->ipsa_bpkt_head;
7112 			ipsa->ipsa_bpkt_head = ipsa->ipsa_bpkt_head->b_next;
7113 			ip_drop_packet(tmp, B_TRUE, NULL, NULL,
7114 			    DROPPER(ipss, ipds_sadb_inidle_overflow),
7115 			    &ipss->ipsec_sadb_dropper);
7116 			ipsa->ipsa_mblkcnt --;
7117 		}
7118 	}
7119 	mutex_exit(&ipsa->ipsa_lock);
7120 
7121 }
7122 
7123 /*
7124  * Stub function that taskq_dispatch() invokes to take the mblk (in arg)
7125  * and put into STREAMS again.
7126  */
7127 void
7128 sadb_clear_buf_pkt(void *ipkt)
7129 {
7130 	mblk_t	*tmp, *buf_pkt;
7131 	netstack_t *ns;
7132 	ipsec_in_t *ii;
7133 
7134 	buf_pkt = (mblk_t *)ipkt;
7135 
7136 	ii = (ipsec_in_t *)buf_pkt->b_rptr;
7137 	ASSERT(ii->ipsec_in_type == IPSEC_IN);
7138 	ns = netstack_find_by_stackid(ii->ipsec_in_stackid);
7139 	if (ns != NULL && ns != ii->ipsec_in_ns) {
7140 		netstack_rele(ns);
7141 		ns = NULL;  /* For while-loop below. */
7142 	}
7143 
7144 	while (buf_pkt != NULL) {
7145 		tmp = buf_pkt->b_next;
7146 		buf_pkt->b_next = NULL;
7147 		if (ns != NULL)
7148 			ip_fanout_proto_again(buf_pkt, NULL, NULL, NULL);
7149 		else
7150 			freemsg(buf_pkt);
7151 		buf_pkt = tmp;
7152 	}
7153 	if (ns != NULL)
7154 		netstack_rele(ns);
7155 }
7156 /*
7157  * Walker callback used by sadb_alg_update() to free/create crypto
7158  * context template when a crypto software provider is removed or
7159  * added.
7160  */
7161 
7162 struct sadb_update_alg_state {
7163 	ipsec_algtype_t alg_type;
7164 	uint8_t alg_id;
7165 	boolean_t is_added;
7166 };
7167 
7168 static void
7169 sadb_alg_update_cb(isaf_t *head, ipsa_t *entry, void *cookie)
7170 {
7171 	struct sadb_update_alg_state *update_state =
7172 	    (struct sadb_update_alg_state *)cookie;
7173 	crypto_ctx_template_t *ctx_tmpl = NULL;
7174 
7175 	ASSERT(MUTEX_HELD(&head->isaf_lock));
7176 
7177 	if (entry->ipsa_state == IPSA_STATE_LARVAL)
7178 		return;
7179 
7180 	mutex_enter(&entry->ipsa_lock);
7181 
7182 	switch (update_state->alg_type) {
7183 	case IPSEC_ALG_AUTH:
7184 		if (entry->ipsa_auth_alg == update_state->alg_id)
7185 			ctx_tmpl = &entry->ipsa_authtmpl;
7186 		break;
7187 	case IPSEC_ALG_ENCR:
7188 		if (entry->ipsa_encr_alg == update_state->alg_id)
7189 			ctx_tmpl = &entry->ipsa_encrtmpl;
7190 		break;
7191 	default:
7192 		ctx_tmpl = NULL;
7193 	}
7194 
7195 	if (ctx_tmpl == NULL) {
7196 		mutex_exit(&entry->ipsa_lock);
7197 		return;
7198 	}
7199 
7200 	/*
7201 	 * The context template of the SA may be affected by the change
7202 	 * of crypto provider.
7203 	 */
7204 	if (update_state->is_added) {
7205 		/* create the context template if not already done */
7206 		if (*ctx_tmpl == NULL) {
7207 			(void) ipsec_create_ctx_tmpl(entry,
7208 			    update_state->alg_type);
7209 		}
7210 	} else {
7211 		/*
7212 		 * The crypto provider was removed. If the context template
7213 		 * exists but it is no longer valid, free it.
7214 		 */
7215 		if (*ctx_tmpl != NULL)
7216 			ipsec_destroy_ctx_tmpl(entry, update_state->alg_type);
7217 	}
7218 
7219 	mutex_exit(&entry->ipsa_lock);
7220 }
7221 
7222 /*
7223  * Invoked by IP when an software crypto provider has been updated.
7224  * The type and id of the corresponding algorithm is passed as argument.
7225  * is_added is B_TRUE if the provider was added, B_FALSE if it was
7226  * removed. The function updates the SADB and free/creates the
7227  * context templates associated with SAs if needed.
7228  */
7229 
7230 #define	SADB_ALG_UPDATE_WALK(sadb, table) \
7231     sadb_walker((sadb).table, (sadb).sdb_hashsize, sadb_alg_update_cb, \
7232 	&update_state)
7233 
7234 void
7235 sadb_alg_update(ipsec_algtype_t alg_type, uint8_t alg_id, boolean_t is_added,
7236     netstack_t *ns)
7237 {
7238 	struct sadb_update_alg_state update_state;
7239 	ipsecah_stack_t	*ahstack = ns->netstack_ipsecah;
7240 	ipsecesp_stack_t	*espstack = ns->netstack_ipsecesp;
7241 
7242 	update_state.alg_type = alg_type;
7243 	update_state.alg_id = alg_id;
7244 	update_state.is_added = is_added;
7245 
7246 	if (alg_type == IPSEC_ALG_AUTH) {
7247 		/* walk the AH tables only for auth. algorithm changes */
7248 		SADB_ALG_UPDATE_WALK(ahstack->ah_sadb.s_v4, sdb_of);
7249 		SADB_ALG_UPDATE_WALK(ahstack->ah_sadb.s_v4, sdb_if);
7250 		SADB_ALG_UPDATE_WALK(ahstack->ah_sadb.s_v6, sdb_of);
7251 		SADB_ALG_UPDATE_WALK(ahstack->ah_sadb.s_v6, sdb_if);
7252 	}
7253 
7254 	/* walk the ESP tables */
7255 	SADB_ALG_UPDATE_WALK(espstack->esp_sadb.s_v4, sdb_of);
7256 	SADB_ALG_UPDATE_WALK(espstack->esp_sadb.s_v4, sdb_if);
7257 	SADB_ALG_UPDATE_WALK(espstack->esp_sadb.s_v6, sdb_of);
7258 	SADB_ALG_UPDATE_WALK(espstack->esp_sadb.s_v6, sdb_if);
7259 }
7260 
7261 /*
7262  * Creates a context template for the specified SA. This function
7263  * is called when an SA is created and when a context template needs
7264  * to be created due to a change of software provider.
7265  */
7266 int
7267 ipsec_create_ctx_tmpl(ipsa_t *sa, ipsec_algtype_t alg_type)
7268 {
7269 	ipsec_alginfo_t *alg;
7270 	crypto_mechanism_t mech;
7271 	crypto_key_t *key;
7272 	crypto_ctx_template_t *sa_tmpl;
7273 	int rv;
7274 	ipsec_stack_t	*ipss = sa->ipsa_netstack->netstack_ipsec;
7275 
7276 	ASSERT(MUTEX_HELD(&ipss->ipsec_alg_lock));
7277 	ASSERT(MUTEX_HELD(&sa->ipsa_lock));
7278 
7279 	/* get pointers to the algorithm info, context template, and key */
7280 	switch (alg_type) {
7281 	case IPSEC_ALG_AUTH:
7282 		key = &sa->ipsa_kcfauthkey;
7283 		sa_tmpl = &sa->ipsa_authtmpl;
7284 		alg = ipss->ipsec_alglists[alg_type][sa->ipsa_auth_alg];
7285 		break;
7286 	case IPSEC_ALG_ENCR:
7287 		key = &sa->ipsa_kcfencrkey;
7288 		sa_tmpl = &sa->ipsa_encrtmpl;
7289 		alg = ipss->ipsec_alglists[alg_type][sa->ipsa_encr_alg];
7290 		break;
7291 	default:
7292 		alg = NULL;
7293 	}
7294 
7295 	if (alg == NULL || !ALG_VALID(alg))
7296 		return (EINVAL);
7297 
7298 	/* initialize the mech info structure for the framework */
7299 	ASSERT(alg->alg_mech_type != CRYPTO_MECHANISM_INVALID);
7300 	mech.cm_type = alg->alg_mech_type;
7301 	mech.cm_param = NULL;
7302 	mech.cm_param_len = 0;
7303 
7304 	/* create a new context template */
7305 	rv = crypto_create_ctx_template(&mech, key, sa_tmpl, KM_NOSLEEP);
7306 
7307 	/*
7308 	 * CRYPTO_MECH_NOT_SUPPORTED can be returned if only hardware
7309 	 * providers are available for that mechanism. In that case
7310 	 * we don't fail, and will generate the context template from
7311 	 * the framework callback when a software provider for that
7312 	 * mechanism registers.
7313 	 *
7314 	 * The context template is assigned the special value
7315 	 * IPSEC_CTX_TMPL_ALLOC if the allocation failed due to a
7316 	 * lack of memory. No attempt will be made to use
7317 	 * the context template if it is set to this value.
7318 	 */
7319 	if (rv == CRYPTO_HOST_MEMORY) {
7320 		*sa_tmpl = IPSEC_CTX_TMPL_ALLOC;
7321 	} else if (rv != CRYPTO_SUCCESS) {
7322 		*sa_tmpl = NULL;
7323 		if (rv != CRYPTO_MECH_NOT_SUPPORTED)
7324 			return (EINVAL);
7325 	}
7326 
7327 	return (0);
7328 }
7329 
7330 /*
7331  * Destroy the context template of the specified algorithm type
7332  * of the specified SA. Must be called while holding the SA lock.
7333  */
7334 void
7335 ipsec_destroy_ctx_tmpl(ipsa_t *sa, ipsec_algtype_t alg_type)
7336 {
7337 	ASSERT(MUTEX_HELD(&sa->ipsa_lock));
7338 
7339 	if (alg_type == IPSEC_ALG_AUTH) {
7340 		if (sa->ipsa_authtmpl == IPSEC_CTX_TMPL_ALLOC)
7341 			sa->ipsa_authtmpl = NULL;
7342 		else if (sa->ipsa_authtmpl != NULL) {
7343 			crypto_destroy_ctx_template(sa->ipsa_authtmpl);
7344 			sa->ipsa_authtmpl = NULL;
7345 		}
7346 	} else {
7347 		ASSERT(alg_type == IPSEC_ALG_ENCR);
7348 		if (sa->ipsa_encrtmpl == IPSEC_CTX_TMPL_ALLOC)
7349 			sa->ipsa_encrtmpl = NULL;
7350 		else if (sa->ipsa_encrtmpl != NULL) {
7351 			crypto_destroy_ctx_template(sa->ipsa_encrtmpl);
7352 			sa->ipsa_encrtmpl = NULL;
7353 		}
7354 	}
7355 }
7356 
7357 /*
7358  * Use the kernel crypto framework to check the validity of a key received
7359  * via keysock. Returns 0 if the key is OK, -1 otherwise.
7360  */
7361 int
7362 ipsec_check_key(crypto_mech_type_t mech_type, sadb_key_t *sadb_key,
7363     boolean_t is_auth, int *diag)
7364 {
7365 	crypto_mechanism_t mech;
7366 	crypto_key_t crypto_key;
7367 	int crypto_rc;
7368 
7369 	mech.cm_type = mech_type;
7370 	mech.cm_param = NULL;
7371 	mech.cm_param_len = 0;
7372 
7373 	crypto_key.ck_format = CRYPTO_KEY_RAW;
7374 	crypto_key.ck_data = sadb_key + 1;
7375 	crypto_key.ck_length = sadb_key->sadb_key_bits;
7376 
7377 	crypto_rc = crypto_key_check(&mech, &crypto_key);
7378 
7379 	switch (crypto_rc) {
7380 	case CRYPTO_SUCCESS:
7381 		return (0);
7382 	case CRYPTO_MECHANISM_INVALID:
7383 	case CRYPTO_MECH_NOT_SUPPORTED:
7384 		*diag = is_auth ? SADB_X_DIAGNOSTIC_BAD_AALG :
7385 		    SADB_X_DIAGNOSTIC_BAD_EALG;
7386 		break;
7387 	case CRYPTO_KEY_SIZE_RANGE:
7388 		*diag = is_auth ? SADB_X_DIAGNOSTIC_BAD_AKEYBITS :
7389 		    SADB_X_DIAGNOSTIC_BAD_EKEYBITS;
7390 		break;
7391 	case CRYPTO_WEAK_KEY:
7392 		*diag = is_auth ? SADB_X_DIAGNOSTIC_WEAK_AKEY :
7393 		    SADB_X_DIAGNOSTIC_WEAK_EKEY;
7394 		break;
7395 	}
7396 
7397 	return (-1);
7398 }
7399 /*
7400  * If this is an outgoing SA then add some fuzz to the
7401  * SOFT EXPIRE time. The reason for this is to stop
7402  * peers trying to renegotiate SOFT expiring SA's at
7403  * the same time. The amount of fuzz needs to be at
7404  * least 8 seconds which is the typical interval
7405  * sadb_ager(), although this is only a guide as it
7406  * selftunes.
7407  */
7408 void
7409 lifetime_fuzz(ipsa_t *assoc)
7410 {
7411 	uint8_t rnd;
7412 
7413 	if (assoc->ipsa_softaddlt == 0)
7414 		return;
7415 
7416 	(void) random_get_pseudo_bytes(&rnd, sizeof (rnd));
7417 	rnd = (rnd & 0xF) + 8;
7418 	assoc->ipsa_softexpiretime -= rnd;
7419 	assoc->ipsa_softaddlt -= rnd;
7420 }
7421 void
7422 destroy_ipsa_pair(ipsap_t *ipsapp)
7423 {
7424 	if (ipsapp == NULL)
7425 		return;
7426 
7427 	/*
7428 	 * Because of the multi-line macro nature of IPSA_REFRELE, keep
7429 	 * them in { }.
7430 	 */
7431 	if (ipsapp->ipsap_sa_ptr != NULL) {
7432 		IPSA_REFRELE(ipsapp->ipsap_sa_ptr);
7433 	}
7434 	if (ipsapp->ipsap_psa_ptr != NULL) {
7435 		IPSA_REFRELE(ipsapp->ipsap_psa_ptr);
7436 	}
7437 
7438 	kmem_free(ipsapp, sizeof (*ipsapp));
7439 }
7440 
7441 /*
7442  * The sadb_ager() function walks through the hash tables of SA's and ages
7443  * them, if the SA expires as a result, its marked as DEAD and will be reaped
7444  * the next time sadb_ager() runs. SA's which are paired or have a peer (same
7445  * SA appears in both the inbound and outbound tables because its not possible
7446  * to determine its direction) are placed on a list when they expire. This is
7447  * to ensure that pair/peer SA's are reaped at the same time, even if they
7448  * expire at different times.
7449  *
7450  * This function is called twice by sadb_ager(), one after processing the
7451  * inbound table, then again after processing the outbound table.
7452  */
7453 void
7454 age_pair_peer_list(templist_t *haspeerlist, sadb_t *sp, boolean_t outbound)
7455 {
7456 	templist_t *listptr;
7457 	int outhash;
7458 	isaf_t *bucket;
7459 	boolean_t haspeer;
7460 	ipsa_t *peer_assoc, *dying;
7461 	/*
7462 	 * Haspeer cases will contain both IPv4 and IPv6.  This code
7463 	 * is address independent.
7464 	 */
7465 	while (haspeerlist != NULL) {
7466 		/* "dying" contains the SA that has a peer. */
7467 		dying = haspeerlist->ipsa;
7468 		haspeer = (dying->ipsa_haspeer);
7469 		listptr = haspeerlist;
7470 		haspeerlist = listptr->next;
7471 		kmem_free(listptr, sizeof (*listptr));
7472 		/*
7473 		 * Pick peer bucket based on addrfam.
7474 		 */
7475 		if (outbound) {
7476 			if (haspeer)
7477 				bucket = INBOUND_BUCKET(sp, dying->ipsa_spi);
7478 			else
7479 				bucket = INBOUND_BUCKET(sp,
7480 				    dying->ipsa_otherspi);
7481 		} else { /* inbound */
7482 			if (haspeer) {
7483 				if (dying->ipsa_addrfam == AF_INET6) {
7484 					outhash = OUTBOUND_HASH_V6(sp,
7485 					    *((in6_addr_t *)&dying->
7486 					    ipsa_dstaddr));
7487 				} else {
7488 					outhash = OUTBOUND_HASH_V4(sp,
7489 					    *((ipaddr_t *)&dying->
7490 					    ipsa_dstaddr));
7491 				}
7492 			} else if (dying->ipsa_addrfam == AF_INET6) {
7493 				outhash = OUTBOUND_HASH_V6(sp,
7494 				    *((in6_addr_t *)&dying->
7495 				    ipsa_srcaddr));
7496 			} else {
7497 				outhash = OUTBOUND_HASH_V4(sp,
7498 				    *((ipaddr_t *)&dying->
7499 				    ipsa_srcaddr));
7500 			}
7501 		bucket = &(sp->sdb_of[outhash]);
7502 		}
7503 
7504 		mutex_enter(&bucket->isaf_lock);
7505 		/*
7506 		 * "haspeer" SA's have the same src/dst address ordering,
7507 		 * "paired" SA's have the src/dst addresses reversed.
7508 		 */
7509 		if (haspeer) {
7510 			peer_assoc = ipsec_getassocbyspi(bucket,
7511 			    dying->ipsa_spi, dying->ipsa_srcaddr,
7512 			    dying->ipsa_dstaddr, dying->ipsa_addrfam);
7513 		} else {
7514 			peer_assoc = ipsec_getassocbyspi(bucket,
7515 			    dying->ipsa_otherspi, dying->ipsa_dstaddr,
7516 			    dying->ipsa_srcaddr, dying->ipsa_addrfam);
7517 		}
7518 
7519 		mutex_exit(&bucket->isaf_lock);
7520 		if (peer_assoc != NULL) {
7521 			mutex_enter(&peer_assoc->ipsa_lock);
7522 			mutex_enter(&dying->ipsa_lock);
7523 			if (!haspeer) {
7524 				/*
7525 				 * Only SA's which have a "peer" or are
7526 				 * "paired" end up on this list, so this
7527 				 * must be a "paired" SA, update the flags
7528 				 * to break the pair.
7529 				 */
7530 				peer_assoc->ipsa_otherspi = 0;
7531 				peer_assoc->ipsa_flags &= ~IPSA_F_PAIRED;
7532 				dying->ipsa_otherspi = 0;
7533 				dying->ipsa_flags &= ~IPSA_F_PAIRED;
7534 			}
7535 			if (haspeer || outbound) {
7536 				/*
7537 				 * Update the state of the "inbound" SA when
7538 				 * the "outbound" SA has expired. Don't update
7539 				 * the "outbound" SA when the "inbound" SA
7540 				 * SA expires because setting the hard_addtime
7541 				 * below will cause this to happen.
7542 				 */
7543 				peer_assoc->ipsa_state = dying->ipsa_state;
7544 			}
7545 			if (dying->ipsa_state == IPSA_STATE_DEAD)
7546 				peer_assoc->ipsa_hardexpiretime = 1;
7547 
7548 			mutex_exit(&dying->ipsa_lock);
7549 			mutex_exit(&peer_assoc->ipsa_lock);
7550 			IPSA_REFRELE(peer_assoc);
7551 		}
7552 		IPSA_REFRELE(dying);
7553 	}
7554 }
7555 
7556 /*
7557  * Ensure that the IV used for CCM mode never repeats. The IV should
7558  * only be updated by this function. Also check to see if the IV
7559  * is about to wrap and generate a SOFT Expire. This function is only
7560  * called for outgoing packets, the IV for incomming packets is taken
7561  * from the wire. If the outgoing SA needs to be expired, update
7562  * the matching incomming SA.
7563  */
7564 boolean_t
7565 update_iv(uint8_t *iv_ptr, queue_t *pfkey_q, ipsa_t *assoc,
7566     ipsecesp_stack_t *espstack)
7567 {
7568 	boolean_t rc = B_TRUE;
7569 	isaf_t *inbound_bucket;
7570 	sadb_t *sp;
7571 	ipsa_t *pair_sa = NULL;
7572 	int sa_new_state = 0;
7573 
7574 	/* For non counter modes, the IV is random data. */
7575 	if (!(assoc->ipsa_flags & IPSA_F_COUNTERMODE)) {
7576 		(void) random_get_pseudo_bytes(iv_ptr, assoc->ipsa_iv_len);
7577 		return (rc);
7578 	}
7579 
7580 	mutex_enter(&assoc->ipsa_lock);
7581 
7582 	(*assoc->ipsa_iv)++;
7583 
7584 	if (*assoc->ipsa_iv == assoc->ipsa_iv_hardexpire) {
7585 		sa_new_state = IPSA_STATE_DEAD;
7586 		rc = B_FALSE;
7587 	} else if (*assoc->ipsa_iv == assoc->ipsa_iv_softexpire) {
7588 		if (assoc->ipsa_state != IPSA_STATE_DYING) {
7589 			/*
7590 			 * This SA may have already been expired when its
7591 			 * PAIR_SA expired.
7592 			 */
7593 			sa_new_state = IPSA_STATE_DYING;
7594 		}
7595 	}
7596 	if (sa_new_state) {
7597 		/*
7598 		 * If there is a state change, we need to update this SA
7599 		 * and its "pair", we can find the bucket for the "pair" SA
7600 		 * while holding the ipsa_t mutex, but we won't actually
7601 		 * update anything untill the ipsa_t mutex has been released
7602 		 * for _this_ SA.
7603 		 */
7604 		assoc->ipsa_state = sa_new_state;
7605 		if (assoc->ipsa_addrfam == AF_INET6) {
7606 			sp = &espstack->esp_sadb.s_v6;
7607 		} else {
7608 			sp = &espstack->esp_sadb.s_v4;
7609 		}
7610 		inbound_bucket = INBOUND_BUCKET(sp, assoc->ipsa_otherspi);
7611 		sadb_expire_assoc(pfkey_q, assoc);
7612 	}
7613 	if (rc == B_TRUE)
7614 		bcopy(assoc->ipsa_iv, iv_ptr, assoc->ipsa_iv_len);
7615 
7616 	mutex_exit(&assoc->ipsa_lock);
7617 
7618 	if (sa_new_state) {
7619 		/* Find the inbound SA, need to lock hash bucket. */
7620 		mutex_enter(&inbound_bucket->isaf_lock);
7621 		pair_sa = ipsec_getassocbyspi(inbound_bucket,
7622 		    assoc->ipsa_otherspi, assoc->ipsa_dstaddr,
7623 		    assoc->ipsa_srcaddr, assoc->ipsa_addrfam);
7624 		mutex_exit(&inbound_bucket->isaf_lock);
7625 		if (pair_sa != NULL) {
7626 			mutex_enter(&pair_sa->ipsa_lock);
7627 			pair_sa->ipsa_state = sa_new_state;
7628 			mutex_exit(&pair_sa->ipsa_lock);
7629 			IPSA_REFRELE(pair_sa);
7630 		}
7631 	}
7632 
7633 	return (rc);
7634 }
7635 
7636 void
7637 ccm_params_init(ipsa_t *assoc, uchar_t *esph, uint_t data_len, uchar_t *iv_ptr,
7638     ipsa_cm_mech_t *cm_mech, crypto_data_t *crypto_data)
7639 {
7640 	uchar_t *nonce;
7641 	crypto_mechanism_t *combined_mech;
7642 	CK_AES_CCM_PARAMS *params;
7643 
7644 	combined_mech = (crypto_mechanism_t *)cm_mech;
7645 	params = (CK_AES_CCM_PARAMS *)(combined_mech + 1);
7646 	nonce = (uchar_t *)(params + 1);
7647 	params->ulMACSize = assoc->ipsa_mac_len;
7648 	params->ulNonceSize = assoc->ipsa_nonce_len;
7649 	params->ulAuthDataSize = sizeof (esph_t);
7650 	params->ulDataSize = data_len;
7651 	params->nonce = nonce;
7652 	params->authData = esph;
7653 
7654 	cm_mech->combined_mech.cm_type = assoc->ipsa_emech.cm_type;
7655 	cm_mech->combined_mech.cm_param_len = sizeof (CK_AES_CCM_PARAMS);
7656 	cm_mech->combined_mech.cm_param = (caddr_t)params;
7657 	/* See gcm_params_init() for comments. */
7658 	bcopy(assoc->ipsa_nonce, nonce, assoc->ipsa_saltlen);
7659 	nonce += assoc->ipsa_saltlen;
7660 	bcopy(iv_ptr, nonce, assoc->ipsa_iv_len);
7661 	crypto_data->cd_miscdata = NULL;
7662 }
7663 
7664 /* ARGSUSED */
7665 void
7666 cbc_params_init(ipsa_t *assoc, uchar_t *esph, uint_t data_len, uchar_t *iv_ptr,
7667     ipsa_cm_mech_t *cm_mech, crypto_data_t *crypto_data)
7668 {
7669 	cm_mech->combined_mech.cm_type = assoc->ipsa_emech.cm_type;
7670 	cm_mech->combined_mech.cm_param_len = 0;
7671 	cm_mech->combined_mech.cm_param = NULL;
7672 	crypto_data->cd_miscdata = (char *)iv_ptr;
7673 }
7674 
7675 /* ARGSUSED */
7676 void
7677 gcm_params_init(ipsa_t *assoc, uchar_t *esph, uint_t data_len, uchar_t *iv_ptr,
7678     ipsa_cm_mech_t *cm_mech, crypto_data_t *crypto_data)
7679 {
7680 	uchar_t *nonce;
7681 	crypto_mechanism_t *combined_mech;
7682 	CK_AES_GCM_PARAMS *params;
7683 
7684 	combined_mech = (crypto_mechanism_t *)cm_mech;
7685 	params = (CK_AES_GCM_PARAMS *)(combined_mech + 1);
7686 	nonce = (uchar_t *)(params + 1);
7687 
7688 	params->pIv = nonce;
7689 	params->ulIvLen = assoc->ipsa_nonce_len;
7690 	params->ulIvBits = SADB_8TO1(assoc->ipsa_nonce_len);
7691 	params->pAAD = esph;
7692 	params->ulAADLen = sizeof (esph_t);
7693 	params->ulTagBits = SADB_8TO1(assoc->ipsa_mac_len);
7694 
7695 	cm_mech->combined_mech.cm_type = assoc->ipsa_emech.cm_type;
7696 	cm_mech->combined_mech.cm_param_len = sizeof (CK_AES_GCM_PARAMS);
7697 	cm_mech->combined_mech.cm_param = (caddr_t)params;
7698 	/*
7699 	 * Create the nonce, which is made up of the salt and the IV.
7700 	 * Copy the salt from the SA and the IV from the packet.
7701 	 * For inbound packets we copy the IV from the packet because it
7702 	 * was set by the sending system, for outbound packets we copy the IV
7703 	 * from the packet because the IV in the SA may be changed by another
7704 	 * thread, the IV in the packet was created while holding a mutex.
7705 	 */
7706 	bcopy(assoc->ipsa_nonce, nonce, assoc->ipsa_saltlen);
7707 	nonce += assoc->ipsa_saltlen;
7708 	bcopy(iv_ptr, nonce, assoc->ipsa_iv_len);
7709 	crypto_data->cd_miscdata = NULL;
7710 }
7711