4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #include <sys/types.h>
27 #include <sys/stream.h>
28 #include <sys/stropts.h>
29 #include <sys/errno.h>
30 #include <sys/strlog.h>
31 #include <sys/tihdr.h>
32 #include <sys/socket.h>
33 #include <sys/ddi.h>
34 #include <sys/sunddi.h>
35 #include <sys/kmem.h>
36 #include <sys/zone.h>
37 #include <sys/sysmacros.h>
38 #include <sys/cmn_err.h>
39 #include <sys/vtrace.h>
40 #include <sys/debug.h>
41 #include <sys/atomic.h>
42 #include <sys/strsun.h>
43 #include <sys/random.h>
78 */
79 static ipsecespparam_t lcl_param_arr[] = {
80 /* min max value name */
81 { 0, 3, 0, "ipsecesp_debug"},
82 { 125, 32000, SADB_AGE_INTERVAL_DEFAULT, "ipsecesp_age_interval"},
83 { 1, 10, 1, "ipsecesp_reap_delay"},
84 { 1, SADB_MAX_REPLAY, 64, "ipsecesp_replay_size"},
85 { 1, 300, 15, "ipsecesp_acquire_timeout"},
86 { 1, 1800, 90, "ipsecesp_larval_timeout"},
87 /* Default lifetime values for ACQUIRE messages. */
88 { 0, 0xffffffffU, 0, "ipsecesp_default_soft_bytes"},
89 { 0, 0xffffffffU, 0, "ipsecesp_default_hard_bytes"},
90 { 0, 0xffffffffU, 24000, "ipsecesp_default_soft_addtime"},
91 { 0, 0xffffffffU, 28800, "ipsecesp_default_hard_addtime"},
92 { 0, 0xffffffffU, 0, "ipsecesp_default_soft_usetime"},
93 { 0, 0xffffffffU, 0, "ipsecesp_default_hard_usetime"},
94 { 0, 1, 0, "ipsecesp_log_unknown_spi"},
95 { 0, 2, 1, "ipsecesp_padding_check"},
96 { 0, 600, 20, "ipsecesp_nat_keepalive_interval"},
97 };
98 #define ipsecesp_debug ipsecesp_params[0].ipsecesp_param_value
99 #define ipsecesp_age_interval ipsecesp_params[1].ipsecesp_param_value
100 #define ipsecesp_age_int_max ipsecesp_params[1].ipsecesp_param_max
101 #define ipsecesp_reap_delay ipsecesp_params[2].ipsecesp_param_value
102 #define ipsecesp_replay_size ipsecesp_params[3].ipsecesp_param_value
103 #define ipsecesp_acquire_timeout \
104 ipsecesp_params[4].ipsecesp_param_value
105 #define ipsecesp_larval_timeout \
106 ipsecesp_params[5].ipsecesp_param_value
107 #define ipsecesp_default_soft_bytes \
108 ipsecesp_params[6].ipsecesp_param_value
109 #define ipsecesp_default_hard_bytes \
110 ipsecesp_params[7].ipsecesp_param_value
111 #define ipsecesp_default_soft_addtime \
112 ipsecesp_params[8].ipsecesp_param_value
113 #define ipsecesp_default_hard_addtime \
114 ipsecesp_params[9].ipsecesp_param_value
115 #define ipsecesp_default_soft_usetime \
116 ipsecesp_params[10].ipsecesp_param_value
117 #define ipsecesp_default_hard_usetime \
118 ipsecesp_params[11].ipsecesp_param_value
119 #define ipsecesp_log_unknown_spi \
120 ipsecesp_params[12].ipsecesp_param_value
121 #define ipsecesp_padding_check \
122 ipsecesp_params[13].ipsecesp_param_value
123 /* For ipsecesp_nat_keepalive_interval, see ipsecesp.h. */
124
125 #define esp0dbg(a) printf a
126 /* NOTE: != 0 instead of > 0 so lint doesn't complain. */
127 #define esp1dbg(espstack, a) if (espstack->ipsecesp_debug != 0) printf a
128 #define esp2dbg(espstack, a) if (espstack->ipsecesp_debug > 1) printf a
129 #define esp3dbg(espstack, a) if (espstack->ipsecesp_debug > 2) printf a
130
131 static int ipsecesp_open(queue_t *, dev_t *, int, int, cred_t *);
132 static int ipsecesp_close(queue_t *);
133 static void ipsecesp_wput(queue_t *, mblk_t *);
134 static void *ipsecesp_stack_init(netstackid_t stackid, netstack_t *ns);
135 static void ipsecesp_stack_fini(netstackid_t stackid, void *arg);
136 static void esp_send_acquire(ipsacq_t *, mblk_t *, netstack_t *);
137
138 static void esp_prepare_udp(netstack_t *, mblk_t *, ipha_t *);
139 static void esp_outbound_finish(mblk_t *, ip_xmit_attr_t *);
140 static void esp_inbound_restart(mblk_t *, ip_recv_attr_t *);
141
142 static boolean_t esp_register_out(uint32_t, uint32_t, uint_t,
143 ipsecesp_stack_t *, cred_t *);
144 static boolean_t esp_strip_header(mblk_t *, boolean_t, uint32_t,
145 kstat_named_t **, ipsecesp_stack_t *);
146 static mblk_t *esp_submit_req_inbound(mblk_t *, ip_recv_attr_t *,
147 ipsa_t *, uint_t);
148 static mblk_t *esp_submit_req_outbound(mblk_t *, ip_xmit_attr_t *,
149 ipsa_t *, uchar_t *, uint_t);
150
151 /* Setable in /etc/system */
152 uint32_t esp_hash_size = IPSEC_DEFAULT_HASH_SIZE;
153
154 static struct module_info info = {
155 5137, "ipsecesp", 0, INFPSZ, 65536, 1024
156 };
164 (pfi_t)ipsecesp_wput, NULL, ipsecesp_open, ipsecesp_close, NULL, &info,
165 NULL
166 };
167
168 struct streamtab ipsecespinfo = {
169 &rinit, &winit, NULL, NULL
170 };
171
172 static taskq_t *esp_taskq;
173
174 /*
175 * OTOH, this one is set at open/close, and I'm D_MTQPAIR for now.
176 *
177 * Question: Do I need this, given that all instance's esps->esps_wq point
178 * to IP?
179 *
180 * Answer: Yes, because I need to know which queue is BOUND to
181 * IPPROTO_ESP
182 */
183
184 /*
185 * Stats. This may eventually become a full-blown SNMP MIB once that spec
186 * stabilizes.
187 */
188
189 typedef struct esp_kstats_s {
190 kstat_named_t esp_stat_num_aalgs;
191 kstat_named_t esp_stat_good_auth;
192 kstat_named_t esp_stat_bad_auth;
193 kstat_named_t esp_stat_bad_padding;
194 kstat_named_t esp_stat_replay_failures;
195 kstat_named_t esp_stat_replay_early_failures;
196 kstat_named_t esp_stat_keysock_in;
197 kstat_named_t esp_stat_out_requests;
198 kstat_named_t esp_stat_acquire_requests;
199 kstat_named_t esp_stat_bytes_expired;
200 kstat_named_t esp_stat_out_discards;
201 kstat_named_t esp_stat_crypto_sync;
202 kstat_named_t esp_stat_crypto_async;
203 kstat_named_t esp_stat_crypto_failures;
204 kstat_named_t esp_stat_num_ealgs;
205 kstat_named_t esp_stat_bad_decrypt;
206 kstat_named_t esp_stat_sa_port_renumbers;
207 } esp_kstats_t;
208
209 /*
210 * espstack->esp_kstats is equal to espstack->esp_ksp->ks_data if
211 * kstat_create_netstack for espstack->esp_ksp succeeds, but when it
212 * fails, it will be NULL. Note this is done for all stack instances,
213 * so it *could* fail. hence a non-NULL checking is done for
214 * ESP_BUMP_STAT and ESP_DEBUMP_STAT
215 */
216 #define ESP_BUMP_STAT(espstack, x) \
217 do { \
218 if (espstack->esp_kstats != NULL) \
219 (espstack->esp_kstats->esp_stat_ ## x).value.ui64++; \
220 _NOTE(CONSTCOND) \
221 } while (0)
222
223 #define ESP_DEBUMP_STAT(espstack, x) \
224 do { \
225 if (espstack->esp_kstats != NULL) \
226 (espstack->esp_kstats->esp_stat_ ## x).value.ui64--; \
227 _NOTE(CONSTCOND) \
228 } while (0)
229
230 static int esp_kstat_update(kstat_t *, int);
231
232 static boolean_t
233 esp_kstat_init(ipsecesp_stack_t *espstack, netstackid_t stackid)
234 {
235 espstack->esp_ksp = kstat_create_netstack("ipsecesp", 0, "esp_stat",
236 "net", KSTAT_TYPE_NAMED,
237 sizeof (esp_kstats_t) / sizeof (kstat_named_t),
238 KSTAT_FLAG_PERSISTENT, stackid);
239
240 if (espstack->esp_ksp == NULL || espstack->esp_ksp->ks_data == NULL)
241 return (B_FALSE);
242
243 espstack->esp_kstats = espstack->esp_ksp->ks_data;
244
245 espstack->esp_ksp->ks_update = esp_kstat_update;
246 espstack->esp_ksp->ks_private = (void *)(uintptr_t)stackid;
247
248 #define K64 KSTAT_DATA_UINT64
249 #define KI(x) kstat_named_init(&(espstack->esp_kstats->esp_stat_##x), #x, K64)
281 netstackid_t stackid = (zoneid_t)(uintptr_t)kp->ks_private;
282 netstack_t *ns;
283 ipsec_stack_t *ipss;
284
285 if ((kp == NULL) || (kp->ks_data == NULL))
286 return (EIO);
287
288 if (rw == KSTAT_WRITE)
289 return (EACCES);
290
291 ns = netstack_find_by_stackid(stackid);
292 if (ns == NULL)
293 return (-1);
294 ipss = ns->netstack_ipsec;
295 if (ipss == NULL) {
296 netstack_rele(ns);
297 return (-1);
298 }
299 ekp = (esp_kstats_t *)kp->ks_data;
300
301 mutex_enter(&ipss->ipsec_alg_lock);
302 ekp->esp_stat_num_aalgs.value.ui64 =
303 ipss->ipsec_nalgs[IPSEC_ALG_AUTH];
304 ekp->esp_stat_num_ealgs.value.ui64 =
305 ipss->ipsec_nalgs[IPSEC_ALG_ENCR];
306 mutex_exit(&ipss->ipsec_alg_lock);
307
308 netstack_rele(ns);
309 return (0);
310 }
311
312 #ifdef DEBUG
313 /*
314 * Debug routine, useful to see pre-encryption data.
315 */
316 static char *
317 dump_msg(mblk_t *mp)
318 {
319 char tmp_str[3], tmp_line[256];
320
321 while (mp != NULL) {
322 unsigned char *ptr;
323
324 printf("mblk address 0x%p, length %ld, db_ref %d "
325 "type %d, base 0x%p, lim 0x%p\n",
326 (void *) mp, (long)(mp->b_wptr - mp->b_rptr),
486 * Walk through the param array specified registering each element with the
487 * named dispatch handler.
488 */
489 static boolean_t
490 ipsecesp_param_register(IDP *ndp, ipsecespparam_t *espp, int cnt)
491 {
492 for (; cnt-- > 0; espp++) {
493 if (espp->ipsecesp_param_name != NULL &&
494 espp->ipsecesp_param_name[0]) {
495 if (!nd_load(ndp,
496 espp->ipsecesp_param_name,
497 ipsecesp_param_get, ipsecesp_param_set,
498 (caddr_t)espp)) {
499 nd_free(ndp);
500 return (B_FALSE);
501 }
502 }
503 }
504 return (B_TRUE);
505 }
506 /*
507 * Initialize things for ESP for each stack instance
508 */
509 static void *
510 ipsecesp_stack_init(netstackid_t stackid, netstack_t *ns)
511 {
512 ipsecesp_stack_t *espstack;
513 ipsecespparam_t *espp;
514
515 espstack = (ipsecesp_stack_t *)kmem_zalloc(sizeof (*espstack),
516 KM_SLEEP);
517 espstack->ipsecesp_netstack = ns;
518
519 espp = (ipsecespparam_t *)kmem_alloc(sizeof (lcl_param_arr), KM_SLEEP);
520 espstack->ipsecesp_params = espp;
521 bcopy(lcl_param_arr, espp, sizeof (lcl_param_arr));
522
523 (void) ipsecesp_param_register(&espstack->ipsecesp_g_nd, espp,
524 A_CNT(lcl_param_arr));
525
526 (void) esp_kstat_init(espstack, stackid);
527
528 espstack->esp_sadb.s_acquire_timeout =
529 &espstack->ipsecesp_acquire_timeout;
530 espstack->esp_sadb.s_acqfn = esp_send_acquire;
531 sadbp_init("ESP", &espstack->esp_sadb, SADB_SATYPE_ESP, esp_hash_size,
532 espstack->ipsecesp_netstack);
533
534 mutex_init(&espstack->ipsecesp_param_lock, NULL, MUTEX_DEFAULT, 0);
535
536 ip_drop_register(&espstack->esp_dropper, "IPsec ESP");
537 return (espstack);
538 }
539
540 /*
541 * Destroy things for ESP at module unload time.
542 */
543 void
544 ipsecesp_ddi_destroy(void)
545 {
546 netstack_unregister(NS_IPSECESP);
547 taskq_destroy(esp_taskq);
548 }
549
550 /*
551 * Destroy things for ESP for one stack instance
552 */
553 static void
554 ipsecesp_stack_fini(netstackid_t stackid, void *arg)
555 {
556 ipsecesp_stack_t *espstack = (ipsecesp_stack_t *)arg;
557
558 if (espstack->esp_pfkey_q != NULL) {
559 (void) quntimeout(espstack->esp_pfkey_q, espstack->esp_event);
560 }
561 espstack->esp_sadb.s_acqfn = NULL;
562 espstack->esp_sadb.s_acquire_timeout = NULL;
563 sadbp_destroy(&espstack->esp_sadb, espstack->ipsecesp_netstack);
564 ip_drop_unregister(&espstack->esp_dropper);
565 mutex_destroy(&espstack->ipsecesp_param_lock);
566 nd_free(&espstack->ipsecesp_g_nd);
567
568 kmem_free(espstack->ipsecesp_params, sizeof (lcl_param_arr));
569 espstack->ipsecesp_params = NULL;
570 kstat_delete_netstack(espstack->esp_ksp, stackid);
571 espstack->esp_ksp = NULL;
572 espstack->esp_kstats = NULL;
573 kmem_free(espstack, sizeof (*espstack));
574 }
575
576 /*
577 * ESP module open routine, which is here for keysock plumbing.
578 * Keysock is pushed over {AH,ESP} which is an artifact from the Bad Old
579 * Days of export control, and fears that ESP would not be allowed
580 * to be shipped at all by default. Eventually, keysock should
581 * either access AH and ESP via modstubs or krtld dependencies, or
1164
1165 /*
1166 * Adjust the IP header's payload length to reflect the removal
1167 * of the ICV.
1168 */
1169 if (!(ira->ira_flags & IRAF_IS_IPV4)) {
1170 ip6_t *ip6h = (ip6_t *)data_mp->b_rptr;
1171 ip6h->ip6_plen = htons(ntohs(ip6h->ip6_plen) -
1172 ipsa->ipsa_mac_len);
1173 } else {
1174 ipha_t *ipha = (ipha_t *)data_mp->b_rptr;
1175 ipha->ipha_length = htons(ntohs(ipha->ipha_length) -
1176 ipsa->ipsa_mac_len);
1177 }
1178
1179 /* submit the request to the crypto framework */
1180 return (esp_submit_req_inbound(data_mp, ira, ipsa,
1181 (uint8_t *)esph - data_mp->b_rptr));
1182 }
1183
1184 /*
1185 * Perform the really difficult work of inserting the proposed situation.
1186 * Called while holding the algorithm lock.
1187 */
1188 static void
1189 esp_insert_prop(sadb_prop_t *prop, ipsacq_t *acqrec, uint_t combs,
1190 netstack_t *ns)
1191 {
1192 sadb_comb_t *comb = (sadb_comb_t *)(prop + 1);
1193 ipsec_action_t *ap;
1194 ipsec_prot_t *prot;
1195 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
1196 ipsec_stack_t *ipss = ns->netstack_ipsec;
1197
1198 ASSERT(MUTEX_HELD(&ipss->ipsec_alg_lock));
1199
1200 prop->sadb_prop_exttype = SADB_EXT_PROPOSAL;
1201 prop->sadb_prop_len = SADB_8TO64(sizeof (sadb_prop_t));
1202 *(uint32_t *)(&prop->sadb_prop_replay) = 0; /* Quick zero-out! */
1203
1204 prop->sadb_prop_replay = espstack->ipsecesp_replay_size;
1205
1206 /*
1207 * Based upon algorithm properties, and what-not, prioritize a
1208 * proposal, based on the ordering of the ESP algorithms in the
1209 * alternatives in the policy rule or socket that was placed
1210 * in the acquire record.
1211 *
1212 * For each action in policy list
1213 * Add combination. If I've hit limit, return.
1214 */
1215
1216 for (ap = acqrec->ipsacq_act; ap != NULL;
1217 ap = ap->ipa_next) {
1218 ipsec_alginfo_t *ealg = NULL;
1219 ipsec_alginfo_t *aalg = NULL;
1220
1221 if (ap->ipa_act.ipa_type != IPSEC_POLICY_APPLY)
1222 continue;
1223
1224 prot = &ap->ipa_act.ipa_apply;
1225
1226 if (!(prot->ipp_use_esp))
1227 continue;
1228
1229 if (prot->ipp_esp_auth_alg != 0) {
1230 aalg = ipss->ipsec_alglists[IPSEC_ALG_AUTH]
1231 [prot->ipp_esp_auth_alg];
1232 if (aalg == NULL || !ALG_VALID(aalg))
1233 continue;
1234 }
1235
1236 ASSERT(prot->ipp_encr_alg > 0);
1237 ealg = ipss->ipsec_alglists[IPSEC_ALG_ENCR]
1238 [prot->ipp_encr_alg];
1239 if (ealg == NULL || !ALG_VALID(ealg))
1240 continue;
1241
1242 comb->sadb_comb_flags = 0;
1243 comb->sadb_comb_reserved = 0;
1244 comb->sadb_comb_encrypt = ealg->alg_id;
1245 comb->sadb_comb_encrypt_minbits =
1246 MAX(prot->ipp_espe_minbits, ealg->alg_ef_minbits);
1247 comb->sadb_comb_encrypt_maxbits =
1248 MIN(prot->ipp_espe_maxbits, ealg->alg_ef_maxbits);
1249
1250 if (aalg == NULL) {
1251 comb->sadb_comb_auth = 0;
1252 comb->sadb_comb_auth_minbits = 0;
1253 comb->sadb_comb_auth_maxbits = 0;
1254 } else {
1255 comb->sadb_comb_auth = aalg->alg_id;
1256 comb->sadb_comb_auth_minbits =
1257 MAX(prot->ipp_espa_minbits, aalg->alg_ef_minbits);
1258 comb->sadb_comb_auth_maxbits =
1259 MIN(prot->ipp_espa_maxbits, aalg->alg_ef_maxbits);
1260 }
1261
1262 /*
1263 * The following may be based on algorithm
1264 * properties, but in the meantime, we just pick
1265 * some good, sensible numbers. Key mgmt. can
1266 * (and perhaps should) be the place to finalize
1267 * such decisions.
1268 */
1269
1270 /*
1271 * No limits on allocations, since we really don't
1272 * support that concept currently.
1273 */
1274 comb->sadb_comb_soft_allocations = 0;
1275 comb->sadb_comb_hard_allocations = 0;
1276
1277 /*
1278 * These may want to come from policy rule..
1279 */
1280 comb->sadb_comb_soft_bytes =
1281 espstack->ipsecesp_default_soft_bytes;
1282 comb->sadb_comb_hard_bytes =
1283 espstack->ipsecesp_default_hard_bytes;
1284 comb->sadb_comb_soft_addtime =
1285 espstack->ipsecesp_default_soft_addtime;
1286 comb->sadb_comb_hard_addtime =
1287 espstack->ipsecesp_default_hard_addtime;
1288 comb->sadb_comb_soft_usetime =
1289 espstack->ipsecesp_default_soft_usetime;
1290 comb->sadb_comb_hard_usetime =
1291 espstack->ipsecesp_default_hard_usetime;
1292
1293 prop->sadb_prop_len += SADB_8TO64(sizeof (*comb));
1294 if (--combs == 0)
1295 break; /* out of space.. */
1296 comb++;
1297 }
1298 }
1299
1300 /*
1301 * Prepare and actually send the SADB_ACQUIRE message to PF_KEY.
1302 */
1303 static void
1304 esp_send_acquire(ipsacq_t *acqrec, mblk_t *extended, netstack_t *ns)
1305 {
1306 uint_t combs;
1307 sadb_msg_t *samsg;
1308 sadb_prop_t *prop;
1309 mblk_t *pfkeymp, *msgmp;
1310 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
1311 ipsec_stack_t *ipss = ns->netstack_ipsec;
1312
1313 ESP_BUMP_STAT(espstack, acquire_requests);
1314
1315 if (espstack->esp_pfkey_q == NULL) {
1316 mutex_exit(&acqrec->ipsacq_lock);
1317 return;
1318 }
1319
1320 /* Set up ACQUIRE. */
1321 pfkeymp = sadb_setup_acquire(acqrec, SADB_SATYPE_ESP,
1322 ns->netstack_ipsec);
1323 if (pfkeymp == NULL) {
1324 esp0dbg(("sadb_setup_acquire failed.\n"));
1325 mutex_exit(&acqrec->ipsacq_lock);
1326 return;
1327 }
1328 ASSERT(MUTEX_HELD(&ipss->ipsec_alg_lock));
1329 combs = ipss->ipsec_nalgs[IPSEC_ALG_AUTH] *
1330 ipss->ipsec_nalgs[IPSEC_ALG_ENCR];
1331 msgmp = pfkeymp->b_cont;
1332 samsg = (sadb_msg_t *)(msgmp->b_rptr);
1333
1334 /* Insert proposal here. */
1335
1336 prop = (sadb_prop_t *)(((uint64_t *)samsg) + samsg->sadb_msg_len);
1337 esp_insert_prop(prop, acqrec, combs, ns);
1338 samsg->sadb_msg_len += prop->sadb_prop_len;
1339 msgmp->b_wptr += SADB_64TO8(samsg->sadb_msg_len);
1340
1341 mutex_exit(&ipss->ipsec_alg_lock);
1342
1343 /*
1344 * Must mutex_exit() before sending PF_KEY message up, in
1345 * order to avoid recursive mutex_enter() if there are no registered
1346 * listeners.
1347 *
1348 * Once I've sent the message, I'm cool anyway.
1349 */
1350 mutex_exit(&acqrec->ipsacq_lock);
1351 if (extended != NULL) {
1352 putnext(espstack->esp_pfkey_q, extended);
1353 }
1354 putnext(espstack->esp_pfkey_q, pfkeymp);
1355 }
1356
1357 /* XXX refactor me */
1358 /*
1359 * Handle the SADB_GETSPI message. Create a larval SA.
1360 */
1361 static void
1362 esp_getspi(mblk_t *mp, keysock_in_t *ksi, ipsecesp_stack_t *espstack)
1363 {
1364 ipsa_t *newbie, *target;
1365 isaf_t *outbound, *inbound;
1366 int rc, diagnostic;
1367 sadb_sa_t *assoc;
1368 keysock_out_t *kso;
1369 uint32_t newspi;
1370
1371 /*
1372 * Randomly generate a proposed SPI value
1373 */
1374 if (cl_inet_getspi != NULL) {
1375 cl_inet_getspi(espstack->ipsecesp_netstack->netstack_stackid,
1376 IPPROTO_ESP, (uint8_t *)&newspi, sizeof (uint32_t), NULL);
3026
3027 /* Allocate the KEYSOCK_OUT. */
3028 keysock_out_mp = sadb_keysock_out(serial);
3029 if (keysock_out_mp == NULL) {
3030 esp0dbg(("esp_register_out: couldn't allocate mblk.\n"));
3031 return (B_FALSE);
3032 }
3033
3034 if (is_system_labeled() && (cr != NULL)) {
3035 sens_tsl = crgetlabel(cr);
3036 if (sens_tsl != NULL) {
3037 sens_len = sadb_sens_len_from_label(sens_tsl);
3038 allocsize += sens_len;
3039 }
3040 }
3041
3042 /*
3043 * Allocate the PF_KEY message that follows KEYSOCK_OUT.
3044 */
3045
3046 mutex_enter(&ipss->ipsec_alg_lock);
3047 /*
3048 * Fill SADB_REGISTER message's algorithm descriptors. Hold
3049 * down the lock while filling it.
3050 *
3051 * Return only valid algorithms, so the number of algorithms
3052 * to send up may be less than the number of algorithm entries
3053 * in the table.
3054 */
3055 authalgs = ipss->ipsec_alglists[IPSEC_ALG_AUTH];
3056 for (num_aalgs = 0, i = 0; i < IPSEC_MAX_ALGS; i++)
3057 if (authalgs[i] != NULL && ALG_VALID(authalgs[i]))
3058 num_aalgs++;
3059
3060 if (num_aalgs != 0) {
3061 allocsize += (num_aalgs * sizeof (*saalg));
3062 allocsize += sizeof (*sasupp_auth);
3063 }
3064 encralgs = ipss->ipsec_alglists[IPSEC_ALG_ENCR];
3065 for (num_ealgs = 0, i = 0; i < IPSEC_MAX_ALGS; i++)
3066 if (encralgs[i] != NULL && ALG_VALID(encralgs[i]))
3067 num_ealgs++;
3068
3069 if (num_ealgs != 0) {
3070 allocsize += (num_ealgs * sizeof (*saalg));
3071 allocsize += sizeof (*sasupp_encr);
3072 }
3073 keysock_out_mp->b_cont = allocb(allocsize, BPRI_HI);
3074 if (keysock_out_mp->b_cont == NULL) {
3075 mutex_exit(&ipss->ipsec_alg_lock);
3076 freemsg(keysock_out_mp);
3077 return (B_FALSE);
3078 }
3079 pfkey_msg_mp = keysock_out_mp->b_cont;
3080 pfkey_msg_mp->b_wptr += allocsize;
3081
3082 nextext = (sadb_ext_t *)(pfkey_msg_mp->b_rptr + sizeof (*samsg));
3083
3084 if (num_aalgs != 0) {
3085 sasupp_auth = (sadb_supported_t *)nextext;
3086 saalg = (sadb_alg_t *)(sasupp_auth + 1);
3087
3088 ASSERT(((ulong_t)saalg & 0x7) == 0);
3089
3090 numalgs_snap = 0;
3091 for (i = 0;
3092 ((i < IPSEC_MAX_ALGS) && (numalgs_snap < num_aalgs));
3093 i++) {
3094 if (authalgs[i] == NULL || !ALG_VALID(authalgs[i]))
3095 continue;
3149 }
3150 ASSERT(numalgs_snap == num_ealgs);
3151 #ifdef DEBUG
3152 /*
3153 * Reality check to make sure I snagged all of the
3154 * algorithms.
3155 */
3156 for (; i < IPSEC_MAX_ALGS; i++) {
3157 if (encralgs[i] != NULL && ALG_VALID(encralgs[i])) {
3158 cmn_err(CE_PANIC, "esp_register_out()! "
3159 "Missed ealg #%d.\n", i);
3160 }
3161 }
3162 #endif /* DEBUG */
3163 nextext = (sadb_ext_t *)saalg;
3164 }
3165
3166 current_aalgs = num_aalgs;
3167 current_ealgs = num_ealgs;
3168
3169 mutex_exit(&ipss->ipsec_alg_lock);
3170
3171 if (sens_tsl != NULL) {
3172 sens = (sadb_sens_t *)nextext;
3173 sadb_sens_from_label(sens, SADB_EXT_SENSITIVITY,
3174 sens_tsl, sens_len);
3175
3176 nextext = (sadb_ext_t *)(((uint8_t *)sens) + sens_len);
3177 }
3178
3179 /* Now fill the rest of the SADB_REGISTER message. */
3180
3181 samsg = (sadb_msg_t *)pfkey_msg_mp->b_rptr;
3182 samsg->sadb_msg_version = PF_KEY_V2;
3183 samsg->sadb_msg_type = SADB_REGISTER;
3184 samsg->sadb_msg_errno = 0;
3185 samsg->sadb_msg_satype = SADB_SATYPE_ESP;
3186 samsg->sadb_msg_len = SADB_8TO64(allocsize);
3187 samsg->sadb_msg_reserved = 0;
3188 /*
3189 * Assume caller has sufficient sequence/pid number info. If it's one
3674 !IN6_IS_ADDR_V4MAPPED(&natt_rem6->sin6_addr)) {
3675 *diagnostic = SADB_X_DIAGNOSTIC_MALFORMED_NATT_REM;
3676 return (EINVAL);
3677 }
3678 }
3679
3680
3681 /* Stuff I don't support, for now. XXX Diagnostic? */
3682 if (ksi->ks_in_extv[SADB_EXT_LIFETIME_CURRENT] != NULL)
3683 return (EOPNOTSUPP);
3684
3685 if ((*diagnostic = sadb_labelchk(ksi)) != 0)
3686 return (EINVAL);
3687
3688 /*
3689 * XXX Policy : I'm not checking identities at this time,
3690 * but if I did, I'd do them here, before I sent
3691 * the weak key check up to the algorithm.
3692 */
3693
3694 mutex_enter(&ipss->ipsec_alg_lock);
3695
3696 /*
3697 * First locate the authentication algorithm.
3698 */
3699 #ifdef IPSEC_LATENCY_TEST
3700 if (akey != NULL && assoc->sadb_sa_auth != SADB_AALG_NONE) {
3701 #else
3702 if (akey != NULL) {
3703 #endif
3704 ipsec_alginfo_t *aalg;
3705
3706 aalg = ipss->ipsec_alglists[IPSEC_ALG_AUTH]
3707 [assoc->sadb_sa_auth];
3708 if (aalg == NULL || !ALG_VALID(aalg)) {
3709 mutex_exit(&ipss->ipsec_alg_lock);
3710 esp1dbg(espstack, ("Couldn't find auth alg #%d.\n",
3711 assoc->sadb_sa_auth));
3712 *diagnostic = SADB_X_DIAGNOSTIC_BAD_AALG;
3713 return (EINVAL);
3714 }
3715
3716 /*
3717 * Sanity check key sizes.
3718 * Note: It's not possible to use SADB_AALG_NONE because
3719 * this auth_alg is not defined with ALG_FLAG_VALID. If this
3720 * ever changes, the same check for SADB_AALG_NONE and
3721 * a auth_key != NULL should be made here ( see below).
3722 */
3723 if (!ipsec_valid_key_size(akey->sadb_key_bits, aalg)) {
3724 mutex_exit(&ipss->ipsec_alg_lock);
3725 *diagnostic = SADB_X_DIAGNOSTIC_BAD_AKEYBITS;
3726 return (EINVAL);
3727 }
3728 ASSERT(aalg->alg_mech_type != CRYPTO_MECHANISM_INVALID);
3729
3730 /* check key and fix parity if needed */
3731 if (ipsec_check_key(aalg->alg_mech_type, akey, B_TRUE,
3732 diagnostic) != 0) {
3733 mutex_exit(&ipss->ipsec_alg_lock);
3734 return (EINVAL);
3735 }
3736 }
3737
3738 /*
3739 * Then locate the encryption algorithm.
3740 */
3741 if (ekey != NULL) {
3742 uint_t keybits;
3743 ipsec_alginfo_t *ealg;
3744
3745 ealg = ipss->ipsec_alglists[IPSEC_ALG_ENCR]
3746 [assoc->sadb_sa_encrypt];
3747 if (ealg == NULL || !ALG_VALID(ealg)) {
3748 mutex_exit(&ipss->ipsec_alg_lock);
3749 esp1dbg(espstack, ("Couldn't find encr alg #%d.\n",
3750 assoc->sadb_sa_encrypt));
3751 *diagnostic = SADB_X_DIAGNOSTIC_BAD_EALG;
3752 return (EINVAL);
3753 }
3754
3755 /*
3756 * Sanity check key sizes. If the encryption algorithm is
3757 * SADB_EALG_NULL but the encryption key is NOT
3758 * NULL then complain.
3759 *
3760 * The keying material includes salt bits if required by
3761 * algorithm and optionally the Initial IV, check the
3762 * length of whats left.
3763 */
3764 keybits = ekey->sadb_key_bits;
3765 keybits -= ekey->sadb_key_reserved;
3766 keybits -= SADB_8TO1(ealg->alg_saltlen);
3767 if ((assoc->sadb_sa_encrypt == SADB_EALG_NULL) ||
3768 (!ipsec_valid_key_size(keybits, ealg))) {
3769 mutex_exit(&ipss->ipsec_alg_lock);
3770 *diagnostic = SADB_X_DIAGNOSTIC_BAD_EKEYBITS;
3771 return (EINVAL);
3772 }
3773 ASSERT(ealg->alg_mech_type != CRYPTO_MECHANISM_INVALID);
3774
3775 /* check key */
3776 if (ipsec_check_key(ealg->alg_mech_type, ekey, B_FALSE,
3777 diagnostic) != 0) {
3778 mutex_exit(&ipss->ipsec_alg_lock);
3779 return (EINVAL);
3780 }
3781 }
3782 mutex_exit(&ipss->ipsec_alg_lock);
3783
3784 return (esp_add_sa_finish(mp, (sadb_msg_t *)mp->b_cont->b_rptr, ksi,
3785 diagnostic, espstack));
3786 }
3787
3788 /*
3789 * Update a security association. Updates come in two varieties. The first
3790 * is an update of lifetimes on a non-larval SA. The second is an update of
3791 * a larval SA, which ends up looking a lot more like an add.
3792 */
3793 static int
3794 esp_update_sa(mblk_t *mp, keysock_in_t *ksi, int *diagnostic,
3795 ipsecesp_stack_t *espstack, uint8_t sadb_msg_type)
3796 {
3797 sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
3798 mblk_t *buf_pkt;
3799 int rcode;
3800
3801 sadb_address_t *dstext =
3802 (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
|
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 * Copyright (c) 2012 Nexenta Systems, Inc. All rights reserved.
25 */
26
27 #include <sys/types.h>
28 #include <sys/stream.h>
29 #include <sys/stropts.h>
30 #include <sys/errno.h>
31 #include <sys/strlog.h>
32 #include <sys/tihdr.h>
33 #include <sys/socket.h>
34 #include <sys/ddi.h>
35 #include <sys/sunddi.h>
36 #include <sys/kmem.h>
37 #include <sys/zone.h>
38 #include <sys/sysmacros.h>
39 #include <sys/cmn_err.h>
40 #include <sys/vtrace.h>
41 #include <sys/debug.h>
42 #include <sys/atomic.h>
43 #include <sys/strsun.h>
44 #include <sys/random.h>
79 */
80 static ipsecespparam_t lcl_param_arr[] = {
81 /* min max value name */
82 { 0, 3, 0, "ipsecesp_debug"},
83 { 125, 32000, SADB_AGE_INTERVAL_DEFAULT, "ipsecesp_age_interval"},
84 { 1, 10, 1, "ipsecesp_reap_delay"},
85 { 1, SADB_MAX_REPLAY, 64, "ipsecesp_replay_size"},
86 { 1, 300, 15, "ipsecesp_acquire_timeout"},
87 { 1, 1800, 90, "ipsecesp_larval_timeout"},
88 /* Default lifetime values for ACQUIRE messages. */
89 { 0, 0xffffffffU, 0, "ipsecesp_default_soft_bytes"},
90 { 0, 0xffffffffU, 0, "ipsecesp_default_hard_bytes"},
91 { 0, 0xffffffffU, 24000, "ipsecesp_default_soft_addtime"},
92 { 0, 0xffffffffU, 28800, "ipsecesp_default_hard_addtime"},
93 { 0, 0xffffffffU, 0, "ipsecesp_default_soft_usetime"},
94 { 0, 0xffffffffU, 0, "ipsecesp_default_hard_usetime"},
95 { 0, 1, 0, "ipsecesp_log_unknown_spi"},
96 { 0, 2, 1, "ipsecesp_padding_check"},
97 { 0, 600, 20, "ipsecesp_nat_keepalive_interval"},
98 };
99 /* For ipsecesp_nat_keepalive_interval, see ipsecesp.h. */
100
101 #define esp0dbg(a) printf a
102 /* NOTE: != 0 instead of > 0 so lint doesn't complain. */
103 #define esp1dbg(espstack, a) if (espstack->ipsecesp_debug != 0) printf a
104 #define esp2dbg(espstack, a) if (espstack->ipsecesp_debug > 1) printf a
105 #define esp3dbg(espstack, a) if (espstack->ipsecesp_debug > 2) printf a
106
107 static int ipsecesp_open(queue_t *, dev_t *, int, int, cred_t *);
108 static int ipsecesp_close(queue_t *);
109 static void ipsecesp_wput(queue_t *, mblk_t *);
110 static void *ipsecesp_stack_init(netstackid_t stackid, netstack_t *ns);
111 static void ipsecesp_stack_fini(netstackid_t stackid, void *arg);
112
113 static void esp_prepare_udp(netstack_t *, mblk_t *, ipha_t *);
114 static void esp_outbound_finish(mblk_t *, ip_xmit_attr_t *);
115 static void esp_inbound_restart(mblk_t *, ip_recv_attr_t *);
116
117 static boolean_t esp_register_out(uint32_t, uint32_t, uint_t,
118 ipsecesp_stack_t *, cred_t *);
119 static boolean_t esp_strip_header(mblk_t *, boolean_t, uint32_t,
120 kstat_named_t **, ipsecesp_stack_t *);
121 static mblk_t *esp_submit_req_inbound(mblk_t *, ip_recv_attr_t *,
122 ipsa_t *, uint_t);
123 static mblk_t *esp_submit_req_outbound(mblk_t *, ip_xmit_attr_t *,
124 ipsa_t *, uchar_t *, uint_t);
125
126 /* Setable in /etc/system */
127 uint32_t esp_hash_size = IPSEC_DEFAULT_HASH_SIZE;
128
129 static struct module_info info = {
130 5137, "ipsecesp", 0, INFPSZ, 65536, 1024
131 };
139 (pfi_t)ipsecesp_wput, NULL, ipsecesp_open, ipsecesp_close, NULL, &info,
140 NULL
141 };
142
143 struct streamtab ipsecespinfo = {
144 &rinit, &winit, NULL, NULL
145 };
146
147 static taskq_t *esp_taskq;
148
149 /*
150 * OTOH, this one is set at open/close, and I'm D_MTQPAIR for now.
151 *
152 * Question: Do I need this, given that all instance's esps->esps_wq point
153 * to IP?
154 *
155 * Answer: Yes, because I need to know which queue is BOUND to
156 * IPPROTO_ESP
157 */
158
159 static int esp_kstat_update(kstat_t *, int);
160
161 static boolean_t
162 esp_kstat_init(ipsecesp_stack_t *espstack, netstackid_t stackid)
163 {
164 espstack->esp_ksp = kstat_create_netstack("ipsecesp", 0, "esp_stat",
165 "net", KSTAT_TYPE_NAMED,
166 sizeof (esp_kstats_t) / sizeof (kstat_named_t),
167 KSTAT_FLAG_PERSISTENT, stackid);
168
169 if (espstack->esp_ksp == NULL || espstack->esp_ksp->ks_data == NULL)
170 return (B_FALSE);
171
172 espstack->esp_kstats = espstack->esp_ksp->ks_data;
173
174 espstack->esp_ksp->ks_update = esp_kstat_update;
175 espstack->esp_ksp->ks_private = (void *)(uintptr_t)stackid;
176
177 #define K64 KSTAT_DATA_UINT64
178 #define KI(x) kstat_named_init(&(espstack->esp_kstats->esp_stat_##x), #x, K64)
210 netstackid_t stackid = (zoneid_t)(uintptr_t)kp->ks_private;
211 netstack_t *ns;
212 ipsec_stack_t *ipss;
213
214 if ((kp == NULL) || (kp->ks_data == NULL))
215 return (EIO);
216
217 if (rw == KSTAT_WRITE)
218 return (EACCES);
219
220 ns = netstack_find_by_stackid(stackid);
221 if (ns == NULL)
222 return (-1);
223 ipss = ns->netstack_ipsec;
224 if (ipss == NULL) {
225 netstack_rele(ns);
226 return (-1);
227 }
228 ekp = (esp_kstats_t *)kp->ks_data;
229
230 rw_enter(&ipss->ipsec_alg_lock, RW_READER);
231 ekp->esp_stat_num_aalgs.value.ui64 =
232 ipss->ipsec_nalgs[IPSEC_ALG_AUTH];
233 ekp->esp_stat_num_ealgs.value.ui64 =
234 ipss->ipsec_nalgs[IPSEC_ALG_ENCR];
235 rw_exit(&ipss->ipsec_alg_lock);
236
237 netstack_rele(ns);
238 return (0);
239 }
240
241 #ifdef DEBUG
242 /*
243 * Debug routine, useful to see pre-encryption data.
244 */
245 static char *
246 dump_msg(mblk_t *mp)
247 {
248 char tmp_str[3], tmp_line[256];
249
250 while (mp != NULL) {
251 unsigned char *ptr;
252
253 printf("mblk address 0x%p, length %ld, db_ref %d "
254 "type %d, base 0x%p, lim 0x%p\n",
255 (void *) mp, (long)(mp->b_wptr - mp->b_rptr),
415 * Walk through the param array specified registering each element with the
416 * named dispatch handler.
417 */
418 static boolean_t
419 ipsecesp_param_register(IDP *ndp, ipsecespparam_t *espp, int cnt)
420 {
421 for (; cnt-- > 0; espp++) {
422 if (espp->ipsecesp_param_name != NULL &&
423 espp->ipsecesp_param_name[0]) {
424 if (!nd_load(ndp,
425 espp->ipsecesp_param_name,
426 ipsecesp_param_get, ipsecesp_param_set,
427 (caddr_t)espp)) {
428 nd_free(ndp);
429 return (B_FALSE);
430 }
431 }
432 }
433 return (B_TRUE);
434 }
435
436 /*
437 * Initialize things for ESP for each stack instance
438 */
439 static void *
440 ipsecesp_stack_init(netstackid_t stackid, netstack_t *ns)
441 {
442 ipsecesp_stack_t *espstack;
443 ipsecespparam_t *espp;
444
445 espstack = (ipsecesp_stack_t *)kmem_zalloc(sizeof (*espstack),
446 KM_SLEEP);
447 espstack->ipsecesp_netstack = ns;
448
449 espp = (ipsecespparam_t *)kmem_alloc(sizeof (lcl_param_arr), KM_SLEEP);
450 espstack->ipsecesp_params = espp;
451 bcopy(lcl_param_arr, espp, sizeof (lcl_param_arr));
452
453 (void) ipsecesp_param_register(&espstack->ipsecesp_g_nd, espp,
454 A_CNT(lcl_param_arr));
455
456 (void) esp_kstat_init(espstack, stackid);
457
458 espstack->esp_sadb.s_acquire_timeout =
459 &espstack->ipsecesp_acquire_timeout;
460 sadbp_init("ESP", &espstack->esp_sadb, SADB_SATYPE_ESP, esp_hash_size,
461 espstack->ipsecesp_netstack);
462
463 mutex_init(&espstack->ipsecesp_param_lock, NULL, MUTEX_DEFAULT, 0);
464
465 ip_drop_register(&espstack->esp_dropper, "IPsec ESP");
466 return (espstack);
467 }
468
469 /*
470 * Destroy things for ESP at module unload time.
471 */
472 void
473 ipsecesp_ddi_destroy(void)
474 {
475 netstack_unregister(NS_IPSECESP);
476 taskq_destroy(esp_taskq);
477 }
478
479 /*
480 * Destroy things for ESP for one stack instance
481 */
482 static void
483 ipsecesp_stack_fini(netstackid_t stackid, void *arg)
484 {
485 ipsecesp_stack_t *espstack = (ipsecesp_stack_t *)arg;
486
487 if (espstack->esp_pfkey_q != NULL) {
488 (void) quntimeout(espstack->esp_pfkey_q, espstack->esp_event);
489 }
490 espstack->esp_sadb.s_acquire_timeout = NULL;
491 sadbp_destroy(&espstack->esp_sadb, espstack->ipsecesp_netstack);
492 ip_drop_unregister(&espstack->esp_dropper);
493 mutex_destroy(&espstack->ipsecesp_param_lock);
494 nd_free(&espstack->ipsecesp_g_nd);
495
496 kmem_free(espstack->ipsecesp_params, sizeof (lcl_param_arr));
497 espstack->ipsecesp_params = NULL;
498 kstat_delete_netstack(espstack->esp_ksp, stackid);
499 espstack->esp_ksp = NULL;
500 espstack->esp_kstats = NULL;
501 kmem_free(espstack, sizeof (*espstack));
502 }
503
504 /*
505 * ESP module open routine, which is here for keysock plumbing.
506 * Keysock is pushed over {AH,ESP} which is an artifact from the Bad Old
507 * Days of export control, and fears that ESP would not be allowed
508 * to be shipped at all by default. Eventually, keysock should
509 * either access AH and ESP via modstubs or krtld dependencies, or
1092
1093 /*
1094 * Adjust the IP header's payload length to reflect the removal
1095 * of the ICV.
1096 */
1097 if (!(ira->ira_flags & IRAF_IS_IPV4)) {
1098 ip6_t *ip6h = (ip6_t *)data_mp->b_rptr;
1099 ip6h->ip6_plen = htons(ntohs(ip6h->ip6_plen) -
1100 ipsa->ipsa_mac_len);
1101 } else {
1102 ipha_t *ipha = (ipha_t *)data_mp->b_rptr;
1103 ipha->ipha_length = htons(ntohs(ipha->ipha_length) -
1104 ipsa->ipsa_mac_len);
1105 }
1106
1107 /* submit the request to the crypto framework */
1108 return (esp_submit_req_inbound(data_mp, ira, ipsa,
1109 (uint8_t *)esph - data_mp->b_rptr));
1110 }
1111
1112 /* XXX refactor me */
1113 /*
1114 * Handle the SADB_GETSPI message. Create a larval SA.
1115 */
1116 static void
1117 esp_getspi(mblk_t *mp, keysock_in_t *ksi, ipsecesp_stack_t *espstack)
1118 {
1119 ipsa_t *newbie, *target;
1120 isaf_t *outbound, *inbound;
1121 int rc, diagnostic;
1122 sadb_sa_t *assoc;
1123 keysock_out_t *kso;
1124 uint32_t newspi;
1125
1126 /*
1127 * Randomly generate a proposed SPI value
1128 */
1129 if (cl_inet_getspi != NULL) {
1130 cl_inet_getspi(espstack->ipsecesp_netstack->netstack_stackid,
1131 IPPROTO_ESP, (uint8_t *)&newspi, sizeof (uint32_t), NULL);
2781
2782 /* Allocate the KEYSOCK_OUT. */
2783 keysock_out_mp = sadb_keysock_out(serial);
2784 if (keysock_out_mp == NULL) {
2785 esp0dbg(("esp_register_out: couldn't allocate mblk.\n"));
2786 return (B_FALSE);
2787 }
2788
2789 if (is_system_labeled() && (cr != NULL)) {
2790 sens_tsl = crgetlabel(cr);
2791 if (sens_tsl != NULL) {
2792 sens_len = sadb_sens_len_from_label(sens_tsl);
2793 allocsize += sens_len;
2794 }
2795 }
2796
2797 /*
2798 * Allocate the PF_KEY message that follows KEYSOCK_OUT.
2799 */
2800
2801 rw_enter(&ipss->ipsec_alg_lock, RW_READER);
2802 /*
2803 * Fill SADB_REGISTER message's algorithm descriptors. Hold
2804 * down the lock while filling it.
2805 *
2806 * Return only valid algorithms, so the number of algorithms
2807 * to send up may be less than the number of algorithm entries
2808 * in the table.
2809 */
2810 authalgs = ipss->ipsec_alglists[IPSEC_ALG_AUTH];
2811 for (num_aalgs = 0, i = 0; i < IPSEC_MAX_ALGS; i++)
2812 if (authalgs[i] != NULL && ALG_VALID(authalgs[i]))
2813 num_aalgs++;
2814
2815 if (num_aalgs != 0) {
2816 allocsize += (num_aalgs * sizeof (*saalg));
2817 allocsize += sizeof (*sasupp_auth);
2818 }
2819 encralgs = ipss->ipsec_alglists[IPSEC_ALG_ENCR];
2820 for (num_ealgs = 0, i = 0; i < IPSEC_MAX_ALGS; i++)
2821 if (encralgs[i] != NULL && ALG_VALID(encralgs[i]))
2822 num_ealgs++;
2823
2824 if (num_ealgs != 0) {
2825 allocsize += (num_ealgs * sizeof (*saalg));
2826 allocsize += sizeof (*sasupp_encr);
2827 }
2828 keysock_out_mp->b_cont = allocb(allocsize, BPRI_HI);
2829 if (keysock_out_mp->b_cont == NULL) {
2830 rw_exit(&ipss->ipsec_alg_lock);
2831 freemsg(keysock_out_mp);
2832 return (B_FALSE);
2833 }
2834 pfkey_msg_mp = keysock_out_mp->b_cont;
2835 pfkey_msg_mp->b_wptr += allocsize;
2836
2837 nextext = (sadb_ext_t *)(pfkey_msg_mp->b_rptr + sizeof (*samsg));
2838
2839 if (num_aalgs != 0) {
2840 sasupp_auth = (sadb_supported_t *)nextext;
2841 saalg = (sadb_alg_t *)(sasupp_auth + 1);
2842
2843 ASSERT(((ulong_t)saalg & 0x7) == 0);
2844
2845 numalgs_snap = 0;
2846 for (i = 0;
2847 ((i < IPSEC_MAX_ALGS) && (numalgs_snap < num_aalgs));
2848 i++) {
2849 if (authalgs[i] == NULL || !ALG_VALID(authalgs[i]))
2850 continue;
2904 }
2905 ASSERT(numalgs_snap == num_ealgs);
2906 #ifdef DEBUG
2907 /*
2908 * Reality check to make sure I snagged all of the
2909 * algorithms.
2910 */
2911 for (; i < IPSEC_MAX_ALGS; i++) {
2912 if (encralgs[i] != NULL && ALG_VALID(encralgs[i])) {
2913 cmn_err(CE_PANIC, "esp_register_out()! "
2914 "Missed ealg #%d.\n", i);
2915 }
2916 }
2917 #endif /* DEBUG */
2918 nextext = (sadb_ext_t *)saalg;
2919 }
2920
2921 current_aalgs = num_aalgs;
2922 current_ealgs = num_ealgs;
2923
2924 rw_exit(&ipss->ipsec_alg_lock);
2925
2926 if (sens_tsl != NULL) {
2927 sens = (sadb_sens_t *)nextext;
2928 sadb_sens_from_label(sens, SADB_EXT_SENSITIVITY,
2929 sens_tsl, sens_len);
2930
2931 nextext = (sadb_ext_t *)(((uint8_t *)sens) + sens_len);
2932 }
2933
2934 /* Now fill the rest of the SADB_REGISTER message. */
2935
2936 samsg = (sadb_msg_t *)pfkey_msg_mp->b_rptr;
2937 samsg->sadb_msg_version = PF_KEY_V2;
2938 samsg->sadb_msg_type = SADB_REGISTER;
2939 samsg->sadb_msg_errno = 0;
2940 samsg->sadb_msg_satype = SADB_SATYPE_ESP;
2941 samsg->sadb_msg_len = SADB_8TO64(allocsize);
2942 samsg->sadb_msg_reserved = 0;
2943 /*
2944 * Assume caller has sufficient sequence/pid number info. If it's one
3429 !IN6_IS_ADDR_V4MAPPED(&natt_rem6->sin6_addr)) {
3430 *diagnostic = SADB_X_DIAGNOSTIC_MALFORMED_NATT_REM;
3431 return (EINVAL);
3432 }
3433 }
3434
3435
3436 /* Stuff I don't support, for now. XXX Diagnostic? */
3437 if (ksi->ks_in_extv[SADB_EXT_LIFETIME_CURRENT] != NULL)
3438 return (EOPNOTSUPP);
3439
3440 if ((*diagnostic = sadb_labelchk(ksi)) != 0)
3441 return (EINVAL);
3442
3443 /*
3444 * XXX Policy : I'm not checking identities at this time,
3445 * but if I did, I'd do them here, before I sent
3446 * the weak key check up to the algorithm.
3447 */
3448
3449 rw_enter(&ipss->ipsec_alg_lock, RW_READER);
3450
3451 /*
3452 * First locate the authentication algorithm.
3453 */
3454 #ifdef IPSEC_LATENCY_TEST
3455 if (akey != NULL && assoc->sadb_sa_auth != SADB_AALG_NONE) {
3456 #else
3457 if (akey != NULL) {
3458 #endif
3459 ipsec_alginfo_t *aalg;
3460
3461 aalg = ipss->ipsec_alglists[IPSEC_ALG_AUTH]
3462 [assoc->sadb_sa_auth];
3463 if (aalg == NULL || !ALG_VALID(aalg)) {
3464 rw_exit(&ipss->ipsec_alg_lock);
3465 esp1dbg(espstack, ("Couldn't find auth alg #%d.\n",
3466 assoc->sadb_sa_auth));
3467 *diagnostic = SADB_X_DIAGNOSTIC_BAD_AALG;
3468 return (EINVAL);
3469 }
3470
3471 /*
3472 * Sanity check key sizes.
3473 * Note: It's not possible to use SADB_AALG_NONE because
3474 * this auth_alg is not defined with ALG_FLAG_VALID. If this
3475 * ever changes, the same check for SADB_AALG_NONE and
3476 * a auth_key != NULL should be made here ( see below).
3477 */
3478 if (!ipsec_valid_key_size(akey->sadb_key_bits, aalg)) {
3479 rw_exit(&ipss->ipsec_alg_lock);
3480 *diagnostic = SADB_X_DIAGNOSTIC_BAD_AKEYBITS;
3481 return (EINVAL);
3482 }
3483 ASSERT(aalg->alg_mech_type != CRYPTO_MECHANISM_INVALID);
3484
3485 /* check key and fix parity if needed */
3486 if (ipsec_check_key(aalg->alg_mech_type, akey, B_TRUE,
3487 diagnostic) != 0) {
3488 rw_exit(&ipss->ipsec_alg_lock);
3489 return (EINVAL);
3490 }
3491 }
3492
3493 /*
3494 * Then locate the encryption algorithm.
3495 */
3496 if (ekey != NULL) {
3497 uint_t keybits;
3498 ipsec_alginfo_t *ealg;
3499
3500 ealg = ipss->ipsec_alglists[IPSEC_ALG_ENCR]
3501 [assoc->sadb_sa_encrypt];
3502 if (ealg == NULL || !ALG_VALID(ealg)) {
3503 rw_exit(&ipss->ipsec_alg_lock);
3504 esp1dbg(espstack, ("Couldn't find encr alg #%d.\n",
3505 assoc->sadb_sa_encrypt));
3506 *diagnostic = SADB_X_DIAGNOSTIC_BAD_EALG;
3507 return (EINVAL);
3508 }
3509
3510 /*
3511 * Sanity check key sizes. If the encryption algorithm is
3512 * SADB_EALG_NULL but the encryption key is NOT
3513 * NULL then complain.
3514 *
3515 * The keying material includes salt bits if required by
3516 * algorithm and optionally the Initial IV, check the
3517 * length of whats left.
3518 */
3519 keybits = ekey->sadb_key_bits;
3520 keybits -= ekey->sadb_key_reserved;
3521 keybits -= SADB_8TO1(ealg->alg_saltlen);
3522 if ((assoc->sadb_sa_encrypt == SADB_EALG_NULL) ||
3523 (!ipsec_valid_key_size(keybits, ealg))) {
3524 rw_exit(&ipss->ipsec_alg_lock);
3525 *diagnostic = SADB_X_DIAGNOSTIC_BAD_EKEYBITS;
3526 return (EINVAL);
3527 }
3528 ASSERT(ealg->alg_mech_type != CRYPTO_MECHANISM_INVALID);
3529
3530 /* check key */
3531 if (ipsec_check_key(ealg->alg_mech_type, ekey, B_FALSE,
3532 diagnostic) != 0) {
3533 rw_exit(&ipss->ipsec_alg_lock);
3534 return (EINVAL);
3535 }
3536 }
3537 rw_exit(&ipss->ipsec_alg_lock);
3538
3539 return (esp_add_sa_finish(mp, (sadb_msg_t *)mp->b_cont->b_rptr, ksi,
3540 diagnostic, espstack));
3541 }
3542
3543 /*
3544 * Update a security association. Updates come in two varieties. The first
3545 * is an update of lifetimes on a non-larval SA. The second is an update of
3546 * a larval SA, which ends up looking a lot more like an add.
3547 */
3548 static int
3549 esp_update_sa(mblk_t *mp, keysock_in_t *ksi, int *diagnostic,
3550 ipsecesp_stack_t *espstack, uint8_t sadb_msg_type)
3551 {
3552 sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
3553 mblk_t *buf_pkt;
3554 int rcode;
3555
3556 sadb_address_t *dstext =
3557 (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
|