Print this page
8529 Extended and regular SADB_ACQUIREs should share address extension code
Portions contributed by: Bayard Bell <buffer.g.overflow@gmail.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/inet/ip/ipsecesp.c
+++ new/usr/src/uts/common/inet/ip/ipsecesp.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
|
↓ open down ↓ |
13 lines elided |
↑ open up ↑ |
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
23 23 * Use is subject to license terms.
24 + * Copyright (c) 2012 Nexenta Systems, Inc. All rights reserved.
25 + * Copyright (c) 2017 Joyent, Inc.
24 26 */
25 27
26 28 #include <sys/types.h>
27 29 #include <sys/stream.h>
28 30 #include <sys/stropts.h>
29 31 #include <sys/errno.h>
30 32 #include <sys/strlog.h>
31 33 #include <sys/tihdr.h>
32 34 #include <sys/socket.h>
33 35 #include <sys/ddi.h>
34 36 #include <sys/sunddi.h>
35 37 #include <sys/kmem.h>
36 38 #include <sys/zone.h>
37 39 #include <sys/sysmacros.h>
38 40 #include <sys/cmn_err.h>
39 41 #include <sys/vtrace.h>
40 42 #include <sys/debug.h>
41 43 #include <sys/atomic.h>
42 44 #include <sys/strsun.h>
43 45 #include <sys/random.h>
44 46 #include <netinet/in.h>
45 47 #include <net/if.h>
46 48 #include <netinet/ip6.h>
47 49 #include <net/pfkeyv2.h>
48 50 #include <net/pfpolicy.h>
49 51
50 52 #include <inet/common.h>
51 53 #include <inet/mi.h>
52 54 #include <inet/nd.h>
53 55 #include <inet/ip.h>
54 56 #include <inet/ip_impl.h>
55 57 #include <inet/ip6.h>
56 58 #include <inet/ip_if.h>
57 59 #include <inet/ip_ndp.h>
58 60 #include <inet/sadb.h>
59 61 #include <inet/ipsec_info.h>
60 62 #include <inet/ipsec_impl.h>
61 63 #include <inet/ipsecesp.h>
62 64 #include <inet/ipdrop.h>
63 65 #include <inet/tcp.h>
64 66 #include <sys/kstat.h>
65 67 #include <sys/policy.h>
66 68 #include <sys/strsun.h>
67 69 #include <sys/strsubr.h>
68 70 #include <inet/udp_impl.h>
69 71 #include <sys/taskq.h>
70 72 #include <sys/note.h>
71 73
72 74 #include <sys/tsol/tnet.h>
73 75
74 76 /*
75 77 * Table of ND variables supported by ipsecesp. These are loaded into
76 78 * ipsecesp_g_nd in ipsecesp_init_nd.
77 79 * All of these are alterable, within the min/max values given, at run time.
78 80 */
79 81 static ipsecespparam_t lcl_param_arr[] = {
80 82 /* min max value name */
81 83 { 0, 3, 0, "ipsecesp_debug"},
82 84 { 125, 32000, SADB_AGE_INTERVAL_DEFAULT, "ipsecesp_age_interval"},
83 85 { 1, 10, 1, "ipsecesp_reap_delay"},
84 86 { 1, SADB_MAX_REPLAY, 64, "ipsecesp_replay_size"},
85 87 { 1, 300, 15, "ipsecesp_acquire_timeout"},
86 88 { 1, 1800, 90, "ipsecesp_larval_timeout"},
87 89 /* Default lifetime values for ACQUIRE messages. */
|
↓ open down ↓ |
54 lines elided |
↑ open up ↑ |
88 90 { 0, 0xffffffffU, 0, "ipsecesp_default_soft_bytes"},
89 91 { 0, 0xffffffffU, 0, "ipsecesp_default_hard_bytes"},
90 92 { 0, 0xffffffffU, 24000, "ipsecesp_default_soft_addtime"},
91 93 { 0, 0xffffffffU, 28800, "ipsecesp_default_hard_addtime"},
92 94 { 0, 0xffffffffU, 0, "ipsecesp_default_soft_usetime"},
93 95 { 0, 0xffffffffU, 0, "ipsecesp_default_hard_usetime"},
94 96 { 0, 1, 0, "ipsecesp_log_unknown_spi"},
95 97 { 0, 2, 1, "ipsecesp_padding_check"},
96 98 { 0, 600, 20, "ipsecesp_nat_keepalive_interval"},
97 99 };
98 -#define ipsecesp_debug ipsecesp_params[0].ipsecesp_param_value
99 -#define ipsecesp_age_interval ipsecesp_params[1].ipsecesp_param_value
100 -#define ipsecesp_age_int_max ipsecesp_params[1].ipsecesp_param_max
101 -#define ipsecesp_reap_delay ipsecesp_params[2].ipsecesp_param_value
102 -#define ipsecesp_replay_size ipsecesp_params[3].ipsecesp_param_value
103 -#define ipsecesp_acquire_timeout \
104 - ipsecesp_params[4].ipsecesp_param_value
105 -#define ipsecesp_larval_timeout \
106 - ipsecesp_params[5].ipsecesp_param_value
107 -#define ipsecesp_default_soft_bytes \
108 - ipsecesp_params[6].ipsecesp_param_value
109 -#define ipsecesp_default_hard_bytes \
110 - ipsecesp_params[7].ipsecesp_param_value
111 -#define ipsecesp_default_soft_addtime \
112 - ipsecesp_params[8].ipsecesp_param_value
113 -#define ipsecesp_default_hard_addtime \
114 - ipsecesp_params[9].ipsecesp_param_value
115 -#define ipsecesp_default_soft_usetime \
116 - ipsecesp_params[10].ipsecesp_param_value
117 -#define ipsecesp_default_hard_usetime \
118 - ipsecesp_params[11].ipsecesp_param_value
119 -#define ipsecesp_log_unknown_spi \
120 - ipsecesp_params[12].ipsecesp_param_value
121 -#define ipsecesp_padding_check \
122 - ipsecesp_params[13].ipsecesp_param_value
123 100 /* For ipsecesp_nat_keepalive_interval, see ipsecesp.h. */
124 101
125 102 #define esp0dbg(a) printf a
126 103 /* NOTE: != 0 instead of > 0 so lint doesn't complain. */
127 104 #define esp1dbg(espstack, a) if (espstack->ipsecesp_debug != 0) printf a
128 105 #define esp2dbg(espstack, a) if (espstack->ipsecesp_debug > 1) printf a
129 106 #define esp3dbg(espstack, a) if (espstack->ipsecesp_debug > 2) printf a
130 107
131 108 static int ipsecesp_open(queue_t *, dev_t *, int, int, cred_t *);
132 109 static int ipsecesp_close(queue_t *);
133 110 static void ipsecesp_wput(queue_t *, mblk_t *);
134 111 static void *ipsecesp_stack_init(netstackid_t stackid, netstack_t *ns);
135 112 static void ipsecesp_stack_fini(netstackid_t stackid, void *arg);
136 -static void esp_send_acquire(ipsacq_t *, mblk_t *, netstack_t *);
137 113
138 114 static void esp_prepare_udp(netstack_t *, mblk_t *, ipha_t *);
139 115 static void esp_outbound_finish(mblk_t *, ip_xmit_attr_t *);
140 116 static void esp_inbound_restart(mblk_t *, ip_recv_attr_t *);
141 117
142 118 static boolean_t esp_register_out(uint32_t, uint32_t, uint_t,
143 119 ipsecesp_stack_t *, cred_t *);
144 120 static boolean_t esp_strip_header(mblk_t *, boolean_t, uint32_t,
145 121 kstat_named_t **, ipsecesp_stack_t *);
146 122 static mblk_t *esp_submit_req_inbound(mblk_t *, ip_recv_attr_t *,
147 123 ipsa_t *, uint_t);
148 124 static mblk_t *esp_submit_req_outbound(mblk_t *, ip_xmit_attr_t *,
149 125 ipsa_t *, uchar_t *, uint_t);
150 126
151 127 /* Setable in /etc/system */
152 128 uint32_t esp_hash_size = IPSEC_DEFAULT_HASH_SIZE;
153 129
154 130 static struct module_info info = {
155 131 5137, "ipsecesp", 0, INFPSZ, 65536, 1024
156 132 };
157 133
158 134 static struct qinit rinit = {
159 135 (pfi_t)putnext, NULL, ipsecesp_open, ipsecesp_close, NULL, &info,
160 136 NULL
161 137 };
162 138
163 139 static struct qinit winit = {
164 140 (pfi_t)ipsecesp_wput, NULL, ipsecesp_open, ipsecesp_close, NULL, &info,
165 141 NULL
166 142 };
167 143
168 144 struct streamtab ipsecespinfo = {
169 145 &rinit, &winit, NULL, NULL
170 146 };
171 147
172 148 static taskq_t *esp_taskq;
173 149
|
↓ open down ↓ |
27 lines elided |
↑ open up ↑ |
174 150 /*
175 151 * OTOH, this one is set at open/close, and I'm D_MTQPAIR for now.
176 152 *
177 153 * Question: Do I need this, given that all instance's esps->esps_wq point
178 154 * to IP?
179 155 *
180 156 * Answer: Yes, because I need to know which queue is BOUND to
181 157 * IPPROTO_ESP
182 158 */
183 159
184 -/*
185 - * Stats. This may eventually become a full-blown SNMP MIB once that spec
186 - * stabilizes.
187 - */
188 -
189 -typedef struct esp_kstats_s {
190 - kstat_named_t esp_stat_num_aalgs;
191 - kstat_named_t esp_stat_good_auth;
192 - kstat_named_t esp_stat_bad_auth;
193 - kstat_named_t esp_stat_bad_padding;
194 - kstat_named_t esp_stat_replay_failures;
195 - kstat_named_t esp_stat_replay_early_failures;
196 - kstat_named_t esp_stat_keysock_in;
197 - kstat_named_t esp_stat_out_requests;
198 - kstat_named_t esp_stat_acquire_requests;
199 - kstat_named_t esp_stat_bytes_expired;
200 - kstat_named_t esp_stat_out_discards;
201 - kstat_named_t esp_stat_crypto_sync;
202 - kstat_named_t esp_stat_crypto_async;
203 - kstat_named_t esp_stat_crypto_failures;
204 - kstat_named_t esp_stat_num_ealgs;
205 - kstat_named_t esp_stat_bad_decrypt;
206 - kstat_named_t esp_stat_sa_port_renumbers;
207 -} esp_kstats_t;
208 -
209 -/*
210 - * espstack->esp_kstats is equal to espstack->esp_ksp->ks_data if
211 - * kstat_create_netstack for espstack->esp_ksp succeeds, but when it
212 - * fails, it will be NULL. Note this is done for all stack instances,
213 - * so it *could* fail. hence a non-NULL checking is done for
214 - * ESP_BUMP_STAT and ESP_DEBUMP_STAT
215 - */
216 -#define ESP_BUMP_STAT(espstack, x) \
217 -do { \
218 - if (espstack->esp_kstats != NULL) \
219 - (espstack->esp_kstats->esp_stat_ ## x).value.ui64++; \
220 -_NOTE(CONSTCOND) \
221 -} while (0)
222 -
223 -#define ESP_DEBUMP_STAT(espstack, x) \
224 -do { \
225 - if (espstack->esp_kstats != NULL) \
226 - (espstack->esp_kstats->esp_stat_ ## x).value.ui64--; \
227 -_NOTE(CONSTCOND) \
228 -} while (0)
229 -
230 160 static int esp_kstat_update(kstat_t *, int);
231 161
232 162 static boolean_t
233 163 esp_kstat_init(ipsecesp_stack_t *espstack, netstackid_t stackid)
234 164 {
235 165 espstack->esp_ksp = kstat_create_netstack("ipsecesp", 0, "esp_stat",
236 166 "net", KSTAT_TYPE_NAMED,
237 167 sizeof (esp_kstats_t) / sizeof (kstat_named_t),
238 168 KSTAT_FLAG_PERSISTENT, stackid);
239 169
240 170 if (espstack->esp_ksp == NULL || espstack->esp_ksp->ks_data == NULL)
241 171 return (B_FALSE);
242 172
243 173 espstack->esp_kstats = espstack->esp_ksp->ks_data;
244 174
245 175 espstack->esp_ksp->ks_update = esp_kstat_update;
246 176 espstack->esp_ksp->ks_private = (void *)(uintptr_t)stackid;
247 177
248 178 #define K64 KSTAT_DATA_UINT64
249 179 #define KI(x) kstat_named_init(&(espstack->esp_kstats->esp_stat_##x), #x, K64)
250 180
251 181 KI(num_aalgs);
252 182 KI(num_ealgs);
253 183 KI(good_auth);
254 184 KI(bad_auth);
255 185 KI(bad_padding);
256 186 KI(replay_failures);
257 187 KI(replay_early_failures);
258 188 KI(keysock_in);
259 189 KI(out_requests);
260 190 KI(acquire_requests);
261 191 KI(bytes_expired);
262 192 KI(out_discards);
263 193 KI(crypto_sync);
264 194 KI(crypto_async);
265 195 KI(crypto_failures);
266 196 KI(bad_decrypt);
267 197 KI(sa_port_renumbers);
268 198
269 199 #undef KI
270 200 #undef K64
271 201
272 202 kstat_install(espstack->esp_ksp);
273 203
274 204 return (B_TRUE);
275 205 }
276 206
277 207 static int
278 208 esp_kstat_update(kstat_t *kp, int rw)
279 209 {
280 210 esp_kstats_t *ekp;
281 211 netstackid_t stackid = (zoneid_t)(uintptr_t)kp->ks_private;
282 212 netstack_t *ns;
283 213 ipsec_stack_t *ipss;
284 214
285 215 if ((kp == NULL) || (kp->ks_data == NULL))
286 216 return (EIO);
287 217
288 218 if (rw == KSTAT_WRITE)
289 219 return (EACCES);
290 220
291 221 ns = netstack_find_by_stackid(stackid);
292 222 if (ns == NULL)
293 223 return (-1);
294 224 ipss = ns->netstack_ipsec;
295 225 if (ipss == NULL) {
296 226 netstack_rele(ns);
297 227 return (-1);
298 228 }
299 229 ekp = (esp_kstats_t *)kp->ks_data;
300 230
301 231 rw_enter(&ipss->ipsec_alg_lock, RW_READER);
302 232 ekp->esp_stat_num_aalgs.value.ui64 =
303 233 ipss->ipsec_nalgs[IPSEC_ALG_AUTH];
304 234 ekp->esp_stat_num_ealgs.value.ui64 =
305 235 ipss->ipsec_nalgs[IPSEC_ALG_ENCR];
306 236 rw_exit(&ipss->ipsec_alg_lock);
307 237
308 238 netstack_rele(ns);
309 239 return (0);
310 240 }
311 241
312 242 #ifdef DEBUG
313 243 /*
314 244 * Debug routine, useful to see pre-encryption data.
315 245 */
316 246 static char *
317 247 dump_msg(mblk_t *mp)
318 248 {
319 249 char tmp_str[3], tmp_line[256];
320 250
321 251 while (mp != NULL) {
322 252 unsigned char *ptr;
323 253
324 254 printf("mblk address 0x%p, length %ld, db_ref %d "
325 255 "type %d, base 0x%p, lim 0x%p\n",
326 256 (void *) mp, (long)(mp->b_wptr - mp->b_rptr),
327 257 mp->b_datap->db_ref, mp->b_datap->db_type,
328 258 (void *)mp->b_datap->db_base, (void *)mp->b_datap->db_lim);
329 259 ptr = mp->b_rptr;
330 260
331 261 tmp_line[0] = '\0';
332 262 while (ptr < mp->b_wptr) {
333 263 uint_t diff;
334 264
335 265 diff = (ptr - mp->b_rptr);
336 266 if (!(diff & 0x1f)) {
337 267 if (strlen(tmp_line) > 0) {
338 268 printf("bytes: %s\n", tmp_line);
339 269 tmp_line[0] = '\0';
340 270 }
341 271 }
342 272 if (!(diff & 0x3))
343 273 (void) strcat(tmp_line, " ");
344 274 (void) sprintf(tmp_str, "%02x", *ptr);
345 275 (void) strcat(tmp_line, tmp_str);
346 276 ptr++;
347 277 }
348 278 if (strlen(tmp_line) > 0)
349 279 printf("bytes: %s\n", tmp_line);
350 280
351 281 mp = mp->b_cont;
352 282 }
353 283
354 284 return ("\n");
355 285 }
356 286
357 287 #else /* DEBUG */
358 288 static char *
359 289 dump_msg(mblk_t *mp)
360 290 {
361 291 printf("Find value of mp %p.\n", mp);
362 292 return ("\n");
363 293 }
364 294 #endif /* DEBUG */
365 295
366 296 /*
367 297 * Don't have to lock age_interval, as only one thread will access it at
368 298 * a time, because I control the one function that does with timeout().
369 299 */
370 300 static void
371 301 esp_ager(void *arg)
372 302 {
373 303 ipsecesp_stack_t *espstack = (ipsecesp_stack_t *)arg;
374 304 netstack_t *ns = espstack->ipsecesp_netstack;
375 305 hrtime_t begin = gethrtime();
376 306
377 307 sadb_ager(&espstack->esp_sadb.s_v4, espstack->esp_pfkey_q,
378 308 espstack->ipsecesp_reap_delay, ns);
379 309 sadb_ager(&espstack->esp_sadb.s_v6, espstack->esp_pfkey_q,
380 310 espstack->ipsecesp_reap_delay, ns);
381 311
382 312 espstack->esp_event = sadb_retimeout(begin, espstack->esp_pfkey_q,
383 313 esp_ager, espstack,
384 314 &espstack->ipsecesp_age_interval, espstack->ipsecesp_age_int_max,
385 315 info.mi_idnum);
386 316 }
387 317
388 318 /*
389 319 * Get an ESP NDD parameter.
390 320 */
391 321 /* ARGSUSED */
392 322 static int
393 323 ipsecesp_param_get(
394 324 queue_t *q,
395 325 mblk_t *mp,
396 326 caddr_t cp,
397 327 cred_t *cr)
398 328 {
399 329 ipsecespparam_t *ipsecesppa = (ipsecespparam_t *)cp;
400 330 uint_t value;
401 331 ipsecesp_stack_t *espstack = (ipsecesp_stack_t *)q->q_ptr;
402 332
403 333 mutex_enter(&espstack->ipsecesp_param_lock);
404 334 value = ipsecesppa->ipsecesp_param_value;
405 335 mutex_exit(&espstack->ipsecesp_param_lock);
406 336
407 337 (void) mi_mpprintf(mp, "%u", value);
408 338 return (0);
409 339 }
410 340
411 341 /*
412 342 * This routine sets an NDD variable in a ipsecespparam_t structure.
413 343 */
414 344 /* ARGSUSED */
415 345 static int
416 346 ipsecesp_param_set(
417 347 queue_t *q,
418 348 mblk_t *mp,
419 349 char *value,
420 350 caddr_t cp,
421 351 cred_t *cr)
422 352 {
423 353 ulong_t new_value;
424 354 ipsecespparam_t *ipsecesppa = (ipsecespparam_t *)cp;
425 355 ipsecesp_stack_t *espstack = (ipsecesp_stack_t *)q->q_ptr;
426 356
427 357 /*
428 358 * Fail the request if the new value does not lie within the
429 359 * required bounds.
430 360 */
431 361 if (ddi_strtoul(value, NULL, 10, &new_value) != 0 ||
432 362 new_value < ipsecesppa->ipsecesp_param_min ||
433 363 new_value > ipsecesppa->ipsecesp_param_max) {
434 364 return (EINVAL);
435 365 }
436 366
437 367 /* Set the new value */
438 368 mutex_enter(&espstack->ipsecesp_param_lock);
439 369 ipsecesppa->ipsecesp_param_value = new_value;
440 370 mutex_exit(&espstack->ipsecesp_param_lock);
441 371 return (0);
442 372 }
443 373
444 374 /*
445 375 * Using lifetime NDD variables, fill in an extended combination's
446 376 * lifetime information.
447 377 */
448 378 void
449 379 ipsecesp_fill_defs(sadb_x_ecomb_t *ecomb, netstack_t *ns)
450 380 {
451 381 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
452 382
453 383 ecomb->sadb_x_ecomb_soft_bytes = espstack->ipsecesp_default_soft_bytes;
454 384 ecomb->sadb_x_ecomb_hard_bytes = espstack->ipsecesp_default_hard_bytes;
455 385 ecomb->sadb_x_ecomb_soft_addtime =
456 386 espstack->ipsecesp_default_soft_addtime;
457 387 ecomb->sadb_x_ecomb_hard_addtime =
458 388 espstack->ipsecesp_default_hard_addtime;
459 389 ecomb->sadb_x_ecomb_soft_usetime =
460 390 espstack->ipsecesp_default_soft_usetime;
461 391 ecomb->sadb_x_ecomb_hard_usetime =
462 392 espstack->ipsecesp_default_hard_usetime;
463 393 }
464 394
465 395 /*
466 396 * Initialize things for ESP at module load time.
467 397 */
468 398 boolean_t
469 399 ipsecesp_ddi_init(void)
470 400 {
471 401 esp_taskq = taskq_create("esp_taskq", 1, minclsyspri,
472 402 IPSEC_TASKQ_MIN, IPSEC_TASKQ_MAX, 0);
473 403
474 404 /*
475 405 * We want to be informed each time a stack is created or
476 406 * destroyed in the kernel, so we can maintain the
477 407 * set of ipsecesp_stack_t's.
478 408 */
479 409 netstack_register(NS_IPSECESP, ipsecesp_stack_init, NULL,
480 410 ipsecesp_stack_fini);
481 411
482 412 return (B_TRUE);
483 413 }
484 414
485 415 /*
486 416 * Walk through the param array specified registering each element with the
487 417 * named dispatch handler.
488 418 */
489 419 static boolean_t
490 420 ipsecesp_param_register(IDP *ndp, ipsecespparam_t *espp, int cnt)
491 421 {
492 422 for (; cnt-- > 0; espp++) {
493 423 if (espp->ipsecesp_param_name != NULL &&
494 424 espp->ipsecesp_param_name[0]) {
495 425 if (!nd_load(ndp,
|
↓ open down ↓ |
256 lines elided |
↑ open up ↑ |
496 426 espp->ipsecesp_param_name,
497 427 ipsecesp_param_get, ipsecesp_param_set,
498 428 (caddr_t)espp)) {
499 429 nd_free(ndp);
500 430 return (B_FALSE);
501 431 }
502 432 }
503 433 }
504 434 return (B_TRUE);
505 435 }
436 +
506 437 /*
507 438 * Initialize things for ESP for each stack instance
508 439 */
509 440 static void *
510 441 ipsecesp_stack_init(netstackid_t stackid, netstack_t *ns)
511 442 {
512 443 ipsecesp_stack_t *espstack;
513 444 ipsecespparam_t *espp;
514 445
515 446 espstack = (ipsecesp_stack_t *)kmem_zalloc(sizeof (*espstack),
516 447 KM_SLEEP);
517 448 espstack->ipsecesp_netstack = ns;
518 449
519 450 espp = (ipsecespparam_t *)kmem_alloc(sizeof (lcl_param_arr), KM_SLEEP);
|
↓ open down ↓ |
4 lines elided |
↑ open up ↑ |
520 451 espstack->ipsecesp_params = espp;
521 452 bcopy(lcl_param_arr, espp, sizeof (lcl_param_arr));
522 453
523 454 (void) ipsecesp_param_register(&espstack->ipsecesp_g_nd, espp,
524 455 A_CNT(lcl_param_arr));
525 456
526 457 (void) esp_kstat_init(espstack, stackid);
527 458
528 459 espstack->esp_sadb.s_acquire_timeout =
529 460 &espstack->ipsecesp_acquire_timeout;
530 - espstack->esp_sadb.s_acqfn = esp_send_acquire;
531 461 sadbp_init("ESP", &espstack->esp_sadb, SADB_SATYPE_ESP, esp_hash_size,
532 462 espstack->ipsecesp_netstack);
533 463
534 464 mutex_init(&espstack->ipsecesp_param_lock, NULL, MUTEX_DEFAULT, 0);
535 465
536 466 ip_drop_register(&espstack->esp_dropper, "IPsec ESP");
537 467 return (espstack);
538 468 }
539 469
540 470 /*
541 471 * Destroy things for ESP at module unload time.
542 472 */
543 473 void
544 474 ipsecesp_ddi_destroy(void)
545 475 {
546 476 netstack_unregister(NS_IPSECESP);
547 477 taskq_destroy(esp_taskq);
548 478 }
549 479
550 480 /*
|
↓ open down ↓ |
10 lines elided |
↑ open up ↑ |
551 481 * Destroy things for ESP for one stack instance
552 482 */
553 483 static void
554 484 ipsecesp_stack_fini(netstackid_t stackid, void *arg)
555 485 {
556 486 ipsecesp_stack_t *espstack = (ipsecesp_stack_t *)arg;
557 487
558 488 if (espstack->esp_pfkey_q != NULL) {
559 489 (void) quntimeout(espstack->esp_pfkey_q, espstack->esp_event);
560 490 }
561 - espstack->esp_sadb.s_acqfn = NULL;
562 491 espstack->esp_sadb.s_acquire_timeout = NULL;
563 492 sadbp_destroy(&espstack->esp_sadb, espstack->ipsecesp_netstack);
564 493 ip_drop_unregister(&espstack->esp_dropper);
565 494 mutex_destroy(&espstack->ipsecesp_param_lock);
566 495 nd_free(&espstack->ipsecesp_g_nd);
567 496
568 497 kmem_free(espstack->ipsecesp_params, sizeof (lcl_param_arr));
569 498 espstack->ipsecesp_params = NULL;
570 499 kstat_delete_netstack(espstack->esp_ksp, stackid);
571 500 espstack->esp_ksp = NULL;
572 501 espstack->esp_kstats = NULL;
573 502 kmem_free(espstack, sizeof (*espstack));
574 503 }
575 504
576 505 /*
577 506 * ESP module open routine, which is here for keysock plumbing.
578 507 * Keysock is pushed over {AH,ESP} which is an artifact from the Bad Old
579 508 * Days of export control, and fears that ESP would not be allowed
580 509 * to be shipped at all by default. Eventually, keysock should
581 510 * either access AH and ESP via modstubs or krtld dependencies, or
582 511 * perhaps be folded in with AH and ESP into a single IPsec/netsec
583 512 * module ("netsec" if PF_KEY provides more than AH/ESP keying tables).
584 513 */
585 514 /* ARGSUSED */
586 515 static int
587 516 ipsecesp_open(queue_t *q, dev_t *devp, int flag, int sflag, cred_t *credp)
588 517 {
589 518 netstack_t *ns;
590 519 ipsecesp_stack_t *espstack;
591 520
592 521 if (secpolicy_ip_config(credp, B_FALSE) != 0)
593 522 return (EPERM);
594 523
595 524 if (q->q_ptr != NULL)
596 525 return (0); /* Re-open of an already open instance. */
597 526
598 527 if (sflag != MODOPEN)
599 528 return (EINVAL);
600 529
601 530 ns = netstack_find_by_cred(credp);
602 531 ASSERT(ns != NULL);
603 532 espstack = ns->netstack_ipsecesp;
604 533 ASSERT(espstack != NULL);
605 534
606 535 q->q_ptr = espstack;
607 536 WR(q)->q_ptr = q->q_ptr;
608 537
609 538 qprocson(q);
610 539 return (0);
611 540 }
612 541
613 542 /*
614 543 * ESP module close routine.
615 544 */
616 545 static int
617 546 ipsecesp_close(queue_t *q)
618 547 {
619 548 ipsecesp_stack_t *espstack = (ipsecesp_stack_t *)q->q_ptr;
620 549
621 550 /*
622 551 * Clean up q_ptr, if needed.
623 552 */
624 553 qprocsoff(q);
625 554
626 555 /* Keysock queue check is safe, because of OCEXCL perimeter. */
627 556
628 557 if (q == espstack->esp_pfkey_q) {
629 558 esp1dbg(espstack,
630 559 ("ipsecesp_close: Ummm... keysock is closing ESP.\n"));
631 560 espstack->esp_pfkey_q = NULL;
632 561 /* Detach qtimeouts. */
633 562 (void) quntimeout(q, espstack->esp_event);
634 563 }
635 564
636 565 netstack_rele(espstack->ipsecesp_netstack);
637 566 return (0);
638 567 }
639 568
640 569 /*
641 570 * Add a number of bytes to what the SA has protected so far. Return
642 571 * B_TRUE if the SA can still protect that many bytes.
643 572 *
644 573 * Caller must REFRELE the passed-in assoc. This function must REFRELE
645 574 * any obtained peer SA.
646 575 */
647 576 static boolean_t
648 577 esp_age_bytes(ipsa_t *assoc, uint64_t bytes, boolean_t inbound)
649 578 {
650 579 ipsa_t *inassoc, *outassoc;
651 580 isaf_t *bucket;
652 581 boolean_t inrc, outrc, isv6;
653 582 sadb_t *sp;
654 583 int outhash;
655 584 netstack_t *ns = assoc->ipsa_netstack;
656 585 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
657 586
658 587 /* No peer? No problem! */
659 588 if (!assoc->ipsa_haspeer) {
660 589 return (sadb_age_bytes(espstack->esp_pfkey_q, assoc, bytes,
661 590 B_TRUE));
662 591 }
663 592
664 593 /*
665 594 * Otherwise, we want to grab both the original assoc and its peer.
666 595 * There might be a race for this, but if it's a real race, two
667 596 * expire messages may occur. We limit this by only sending the
668 597 * expire message on one of the peers, we'll pick the inbound
669 598 * arbitrarily.
670 599 *
671 600 * If we need tight synchronization on the peer SA, then we need to
672 601 * reconsider.
673 602 */
674 603
675 604 /* Use address length to select IPv6/IPv4 */
676 605 isv6 = (assoc->ipsa_addrfam == AF_INET6);
677 606 sp = isv6 ? &espstack->esp_sadb.s_v6 : &espstack->esp_sadb.s_v4;
678 607
679 608 if (inbound) {
680 609 inassoc = assoc;
681 610 if (isv6) {
682 611 outhash = OUTBOUND_HASH_V6(sp, *((in6_addr_t *)
683 612 &inassoc->ipsa_dstaddr));
684 613 } else {
685 614 outhash = OUTBOUND_HASH_V4(sp, *((ipaddr_t *)
686 615 &inassoc->ipsa_dstaddr));
687 616 }
688 617 bucket = &sp->sdb_of[outhash];
689 618 mutex_enter(&bucket->isaf_lock);
690 619 outassoc = ipsec_getassocbyspi(bucket, inassoc->ipsa_spi,
691 620 inassoc->ipsa_srcaddr, inassoc->ipsa_dstaddr,
692 621 inassoc->ipsa_addrfam);
693 622 mutex_exit(&bucket->isaf_lock);
694 623 if (outassoc == NULL) {
695 624 /* Q: Do we wish to set haspeer == B_FALSE? */
696 625 esp0dbg(("esp_age_bytes: "
697 626 "can't find peer for inbound.\n"));
698 627 return (sadb_age_bytes(espstack->esp_pfkey_q, inassoc,
699 628 bytes, B_TRUE));
700 629 }
701 630 } else {
702 631 outassoc = assoc;
703 632 bucket = INBOUND_BUCKET(sp, outassoc->ipsa_spi);
704 633 mutex_enter(&bucket->isaf_lock);
705 634 inassoc = ipsec_getassocbyspi(bucket, outassoc->ipsa_spi,
706 635 outassoc->ipsa_srcaddr, outassoc->ipsa_dstaddr,
707 636 outassoc->ipsa_addrfam);
708 637 mutex_exit(&bucket->isaf_lock);
709 638 if (inassoc == NULL) {
710 639 /* Q: Do we wish to set haspeer == B_FALSE? */
711 640 esp0dbg(("esp_age_bytes: "
712 641 "can't find peer for outbound.\n"));
713 642 return (sadb_age_bytes(espstack->esp_pfkey_q, outassoc,
714 643 bytes, B_TRUE));
715 644 }
716 645 }
717 646
718 647 inrc = sadb_age_bytes(espstack->esp_pfkey_q, inassoc, bytes, B_TRUE);
719 648 outrc = sadb_age_bytes(espstack->esp_pfkey_q, outassoc, bytes, B_FALSE);
720 649
721 650 /*
722 651 * REFRELE any peer SA.
723 652 *
724 653 * Because of the multi-line macro nature of IPSA_REFRELE, keep
725 654 * them in { }.
726 655 */
727 656 if (inbound) {
728 657 IPSA_REFRELE(outassoc);
729 658 } else {
730 659 IPSA_REFRELE(inassoc);
731 660 }
732 661
733 662 return (inrc && outrc);
734 663 }
735 664
736 665 /*
737 666 * Do incoming NAT-T manipulations for packet.
738 667 * Returns NULL if the mblk chain is consumed.
739 668 */
740 669 static mblk_t *
741 670 esp_fix_natt_checksums(mblk_t *data_mp, ipsa_t *assoc)
742 671 {
743 672 ipha_t *ipha = (ipha_t *)data_mp->b_rptr;
744 673 tcpha_t *tcpha;
745 674 udpha_t *udpha;
746 675 /* Initialize to our inbound cksum adjustment... */
747 676 uint32_t sum = assoc->ipsa_inbound_cksum;
748 677
749 678 switch (ipha->ipha_protocol) {
750 679 case IPPROTO_TCP:
751 680 tcpha = (tcpha_t *)(data_mp->b_rptr +
752 681 IPH_HDR_LENGTH(ipha));
753 682
754 683 #define DOWN_SUM(x) (x) = ((x) & 0xFFFF) + ((x) >> 16)
755 684 sum += ~ntohs(tcpha->tha_sum) & 0xFFFF;
756 685 DOWN_SUM(sum);
757 686 DOWN_SUM(sum);
758 687 tcpha->tha_sum = ~htons(sum);
759 688 break;
760 689 case IPPROTO_UDP:
761 690 udpha = (udpha_t *)(data_mp->b_rptr + IPH_HDR_LENGTH(ipha));
762 691
763 692 if (udpha->uha_checksum != 0) {
764 693 /* Adujst if the inbound one was not zero. */
765 694 sum += ~ntohs(udpha->uha_checksum) & 0xFFFF;
766 695 DOWN_SUM(sum);
767 696 DOWN_SUM(sum);
768 697 udpha->uha_checksum = ~htons(sum);
769 698 if (udpha->uha_checksum == 0)
770 699 udpha->uha_checksum = 0xFFFF;
771 700 }
772 701 #undef DOWN_SUM
773 702 break;
774 703 case IPPROTO_IP:
775 704 /*
776 705 * This case is only an issue for self-encapsulated
777 706 * packets. So for now, fall through.
778 707 */
779 708 break;
780 709 }
781 710 return (data_mp);
782 711 }
783 712
784 713
785 714 /*
786 715 * Strip ESP header, check padding, and fix IP header.
787 716 * Returns B_TRUE on success, B_FALSE if an error occured.
788 717 */
789 718 static boolean_t
790 719 esp_strip_header(mblk_t *data_mp, boolean_t isv4, uint32_t ivlen,
791 720 kstat_named_t **counter, ipsecesp_stack_t *espstack)
792 721 {
793 722 ipha_t *ipha;
794 723 ip6_t *ip6h;
795 724 uint_t divpoint;
796 725 mblk_t *scratch;
797 726 uint8_t nexthdr, padlen;
798 727 uint8_t lastpad;
799 728 ipsec_stack_t *ipss = espstack->ipsecesp_netstack->netstack_ipsec;
800 729 uint8_t *lastbyte;
801 730
802 731 /*
803 732 * Strip ESP data and fix IP header.
804 733 *
805 734 * XXX In case the beginning of esp_inbound() changes to not do a
806 735 * pullup, this part of the code can remain unchanged.
807 736 */
808 737 if (isv4) {
809 738 ASSERT((data_mp->b_wptr - data_mp->b_rptr) >= sizeof (ipha_t));
810 739 ipha = (ipha_t *)data_mp->b_rptr;
811 740 ASSERT((data_mp->b_wptr - data_mp->b_rptr) >= sizeof (esph_t) +
812 741 IPH_HDR_LENGTH(ipha));
813 742 divpoint = IPH_HDR_LENGTH(ipha);
814 743 } else {
815 744 ASSERT((data_mp->b_wptr - data_mp->b_rptr) >= sizeof (ip6_t));
816 745 ip6h = (ip6_t *)data_mp->b_rptr;
817 746 divpoint = ip_hdr_length_v6(data_mp, ip6h);
818 747 }
819 748
820 749 scratch = data_mp;
821 750 while (scratch->b_cont != NULL)
822 751 scratch = scratch->b_cont;
823 752
824 753 ASSERT((scratch->b_wptr - scratch->b_rptr) >= 3);
825 754
826 755 /*
827 756 * "Next header" and padding length are the last two bytes in the
828 757 * ESP-protected datagram, thus the explicit - 1 and - 2.
829 758 * lastpad is the last byte of the padding, which can be used for
830 759 * a quick check to see if the padding is correct.
831 760 */
832 761 lastbyte = scratch->b_wptr - 1;
833 762 nexthdr = *lastbyte--;
834 763 padlen = *lastbyte--;
835 764
836 765 if (isv4) {
837 766 /* Fix part of the IP header. */
838 767 ipha->ipha_protocol = nexthdr;
839 768 /*
840 769 * Reality check the padlen. The explicit - 2 is for the
841 770 * padding length and the next-header bytes.
842 771 */
843 772 if (padlen >= ntohs(ipha->ipha_length) - sizeof (ipha_t) - 2 -
844 773 sizeof (esph_t) - ivlen) {
845 774 ESP_BUMP_STAT(espstack, bad_decrypt);
846 775 ipsec_rl_strlog(espstack->ipsecesp_netstack,
847 776 info.mi_idnum, 0, 0,
848 777 SL_ERROR | SL_WARN,
849 778 "Corrupt ESP packet (padlen too big).\n");
850 779 esp1dbg(espstack, ("padlen (%d) is greater than:\n",
851 780 padlen));
852 781 esp1dbg(espstack, ("pkt len(%d) - ip hdr - esp "
853 782 "hdr - ivlen(%d) = %d.\n",
854 783 ntohs(ipha->ipha_length), ivlen,
855 784 (int)(ntohs(ipha->ipha_length) - sizeof (ipha_t) -
856 785 2 - sizeof (esph_t) - ivlen)));
857 786 *counter = DROPPER(ipss, ipds_esp_bad_padlen);
858 787 return (B_FALSE);
859 788 }
860 789
861 790 /*
862 791 * Fix the rest of the header. The explicit - 2 is for the
863 792 * padding length and the next-header bytes.
864 793 */
865 794 ipha->ipha_length = htons(ntohs(ipha->ipha_length) - padlen -
866 795 2 - sizeof (esph_t) - ivlen);
867 796 ipha->ipha_hdr_checksum = 0;
868 797 ipha->ipha_hdr_checksum = (uint16_t)ip_csum_hdr(ipha);
869 798 } else {
870 799 if (ip6h->ip6_nxt == IPPROTO_ESP) {
871 800 ip6h->ip6_nxt = nexthdr;
872 801 } else {
873 802 ip_pkt_t ipp;
874 803
875 804 bzero(&ipp, sizeof (ipp));
876 805 (void) ip_find_hdr_v6(data_mp, ip6h, B_FALSE, &ipp,
877 806 NULL);
878 807 if (ipp.ipp_dstopts != NULL) {
879 808 ipp.ipp_dstopts->ip6d_nxt = nexthdr;
880 809 } else if (ipp.ipp_rthdr != NULL) {
881 810 ipp.ipp_rthdr->ip6r_nxt = nexthdr;
882 811 } else if (ipp.ipp_hopopts != NULL) {
883 812 ipp.ipp_hopopts->ip6h_nxt = nexthdr;
884 813 } else {
885 814 /* Panic a DEBUG kernel. */
886 815 ASSERT(ipp.ipp_hopopts != NULL);
887 816 /* Otherwise, pretend it's IP + ESP. */
888 817 cmn_err(CE_WARN, "ESP IPv6 headers wrong.\n");
889 818 ip6h->ip6_nxt = nexthdr;
890 819 }
891 820 }
892 821
893 822 if (padlen >= ntohs(ip6h->ip6_plen) - 2 - sizeof (esph_t) -
894 823 ivlen) {
895 824 ESP_BUMP_STAT(espstack, bad_decrypt);
896 825 ipsec_rl_strlog(espstack->ipsecesp_netstack,
897 826 info.mi_idnum, 0, 0,
898 827 SL_ERROR | SL_WARN,
899 828 "Corrupt ESP packet (v6 padlen too big).\n");
900 829 esp1dbg(espstack, ("padlen (%d) is greater than:\n",
901 830 padlen));
902 831 esp1dbg(espstack,
903 832 ("pkt len(%u) - ip hdr - esp hdr - ivlen(%d) = "
904 833 "%u.\n", (unsigned)(ntohs(ip6h->ip6_plen)
905 834 + sizeof (ip6_t)), ivlen,
906 835 (unsigned)(ntohs(ip6h->ip6_plen) - 2 -
907 836 sizeof (esph_t) - ivlen)));
908 837 *counter = DROPPER(ipss, ipds_esp_bad_padlen);
909 838 return (B_FALSE);
910 839 }
911 840
912 841
913 842 /*
914 843 * Fix the rest of the header. The explicit - 2 is for the
915 844 * padding length and the next-header bytes. IPv6 is nice,
916 845 * because there's no hdr checksum!
917 846 */
918 847 ip6h->ip6_plen = htons(ntohs(ip6h->ip6_plen) - padlen -
919 848 2 - sizeof (esph_t) - ivlen);
920 849 }
921 850
922 851 if (espstack->ipsecesp_padding_check > 0 && padlen > 0) {
923 852 /*
924 853 * Weak padding check: compare last-byte to length, they
925 854 * should be equal.
926 855 */
927 856 lastpad = *lastbyte--;
928 857
929 858 if (padlen != lastpad) {
930 859 ipsec_rl_strlog(espstack->ipsecesp_netstack,
931 860 info.mi_idnum, 0, 0, SL_ERROR | SL_WARN,
932 861 "Corrupt ESP packet (lastpad != padlen).\n");
933 862 esp1dbg(espstack,
934 863 ("lastpad (%d) not equal to padlen (%d):\n",
935 864 lastpad, padlen));
936 865 ESP_BUMP_STAT(espstack, bad_padding);
937 866 *counter = DROPPER(ipss, ipds_esp_bad_padding);
938 867 return (B_FALSE);
939 868 }
940 869
941 870 /*
942 871 * Strong padding check: Check all pad bytes to see that
943 872 * they're ascending. Go backwards using a descending counter
944 873 * to verify. padlen == 1 is checked by previous block, so
945 874 * only bother if we've more than 1 byte of padding.
946 875 * Consequently, start the check one byte before the location
947 876 * of "lastpad".
948 877 */
949 878 if (espstack->ipsecesp_padding_check > 1) {
950 879 /*
951 880 * This assert may have to become an if and a pullup
952 881 * if we start accepting multi-dblk mblks. For now,
953 882 * though, any packet here will have been pulled up in
954 883 * esp_inbound.
955 884 */
956 885 ASSERT(MBLKL(scratch) >= lastpad + 3);
957 886
958 887 /*
959 888 * Use "--lastpad" because we already checked the very
960 889 * last pad byte previously.
961 890 */
962 891 while (--lastpad != 0) {
963 892 if (lastpad != *lastbyte) {
964 893 ipsec_rl_strlog(
965 894 espstack->ipsecesp_netstack,
966 895 info.mi_idnum, 0, 0,
967 896 SL_ERROR | SL_WARN, "Corrupt ESP "
968 897 "packet (bad padding).\n");
969 898 esp1dbg(espstack,
970 899 ("padding not in correct"
971 900 " format:\n"));
972 901 ESP_BUMP_STAT(espstack, bad_padding);
973 902 *counter = DROPPER(ipss,
974 903 ipds_esp_bad_padding);
975 904 return (B_FALSE);
976 905 }
977 906 lastbyte--;
978 907 }
979 908 }
980 909 }
981 910
982 911 /* Trim off the padding. */
983 912 ASSERT(data_mp->b_cont == NULL);
984 913 data_mp->b_wptr -= (padlen + 2);
985 914
986 915 /*
987 916 * Remove the ESP header.
988 917 *
989 918 * The above assertions about data_mp's size will make this work.
990 919 *
991 920 * XXX Question: If I send up and get back a contiguous mblk,
992 921 * would it be quicker to bcopy over, or keep doing the dupb stuff?
993 922 * I go with copying for now.
994 923 */
995 924
996 925 if (IS_P2ALIGNED(data_mp->b_rptr, sizeof (uint32_t)) &&
997 926 IS_P2ALIGNED(ivlen, sizeof (uint32_t))) {
998 927 uint8_t *start = data_mp->b_rptr;
999 928 uint32_t *src, *dst;
1000 929
1001 930 src = (uint32_t *)(start + divpoint);
1002 931 dst = (uint32_t *)(start + divpoint + sizeof (esph_t) + ivlen);
1003 932
1004 933 ASSERT(IS_P2ALIGNED(dst, sizeof (uint32_t)) &&
1005 934 IS_P2ALIGNED(src, sizeof (uint32_t)));
1006 935
1007 936 do {
1008 937 src--;
1009 938 dst--;
1010 939 *dst = *src;
1011 940 } while (src != (uint32_t *)start);
1012 941
1013 942 data_mp->b_rptr = (uchar_t *)dst;
1014 943 } else {
1015 944 uint8_t *start = data_mp->b_rptr;
1016 945 uint8_t *src, *dst;
1017 946
1018 947 src = start + divpoint;
1019 948 dst = src + sizeof (esph_t) + ivlen;
1020 949
1021 950 do {
1022 951 src--;
1023 952 dst--;
1024 953 *dst = *src;
1025 954 } while (src != start);
1026 955
1027 956 data_mp->b_rptr = dst;
1028 957 }
1029 958
1030 959 esp2dbg(espstack, ("data_mp after inbound ESP adjustment:\n"));
1031 960 esp2dbg(espstack, (dump_msg(data_mp)));
1032 961
1033 962 return (B_TRUE);
1034 963 }
1035 964
1036 965 /*
1037 966 * Updating use times can be tricky business if the ipsa_haspeer flag is
1038 967 * set. This function is called once in an SA's lifetime.
1039 968 *
1040 969 * Caller has to REFRELE "assoc" which is passed in. This function has
1041 970 * to REFRELE any peer SA that is obtained.
1042 971 */
1043 972 static void
1044 973 esp_set_usetime(ipsa_t *assoc, boolean_t inbound)
1045 974 {
1046 975 ipsa_t *inassoc, *outassoc;
1047 976 isaf_t *bucket;
1048 977 sadb_t *sp;
1049 978 int outhash;
1050 979 boolean_t isv6;
1051 980 netstack_t *ns = assoc->ipsa_netstack;
1052 981 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
1053 982
1054 983 /* No peer? No problem! */
1055 984 if (!assoc->ipsa_haspeer) {
1056 985 sadb_set_usetime(assoc);
1057 986 return;
1058 987 }
1059 988
1060 989 /*
1061 990 * Otherwise, we want to grab both the original assoc and its peer.
1062 991 * There might be a race for this, but if it's a real race, the times
1063 992 * will be out-of-synch by at most a second, and since our time
1064 993 * granularity is a second, this won't be a problem.
1065 994 *
1066 995 * If we need tight synchronization on the peer SA, then we need to
1067 996 * reconsider.
1068 997 */
1069 998
1070 999 /* Use address length to select IPv6/IPv4 */
1071 1000 isv6 = (assoc->ipsa_addrfam == AF_INET6);
1072 1001 sp = isv6 ? &espstack->esp_sadb.s_v6 : &espstack->esp_sadb.s_v4;
1073 1002
1074 1003 if (inbound) {
1075 1004 inassoc = assoc;
1076 1005 if (isv6) {
1077 1006 outhash = OUTBOUND_HASH_V6(sp, *((in6_addr_t *)
1078 1007 &inassoc->ipsa_dstaddr));
1079 1008 } else {
1080 1009 outhash = OUTBOUND_HASH_V4(sp, *((ipaddr_t *)
1081 1010 &inassoc->ipsa_dstaddr));
1082 1011 }
1083 1012 bucket = &sp->sdb_of[outhash];
1084 1013 mutex_enter(&bucket->isaf_lock);
1085 1014 outassoc = ipsec_getassocbyspi(bucket, inassoc->ipsa_spi,
1086 1015 inassoc->ipsa_srcaddr, inassoc->ipsa_dstaddr,
1087 1016 inassoc->ipsa_addrfam);
1088 1017 mutex_exit(&bucket->isaf_lock);
1089 1018 if (outassoc == NULL) {
1090 1019 /* Q: Do we wish to set haspeer == B_FALSE? */
1091 1020 esp0dbg(("esp_set_usetime: "
1092 1021 "can't find peer for inbound.\n"));
1093 1022 sadb_set_usetime(inassoc);
1094 1023 return;
1095 1024 }
1096 1025 } else {
1097 1026 outassoc = assoc;
1098 1027 bucket = INBOUND_BUCKET(sp, outassoc->ipsa_spi);
1099 1028 mutex_enter(&bucket->isaf_lock);
1100 1029 inassoc = ipsec_getassocbyspi(bucket, outassoc->ipsa_spi,
1101 1030 outassoc->ipsa_srcaddr, outassoc->ipsa_dstaddr,
1102 1031 outassoc->ipsa_addrfam);
1103 1032 mutex_exit(&bucket->isaf_lock);
1104 1033 if (inassoc == NULL) {
1105 1034 /* Q: Do we wish to set haspeer == B_FALSE? */
1106 1035 esp0dbg(("esp_set_usetime: "
1107 1036 "can't find peer for outbound.\n"));
1108 1037 sadb_set_usetime(outassoc);
1109 1038 return;
1110 1039 }
1111 1040 }
1112 1041
1113 1042 /* Update usetime on both. */
1114 1043 sadb_set_usetime(inassoc);
1115 1044 sadb_set_usetime(outassoc);
1116 1045
1117 1046 /*
1118 1047 * REFRELE any peer SA.
1119 1048 *
1120 1049 * Because of the multi-line macro nature of IPSA_REFRELE, keep
1121 1050 * them in { }.
1122 1051 */
1123 1052 if (inbound) {
1124 1053 IPSA_REFRELE(outassoc);
1125 1054 } else {
1126 1055 IPSA_REFRELE(inassoc);
1127 1056 }
1128 1057 }
1129 1058
1130 1059 /*
1131 1060 * Handle ESP inbound data for IPv4 and IPv6.
1132 1061 * On success returns B_TRUE, on failure returns B_FALSE and frees the
1133 1062 * mblk chain data_mp.
1134 1063 */
1135 1064 mblk_t *
1136 1065 esp_inbound(mblk_t *data_mp, void *arg, ip_recv_attr_t *ira)
1137 1066 {
1138 1067 esph_t *esph = (esph_t *)arg;
1139 1068 ipsa_t *ipsa = ira->ira_ipsec_esp_sa;
1140 1069 netstack_t *ns = ira->ira_ill->ill_ipst->ips_netstack;
1141 1070 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
1142 1071 ipsec_stack_t *ipss = ns->netstack_ipsec;
1143 1072
1144 1073 /*
1145 1074 * We may wish to check replay in-range-only here as an optimization.
1146 1075 * Include the reality check of ipsa->ipsa_replay >
1147 1076 * ipsa->ipsa_replay_wsize for times when it's the first N packets,
1148 1077 * where N == ipsa->ipsa_replay_wsize.
1149 1078 *
1150 1079 * Another check that may come here later is the "collision" check.
1151 1080 * If legitimate packets flow quickly enough, this won't be a problem,
1152 1081 * but collisions may cause authentication algorithm crunching to
1153 1082 * take place when it doesn't need to.
1154 1083 */
1155 1084 if (!sadb_replay_peek(ipsa, esph->esph_replay)) {
1156 1085 ESP_BUMP_STAT(espstack, replay_early_failures);
1157 1086 IP_ESP_BUMP_STAT(ipss, in_discards);
1158 1087 ip_drop_packet(data_mp, B_TRUE, ira->ira_ill,
1159 1088 DROPPER(ipss, ipds_esp_early_replay),
1160 1089 &espstack->esp_dropper);
1161 1090 BUMP_MIB(ira->ira_ill->ill_ip_mib, ipIfStatsInDiscards);
1162 1091 return (NULL);
1163 1092 }
1164 1093
1165 1094 /*
1166 1095 * Adjust the IP header's payload length to reflect the removal
1167 1096 * of the ICV.
1168 1097 */
1169 1098 if (!(ira->ira_flags & IRAF_IS_IPV4)) {
1170 1099 ip6_t *ip6h = (ip6_t *)data_mp->b_rptr;
1171 1100 ip6h->ip6_plen = htons(ntohs(ip6h->ip6_plen) -
1172 1101 ipsa->ipsa_mac_len);
1173 1102 } else {
|
↓ open down ↓ |
602 lines elided |
↑ open up ↑ |
1174 1103 ipha_t *ipha = (ipha_t *)data_mp->b_rptr;
1175 1104 ipha->ipha_length = htons(ntohs(ipha->ipha_length) -
1176 1105 ipsa->ipsa_mac_len);
1177 1106 }
1178 1107
1179 1108 /* submit the request to the crypto framework */
1180 1109 return (esp_submit_req_inbound(data_mp, ira, ipsa,
1181 1110 (uint8_t *)esph - data_mp->b_rptr));
1182 1111 }
1183 1112
1184 -/*
1185 - * Perform the really difficult work of inserting the proposed situation.
1186 - * Called while holding the algorithm lock.
1187 - */
1188 -static void
1189 -esp_insert_prop(sadb_prop_t *prop, ipsacq_t *acqrec, uint_t combs,
1190 - netstack_t *ns)
1191 -{
1192 - sadb_comb_t *comb = (sadb_comb_t *)(prop + 1);
1193 - ipsec_action_t *ap;
1194 - ipsec_prot_t *prot;
1195 - ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
1196 - ipsec_stack_t *ipss = ns->netstack_ipsec;
1197 -
1198 - ASSERT(RW_READ_HELD(&ipss->ipsec_alg_lock));
1199 -
1200 - prop->sadb_prop_exttype = SADB_EXT_PROPOSAL;
1201 - prop->sadb_prop_len = SADB_8TO64(sizeof (sadb_prop_t));
1202 - *(uint32_t *)(&prop->sadb_prop_replay) = 0; /* Quick zero-out! */
1203 -
1204 - prop->sadb_prop_replay = espstack->ipsecesp_replay_size;
1205 -
1206 - /*
1207 - * Based upon algorithm properties, and what-not, prioritize a
1208 - * proposal, based on the ordering of the ESP algorithms in the
1209 - * alternatives in the policy rule or socket that was placed
1210 - * in the acquire record.
1211 - *
1212 - * For each action in policy list
1213 - * Add combination. If I've hit limit, return.
1214 - */
1215 -
1216 - for (ap = acqrec->ipsacq_act; ap != NULL;
1217 - ap = ap->ipa_next) {
1218 - ipsec_alginfo_t *ealg = NULL;
1219 - ipsec_alginfo_t *aalg = NULL;
1220 -
1221 - if (ap->ipa_act.ipa_type != IPSEC_POLICY_APPLY)
1222 - continue;
1223 -
1224 - prot = &ap->ipa_act.ipa_apply;
1225 -
1226 - if (!(prot->ipp_use_esp))
1227 - continue;
1228 -
1229 - if (prot->ipp_esp_auth_alg != 0) {
1230 - aalg = ipss->ipsec_alglists[IPSEC_ALG_AUTH]
1231 - [prot->ipp_esp_auth_alg];
1232 - if (aalg == NULL || !ALG_VALID(aalg))
1233 - continue;
1234 - }
1235 -
1236 - ASSERT(prot->ipp_encr_alg > 0);
1237 - ealg = ipss->ipsec_alglists[IPSEC_ALG_ENCR]
1238 - [prot->ipp_encr_alg];
1239 - if (ealg == NULL || !ALG_VALID(ealg))
1240 - continue;
1241 -
1242 - comb->sadb_comb_flags = 0;
1243 - comb->sadb_comb_reserved = 0;
1244 - comb->sadb_comb_encrypt = ealg->alg_id;
1245 - comb->sadb_comb_encrypt_minbits =
1246 - MAX(prot->ipp_espe_minbits, ealg->alg_ef_minbits);
1247 - comb->sadb_comb_encrypt_maxbits =
1248 - MIN(prot->ipp_espe_maxbits, ealg->alg_ef_maxbits);
1249 -
1250 - if (aalg == NULL) {
1251 - comb->sadb_comb_auth = 0;
1252 - comb->sadb_comb_auth_minbits = 0;
1253 - comb->sadb_comb_auth_maxbits = 0;
1254 - } else {
1255 - comb->sadb_comb_auth = aalg->alg_id;
1256 - comb->sadb_comb_auth_minbits =
1257 - MAX(prot->ipp_espa_minbits, aalg->alg_ef_minbits);
1258 - comb->sadb_comb_auth_maxbits =
1259 - MIN(prot->ipp_espa_maxbits, aalg->alg_ef_maxbits);
1260 - }
1261 -
1262 - /*
1263 - * The following may be based on algorithm
1264 - * properties, but in the meantime, we just pick
1265 - * some good, sensible numbers. Key mgmt. can
1266 - * (and perhaps should) be the place to finalize
1267 - * such decisions.
1268 - */
1269 -
1270 - /*
1271 - * No limits on allocations, since we really don't
1272 - * support that concept currently.
1273 - */
1274 - comb->sadb_comb_soft_allocations = 0;
1275 - comb->sadb_comb_hard_allocations = 0;
1276 -
1277 - /*
1278 - * These may want to come from policy rule..
1279 - */
1280 - comb->sadb_comb_soft_bytes =
1281 - espstack->ipsecesp_default_soft_bytes;
1282 - comb->sadb_comb_hard_bytes =
1283 - espstack->ipsecesp_default_hard_bytes;
1284 - comb->sadb_comb_soft_addtime =
1285 - espstack->ipsecesp_default_soft_addtime;
1286 - comb->sadb_comb_hard_addtime =
1287 - espstack->ipsecesp_default_hard_addtime;
1288 - comb->sadb_comb_soft_usetime =
1289 - espstack->ipsecesp_default_soft_usetime;
1290 - comb->sadb_comb_hard_usetime =
1291 - espstack->ipsecesp_default_hard_usetime;
1292 -
1293 - prop->sadb_prop_len += SADB_8TO64(sizeof (*comb));
1294 - if (--combs == 0)
1295 - break; /* out of space.. */
1296 - comb++;
1297 - }
1298 -}
1299 -
1300 -/*
1301 - * Prepare and actually send the SADB_ACQUIRE message to PF_KEY.
1302 - */
1303 -static void
1304 -esp_send_acquire(ipsacq_t *acqrec, mblk_t *extended, netstack_t *ns)
1305 -{
1306 - uint_t combs;
1307 - sadb_msg_t *samsg;
1308 - sadb_prop_t *prop;
1309 - mblk_t *pfkeymp, *msgmp;
1310 - ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
1311 - ipsec_stack_t *ipss = ns->netstack_ipsec;
1312 -
1313 - ESP_BUMP_STAT(espstack, acquire_requests);
1314 -
1315 - if (espstack->esp_pfkey_q == NULL) {
1316 - mutex_exit(&acqrec->ipsacq_lock);
1317 - return;
1318 - }
1319 -
1320 - /* Set up ACQUIRE. */
1321 - pfkeymp = sadb_setup_acquire(acqrec, SADB_SATYPE_ESP,
1322 - ns->netstack_ipsec);
1323 - if (pfkeymp == NULL) {
1324 - esp0dbg(("sadb_setup_acquire failed.\n"));
1325 - mutex_exit(&acqrec->ipsacq_lock);
1326 - return;
1327 - }
1328 - ASSERT(RW_READ_HELD(&ipss->ipsec_alg_lock));
1329 - combs = ipss->ipsec_nalgs[IPSEC_ALG_AUTH] *
1330 - ipss->ipsec_nalgs[IPSEC_ALG_ENCR];
1331 - msgmp = pfkeymp->b_cont;
1332 - samsg = (sadb_msg_t *)(msgmp->b_rptr);
1333 -
1334 - /* Insert proposal here. */
1335 -
1336 - prop = (sadb_prop_t *)(((uint64_t *)samsg) + samsg->sadb_msg_len);
1337 - esp_insert_prop(prop, acqrec, combs, ns);
1338 - samsg->sadb_msg_len += prop->sadb_prop_len;
1339 - msgmp->b_wptr += SADB_64TO8(samsg->sadb_msg_len);
1340 -
1341 - rw_exit(&ipss->ipsec_alg_lock);
1342 -
1343 - /*
1344 - * Must mutex_exit() before sending PF_KEY message up, in
1345 - * order to avoid recursive mutex_enter() if there are no registered
1346 - * listeners.
1347 - *
1348 - * Once I've sent the message, I'm cool anyway.
1349 - */
1350 - mutex_exit(&acqrec->ipsacq_lock);
1351 - if (extended != NULL) {
1352 - putnext(espstack->esp_pfkey_q, extended);
1353 - }
1354 - putnext(espstack->esp_pfkey_q, pfkeymp);
1355 -}
1356 -
1357 1113 /* XXX refactor me */
1358 1114 /*
1359 1115 * Handle the SADB_GETSPI message. Create a larval SA.
1360 1116 */
1361 1117 static void
1362 1118 esp_getspi(mblk_t *mp, keysock_in_t *ksi, ipsecesp_stack_t *espstack)
1363 1119 {
1364 1120 ipsa_t *newbie, *target;
1365 1121 isaf_t *outbound, *inbound;
1366 1122 int rc, diagnostic;
1367 1123 sadb_sa_t *assoc;
1368 1124 keysock_out_t *kso;
1369 1125 uint32_t newspi;
1370 1126
1371 1127 /*
1372 1128 * Randomly generate a proposed SPI value
1373 1129 */
1374 1130 if (cl_inet_getspi != NULL) {
1375 1131 cl_inet_getspi(espstack->ipsecesp_netstack->netstack_stackid,
1376 1132 IPPROTO_ESP, (uint8_t *)&newspi, sizeof (uint32_t), NULL);
1377 1133 } else {
1378 1134 (void) random_get_pseudo_bytes((uint8_t *)&newspi,
1379 1135 sizeof (uint32_t));
1380 1136 }
1381 1137 newbie = sadb_getspi(ksi, newspi, &diagnostic,
1382 1138 espstack->ipsecesp_netstack, IPPROTO_ESP);
1383 1139
1384 1140 if (newbie == NULL) {
1385 1141 sadb_pfkey_error(espstack->esp_pfkey_q, mp, ENOMEM, diagnostic,
1386 1142 ksi->ks_in_serial);
1387 1143 return;
1388 1144 } else if (newbie == (ipsa_t *)-1) {
1389 1145 sadb_pfkey_error(espstack->esp_pfkey_q, mp, EINVAL, diagnostic,
1390 1146 ksi->ks_in_serial);
1391 1147 return;
1392 1148 }
1393 1149
1394 1150 /*
1395 1151 * XXX - We may randomly collide. We really should recover from this.
1396 1152 * Unfortunately, that could require spending way-too-much-time
1397 1153 * in here. For now, let the user retry.
1398 1154 */
1399 1155
1400 1156 if (newbie->ipsa_addrfam == AF_INET6) {
1401 1157 outbound = OUTBOUND_BUCKET_V6(&espstack->esp_sadb.s_v6,
1402 1158 *(uint32_t *)(newbie->ipsa_dstaddr));
1403 1159 inbound = INBOUND_BUCKET(&espstack->esp_sadb.s_v6,
1404 1160 newbie->ipsa_spi);
1405 1161 } else {
1406 1162 ASSERT(newbie->ipsa_addrfam == AF_INET);
1407 1163 outbound = OUTBOUND_BUCKET_V4(&espstack->esp_sadb.s_v4,
1408 1164 *(uint32_t *)(newbie->ipsa_dstaddr));
1409 1165 inbound = INBOUND_BUCKET(&espstack->esp_sadb.s_v4,
1410 1166 newbie->ipsa_spi);
1411 1167 }
1412 1168
1413 1169 mutex_enter(&outbound->isaf_lock);
1414 1170 mutex_enter(&inbound->isaf_lock);
1415 1171
1416 1172 /*
1417 1173 * Check for collisions (i.e. did sadb_getspi() return with something
1418 1174 * that already exists?).
1419 1175 *
1420 1176 * Try outbound first. Even though SADB_GETSPI is traditionally
1421 1177 * for inbound SAs, you never know what a user might do.
1422 1178 */
1423 1179 target = ipsec_getassocbyspi(outbound, newbie->ipsa_spi,
1424 1180 newbie->ipsa_srcaddr, newbie->ipsa_dstaddr, newbie->ipsa_addrfam);
1425 1181 if (target == NULL) {
1426 1182 target = ipsec_getassocbyspi(inbound, newbie->ipsa_spi,
1427 1183 newbie->ipsa_srcaddr, newbie->ipsa_dstaddr,
1428 1184 newbie->ipsa_addrfam);
1429 1185 }
1430 1186
1431 1187 /*
1432 1188 * I don't have collisions elsewhere!
1433 1189 * (Nor will I because I'm still holding inbound/outbound locks.)
1434 1190 */
1435 1191
1436 1192 if (target != NULL) {
1437 1193 rc = EEXIST;
1438 1194 IPSA_REFRELE(target);
1439 1195 } else {
1440 1196 /*
1441 1197 * sadb_insertassoc() also checks for collisions, so
1442 1198 * if there's a colliding entry, rc will be set
1443 1199 * to EEXIST.
1444 1200 */
1445 1201 rc = sadb_insertassoc(newbie, inbound);
1446 1202 newbie->ipsa_hardexpiretime = gethrestime_sec();
1447 1203 newbie->ipsa_hardexpiretime +=
1448 1204 espstack->ipsecesp_larval_timeout;
1449 1205 }
1450 1206
1451 1207 /*
1452 1208 * Can exit outbound mutex. Hold inbound until we're done
1453 1209 * with newbie.
1454 1210 */
1455 1211 mutex_exit(&outbound->isaf_lock);
1456 1212
1457 1213 if (rc != 0) {
1458 1214 mutex_exit(&inbound->isaf_lock);
1459 1215 IPSA_REFRELE(newbie);
1460 1216 sadb_pfkey_error(espstack->esp_pfkey_q, mp, rc,
1461 1217 SADB_X_DIAGNOSTIC_NONE, ksi->ks_in_serial);
1462 1218 return;
1463 1219 }
1464 1220
1465 1221
1466 1222 /* Can write here because I'm still holding the bucket lock. */
1467 1223 newbie->ipsa_type = SADB_SATYPE_ESP;
1468 1224
1469 1225 /*
1470 1226 * Construct successful return message. We have one thing going
1471 1227 * for us in PF_KEY v2. That's the fact that
1472 1228 * sizeof (sadb_spirange_t) == sizeof (sadb_sa_t)
1473 1229 */
1474 1230 assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SPIRANGE];
1475 1231 assoc->sadb_sa_exttype = SADB_EXT_SA;
1476 1232 assoc->sadb_sa_spi = newbie->ipsa_spi;
1477 1233 *((uint64_t *)(&assoc->sadb_sa_replay)) = 0;
1478 1234 mutex_exit(&inbound->isaf_lock);
1479 1235
1480 1236 /* Convert KEYSOCK_IN to KEYSOCK_OUT. */
1481 1237 kso = (keysock_out_t *)ksi;
1482 1238 kso->ks_out_len = sizeof (*kso);
1483 1239 kso->ks_out_serial = ksi->ks_in_serial;
1484 1240 kso->ks_out_type = KEYSOCK_OUT;
1485 1241
1486 1242 /*
1487 1243 * Can safely putnext() to esp_pfkey_q, because this is a turnaround
1488 1244 * from the esp_pfkey_q.
1489 1245 */
1490 1246 putnext(espstack->esp_pfkey_q, mp);
1491 1247 }
1492 1248
1493 1249 /*
1494 1250 * Insert the ESP header into a packet. Duplicate an mblk, and insert a newly
1495 1251 * allocated mblk with the ESP header in between the two.
1496 1252 */
1497 1253 static boolean_t
1498 1254 esp_insert_esp(mblk_t *mp, mblk_t *esp_mp, uint_t divpoint,
1499 1255 ipsecesp_stack_t *espstack)
1500 1256 {
1501 1257 mblk_t *split_mp = mp;
1502 1258 uint_t wheretodiv = divpoint;
1503 1259
1504 1260 while ((split_mp->b_wptr - split_mp->b_rptr) < wheretodiv) {
1505 1261 wheretodiv -= (split_mp->b_wptr - split_mp->b_rptr);
1506 1262 split_mp = split_mp->b_cont;
1507 1263 ASSERT(split_mp != NULL);
1508 1264 }
1509 1265
1510 1266 if (split_mp->b_wptr - split_mp->b_rptr != wheretodiv) {
1511 1267 mblk_t *scratch;
1512 1268
1513 1269 /* "scratch" is the 2nd half, split_mp is the first. */
1514 1270 scratch = dupb(split_mp);
1515 1271 if (scratch == NULL) {
1516 1272 esp1dbg(espstack,
1517 1273 ("esp_insert_esp: can't allocate scratch.\n"));
1518 1274 return (B_FALSE);
1519 1275 }
1520 1276 /* NOTE: dupb() doesn't set b_cont appropriately. */
1521 1277 scratch->b_cont = split_mp->b_cont;
1522 1278 scratch->b_rptr += wheretodiv;
1523 1279 split_mp->b_wptr = split_mp->b_rptr + wheretodiv;
1524 1280 split_mp->b_cont = scratch;
1525 1281 }
1526 1282 /*
1527 1283 * At this point, split_mp is exactly "wheretodiv" bytes long, and
1528 1284 * holds the end of the pre-ESP part of the datagram.
1529 1285 */
1530 1286 esp_mp->b_cont = split_mp->b_cont;
1531 1287 split_mp->b_cont = esp_mp;
1532 1288
1533 1289 return (B_TRUE);
1534 1290 }
1535 1291
1536 1292 /*
1537 1293 * Section 7 of RFC 3947 says:
1538 1294 *
1539 1295 * 7. Recovering from the Expiring NAT Mappings
1540 1296 *
1541 1297 * There are cases where NAT box decides to remove mappings that are still
1542 1298 * alive (for example, when the keepalive interval is too long, or when the
1543 1299 * NAT box is rebooted). To recover from this, ends that are NOT behind
1544 1300 * NAT SHOULD use the last valid UDP encapsulated IKE or IPsec packet from
1545 1301 * the other end to determine which IP and port addresses should be used.
1546 1302 * The host behind dynamic NAT MUST NOT do this, as otherwise it opens a
1547 1303 * DoS attack possibility because the IP address or port of the other host
1548 1304 * will not change (it is not behind NAT).
1549 1305 *
1550 1306 * Keepalives cannot be used for these purposes, as they are not
1551 1307 * authenticated, but any IKE authenticated IKE packet or ESP packet can be
1552 1308 * used to detect whether the IP address or the port has changed.
1553 1309 *
1554 1310 * The following function will check an SA and its explicitly-set pair to see
1555 1311 * if the NAT-T remote port matches the received packet (which must have
1556 1312 * passed ESP authentication, see esp_in_done() for the caller context). If
1557 1313 * there is a mismatch, the SAs are updated. It is not important if we race
1558 1314 * with a transmitting thread, as if there is a transmitting thread, it will
1559 1315 * merely emit a packet that will most-likely be dropped.
1560 1316 *
1561 1317 * "ports" are ordered src,dst, and assoc is an inbound SA, where src should
1562 1318 * match ipsa_remote_nat_port and dst should match ipsa_local_nat_port.
1563 1319 */
1564 1320 #ifdef _LITTLE_ENDIAN
1565 1321 #define FIRST_16(x) ((x) & 0xFFFF)
1566 1322 #define NEXT_16(x) (((x) >> 16) & 0xFFFF)
1567 1323 #else
1568 1324 #define FIRST_16(x) (((x) >> 16) & 0xFFFF)
1569 1325 #define NEXT_16(x) ((x) & 0xFFFF)
1570 1326 #endif
1571 1327 static void
1572 1328 esp_port_freshness(uint32_t ports, ipsa_t *assoc)
1573 1329 {
1574 1330 uint16_t remote = FIRST_16(ports);
1575 1331 uint16_t local = NEXT_16(ports);
1576 1332 ipsa_t *outbound_peer;
1577 1333 isaf_t *bucket;
1578 1334 ipsecesp_stack_t *espstack = assoc->ipsa_netstack->netstack_ipsecesp;
1579 1335
1580 1336 /* We found a conn_t, therefore local != 0. */
1581 1337 ASSERT(local != 0);
1582 1338 /* Assume an IPv4 SA. */
1583 1339 ASSERT(assoc->ipsa_addrfam == AF_INET);
1584 1340
1585 1341 /*
1586 1342 * On-the-wire rport == 0 means something's very wrong.
1587 1343 * An unpaired SA is also useless to us.
1588 1344 * If we are behind the NAT, don't bother.
1589 1345 * A zero local NAT port defaults to 4500, so check that too.
1590 1346 * And, of course, if the ports already match, we don't need to
1591 1347 * bother.
1592 1348 */
1593 1349 if (remote == 0 || assoc->ipsa_otherspi == 0 ||
1594 1350 (assoc->ipsa_flags & IPSA_F_BEHIND_NAT) ||
1595 1351 (assoc->ipsa_remote_nat_port == 0 &&
1596 1352 remote == htons(IPPORT_IKE_NATT)) ||
1597 1353 remote == assoc->ipsa_remote_nat_port)
1598 1354 return;
1599 1355
1600 1356 /* Try and snag the peer. NOTE: Assume IPv4 for now. */
1601 1357 bucket = OUTBOUND_BUCKET_V4(&(espstack->esp_sadb.s_v4),
1602 1358 assoc->ipsa_srcaddr[0]);
1603 1359 mutex_enter(&bucket->isaf_lock);
1604 1360 outbound_peer = ipsec_getassocbyspi(bucket, assoc->ipsa_otherspi,
1605 1361 assoc->ipsa_dstaddr, assoc->ipsa_srcaddr, AF_INET);
1606 1362 mutex_exit(&bucket->isaf_lock);
1607 1363
1608 1364 /* We probably lost a race to a deleting or expiring thread. */
1609 1365 if (outbound_peer == NULL)
1610 1366 return;
1611 1367
1612 1368 /*
1613 1369 * Hold the mutexes for both SAs so we don't race another inbound
1614 1370 * thread. A lock-entry order shouldn't matter, since all other
1615 1371 * per-ipsa locks are individually held-then-released.
1616 1372 *
1617 1373 * Luckily, this has nothing to do with the remote-NAT address,
1618 1374 * so we don't have to re-scribble the cached-checksum differential.
1619 1375 */
1620 1376 mutex_enter(&outbound_peer->ipsa_lock);
1621 1377 mutex_enter(&assoc->ipsa_lock);
1622 1378 outbound_peer->ipsa_remote_nat_port = assoc->ipsa_remote_nat_port =
1623 1379 remote;
1624 1380 mutex_exit(&assoc->ipsa_lock);
1625 1381 mutex_exit(&outbound_peer->ipsa_lock);
1626 1382 IPSA_REFRELE(outbound_peer);
1627 1383 ESP_BUMP_STAT(espstack, sa_port_renumbers);
1628 1384 }
1629 1385 /*
1630 1386 * Finish processing of an inbound ESP packet after processing by the
1631 1387 * crypto framework.
1632 1388 * - Remove the ESP header.
1633 1389 * - Send packet back to IP.
1634 1390 * If authentication was performed on the packet, this function is called
1635 1391 * only if the authentication succeeded.
1636 1392 * On success returns B_TRUE, on failure returns B_FALSE and frees the
1637 1393 * mblk chain data_mp.
1638 1394 */
1639 1395 static mblk_t *
1640 1396 esp_in_done(mblk_t *data_mp, ip_recv_attr_t *ira, ipsec_crypto_t *ic)
1641 1397 {
1642 1398 ipsa_t *assoc;
1643 1399 uint_t espstart;
1644 1400 uint32_t ivlen = 0;
1645 1401 uint_t processed_len;
1646 1402 esph_t *esph;
1647 1403 kstat_named_t *counter;
1648 1404 boolean_t is_natt;
1649 1405 netstack_t *ns = ira->ira_ill->ill_ipst->ips_netstack;
1650 1406 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
1651 1407 ipsec_stack_t *ipss = ns->netstack_ipsec;
1652 1408
1653 1409 assoc = ira->ira_ipsec_esp_sa;
1654 1410 ASSERT(assoc != NULL);
1655 1411
1656 1412 is_natt = ((assoc->ipsa_flags & IPSA_F_NATT) != 0);
1657 1413
1658 1414 /* get the pointer to the ESP header */
1659 1415 if (assoc->ipsa_encr_alg == SADB_EALG_NULL) {
1660 1416 /* authentication-only ESP */
1661 1417 espstart = ic->ic_crypto_data.cd_offset;
1662 1418 processed_len = ic->ic_crypto_data.cd_length;
1663 1419 } else {
1664 1420 /* encryption present */
1665 1421 ivlen = assoc->ipsa_iv_len;
1666 1422 if (assoc->ipsa_auth_alg == SADB_AALG_NONE) {
1667 1423 /* encryption-only ESP */
1668 1424 espstart = ic->ic_crypto_data.cd_offset -
1669 1425 sizeof (esph_t) - assoc->ipsa_iv_len;
1670 1426 processed_len = ic->ic_crypto_data.cd_length +
1671 1427 ivlen;
1672 1428 } else {
1673 1429 /* encryption with authentication */
1674 1430 espstart = ic->ic_crypto_dual_data.dd_offset1;
1675 1431 processed_len = ic->ic_crypto_dual_data.dd_len2 +
1676 1432 ivlen;
1677 1433 }
1678 1434 }
1679 1435
1680 1436 esph = (esph_t *)(data_mp->b_rptr + espstart);
1681 1437
1682 1438 if (assoc->ipsa_auth_alg != IPSA_AALG_NONE ||
1683 1439 (assoc->ipsa_flags & IPSA_F_COMBINED)) {
1684 1440 /*
1685 1441 * Authentication passed if we reach this point.
1686 1442 * Packets with authentication will have the ICV
1687 1443 * after the crypto data. Adjust b_wptr before
1688 1444 * making padlen checks.
1689 1445 */
1690 1446 ESP_BUMP_STAT(espstack, good_auth);
1691 1447 data_mp->b_wptr -= assoc->ipsa_mac_len;
1692 1448
1693 1449 /*
1694 1450 * Check replay window here!
1695 1451 * For right now, assume keysock will set the replay window
1696 1452 * size to zero for SAs that have an unspecified sender.
1697 1453 * This may change...
1698 1454 */
1699 1455
1700 1456 if (!sadb_replay_check(assoc, esph->esph_replay)) {
1701 1457 /*
1702 1458 * Log the event. As of now we print out an event.
1703 1459 * Do not print the replay failure number, or else
1704 1460 * syslog cannot collate the error messages. Printing
1705 1461 * the replay number that failed opens a denial-of-
1706 1462 * service attack.
1707 1463 */
1708 1464 ipsec_assocfailure(info.mi_idnum, 0, 0,
1709 1465 SL_ERROR | SL_WARN,
1710 1466 "Replay failed for ESP spi 0x%x, dst %s.\n",
1711 1467 assoc->ipsa_spi, assoc->ipsa_dstaddr,
1712 1468 assoc->ipsa_addrfam, espstack->ipsecesp_netstack);
1713 1469 ESP_BUMP_STAT(espstack, replay_failures);
1714 1470 counter = DROPPER(ipss, ipds_esp_replay);
1715 1471 goto drop_and_bail;
1716 1472 }
1717 1473
1718 1474 if (is_natt) {
1719 1475 ASSERT(ira->ira_flags & IRAF_ESP_UDP_PORTS);
1720 1476 ASSERT(ira->ira_esp_udp_ports != 0);
1721 1477 esp_port_freshness(ira->ira_esp_udp_ports, assoc);
1722 1478 }
1723 1479 }
1724 1480
1725 1481 esp_set_usetime(assoc, B_TRUE);
1726 1482
1727 1483 if (!esp_age_bytes(assoc, processed_len, B_TRUE)) {
1728 1484 /* The ipsa has hit hard expiration, LOG and AUDIT. */
1729 1485 ipsec_assocfailure(info.mi_idnum, 0, 0,
1730 1486 SL_ERROR | SL_WARN,
1731 1487 "ESP association 0x%x, dst %s had bytes expire.\n",
1732 1488 assoc->ipsa_spi, assoc->ipsa_dstaddr, assoc->ipsa_addrfam,
1733 1489 espstack->ipsecesp_netstack);
1734 1490 ESP_BUMP_STAT(espstack, bytes_expired);
1735 1491 counter = DROPPER(ipss, ipds_esp_bytes_expire);
1736 1492 goto drop_and_bail;
1737 1493 }
1738 1494
1739 1495 /*
1740 1496 * Remove ESP header and padding from packet. I hope the compiler
1741 1497 * spews "branch, predict taken" code for this.
1742 1498 */
1743 1499
1744 1500 if (esp_strip_header(data_mp, (ira->ira_flags & IRAF_IS_IPV4),
1745 1501 ivlen, &counter, espstack)) {
1746 1502
1747 1503 if (is_system_labeled() && assoc->ipsa_tsl != NULL) {
1748 1504 if (!ip_recv_attr_replace_label(ira, assoc->ipsa_tsl)) {
1749 1505 ip_drop_packet(data_mp, B_TRUE, ira->ira_ill,
1750 1506 DROPPER(ipss, ipds_ah_nomem),
1751 1507 &espstack->esp_dropper);
1752 1508 BUMP_MIB(ira->ira_ill->ill_ip_mib,
1753 1509 ipIfStatsInDiscards);
1754 1510 return (NULL);
1755 1511 }
1756 1512 }
1757 1513 if (is_natt)
1758 1514 return (esp_fix_natt_checksums(data_mp, assoc));
1759 1515
1760 1516 if (assoc->ipsa_state == IPSA_STATE_IDLE) {
1761 1517 /*
1762 1518 * Cluster buffering case. Tell caller that we're
1763 1519 * handling the packet.
1764 1520 */
1765 1521 sadb_buf_pkt(assoc, data_mp, ira);
1766 1522 return (NULL);
1767 1523 }
1768 1524
1769 1525 return (data_mp);
1770 1526 }
1771 1527
1772 1528 esp1dbg(espstack, ("esp_in_done: esp_strip_header() failed\n"));
1773 1529 drop_and_bail:
1774 1530 IP_ESP_BUMP_STAT(ipss, in_discards);
1775 1531 ip_drop_packet(data_mp, B_TRUE, ira->ira_ill, counter,
1776 1532 &espstack->esp_dropper);
1777 1533 BUMP_MIB(ira->ira_ill->ill_ip_mib, ipIfStatsInDiscards);
1778 1534 return (NULL);
1779 1535 }
1780 1536
1781 1537 /*
1782 1538 * Called upon failing the inbound ICV check. The message passed as
1783 1539 * argument is freed.
1784 1540 */
1785 1541 static void
1786 1542 esp_log_bad_auth(mblk_t *mp, ip_recv_attr_t *ira)
1787 1543 {
1788 1544 ipsa_t *assoc = ira->ira_ipsec_esp_sa;
1789 1545 netstack_t *ns = ira->ira_ill->ill_ipst->ips_netstack;
1790 1546 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
1791 1547 ipsec_stack_t *ipss = ns->netstack_ipsec;
1792 1548
1793 1549 /*
1794 1550 * Log the event. Don't print to the console, block
1795 1551 * potential denial-of-service attack.
1796 1552 */
1797 1553 ESP_BUMP_STAT(espstack, bad_auth);
1798 1554
1799 1555 ipsec_assocfailure(info.mi_idnum, 0, 0, SL_ERROR | SL_WARN,
1800 1556 "ESP Authentication failed for spi 0x%x, dst %s.\n",
1801 1557 assoc->ipsa_spi, assoc->ipsa_dstaddr, assoc->ipsa_addrfam,
1802 1558 espstack->ipsecesp_netstack);
1803 1559
|
↓ open down ↓ |
437 lines elided |
↑ open up ↑ |
1804 1560 IP_ESP_BUMP_STAT(ipss, in_discards);
1805 1561 ip_drop_packet(mp, B_TRUE, ira->ira_ill,
1806 1562 DROPPER(ipss, ipds_esp_bad_auth),
1807 1563 &espstack->esp_dropper);
1808 1564 }
1809 1565
1810 1566
1811 1567 /*
1812 1568 * Invoked for outbound packets after ESP processing. If the packet
1813 1569 * also requires AH, performs the AH SA selection and AH processing.
1814 - * Returns B_TRUE if the AH processing was not needed or if it was
1815 - * performed successfully. Returns B_FALSE and consumes the passed mblk
1816 - * if AH processing was required but could not be performed.
1817 1570 *
1818 - * Returns data_mp unless data_mp was consumed/queued.
1571 + * Returns data_mp (possibly with AH added) unless data_mp was consumed
1572 + * due to an error, or queued due to async. crypto or an ACQUIRE trigger.
1819 1573 */
1820 1574 static mblk_t *
1821 1575 esp_do_outbound_ah(mblk_t *data_mp, ip_xmit_attr_t *ixa)
1822 1576 {
1823 1577 ipsec_action_t *ap;
1824 1578
1825 1579 ap = ixa->ixa_ipsec_action;
1826 1580 if (ap == NULL) {
1827 1581 ipsec_policy_t *pp = ixa->ixa_ipsec_policy;
1828 1582 ap = pp->ipsp_act;
1829 1583 }
1830 1584
1831 1585 if (!ap->ipa_want_ah)
1832 1586 return (data_mp);
1833 1587
1834 1588 /*
1835 1589 * Normally the AH SA would have already been put in place
1836 1590 * but it could have been flushed so we need to look for it.
1837 1591 */
1838 1592 if (ixa->ixa_ipsec_ah_sa == NULL) {
1839 1593 if (!ipsec_outbound_sa(data_mp, ixa, IPPROTO_AH)) {
1840 1594 sadb_acquire(data_mp, ixa, B_TRUE, B_FALSE);
1841 1595 return (NULL);
1842 1596 }
1843 1597 }
1844 1598 ASSERT(ixa->ixa_ipsec_ah_sa != NULL);
1845 1599
1846 1600 data_mp = ixa->ixa_ipsec_ah_sa->ipsa_output_func(data_mp, ixa);
1847 1601 return (data_mp);
1848 1602 }
1849 1603
1850 1604
1851 1605 /*
1852 1606 * Kernel crypto framework callback invoked after completion of async
1853 1607 * crypto requests for outbound packets.
1854 1608 */
1855 1609 static void
1856 1610 esp_kcf_callback_outbound(void *arg, int status)
1857 1611 {
1858 1612 mblk_t *mp = (mblk_t *)arg;
1859 1613 mblk_t *async_mp;
1860 1614 netstack_t *ns;
1861 1615 ipsec_stack_t *ipss;
1862 1616 ipsecesp_stack_t *espstack;
1863 1617 mblk_t *data_mp;
1864 1618 ip_xmit_attr_t ixas;
1865 1619 ipsec_crypto_t *ic;
1866 1620 ill_t *ill;
1867 1621
1868 1622 /*
1869 1623 * First remove the ipsec_crypto_t mblk
1870 1624 * Note that we need to ipsec_free_crypto_data(mp) once done with ic.
1871 1625 */
1872 1626 async_mp = ipsec_remove_crypto_data(mp, &ic);
1873 1627 ASSERT(async_mp != NULL);
1874 1628
1875 1629 /*
1876 1630 * Extract the ip_xmit_attr_t from the first mblk.
1877 1631 * Verifies that the netstack and ill is still around; could
1878 1632 * have vanished while kEf was doing its work.
1879 1633 * On succesful return we have a nce_t and the ill/ipst can't
1880 1634 * disappear until we do the nce_refrele in ixa_cleanup.
1881 1635 */
1882 1636 data_mp = async_mp->b_cont;
1883 1637 async_mp->b_cont = NULL;
1884 1638 if (!ip_xmit_attr_from_mblk(async_mp, &ixas)) {
1885 1639 /* Disappeared on us - no ill/ipst for MIB */
1886 1640 /* We have nowhere to do stats since ixa_ipst could be NULL */
1887 1641 if (ixas.ixa_nce != NULL) {
1888 1642 ill = ixas.ixa_nce->nce_ill;
1889 1643 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards);
1890 1644 ip_drop_output("ipIfStatsOutDiscards", data_mp, ill);
1891 1645 }
1892 1646 freemsg(data_mp);
1893 1647 goto done;
1894 1648 }
1895 1649 ns = ixas.ixa_ipst->ips_netstack;
1896 1650 espstack = ns->netstack_ipsecesp;
1897 1651 ipss = ns->netstack_ipsec;
1898 1652 ill = ixas.ixa_nce->nce_ill;
1899 1653
1900 1654 if (status == CRYPTO_SUCCESS) {
1901 1655 /*
1902 1656 * If a ICV was computed, it was stored by the
1903 1657 * crypto framework at the end of the packet.
1904 1658 */
1905 1659 ipha_t *ipha = (ipha_t *)data_mp->b_rptr;
1906 1660
1907 1661 esp_set_usetime(ixas.ixa_ipsec_esp_sa, B_FALSE);
1908 1662 /* NAT-T packet. */
1909 1663 if (IPH_HDR_VERSION(ipha) == IP_VERSION &&
1910 1664 ipha->ipha_protocol == IPPROTO_UDP)
1911 1665 esp_prepare_udp(ns, data_mp, ipha);
1912 1666
1913 1667 /* do AH processing if needed */
1914 1668 data_mp = esp_do_outbound_ah(data_mp, &ixas);
1915 1669 if (data_mp == NULL)
1916 1670 goto done;
1917 1671
1918 1672 (void) ip_output_post_ipsec(data_mp, &ixas);
1919 1673 } else {
1920 1674 /* Outbound shouldn't see invalid MAC */
1921 1675 ASSERT(status != CRYPTO_INVALID_MAC);
1922 1676
1923 1677 esp1dbg(espstack,
1924 1678 ("esp_kcf_callback_outbound: crypto failed with 0x%x\n",
1925 1679 status));
1926 1680 ESP_BUMP_STAT(espstack, crypto_failures);
1927 1681 ESP_BUMP_STAT(espstack, out_discards);
1928 1682 ip_drop_packet(data_mp, B_FALSE, ill,
1929 1683 DROPPER(ipss, ipds_esp_crypto_failed),
1930 1684 &espstack->esp_dropper);
1931 1685 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards);
1932 1686 }
1933 1687 done:
1934 1688 ixa_cleanup(&ixas);
1935 1689 (void) ipsec_free_crypto_data(mp);
1936 1690 }
1937 1691
1938 1692 /*
1939 1693 * Kernel crypto framework callback invoked after completion of async
1940 1694 * crypto requests for inbound packets.
1941 1695 */
1942 1696 static void
1943 1697 esp_kcf_callback_inbound(void *arg, int status)
1944 1698 {
1945 1699 mblk_t *mp = (mblk_t *)arg;
1946 1700 mblk_t *async_mp;
1947 1701 netstack_t *ns;
1948 1702 ipsecesp_stack_t *espstack;
1949 1703 ipsec_stack_t *ipss;
1950 1704 mblk_t *data_mp;
1951 1705 ip_recv_attr_t iras;
1952 1706 ipsec_crypto_t *ic;
1953 1707
1954 1708 /*
1955 1709 * First remove the ipsec_crypto_t mblk
1956 1710 * Note that we need to ipsec_free_crypto_data(mp) once done with ic.
1957 1711 */
1958 1712 async_mp = ipsec_remove_crypto_data(mp, &ic);
1959 1713 ASSERT(async_mp != NULL);
1960 1714
1961 1715 /*
1962 1716 * Extract the ip_recv_attr_t from the first mblk.
1963 1717 * Verifies that the netstack and ill is still around; could
1964 1718 * have vanished while kEf was doing its work.
1965 1719 */
1966 1720 data_mp = async_mp->b_cont;
1967 1721 async_mp->b_cont = NULL;
1968 1722 if (!ip_recv_attr_from_mblk(async_mp, &iras)) {
1969 1723 /* The ill or ip_stack_t disappeared on us */
1970 1724 ip_drop_input("ip_recv_attr_from_mblk", data_mp, NULL);
1971 1725 freemsg(data_mp);
1972 1726 goto done;
1973 1727 }
1974 1728
1975 1729 ns = iras.ira_ill->ill_ipst->ips_netstack;
1976 1730 espstack = ns->netstack_ipsecesp;
1977 1731 ipss = ns->netstack_ipsec;
1978 1732
1979 1733 if (status == CRYPTO_SUCCESS) {
1980 1734 data_mp = esp_in_done(data_mp, &iras, ic);
1981 1735 if (data_mp == NULL)
1982 1736 goto done;
1983 1737
1984 1738 /* finish IPsec processing */
1985 1739 ip_input_post_ipsec(data_mp, &iras);
1986 1740 } else if (status == CRYPTO_INVALID_MAC) {
1987 1741 esp_log_bad_auth(data_mp, &iras);
1988 1742 } else {
1989 1743 esp1dbg(espstack,
1990 1744 ("esp_kcf_callback: crypto failed with 0x%x\n",
1991 1745 status));
1992 1746 ESP_BUMP_STAT(espstack, crypto_failures);
1993 1747 IP_ESP_BUMP_STAT(ipss, in_discards);
1994 1748 ip_drop_packet(data_mp, B_TRUE, iras.ira_ill,
1995 1749 DROPPER(ipss, ipds_esp_crypto_failed),
1996 1750 &espstack->esp_dropper);
1997 1751 BUMP_MIB(iras.ira_ill->ill_ip_mib, ipIfStatsInDiscards);
1998 1752 }
1999 1753 done:
2000 1754 ira_cleanup(&iras, B_TRUE);
2001 1755 (void) ipsec_free_crypto_data(mp);
2002 1756 }
2003 1757
2004 1758 /*
2005 1759 * Invoked on crypto framework failure during inbound and outbound processing.
2006 1760 */
2007 1761 static void
2008 1762 esp_crypto_failed(mblk_t *data_mp, boolean_t is_inbound, int kef_rc,
2009 1763 ill_t *ill, ipsecesp_stack_t *espstack)
2010 1764 {
2011 1765 ipsec_stack_t *ipss = espstack->ipsecesp_netstack->netstack_ipsec;
2012 1766
2013 1767 esp1dbg(espstack, ("crypto failed for %s ESP with 0x%x\n",
2014 1768 is_inbound ? "inbound" : "outbound", kef_rc));
2015 1769 ip_drop_packet(data_mp, is_inbound, ill,
2016 1770 DROPPER(ipss, ipds_esp_crypto_failed),
2017 1771 &espstack->esp_dropper);
2018 1772 ESP_BUMP_STAT(espstack, crypto_failures);
2019 1773 if (is_inbound)
2020 1774 IP_ESP_BUMP_STAT(ipss, in_discards);
2021 1775 else
2022 1776 ESP_BUMP_STAT(espstack, out_discards);
2023 1777 }
2024 1778
2025 1779 /*
2026 1780 * A statement-equivalent macro, _cr MUST point to a modifiable
2027 1781 * crypto_call_req_t.
2028 1782 */
2029 1783 #define ESP_INIT_CALLREQ(_cr, _mp, _callback) \
2030 1784 (_cr)->cr_flag = CRYPTO_SKIP_REQID|CRYPTO_ALWAYS_QUEUE; \
2031 1785 (_cr)->cr_callback_arg = (_mp); \
2032 1786 (_cr)->cr_callback_func = (_callback)
2033 1787
2034 1788 #define ESP_INIT_CRYPTO_MAC(mac, icvlen, icvbuf) { \
2035 1789 (mac)->cd_format = CRYPTO_DATA_RAW; \
2036 1790 (mac)->cd_offset = 0; \
2037 1791 (mac)->cd_length = icvlen; \
2038 1792 (mac)->cd_raw.iov_base = (char *)icvbuf; \
2039 1793 (mac)->cd_raw.iov_len = icvlen; \
2040 1794 }
2041 1795
2042 1796 #define ESP_INIT_CRYPTO_DATA(data, mp, off, len) { \
2043 1797 if (MBLKL(mp) >= (len) + (off)) { \
2044 1798 (data)->cd_format = CRYPTO_DATA_RAW; \
2045 1799 (data)->cd_raw.iov_base = (char *)(mp)->b_rptr; \
2046 1800 (data)->cd_raw.iov_len = MBLKL(mp); \
2047 1801 (data)->cd_offset = off; \
2048 1802 } else { \
2049 1803 (data)->cd_format = CRYPTO_DATA_MBLK; \
2050 1804 (data)->cd_mp = mp; \
2051 1805 (data)->cd_offset = off; \
2052 1806 } \
2053 1807 (data)->cd_length = len; \
2054 1808 }
2055 1809
2056 1810 #define ESP_INIT_CRYPTO_DUAL_DATA(data, mp, off1, len1, off2, len2) { \
2057 1811 (data)->dd_format = CRYPTO_DATA_MBLK; \
2058 1812 (data)->dd_mp = mp; \
2059 1813 (data)->dd_len1 = len1; \
2060 1814 (data)->dd_offset1 = off1; \
2061 1815 (data)->dd_len2 = len2; \
2062 1816 (data)->dd_offset2 = off2; \
2063 1817 }
2064 1818
2065 1819 /*
2066 1820 * Returns data_mp if successfully completed the request. Returns
2067 1821 * NULL if it failed (and increments InDiscards) or if it is pending.
2068 1822 */
2069 1823 static mblk_t *
2070 1824 esp_submit_req_inbound(mblk_t *esp_mp, ip_recv_attr_t *ira,
2071 1825 ipsa_t *assoc, uint_t esph_offset)
2072 1826 {
2073 1827 uint_t auth_offset, msg_len, auth_len;
2074 1828 crypto_call_req_t call_req, *callrp;
2075 1829 mblk_t *mp;
2076 1830 esph_t *esph_ptr;
2077 1831 int kef_rc;
2078 1832 uint_t icv_len = assoc->ipsa_mac_len;
2079 1833 crypto_ctx_template_t auth_ctx_tmpl;
2080 1834 boolean_t do_auth, do_encr, force;
2081 1835 uint_t encr_offset, encr_len;
2082 1836 uint_t iv_len = assoc->ipsa_iv_len;
2083 1837 crypto_ctx_template_t encr_ctx_tmpl;
2084 1838 ipsec_crypto_t *ic, icstack;
2085 1839 uchar_t *iv_ptr;
2086 1840 netstack_t *ns = ira->ira_ill->ill_ipst->ips_netstack;
2087 1841 ipsec_stack_t *ipss = ns->netstack_ipsec;
2088 1842 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
2089 1843
2090 1844 do_auth = assoc->ipsa_auth_alg != SADB_AALG_NONE;
2091 1845 do_encr = assoc->ipsa_encr_alg != SADB_EALG_NULL;
2092 1846 force = (assoc->ipsa_flags & IPSA_F_ASYNC);
2093 1847
2094 1848 #ifdef IPSEC_LATENCY_TEST
2095 1849 kef_rc = CRYPTO_SUCCESS;
2096 1850 #else
2097 1851 kef_rc = CRYPTO_FAILED;
2098 1852 #endif
2099 1853
2100 1854 /*
2101 1855 * An inbound packet is of the form:
2102 1856 * [IP,options,ESP,IV,data,ICV,pad]
2103 1857 */
2104 1858 esph_ptr = (esph_t *)(esp_mp->b_rptr + esph_offset);
2105 1859 iv_ptr = (uchar_t *)(esph_ptr + 1);
2106 1860 /* Packet length starting at IP header ending after ESP ICV. */
2107 1861 msg_len = MBLKL(esp_mp);
2108 1862
2109 1863 encr_offset = esph_offset + sizeof (esph_t) + iv_len;
2110 1864 encr_len = msg_len - encr_offset;
2111 1865
2112 1866 /*
2113 1867 * Counter mode algs need a nonce. This is setup in sadb_common_add().
2114 1868 * If for some reason we are using a SA which does not have a nonce
2115 1869 * then we must fail here.
2116 1870 */
2117 1871 if ((assoc->ipsa_flags & IPSA_F_COUNTERMODE) &&
2118 1872 (assoc->ipsa_nonce == NULL)) {
2119 1873 ip_drop_packet(esp_mp, B_TRUE, ira->ira_ill,
2120 1874 DROPPER(ipss, ipds_esp_nomem), &espstack->esp_dropper);
2121 1875 return (NULL);
2122 1876 }
2123 1877
2124 1878 if (force) {
2125 1879 /* We are doing asynch; allocate mblks to hold state */
2126 1880 if ((mp = ip_recv_attr_to_mblk(ira)) == NULL ||
2127 1881 (mp = ipsec_add_crypto_data(mp, &ic)) == NULL) {
2128 1882 BUMP_MIB(ira->ira_ill->ill_ip_mib, ipIfStatsInDiscards);
2129 1883 ip_drop_input("ipIfStatsInDiscards", esp_mp,
2130 1884 ira->ira_ill);
2131 1885 return (NULL);
2132 1886 }
2133 1887 linkb(mp, esp_mp);
2134 1888 callrp = &call_req;
2135 1889 ESP_INIT_CALLREQ(callrp, mp, esp_kcf_callback_inbound);
2136 1890 } else {
2137 1891 /*
2138 1892 * If we know we are going to do sync then ipsec_crypto_t
2139 1893 * should be on the stack.
2140 1894 */
2141 1895 ic = &icstack;
2142 1896 bzero(ic, sizeof (*ic));
2143 1897 callrp = NULL;
2144 1898 }
2145 1899
2146 1900 if (do_auth) {
2147 1901 /* authentication context template */
2148 1902 IPSEC_CTX_TMPL(assoc, ipsa_authtmpl, IPSEC_ALG_AUTH,
2149 1903 auth_ctx_tmpl);
2150 1904
2151 1905 /* ICV to be verified */
2152 1906 ESP_INIT_CRYPTO_MAC(&ic->ic_crypto_mac,
2153 1907 icv_len, esp_mp->b_wptr - icv_len);
2154 1908
2155 1909 /* authentication starts at the ESP header */
2156 1910 auth_offset = esph_offset;
2157 1911 auth_len = msg_len - auth_offset - icv_len;
2158 1912 if (!do_encr) {
2159 1913 /* authentication only */
2160 1914 /* initialize input data argument */
2161 1915 ESP_INIT_CRYPTO_DATA(&ic->ic_crypto_data,
2162 1916 esp_mp, auth_offset, auth_len);
2163 1917
2164 1918 /* call the crypto framework */
2165 1919 kef_rc = crypto_mac_verify(&assoc->ipsa_amech,
2166 1920 &ic->ic_crypto_data,
2167 1921 &assoc->ipsa_kcfauthkey, auth_ctx_tmpl,
2168 1922 &ic->ic_crypto_mac, callrp);
2169 1923 }
2170 1924 }
2171 1925
2172 1926 if (do_encr) {
2173 1927 /* encryption template */
2174 1928 IPSEC_CTX_TMPL(assoc, ipsa_encrtmpl, IPSEC_ALG_ENCR,
2175 1929 encr_ctx_tmpl);
2176 1930
2177 1931 /* Call the nonce update function. Also passes in IV */
2178 1932 (assoc->ipsa_noncefunc)(assoc, (uchar_t *)esph_ptr, encr_len,
2179 1933 iv_ptr, &ic->ic_cmm, &ic->ic_crypto_data);
2180 1934
2181 1935 if (!do_auth) {
2182 1936 /* decryption only */
2183 1937 /* initialize input data argument */
2184 1938 ESP_INIT_CRYPTO_DATA(&ic->ic_crypto_data,
2185 1939 esp_mp, encr_offset, encr_len);
2186 1940
2187 1941 /* call the crypto framework */
2188 1942 kef_rc = crypto_decrypt((crypto_mechanism_t *)
2189 1943 &ic->ic_cmm, &ic->ic_crypto_data,
2190 1944 &assoc->ipsa_kcfencrkey, encr_ctx_tmpl,
2191 1945 NULL, callrp);
2192 1946 }
2193 1947 }
2194 1948
2195 1949 if (do_auth && do_encr) {
2196 1950 /* dual operation */
2197 1951 /* initialize input data argument */
2198 1952 ESP_INIT_CRYPTO_DUAL_DATA(&ic->ic_crypto_dual_data,
2199 1953 esp_mp, auth_offset, auth_len,
2200 1954 encr_offset, encr_len - icv_len);
2201 1955
2202 1956 /* specify IV */
2203 1957 ic->ic_crypto_dual_data.dd_miscdata = (char *)iv_ptr;
2204 1958
2205 1959 /* call the framework */
2206 1960 kef_rc = crypto_mac_verify_decrypt(&assoc->ipsa_amech,
2207 1961 &assoc->ipsa_emech, &ic->ic_crypto_dual_data,
2208 1962 &assoc->ipsa_kcfauthkey, &assoc->ipsa_kcfencrkey,
2209 1963 auth_ctx_tmpl, encr_ctx_tmpl, &ic->ic_crypto_mac,
2210 1964 NULL, callrp);
2211 1965 }
2212 1966
2213 1967 switch (kef_rc) {
2214 1968 case CRYPTO_SUCCESS:
2215 1969 ESP_BUMP_STAT(espstack, crypto_sync);
2216 1970 esp_mp = esp_in_done(esp_mp, ira, ic);
2217 1971 if (force) {
2218 1972 /* Free mp after we are done with ic */
2219 1973 mp = ipsec_free_crypto_data(mp);
2220 1974 (void) ip_recv_attr_free_mblk(mp);
2221 1975 }
2222 1976 return (esp_mp);
2223 1977 case CRYPTO_QUEUED:
2224 1978 /* esp_kcf_callback_inbound() will be invoked on completion */
2225 1979 ESP_BUMP_STAT(espstack, crypto_async);
2226 1980 return (NULL);
2227 1981 case CRYPTO_INVALID_MAC:
2228 1982 if (force) {
2229 1983 mp = ipsec_free_crypto_data(mp);
2230 1984 esp_mp = ip_recv_attr_free_mblk(mp);
2231 1985 }
2232 1986 ESP_BUMP_STAT(espstack, crypto_sync);
2233 1987 BUMP_MIB(ira->ira_ill->ill_ip_mib, ipIfStatsInDiscards);
2234 1988 esp_log_bad_auth(esp_mp, ira);
2235 1989 /* esp_mp was passed to ip_drop_packet */
2236 1990 return (NULL);
2237 1991 }
2238 1992
2239 1993 if (force) {
2240 1994 mp = ipsec_free_crypto_data(mp);
2241 1995 esp_mp = ip_recv_attr_free_mblk(mp);
2242 1996 }
2243 1997 BUMP_MIB(ira->ira_ill->ill_ip_mib, ipIfStatsInDiscards);
2244 1998 esp_crypto_failed(esp_mp, B_TRUE, kef_rc, ira->ira_ill, espstack);
2245 1999 /* esp_mp was passed to ip_drop_packet */
2246 2000 return (NULL);
2247 2001 }
2248 2002
2249 2003 /*
2250 2004 * Compute the IP and UDP checksums -- common code for both keepalives and
2251 2005 * actual ESP-in-UDP packets. Be flexible with multiple mblks because ESP
2252 2006 * uses mblk-insertion to insert the UDP header.
2253 2007 * TODO - If there is an easy way to prep a packet for HW checksums, make
2254 2008 * it happen here.
2255 2009 * Note that this is used before both before calling ip_output_simple and
2256 2010 * in the esp datapath. The former could use IXAF_SET_ULP_CKSUM but not the
2257 2011 * latter.
2258 2012 */
2259 2013 static void
2260 2014 esp_prepare_udp(netstack_t *ns, mblk_t *mp, ipha_t *ipha)
2261 2015 {
2262 2016 int offset;
2263 2017 uint32_t cksum;
2264 2018 uint16_t *arr;
2265 2019 mblk_t *udpmp = mp;
2266 2020 uint_t hlen = IPH_HDR_LENGTH(ipha);
2267 2021
2268 2022 ASSERT(MBLKL(mp) >= sizeof (ipha_t));
2269 2023
2270 2024 ipha->ipha_hdr_checksum = 0;
2271 2025 ipha->ipha_hdr_checksum = ip_csum_hdr(ipha);
2272 2026
2273 2027 if (ns->netstack_udp->us_do_checksum) {
2274 2028 ASSERT(MBLKL(udpmp) >= sizeof (udpha_t));
2275 2029 /* arr points to the IP header. */
2276 2030 arr = (uint16_t *)ipha;
2277 2031 IP_STAT(ns->netstack_ip, ip_out_sw_cksum);
2278 2032 IP_STAT_UPDATE(ns->netstack_ip, ip_out_sw_cksum_bytes,
2279 2033 ntohs(htons(ipha->ipha_length) - hlen));
2280 2034 /* arr[6-9] are the IP addresses. */
2281 2035 cksum = IP_UDP_CSUM_COMP + arr[6] + arr[7] + arr[8] + arr[9] +
2282 2036 ntohs(htons(ipha->ipha_length) - hlen);
2283 2037 cksum = IP_CSUM(mp, hlen, cksum);
2284 2038 offset = hlen + UDP_CHECKSUM_OFFSET;
2285 2039 while (offset >= MBLKL(udpmp)) {
2286 2040 offset -= MBLKL(udpmp);
2287 2041 udpmp = udpmp->b_cont;
2288 2042 }
2289 2043 /* arr points to the UDP header's checksum field. */
2290 2044 arr = (uint16_t *)(udpmp->b_rptr + offset);
2291 2045 *arr = cksum;
2292 2046 }
2293 2047 }
2294 2048
2295 2049 /*
2296 2050 * taskq handler so we can send the NAT-T keepalive on a separate thread.
2297 2051 */
2298 2052 static void
2299 2053 actually_send_keepalive(void *arg)
2300 2054 {
2301 2055 mblk_t *mp = (mblk_t *)arg;
2302 2056 ip_xmit_attr_t ixas;
2303 2057 netstack_t *ns;
2304 2058 netstackid_t stackid;
2305 2059
2306 2060 stackid = (netstackid_t)(uintptr_t)mp->b_prev;
2307 2061 mp->b_prev = NULL;
2308 2062 ns = netstack_find_by_stackid(stackid);
2309 2063 if (ns == NULL) {
2310 2064 /* Disappeared */
2311 2065 ip_drop_output("ipIfStatsOutDiscards", mp, NULL);
2312 2066 freemsg(mp);
2313 2067 return;
2314 2068 }
2315 2069
2316 2070 bzero(&ixas, sizeof (ixas));
2317 2071 ixas.ixa_zoneid = ALL_ZONES;
2318 2072 ixas.ixa_cred = kcred;
2319 2073 ixas.ixa_cpid = NOPID;
2320 2074 ixas.ixa_tsl = NULL;
2321 2075 ixas.ixa_ipst = ns->netstack_ip;
2322 2076 /* No ULP checksum; done by esp_prepare_udp */
2323 2077 ixas.ixa_flags = (IXAF_IS_IPV4 | IXAF_NO_IPSEC | IXAF_VERIFY_SOURCE);
2324 2078
2325 2079 (void) ip_output_simple(mp, &ixas);
2326 2080 ixa_cleanup(&ixas);
2327 2081 netstack_rele(ns);
2328 2082 }
2329 2083
2330 2084 /*
2331 2085 * Send a one-byte UDP NAT-T keepalive.
2332 2086 */
2333 2087 void
2334 2088 ipsecesp_send_keepalive(ipsa_t *assoc)
2335 2089 {
2336 2090 mblk_t *mp;
2337 2091 ipha_t *ipha;
2338 2092 udpha_t *udpha;
2339 2093 netstack_t *ns = assoc->ipsa_netstack;
2340 2094
2341 2095 ASSERT(MUTEX_NOT_HELD(&assoc->ipsa_lock));
2342 2096
2343 2097 mp = allocb(sizeof (ipha_t) + sizeof (udpha_t) + 1, BPRI_HI);
2344 2098 if (mp == NULL)
2345 2099 return;
2346 2100 ipha = (ipha_t *)mp->b_rptr;
2347 2101 ipha->ipha_version_and_hdr_length = IP_SIMPLE_HDR_VERSION;
2348 2102 ipha->ipha_type_of_service = 0;
2349 2103 ipha->ipha_length = htons(sizeof (ipha_t) + sizeof (udpha_t) + 1);
2350 2104 /* Use the low-16 of the SPI so we have some clue where it came from. */
2351 2105 ipha->ipha_ident = *(((uint16_t *)(&assoc->ipsa_spi)) + 1);
2352 2106 ipha->ipha_fragment_offset_and_flags = 0; /* Too small to fragment! */
2353 2107 ipha->ipha_ttl = 0xFF;
2354 2108 ipha->ipha_protocol = IPPROTO_UDP;
2355 2109 ipha->ipha_hdr_checksum = 0;
2356 2110 ipha->ipha_src = assoc->ipsa_srcaddr[0];
2357 2111 ipha->ipha_dst = assoc->ipsa_dstaddr[0];
2358 2112 udpha = (udpha_t *)(ipha + 1);
2359 2113 udpha->uha_src_port = (assoc->ipsa_local_nat_port != 0) ?
2360 2114 assoc->ipsa_local_nat_port : htons(IPPORT_IKE_NATT);
2361 2115 udpha->uha_dst_port = (assoc->ipsa_remote_nat_port != 0) ?
2362 2116 assoc->ipsa_remote_nat_port : htons(IPPORT_IKE_NATT);
2363 2117 udpha->uha_length = htons(sizeof (udpha_t) + 1);
2364 2118 udpha->uha_checksum = 0;
2365 2119 mp->b_wptr = (uint8_t *)(udpha + 1);
2366 2120 *(mp->b_wptr++) = 0xFF;
2367 2121
2368 2122 esp_prepare_udp(ns, mp, ipha);
2369 2123
2370 2124 /*
2371 2125 * We're holding an isaf_t bucket lock, so pawn off the actual
2372 2126 * packet transmission to another thread. Just in case syncq
2373 2127 * processing causes a same-bucket packet to be processed.
2374 2128 */
2375 2129 mp->b_prev = (mblk_t *)(uintptr_t)ns->netstack_stackid;
2376 2130
2377 2131 if (taskq_dispatch(esp_taskq, actually_send_keepalive, mp,
2378 2132 TQ_NOSLEEP) == 0) {
2379 2133 /* Assume no memory if taskq_dispatch() fails. */
2380 2134 mp->b_prev = NULL;
2381 2135 ip_drop_packet(mp, B_FALSE, NULL,
2382 2136 DROPPER(ns->netstack_ipsec, ipds_esp_nomem),
2383 2137 &ns->netstack_ipsecesp->esp_dropper);
2384 2138 }
2385 2139 }
2386 2140
2387 2141 /*
2388 2142 * Returns mp if successfully completed the request. Returns
2389 2143 * NULL if it failed (and increments InDiscards) or if it is pending.
2390 2144 */
2391 2145 static mblk_t *
2392 2146 esp_submit_req_outbound(mblk_t *data_mp, ip_xmit_attr_t *ixa, ipsa_t *assoc,
2393 2147 uchar_t *icv_buf, uint_t payload_len)
2394 2148 {
2395 2149 uint_t auth_len;
2396 2150 crypto_call_req_t call_req, *callrp;
2397 2151 mblk_t *esp_mp;
2398 2152 esph_t *esph_ptr;
2399 2153 mblk_t *mp;
2400 2154 int kef_rc = CRYPTO_FAILED;
2401 2155 uint_t icv_len = assoc->ipsa_mac_len;
2402 2156 crypto_ctx_template_t auth_ctx_tmpl;
2403 2157 boolean_t do_auth, do_encr, force;
2404 2158 uint_t iv_len = assoc->ipsa_iv_len;
2405 2159 crypto_ctx_template_t encr_ctx_tmpl;
2406 2160 boolean_t is_natt = ((assoc->ipsa_flags & IPSA_F_NATT) != 0);
2407 2161 size_t esph_offset = (is_natt ? UDPH_SIZE : 0);
2408 2162 netstack_t *ns = ixa->ixa_ipst->ips_netstack;
2409 2163 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
2410 2164 ipsec_crypto_t *ic, icstack;
2411 2165 uchar_t *iv_ptr;
2412 2166 crypto_data_t *cd_ptr = NULL;
2413 2167 ill_t *ill = ixa->ixa_nce->nce_ill;
2414 2168 ipsec_stack_t *ipss = ns->netstack_ipsec;
2415 2169
2416 2170 esp3dbg(espstack, ("esp_submit_req_outbound:%s",
2417 2171 is_natt ? "natt" : "not natt"));
2418 2172
2419 2173 do_encr = assoc->ipsa_encr_alg != SADB_EALG_NULL;
2420 2174 do_auth = assoc->ipsa_auth_alg != SADB_AALG_NONE;
2421 2175 force = (assoc->ipsa_flags & IPSA_F_ASYNC);
2422 2176
2423 2177 #ifdef IPSEC_LATENCY_TEST
2424 2178 kef_rc = CRYPTO_SUCCESS;
2425 2179 #else
2426 2180 kef_rc = CRYPTO_FAILED;
2427 2181 #endif
2428 2182
2429 2183 /*
2430 2184 * Outbound IPsec packets are of the form:
2431 2185 * [IP,options] -> [ESP,IV] -> [data] -> [pad,ICV]
2432 2186 * unless it's NATT, then it's
2433 2187 * [IP,options] -> [udp][ESP,IV] -> [data] -> [pad,ICV]
2434 2188 * Get a pointer to the mblk containing the ESP header.
2435 2189 */
2436 2190 ASSERT(data_mp->b_cont != NULL);
2437 2191 esp_mp = data_mp->b_cont;
2438 2192 esph_ptr = (esph_t *)(esp_mp->b_rptr + esph_offset);
2439 2193 iv_ptr = (uchar_t *)(esph_ptr + 1);
2440 2194
2441 2195 /*
2442 2196 * Combined mode algs need a nonce. This is setup in sadb_common_add().
2443 2197 * If for some reason we are using a SA which does not have a nonce
2444 2198 * then we must fail here.
2445 2199 */
2446 2200 if ((assoc->ipsa_flags & IPSA_F_COUNTERMODE) &&
2447 2201 (assoc->ipsa_nonce == NULL)) {
2448 2202 ip_drop_packet(data_mp, B_FALSE, NULL,
2449 2203 DROPPER(ipss, ipds_esp_nomem), &espstack->esp_dropper);
2450 2204 return (NULL);
2451 2205 }
2452 2206
2453 2207 if (force) {
2454 2208 /* We are doing asynch; allocate mblks to hold state */
2455 2209 if ((mp = ip_xmit_attr_to_mblk(ixa)) == NULL ||
2456 2210 (mp = ipsec_add_crypto_data(mp, &ic)) == NULL) {
2457 2211 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards);
2458 2212 ip_drop_output("ipIfStatsOutDiscards", data_mp, ill);
2459 2213 freemsg(data_mp);
2460 2214 return (NULL);
2461 2215 }
2462 2216
2463 2217 linkb(mp, data_mp);
2464 2218 callrp = &call_req;
2465 2219 ESP_INIT_CALLREQ(callrp, mp, esp_kcf_callback_outbound);
2466 2220 } else {
2467 2221 /*
2468 2222 * If we know we are going to do sync then ipsec_crypto_t
2469 2223 * should be on the stack.
2470 2224 */
2471 2225 ic = &icstack;
2472 2226 bzero(ic, sizeof (*ic));
2473 2227 callrp = NULL;
2474 2228 }
2475 2229
2476 2230
2477 2231 if (do_auth) {
2478 2232 /* authentication context template */
2479 2233 IPSEC_CTX_TMPL(assoc, ipsa_authtmpl, IPSEC_ALG_AUTH,
2480 2234 auth_ctx_tmpl);
2481 2235
2482 2236 /* where to store the computed mac */
2483 2237 ESP_INIT_CRYPTO_MAC(&ic->ic_crypto_mac,
2484 2238 icv_len, icv_buf);
2485 2239
2486 2240 /* authentication starts at the ESP header */
2487 2241 auth_len = payload_len + iv_len + sizeof (esph_t);
2488 2242 if (!do_encr) {
2489 2243 /* authentication only */
2490 2244 /* initialize input data argument */
2491 2245 ESP_INIT_CRYPTO_DATA(&ic->ic_crypto_data,
2492 2246 esp_mp, esph_offset, auth_len);
2493 2247
2494 2248 /* call the crypto framework */
2495 2249 kef_rc = crypto_mac(&assoc->ipsa_amech,
2496 2250 &ic->ic_crypto_data,
2497 2251 &assoc->ipsa_kcfauthkey, auth_ctx_tmpl,
2498 2252 &ic->ic_crypto_mac, callrp);
2499 2253 }
2500 2254 }
2501 2255
2502 2256 if (do_encr) {
2503 2257 /* encryption context template */
2504 2258 IPSEC_CTX_TMPL(assoc, ipsa_encrtmpl, IPSEC_ALG_ENCR,
2505 2259 encr_ctx_tmpl);
2506 2260 /* Call the nonce update function. */
2507 2261 (assoc->ipsa_noncefunc)(assoc, (uchar_t *)esph_ptr, payload_len,
2508 2262 iv_ptr, &ic->ic_cmm, &ic->ic_crypto_data);
2509 2263
2510 2264 if (!do_auth) {
2511 2265 /* encryption only, skip mblk that contains ESP hdr */
2512 2266 /* initialize input data argument */
2513 2267 ESP_INIT_CRYPTO_DATA(&ic->ic_crypto_data,
2514 2268 esp_mp->b_cont, 0, payload_len);
2515 2269
2516 2270 /*
2517 2271 * For combined mode ciphers, the ciphertext is the same
2518 2272 * size as the clear text, the ICV should follow the
2519 2273 * ciphertext. To convince the kcf to allow in-line
2520 2274 * encryption, with an ICV, use ipsec_out_crypto_mac
2521 2275 * to point to the same buffer as the data. The calling
2522 2276 * function need to ensure the buffer is large enough to
2523 2277 * include the ICV.
2524 2278 *
2525 2279 * The IV is already written to the packet buffer, the
2526 2280 * nonce setup function copied it to the params struct
2527 2281 * for the cipher to use.
2528 2282 */
2529 2283 if (assoc->ipsa_flags & IPSA_F_COMBINED) {
2530 2284 bcopy(&ic->ic_crypto_data,
2531 2285 &ic->ic_crypto_mac,
2532 2286 sizeof (crypto_data_t));
2533 2287 ic->ic_crypto_mac.cd_length =
2534 2288 payload_len + icv_len;
2535 2289 cd_ptr = &ic->ic_crypto_mac;
2536 2290 }
2537 2291
2538 2292 /* call the crypto framework */
2539 2293 kef_rc = crypto_encrypt((crypto_mechanism_t *)
2540 2294 &ic->ic_cmm, &ic->ic_crypto_data,
2541 2295 &assoc->ipsa_kcfencrkey, encr_ctx_tmpl,
2542 2296 cd_ptr, callrp);
2543 2297
2544 2298 }
2545 2299 }
2546 2300
2547 2301 if (do_auth && do_encr) {
2548 2302 /*
2549 2303 * Encryption and authentication:
2550 2304 * Pass the pointer to the mblk chain starting at the ESP
2551 2305 * header to the framework. Skip the ESP header mblk
2552 2306 * for encryption, which is reflected by an encryption
2553 2307 * offset equal to the length of that mblk. Start
2554 2308 * the authentication at the ESP header, i.e. use an
2555 2309 * authentication offset of zero.
2556 2310 */
2557 2311 ESP_INIT_CRYPTO_DUAL_DATA(&ic->ic_crypto_dual_data,
2558 2312 esp_mp, MBLKL(esp_mp), payload_len, esph_offset, auth_len);
2559 2313
2560 2314 /* specify IV */
2561 2315 ic->ic_crypto_dual_data.dd_miscdata = (char *)iv_ptr;
2562 2316
2563 2317 /* call the framework */
2564 2318 kef_rc = crypto_encrypt_mac(&assoc->ipsa_emech,
2565 2319 &assoc->ipsa_amech, NULL,
2566 2320 &assoc->ipsa_kcfencrkey, &assoc->ipsa_kcfauthkey,
2567 2321 encr_ctx_tmpl, auth_ctx_tmpl,
2568 2322 &ic->ic_crypto_dual_data,
2569 2323 &ic->ic_crypto_mac, callrp);
2570 2324 }
2571 2325
2572 2326 switch (kef_rc) {
2573 2327 case CRYPTO_SUCCESS:
2574 2328 ESP_BUMP_STAT(espstack, crypto_sync);
2575 2329 esp_set_usetime(assoc, B_FALSE);
2576 2330 if (force) {
2577 2331 mp = ipsec_free_crypto_data(mp);
2578 2332 data_mp = ip_xmit_attr_free_mblk(mp);
2579 2333 }
2580 2334 if (is_natt)
2581 2335 esp_prepare_udp(ns, data_mp, (ipha_t *)data_mp->b_rptr);
2582 2336 return (data_mp);
2583 2337 case CRYPTO_QUEUED:
2584 2338 /* esp_kcf_callback_outbound() will be invoked on completion */
2585 2339 ESP_BUMP_STAT(espstack, crypto_async);
2586 2340 return (NULL);
2587 2341 }
2588 2342
2589 2343 if (force) {
2590 2344 mp = ipsec_free_crypto_data(mp);
2591 2345 data_mp = ip_xmit_attr_free_mblk(mp);
2592 2346 }
2593 2347 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards);
2594 2348 esp_crypto_failed(data_mp, B_FALSE, kef_rc, NULL, espstack);
2595 2349 /* data_mp was passed to ip_drop_packet */
2596 2350 return (NULL);
2597 2351 }
2598 2352
2599 2353 /*
2600 2354 * Handle outbound IPsec processing for IPv4 and IPv6
2601 2355 *
2602 2356 * Returns data_mp if successfully completed the request. Returns
2603 2357 * NULL if it failed (and increments InDiscards) or if it is pending.
2604 2358 */
2605 2359 static mblk_t *
2606 2360 esp_outbound(mblk_t *data_mp, ip_xmit_attr_t *ixa)
2607 2361 {
2608 2362 mblk_t *espmp, *tailmp;
2609 2363 ipha_t *ipha;
2610 2364 ip6_t *ip6h;
2611 2365 esph_t *esph_ptr, *iv_ptr;
2612 2366 uint_t af;
2613 2367 uint8_t *nhp;
2614 2368 uintptr_t divpoint, datalen, adj, padlen, i, alloclen;
2615 2369 uintptr_t esplen = sizeof (esph_t);
2616 2370 uint8_t protocol;
2617 2371 ipsa_t *assoc;
2618 2372 uint_t iv_len, block_size, mac_len = 0;
2619 2373 uchar_t *icv_buf;
2620 2374 udpha_t *udpha;
2621 2375 boolean_t is_natt = B_FALSE;
2622 2376 netstack_t *ns = ixa->ixa_ipst->ips_netstack;
2623 2377 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
2624 2378 ipsec_stack_t *ipss = ns->netstack_ipsec;
2625 2379 ill_t *ill = ixa->ixa_nce->nce_ill;
2626 2380 boolean_t need_refrele = B_FALSE;
2627 2381
2628 2382 ESP_BUMP_STAT(espstack, out_requests);
2629 2383
2630 2384 /*
2631 2385 * <sigh> We have to copy the message here, because TCP (for example)
2632 2386 * keeps a dupb() of the message lying around for retransmission.
2633 2387 * Since ESP changes the whole of the datagram, we have to create our
2634 2388 * own copy lest we clobber TCP's data. Since we have to copy anyway,
2635 2389 * we might as well make use of msgpullup() and get the mblk into one
2636 2390 * contiguous piece!
2637 2391 */
2638 2392 tailmp = msgpullup(data_mp, -1);
2639 2393 if (tailmp == NULL) {
2640 2394 esp0dbg(("esp_outbound: msgpullup() failed, "
2641 2395 "dropping packet.\n"));
2642 2396 ip_drop_packet(data_mp, B_FALSE, ill,
2643 2397 DROPPER(ipss, ipds_esp_nomem),
2644 2398 &espstack->esp_dropper);
2645 2399 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards);
2646 2400 return (NULL);
2647 2401 }
2648 2402 freemsg(data_mp);
2649 2403 data_mp = tailmp;
2650 2404
2651 2405 assoc = ixa->ixa_ipsec_esp_sa;
2652 2406 ASSERT(assoc != NULL);
2653 2407
2654 2408 /*
2655 2409 * Get the outer IP header in shape to escape this system..
2656 2410 */
2657 2411 if (is_system_labeled() && (assoc->ipsa_otsl != NULL)) {
2658 2412 /*
2659 2413 * Need to update packet with any CIPSO option and update
2660 2414 * ixa_tsl to capture the new label.
2661 2415 * We allocate a separate ixa for that purpose.
2662 2416 */
2663 2417 ixa = ip_xmit_attr_duplicate(ixa);
2664 2418 if (ixa == NULL) {
2665 2419 ip_drop_packet(data_mp, B_FALSE, ill,
2666 2420 DROPPER(ipss, ipds_esp_nomem),
2667 2421 &espstack->esp_dropper);
2668 2422 return (NULL);
2669 2423 }
2670 2424 need_refrele = B_TRUE;
2671 2425
2672 2426 label_hold(assoc->ipsa_otsl);
2673 2427 ip_xmit_attr_replace_tsl(ixa, assoc->ipsa_otsl);
2674 2428
2675 2429 data_mp = sadb_whack_label(data_mp, assoc, ixa,
2676 2430 DROPPER(ipss, ipds_esp_nomem), &espstack->esp_dropper);
2677 2431 if (data_mp == NULL) {
2678 2432 /* Packet dropped by sadb_whack_label */
2679 2433 ixa_refrele(ixa);
2680 2434 return (NULL);
2681 2435 }
2682 2436 }
2683 2437
2684 2438 /*
2685 2439 * Reality check....
2686 2440 */
2687 2441 ipha = (ipha_t *)data_mp->b_rptr; /* So we can call esp_acquire(). */
2688 2442
2689 2443 if (ixa->ixa_flags & IXAF_IS_IPV4) {
2690 2444 ASSERT(IPH_HDR_VERSION(ipha) == IPV4_VERSION);
2691 2445
2692 2446 af = AF_INET;
2693 2447 divpoint = IPH_HDR_LENGTH(ipha);
2694 2448 datalen = ntohs(ipha->ipha_length) - divpoint;
2695 2449 nhp = (uint8_t *)&ipha->ipha_protocol;
2696 2450 } else {
2697 2451 ip_pkt_t ipp;
2698 2452
2699 2453 ASSERT(IPH_HDR_VERSION(ipha) == IPV6_VERSION);
2700 2454
2701 2455 af = AF_INET6;
2702 2456 ip6h = (ip6_t *)ipha;
2703 2457 bzero(&ipp, sizeof (ipp));
2704 2458 divpoint = ip_find_hdr_v6(data_mp, ip6h, B_FALSE, &ipp, NULL);
2705 2459 if (ipp.ipp_dstopts != NULL &&
2706 2460 ipp.ipp_dstopts->ip6d_nxt != IPPROTO_ROUTING) {
2707 2461 /*
2708 2462 * Destination options are tricky. If we get in here,
2709 2463 * then we have a terminal header following the
2710 2464 * destination options. We need to adjust backwards
2711 2465 * so we insert ESP BEFORE the destination options
2712 2466 * bag. (So that the dstopts get encrypted!)
2713 2467 *
2714 2468 * Since this is for outbound packets only, we know
2715 2469 * that non-terminal destination options only precede
2716 2470 * routing headers.
2717 2471 */
2718 2472 divpoint -= ipp.ipp_dstoptslen;
2719 2473 }
2720 2474 datalen = ntohs(ip6h->ip6_plen) + sizeof (ip6_t) - divpoint;
2721 2475
2722 2476 if (ipp.ipp_rthdr != NULL) {
2723 2477 nhp = &ipp.ipp_rthdr->ip6r_nxt;
2724 2478 } else if (ipp.ipp_hopopts != NULL) {
2725 2479 nhp = &ipp.ipp_hopopts->ip6h_nxt;
2726 2480 } else {
2727 2481 ASSERT(divpoint == sizeof (ip6_t));
2728 2482 /* It's probably IP + ESP. */
2729 2483 nhp = &ip6h->ip6_nxt;
2730 2484 }
2731 2485 }
2732 2486
2733 2487 mac_len = assoc->ipsa_mac_len;
2734 2488
2735 2489 if (assoc->ipsa_flags & IPSA_F_NATT) {
2736 2490 /* wedge in UDP header */
2737 2491 is_natt = B_TRUE;
2738 2492 esplen += UDPH_SIZE;
2739 2493 }
2740 2494
2741 2495 /*
2742 2496 * Set up ESP header and encryption padding for ENCR PI request.
2743 2497 */
2744 2498
2745 2499 /* Determine the padding length. Pad to 4-bytes for no-encryption. */
2746 2500 if (assoc->ipsa_encr_alg != SADB_EALG_NULL) {
2747 2501 iv_len = assoc->ipsa_iv_len;
2748 2502 block_size = assoc->ipsa_datalen;
2749 2503
2750 2504 /*
2751 2505 * Pad the data to the length of the cipher block size.
2752 2506 * Include the two additional bytes (hence the - 2) for the
2753 2507 * padding length and the next header. Take this into account
2754 2508 * when calculating the actual length of the padding.
2755 2509 */
2756 2510 ASSERT(ISP2(iv_len));
2757 2511 padlen = ((unsigned)(block_size - datalen - 2)) &
2758 2512 (block_size - 1);
2759 2513 } else {
2760 2514 iv_len = 0;
2761 2515 padlen = ((unsigned)(sizeof (uint32_t) - datalen - 2)) &
2762 2516 (sizeof (uint32_t) - 1);
2763 2517 }
2764 2518
2765 2519 /* Allocate ESP header and IV. */
2766 2520 esplen += iv_len;
2767 2521
2768 2522 /*
2769 2523 * Update association byte-count lifetimes. Don't forget to take
2770 2524 * into account the padding length and next-header (hence the + 2).
2771 2525 *
2772 2526 * Use the amount of data fed into the "encryption algorithm". This
2773 2527 * is the IV, the data length, the padding length, and the final two
2774 2528 * bytes (padlen, and next-header).
2775 2529 *
2776 2530 */
2777 2531
2778 2532 if (!esp_age_bytes(assoc, datalen + padlen + iv_len + 2, B_FALSE)) {
2779 2533 ip_drop_packet(data_mp, B_FALSE, ill,
2780 2534 DROPPER(ipss, ipds_esp_bytes_expire),
2781 2535 &espstack->esp_dropper);
2782 2536 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards);
2783 2537 if (need_refrele)
2784 2538 ixa_refrele(ixa);
2785 2539 return (NULL);
2786 2540 }
2787 2541
2788 2542 espmp = allocb(esplen, BPRI_HI);
2789 2543 if (espmp == NULL) {
2790 2544 ESP_BUMP_STAT(espstack, out_discards);
2791 2545 esp1dbg(espstack, ("esp_outbound: can't allocate espmp.\n"));
2792 2546 ip_drop_packet(data_mp, B_FALSE, ill,
2793 2547 DROPPER(ipss, ipds_esp_nomem),
2794 2548 &espstack->esp_dropper);
2795 2549 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards);
2796 2550 if (need_refrele)
2797 2551 ixa_refrele(ixa);
2798 2552 return (NULL);
2799 2553 }
2800 2554 espmp->b_wptr += esplen;
2801 2555 esph_ptr = (esph_t *)espmp->b_rptr;
2802 2556
2803 2557 if (is_natt) {
2804 2558 esp3dbg(espstack, ("esp_outbound: NATT"));
2805 2559
2806 2560 udpha = (udpha_t *)espmp->b_rptr;
2807 2561 udpha->uha_src_port = (assoc->ipsa_local_nat_port != 0) ?
2808 2562 assoc->ipsa_local_nat_port : htons(IPPORT_IKE_NATT);
2809 2563 udpha->uha_dst_port = (assoc->ipsa_remote_nat_port != 0) ?
2810 2564 assoc->ipsa_remote_nat_port : htons(IPPORT_IKE_NATT);
2811 2565 /*
2812 2566 * Set the checksum to 0, so that the esp_prepare_udp() call
2813 2567 * can do the right thing.
2814 2568 */
2815 2569 udpha->uha_checksum = 0;
2816 2570 esph_ptr = (esph_t *)(udpha + 1);
2817 2571 }
2818 2572
2819 2573 esph_ptr->esph_spi = assoc->ipsa_spi;
2820 2574
2821 2575 esph_ptr->esph_replay = htonl(atomic_inc_32_nv(&assoc->ipsa_replay));
2822 2576 if (esph_ptr->esph_replay == 0 && assoc->ipsa_replay_wsize != 0) {
2823 2577 /*
2824 2578 * XXX We have replay counter wrapping.
2825 2579 * We probably want to nuke this SA (and its peer).
2826 2580 */
2827 2581 ipsec_assocfailure(info.mi_idnum, 0, 0,
2828 2582 SL_ERROR | SL_CONSOLE | SL_WARN,
2829 2583 "Outbound ESP SA (0x%x, %s) has wrapped sequence.\n",
2830 2584 esph_ptr->esph_spi, assoc->ipsa_dstaddr, af,
2831 2585 espstack->ipsecesp_netstack);
2832 2586
2833 2587 ESP_BUMP_STAT(espstack, out_discards);
2834 2588 sadb_replay_delete(assoc);
2835 2589 ip_drop_packet(data_mp, B_FALSE, ill,
2836 2590 DROPPER(ipss, ipds_esp_replay),
2837 2591 &espstack->esp_dropper);
2838 2592 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards);
2839 2593 if (need_refrele)
2840 2594 ixa_refrele(ixa);
2841 2595 return (NULL);
2842 2596 }
2843 2597
2844 2598 iv_ptr = (esph_ptr + 1);
2845 2599 /*
2846 2600 * iv_ptr points to the mblk which will contain the IV once we have
2847 2601 * written it there. This mblk will be part of a mblk chain that
2848 2602 * will make up the packet.
2849 2603 *
2850 2604 * For counter mode algorithms, the IV is a 64 bit quantity, it
2851 2605 * must NEVER repeat in the lifetime of the SA, otherwise an
2852 2606 * attacker who had recorded enough packets might be able to
2853 2607 * determine some clear text.
2854 2608 *
2855 2609 * To ensure this does not happen, the IV is stored in the SA and
2856 2610 * incremented for each packet, the IV is then copied into the
2857 2611 * "packet" for transmission to the receiving system. The IV will
2858 2612 * also be copied into the nonce, when the packet is encrypted.
2859 2613 *
2860 2614 * CBC mode algorithms use a random IV for each packet. We do not
2861 2615 * require the highest quality random bits, but for best security
2862 2616 * with CBC mode ciphers, the value must be unlikely to repeat and
2863 2617 * must not be known in advance to an adversary capable of influencing
2864 2618 * the clear text.
2865 2619 */
2866 2620 if (!update_iv((uint8_t *)iv_ptr, espstack->esp_pfkey_q, assoc,
2867 2621 espstack)) {
2868 2622 ip_drop_packet(data_mp, B_FALSE, ill,
2869 2623 DROPPER(ipss, ipds_esp_iv_wrap), &espstack->esp_dropper);
2870 2624 if (need_refrele)
2871 2625 ixa_refrele(ixa);
2872 2626 return (NULL);
2873 2627 }
2874 2628
2875 2629 /* Fix the IP header. */
2876 2630 alloclen = padlen + 2 + mac_len;
2877 2631 adj = alloclen + (espmp->b_wptr - espmp->b_rptr);
2878 2632
2879 2633 protocol = *nhp;
2880 2634
2881 2635 if (ixa->ixa_flags & IXAF_IS_IPV4) {
2882 2636 ipha->ipha_length = htons(ntohs(ipha->ipha_length) + adj);
2883 2637 if (is_natt) {
2884 2638 *nhp = IPPROTO_UDP;
2885 2639 udpha->uha_length = htons(ntohs(ipha->ipha_length) -
2886 2640 IPH_HDR_LENGTH(ipha));
2887 2641 } else {
2888 2642 *nhp = IPPROTO_ESP;
2889 2643 }
2890 2644 ipha->ipha_hdr_checksum = 0;
2891 2645 ipha->ipha_hdr_checksum = (uint16_t)ip_csum_hdr(ipha);
2892 2646 } else {
2893 2647 ip6h->ip6_plen = htons(ntohs(ip6h->ip6_plen) + adj);
2894 2648 *nhp = IPPROTO_ESP;
2895 2649 }
2896 2650
2897 2651 /* I've got the two ESP mblks, now insert them. */
2898 2652
2899 2653 esp2dbg(espstack, ("data_mp before outbound ESP adjustment:\n"));
2900 2654 esp2dbg(espstack, (dump_msg(data_mp)));
2901 2655
2902 2656 if (!esp_insert_esp(data_mp, espmp, divpoint, espstack)) {
2903 2657 ESP_BUMP_STAT(espstack, out_discards);
2904 2658 /* NOTE: esp_insert_esp() only fails if there's no memory. */
2905 2659 ip_drop_packet(data_mp, B_FALSE, ill,
2906 2660 DROPPER(ipss, ipds_esp_nomem),
2907 2661 &espstack->esp_dropper);
2908 2662 freeb(espmp);
2909 2663 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards);
2910 2664 if (need_refrele)
2911 2665 ixa_refrele(ixa);
2912 2666 return (NULL);
2913 2667 }
2914 2668
2915 2669 /* Append padding (and leave room for ICV). */
2916 2670 for (tailmp = data_mp; tailmp->b_cont != NULL; tailmp = tailmp->b_cont)
2917 2671 ;
2918 2672 if (tailmp->b_wptr + alloclen > tailmp->b_datap->db_lim) {
2919 2673 tailmp->b_cont = allocb(alloclen, BPRI_HI);
2920 2674 if (tailmp->b_cont == NULL) {
2921 2675 ESP_BUMP_STAT(espstack, out_discards);
2922 2676 esp0dbg(("esp_outbound: Can't allocate tailmp.\n"));
2923 2677 ip_drop_packet(data_mp, B_FALSE, ill,
2924 2678 DROPPER(ipss, ipds_esp_nomem),
2925 2679 &espstack->esp_dropper);
2926 2680 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards);
2927 2681 if (need_refrele)
2928 2682 ixa_refrele(ixa);
2929 2683 return (NULL);
2930 2684 }
2931 2685 tailmp = tailmp->b_cont;
2932 2686 }
2933 2687
2934 2688 /*
2935 2689 * If there's padding, N bytes of padding must be of the form 0x1,
2936 2690 * 0x2, 0x3... 0xN.
2937 2691 */
2938 2692 for (i = 0; i < padlen; ) {
2939 2693 i++;
2940 2694 *tailmp->b_wptr++ = i;
2941 2695 }
2942 2696 *tailmp->b_wptr++ = i;
2943 2697 *tailmp->b_wptr++ = protocol;
2944 2698
2945 2699 esp2dbg(espstack, ("data_Mp before encryption:\n"));
2946 2700 esp2dbg(espstack, (dump_msg(data_mp)));
2947 2701
2948 2702 /*
2949 2703 * Okay. I've set up the pre-encryption ESP. Let's do it!
2950 2704 */
2951 2705
2952 2706 if (mac_len > 0) {
2953 2707 ASSERT(tailmp->b_wptr + mac_len <= tailmp->b_datap->db_lim);
2954 2708 icv_buf = tailmp->b_wptr;
2955 2709 tailmp->b_wptr += mac_len;
2956 2710 } else {
2957 2711 icv_buf = NULL;
2958 2712 }
2959 2713
2960 2714 data_mp = esp_submit_req_outbound(data_mp, ixa, assoc, icv_buf,
2961 2715 datalen + padlen + 2);
2962 2716 if (need_refrele)
2963 2717 ixa_refrele(ixa);
2964 2718 return (data_mp);
2965 2719 }
2966 2720
2967 2721 /*
2968 2722 * IP calls this to validate the ICMP errors that
2969 2723 * we got from the network.
2970 2724 */
2971 2725 mblk_t *
2972 2726 ipsecesp_icmp_error(mblk_t *data_mp, ip_recv_attr_t *ira)
2973 2727 {
2974 2728 netstack_t *ns = ira->ira_ill->ill_ipst->ips_netstack;
2975 2729 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
2976 2730 ipsec_stack_t *ipss = ns->netstack_ipsec;
2977 2731
2978 2732 /*
2979 2733 * Unless we get an entire packet back, this function is useless.
2980 2734 * Why?
2981 2735 *
2982 2736 * 1.) Partial packets are useless, because the "next header"
2983 2737 * is at the end of the decrypted ESP packet. Without the
2984 2738 * whole packet, this is useless.
2985 2739 *
2986 2740 * 2.) If we every use a stateful cipher, such as a stream or a
2987 2741 * one-time pad, we can't do anything.
2988 2742 *
2989 2743 * Since the chances of us getting an entire packet back are very
2990 2744 * very small, we discard here.
2991 2745 */
2992 2746 IP_ESP_BUMP_STAT(ipss, in_discards);
2993 2747 ip_drop_packet(data_mp, B_TRUE, ira->ira_ill,
2994 2748 DROPPER(ipss, ipds_esp_icmp),
2995 2749 &espstack->esp_dropper);
2996 2750 return (NULL);
2997 2751 }
2998 2752
2999 2753 /*
3000 2754 * Construct an SADB_REGISTER message with the current algorithms.
3001 2755 * This function gets called when 'ipsecalgs -s' is run or when
3002 2756 * in.iked (or other KMD) starts.
3003 2757 */
3004 2758 static boolean_t
3005 2759 esp_register_out(uint32_t sequence, uint32_t pid, uint_t serial,
3006 2760 ipsecesp_stack_t *espstack, cred_t *cr)
3007 2761 {
3008 2762 mblk_t *pfkey_msg_mp, *keysock_out_mp;
3009 2763 sadb_msg_t *samsg;
3010 2764 sadb_supported_t *sasupp_auth = NULL;
3011 2765 sadb_supported_t *sasupp_encr = NULL;
3012 2766 sadb_alg_t *saalg;
3013 2767 uint_t allocsize = sizeof (*samsg);
3014 2768 uint_t i, numalgs_snap;
3015 2769 int current_aalgs;
3016 2770 ipsec_alginfo_t **authalgs;
3017 2771 uint_t num_aalgs;
3018 2772 int current_ealgs;
3019 2773 ipsec_alginfo_t **encralgs;
3020 2774 uint_t num_ealgs;
3021 2775 ipsec_stack_t *ipss = espstack->ipsecesp_netstack->netstack_ipsec;
3022 2776 sadb_sens_t *sens;
3023 2777 size_t sens_len = 0;
3024 2778 sadb_ext_t *nextext;
3025 2779 ts_label_t *sens_tsl = NULL;
3026 2780
3027 2781 /* Allocate the KEYSOCK_OUT. */
3028 2782 keysock_out_mp = sadb_keysock_out(serial);
3029 2783 if (keysock_out_mp == NULL) {
3030 2784 esp0dbg(("esp_register_out: couldn't allocate mblk.\n"));
3031 2785 return (B_FALSE);
3032 2786 }
3033 2787
3034 2788 if (is_system_labeled() && (cr != NULL)) {
3035 2789 sens_tsl = crgetlabel(cr);
3036 2790 if (sens_tsl != NULL) {
3037 2791 sens_len = sadb_sens_len_from_label(sens_tsl);
3038 2792 allocsize += sens_len;
3039 2793 }
3040 2794 }
3041 2795
3042 2796 /*
3043 2797 * Allocate the PF_KEY message that follows KEYSOCK_OUT.
3044 2798 */
3045 2799
3046 2800 rw_enter(&ipss->ipsec_alg_lock, RW_READER);
3047 2801 /*
3048 2802 * Fill SADB_REGISTER message's algorithm descriptors. Hold
3049 2803 * down the lock while filling it.
3050 2804 *
3051 2805 * Return only valid algorithms, so the number of algorithms
3052 2806 * to send up may be less than the number of algorithm entries
3053 2807 * in the table.
3054 2808 */
3055 2809 authalgs = ipss->ipsec_alglists[IPSEC_ALG_AUTH];
3056 2810 for (num_aalgs = 0, i = 0; i < IPSEC_MAX_ALGS; i++)
3057 2811 if (authalgs[i] != NULL && ALG_VALID(authalgs[i]))
3058 2812 num_aalgs++;
3059 2813
3060 2814 if (num_aalgs != 0) {
3061 2815 allocsize += (num_aalgs * sizeof (*saalg));
3062 2816 allocsize += sizeof (*sasupp_auth);
3063 2817 }
3064 2818 encralgs = ipss->ipsec_alglists[IPSEC_ALG_ENCR];
3065 2819 for (num_ealgs = 0, i = 0; i < IPSEC_MAX_ALGS; i++)
3066 2820 if (encralgs[i] != NULL && ALG_VALID(encralgs[i]))
3067 2821 num_ealgs++;
3068 2822
3069 2823 if (num_ealgs != 0) {
3070 2824 allocsize += (num_ealgs * sizeof (*saalg));
3071 2825 allocsize += sizeof (*sasupp_encr);
3072 2826 }
3073 2827 keysock_out_mp->b_cont = allocb(allocsize, BPRI_HI);
3074 2828 if (keysock_out_mp->b_cont == NULL) {
3075 2829 rw_exit(&ipss->ipsec_alg_lock);
3076 2830 freemsg(keysock_out_mp);
3077 2831 return (B_FALSE);
3078 2832 }
3079 2833 pfkey_msg_mp = keysock_out_mp->b_cont;
3080 2834 pfkey_msg_mp->b_wptr += allocsize;
3081 2835
3082 2836 nextext = (sadb_ext_t *)(pfkey_msg_mp->b_rptr + sizeof (*samsg));
3083 2837
3084 2838 if (num_aalgs != 0) {
3085 2839 sasupp_auth = (sadb_supported_t *)nextext;
3086 2840 saalg = (sadb_alg_t *)(sasupp_auth + 1);
3087 2841
3088 2842 ASSERT(((ulong_t)saalg & 0x7) == 0);
3089 2843
3090 2844 numalgs_snap = 0;
3091 2845 for (i = 0;
3092 2846 ((i < IPSEC_MAX_ALGS) && (numalgs_snap < num_aalgs));
3093 2847 i++) {
3094 2848 if (authalgs[i] == NULL || !ALG_VALID(authalgs[i]))
3095 2849 continue;
3096 2850
3097 2851 saalg->sadb_alg_id = authalgs[i]->alg_id;
3098 2852 saalg->sadb_alg_ivlen = 0;
3099 2853 saalg->sadb_alg_minbits = authalgs[i]->alg_ef_minbits;
3100 2854 saalg->sadb_alg_maxbits = authalgs[i]->alg_ef_maxbits;
3101 2855 saalg->sadb_x_alg_increment =
3102 2856 authalgs[i]->alg_increment;
3103 2857 saalg->sadb_x_alg_saltbits = SADB_8TO1(
3104 2858 authalgs[i]->alg_saltlen);
3105 2859 numalgs_snap++;
3106 2860 saalg++;
3107 2861 }
3108 2862 ASSERT(numalgs_snap == num_aalgs);
3109 2863 #ifdef DEBUG
3110 2864 /*
3111 2865 * Reality check to make sure I snagged all of the
3112 2866 * algorithms.
3113 2867 */
3114 2868 for (; i < IPSEC_MAX_ALGS; i++) {
3115 2869 if (authalgs[i] != NULL && ALG_VALID(authalgs[i])) {
3116 2870 cmn_err(CE_PANIC, "esp_register_out()! "
3117 2871 "Missed aalg #%d.\n", i);
3118 2872 }
3119 2873 }
3120 2874 #endif /* DEBUG */
3121 2875 nextext = (sadb_ext_t *)saalg;
3122 2876 }
3123 2877
3124 2878 if (num_ealgs != 0) {
3125 2879 sasupp_encr = (sadb_supported_t *)nextext;
3126 2880 saalg = (sadb_alg_t *)(sasupp_encr + 1);
3127 2881
3128 2882 numalgs_snap = 0;
3129 2883 for (i = 0;
3130 2884 ((i < IPSEC_MAX_ALGS) && (numalgs_snap < num_ealgs)); i++) {
3131 2885 if (encralgs[i] == NULL || !ALG_VALID(encralgs[i]))
3132 2886 continue;
3133 2887 saalg->sadb_alg_id = encralgs[i]->alg_id;
3134 2888 saalg->sadb_alg_ivlen = encralgs[i]->alg_ivlen;
3135 2889 saalg->sadb_alg_minbits = encralgs[i]->alg_ef_minbits;
3136 2890 saalg->sadb_alg_maxbits = encralgs[i]->alg_ef_maxbits;
3137 2891 /*
3138 2892 * We could advertise the ICV length, except there
3139 2893 * is not a value in sadb_x_algb to do this.
3140 2894 * saalg->sadb_alg_maclen = encralgs[i]->alg_maclen;
3141 2895 */
3142 2896 saalg->sadb_x_alg_increment =
3143 2897 encralgs[i]->alg_increment;
3144 2898 saalg->sadb_x_alg_saltbits =
3145 2899 SADB_8TO1(encralgs[i]->alg_saltlen);
3146 2900
3147 2901 numalgs_snap++;
3148 2902 saalg++;
3149 2903 }
3150 2904 ASSERT(numalgs_snap == num_ealgs);
3151 2905 #ifdef DEBUG
3152 2906 /*
3153 2907 * Reality check to make sure I snagged all of the
3154 2908 * algorithms.
3155 2909 */
3156 2910 for (; i < IPSEC_MAX_ALGS; i++) {
3157 2911 if (encralgs[i] != NULL && ALG_VALID(encralgs[i])) {
3158 2912 cmn_err(CE_PANIC, "esp_register_out()! "
3159 2913 "Missed ealg #%d.\n", i);
3160 2914 }
3161 2915 }
3162 2916 #endif /* DEBUG */
3163 2917 nextext = (sadb_ext_t *)saalg;
3164 2918 }
3165 2919
3166 2920 current_aalgs = num_aalgs;
3167 2921 current_ealgs = num_ealgs;
3168 2922
3169 2923 rw_exit(&ipss->ipsec_alg_lock);
3170 2924
3171 2925 if (sens_tsl != NULL) {
3172 2926 sens = (sadb_sens_t *)nextext;
3173 2927 sadb_sens_from_label(sens, SADB_EXT_SENSITIVITY,
3174 2928 sens_tsl, sens_len);
3175 2929
3176 2930 nextext = (sadb_ext_t *)(((uint8_t *)sens) + sens_len);
3177 2931 }
3178 2932
3179 2933 /* Now fill the rest of the SADB_REGISTER message. */
3180 2934
3181 2935 samsg = (sadb_msg_t *)pfkey_msg_mp->b_rptr;
3182 2936 samsg->sadb_msg_version = PF_KEY_V2;
3183 2937 samsg->sadb_msg_type = SADB_REGISTER;
3184 2938 samsg->sadb_msg_errno = 0;
3185 2939 samsg->sadb_msg_satype = SADB_SATYPE_ESP;
3186 2940 samsg->sadb_msg_len = SADB_8TO64(allocsize);
3187 2941 samsg->sadb_msg_reserved = 0;
3188 2942 /*
3189 2943 * Assume caller has sufficient sequence/pid number info. If it's one
3190 2944 * from me over a new alg., I could give two hoots about sequence.
3191 2945 */
3192 2946 samsg->sadb_msg_seq = sequence;
3193 2947 samsg->sadb_msg_pid = pid;
3194 2948
3195 2949 if (sasupp_auth != NULL) {
3196 2950 sasupp_auth->sadb_supported_len = SADB_8TO64(
3197 2951 sizeof (*sasupp_auth) + sizeof (*saalg) * current_aalgs);
3198 2952 sasupp_auth->sadb_supported_exttype = SADB_EXT_SUPPORTED_AUTH;
3199 2953 sasupp_auth->sadb_supported_reserved = 0;
3200 2954 }
3201 2955
3202 2956 if (sasupp_encr != NULL) {
3203 2957 sasupp_encr->sadb_supported_len = SADB_8TO64(
3204 2958 sizeof (*sasupp_encr) + sizeof (*saalg) * current_ealgs);
3205 2959 sasupp_encr->sadb_supported_exttype =
3206 2960 SADB_EXT_SUPPORTED_ENCRYPT;
3207 2961 sasupp_encr->sadb_supported_reserved = 0;
3208 2962 }
3209 2963
3210 2964 if (espstack->esp_pfkey_q != NULL)
3211 2965 putnext(espstack->esp_pfkey_q, keysock_out_mp);
3212 2966 else {
3213 2967 freemsg(keysock_out_mp);
3214 2968 return (B_FALSE);
3215 2969 }
3216 2970
3217 2971 return (B_TRUE);
3218 2972 }
3219 2973
3220 2974 /*
3221 2975 * Invoked when the algorithm table changes. Causes SADB_REGISTER
3222 2976 * messages continaining the current list of algorithms to be
3223 2977 * sent up to the ESP listeners.
3224 2978 */
3225 2979 void
3226 2980 ipsecesp_algs_changed(netstack_t *ns)
3227 2981 {
3228 2982 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
3229 2983
3230 2984 /*
3231 2985 * Time to send a PF_KEY SADB_REGISTER message to ESP listeners
3232 2986 * everywhere. (The function itself checks for NULL esp_pfkey_q.)
3233 2987 */
3234 2988 (void) esp_register_out(0, 0, 0, espstack, NULL);
3235 2989 }
3236 2990
3237 2991 /*
3238 2992 * Stub function that taskq_dispatch() invokes to take the mblk (in arg)
3239 2993 * and send() it into ESP and IP again.
3240 2994 */
3241 2995 static void
3242 2996 inbound_task(void *arg)
3243 2997 {
3244 2998 mblk_t *mp = (mblk_t *)arg;
3245 2999 mblk_t *async_mp;
3246 3000 ip_recv_attr_t iras;
3247 3001
3248 3002 async_mp = mp;
3249 3003 mp = async_mp->b_cont;
3250 3004 async_mp->b_cont = NULL;
3251 3005 if (!ip_recv_attr_from_mblk(async_mp, &iras)) {
3252 3006 /* The ill or ip_stack_t disappeared on us */
3253 3007 ip_drop_input("ip_recv_attr_from_mblk", mp, NULL);
3254 3008 freemsg(mp);
3255 3009 goto done;
3256 3010 }
3257 3011
3258 3012 esp_inbound_restart(mp, &iras);
3259 3013 done:
3260 3014 ira_cleanup(&iras, B_TRUE);
3261 3015 }
3262 3016
3263 3017 /*
3264 3018 * Restart ESP after the SA has been added.
3265 3019 */
3266 3020 static void
3267 3021 esp_inbound_restart(mblk_t *mp, ip_recv_attr_t *ira)
3268 3022 {
3269 3023 esph_t *esph;
3270 3024 netstack_t *ns = ira->ira_ill->ill_ipst->ips_netstack;
3271 3025 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
3272 3026
3273 3027 esp2dbg(espstack, ("in ESP inbound_task"));
3274 3028 ASSERT(espstack != NULL);
3275 3029
3276 3030 mp = ipsec_inbound_esp_sa(mp, ira, &esph);
3277 3031 if (mp == NULL)
3278 3032 return;
3279 3033
3280 3034 ASSERT(esph != NULL);
3281 3035 ASSERT(ira->ira_flags & IRAF_IPSEC_SECURE);
3282 3036 ASSERT(ira->ira_ipsec_esp_sa != NULL);
3283 3037
3284 3038 mp = ira->ira_ipsec_esp_sa->ipsa_input_func(mp, esph, ira);
3285 3039 if (mp == NULL) {
3286 3040 /*
3287 3041 * Either it failed or is pending. In the former case
3288 3042 * ipIfStatsInDiscards was increased.
3289 3043 */
3290 3044 return;
3291 3045 }
3292 3046
3293 3047 ip_input_post_ipsec(mp, ira);
3294 3048 }
3295 3049
3296 3050 /*
3297 3051 * Now that weak-key passed, actually ADD the security association, and
3298 3052 * send back a reply ADD message.
3299 3053 */
3300 3054 static int
3301 3055 esp_add_sa_finish(mblk_t *mp, sadb_msg_t *samsg, keysock_in_t *ksi,
3302 3056 int *diagnostic, ipsecesp_stack_t *espstack)
3303 3057 {
3304 3058 isaf_t *primary = NULL, *secondary;
3305 3059 boolean_t clone = B_FALSE, is_inbound = B_FALSE;
3306 3060 ipsa_t *larval = NULL;
3307 3061 ipsacq_t *acqrec;
3308 3062 iacqf_t *acq_bucket;
3309 3063 mblk_t *acq_msgs = NULL;
3310 3064 int rc;
3311 3065 mblk_t *lpkt;
3312 3066 int error;
3313 3067 ipsa_query_t sq;
3314 3068 ipsec_stack_t *ipss = espstack->ipsecesp_netstack->netstack_ipsec;
3315 3069
3316 3070 /*
3317 3071 * Locate the appropriate table(s).
3318 3072 */
3319 3073 sq.spp = &espstack->esp_sadb; /* XXX */
3320 3074 error = sadb_form_query(ksi, IPSA_Q_SA|IPSA_Q_DST,
3321 3075 IPSA_Q_SA|IPSA_Q_DST|IPSA_Q_INBOUND|IPSA_Q_OUTBOUND,
3322 3076 &sq, diagnostic);
3323 3077 if (error)
3324 3078 return (error);
3325 3079
3326 3080 /*
3327 3081 * Use the direction flags provided by the KMD to determine
3328 3082 * if the inbound or outbound table should be the primary
3329 3083 * for this SA. If these flags were absent then make this
3330 3084 * decision based on the addresses.
3331 3085 */
3332 3086 if (sq.assoc->sadb_sa_flags & IPSA_F_INBOUND) {
3333 3087 primary = sq.inbound;
3334 3088 secondary = sq.outbound;
3335 3089 is_inbound = B_TRUE;
3336 3090 if (sq.assoc->sadb_sa_flags & IPSA_F_OUTBOUND)
3337 3091 clone = B_TRUE;
3338 3092 } else if (sq.assoc->sadb_sa_flags & IPSA_F_OUTBOUND) {
3339 3093 primary = sq.outbound;
3340 3094 secondary = sq.inbound;
3341 3095 }
3342 3096
3343 3097 if (primary == NULL) {
3344 3098 /*
3345 3099 * The KMD did not set a direction flag, determine which
3346 3100 * table to insert the SA into based on addresses.
3347 3101 */
3348 3102 switch (ksi->ks_in_dsttype) {
3349 3103 case KS_IN_ADDR_MBCAST:
3350 3104 clone = B_TRUE; /* All mcast SAs can be bidirectional */
3351 3105 sq.assoc->sadb_sa_flags |= IPSA_F_OUTBOUND;
3352 3106 /* FALLTHRU */
3353 3107 /*
3354 3108 * If the source address is either one of mine, or unspecified
3355 3109 * (which is best summed up by saying "not 'not mine'"),
3356 3110 * then the association is potentially bi-directional,
3357 3111 * in that it can be used for inbound traffic and outbound
3358 3112 * traffic. The best example of such an SA is a multicast
3359 3113 * SA (which allows me to receive the outbound traffic).
3360 3114 */
3361 3115 case KS_IN_ADDR_ME:
3362 3116 sq.assoc->sadb_sa_flags |= IPSA_F_INBOUND;
3363 3117 primary = sq.inbound;
3364 3118 secondary = sq.outbound;
3365 3119 if (ksi->ks_in_srctype != KS_IN_ADDR_NOTME)
3366 3120 clone = B_TRUE;
3367 3121 is_inbound = B_TRUE;
3368 3122 break;
3369 3123 /*
3370 3124 * If the source address literally not mine (either
3371 3125 * unspecified or not mine), then this SA may have an
3372 3126 * address that WILL be mine after some configuration.
3373 3127 * We pay the price for this by making it a bi-directional
3374 3128 * SA.
3375 3129 */
3376 3130 case KS_IN_ADDR_NOTME:
3377 3131 sq.assoc->sadb_sa_flags |= IPSA_F_OUTBOUND;
3378 3132 primary = sq.outbound;
3379 3133 secondary = sq.inbound;
3380 3134 if (ksi->ks_in_srctype != KS_IN_ADDR_ME) {
3381 3135 sq.assoc->sadb_sa_flags |= IPSA_F_INBOUND;
3382 3136 clone = B_TRUE;
3383 3137 }
3384 3138 break;
3385 3139 default:
3386 3140 *diagnostic = SADB_X_DIAGNOSTIC_BAD_DST;
3387 3141 return (EINVAL);
3388 3142 }
3389 3143 }
3390 3144
3391 3145 /*
3392 3146 * Find a ACQUIRE list entry if possible. If we've added an SA that
3393 3147 * suits the needs of an ACQUIRE list entry, we can eliminate the
3394 3148 * ACQUIRE list entry and transmit the enqueued packets. Use the
3395 3149 * high-bit of the sequence number to queue it. Key off destination
3396 3150 * addr, and change acqrec's state.
3397 3151 */
3398 3152
3399 3153 if (samsg->sadb_msg_seq & IACQF_LOWEST_SEQ) {
3400 3154 acq_bucket = &(sq.sp->sdb_acq[sq.outhash]);
3401 3155 mutex_enter(&acq_bucket->iacqf_lock);
3402 3156 for (acqrec = acq_bucket->iacqf_ipsacq; acqrec != NULL;
3403 3157 acqrec = acqrec->ipsacq_next) {
3404 3158 mutex_enter(&acqrec->ipsacq_lock);
3405 3159 /*
3406 3160 * Q: I only check sequence. Should I check dst?
3407 3161 * A: Yes, check dest because those are the packets
3408 3162 * that are queued up.
3409 3163 */
3410 3164 if (acqrec->ipsacq_seq == samsg->sadb_msg_seq &&
3411 3165 IPSA_ARE_ADDR_EQUAL(sq.dstaddr,
3412 3166 acqrec->ipsacq_dstaddr, acqrec->ipsacq_addrfam))
3413 3167 break;
3414 3168 mutex_exit(&acqrec->ipsacq_lock);
3415 3169 }
3416 3170 if (acqrec != NULL) {
3417 3171 /*
3418 3172 * AHA! I found an ACQUIRE record for this SA.
3419 3173 * Grab the msg list, and free the acquire record.
3420 3174 * I already am holding the lock for this record,
3421 3175 * so all I have to do is free it.
3422 3176 */
3423 3177 acq_msgs = acqrec->ipsacq_mp;
3424 3178 acqrec->ipsacq_mp = NULL;
3425 3179 mutex_exit(&acqrec->ipsacq_lock);
3426 3180 sadb_destroy_acquire(acqrec,
3427 3181 espstack->ipsecesp_netstack);
3428 3182 }
3429 3183 mutex_exit(&acq_bucket->iacqf_lock);
3430 3184 }
3431 3185
3432 3186 /*
3433 3187 * Find PF_KEY message, and see if I'm an update. If so, find entry
3434 3188 * in larval list (if there).
3435 3189 */
3436 3190 if (samsg->sadb_msg_type == SADB_UPDATE) {
3437 3191 mutex_enter(&sq.inbound->isaf_lock);
3438 3192 larval = ipsec_getassocbyspi(sq.inbound, sq.assoc->sadb_sa_spi,
3439 3193 ALL_ZEROES_PTR, sq.dstaddr, sq.dst->sin_family);
3440 3194 mutex_exit(&sq.inbound->isaf_lock);
3441 3195
3442 3196 if ((larval == NULL) ||
3443 3197 (larval->ipsa_state != IPSA_STATE_LARVAL)) {
3444 3198 *diagnostic = SADB_X_DIAGNOSTIC_SA_NOTFOUND;
3445 3199 if (larval != NULL) {
3446 3200 IPSA_REFRELE(larval);
3447 3201 }
3448 3202 esp0dbg(("Larval update, but larval disappeared.\n"));
3449 3203 return (ESRCH);
3450 3204 } /* Else sadb_common_add unlinks it for me! */
3451 3205 }
3452 3206
3453 3207 if (larval != NULL) {
3454 3208 /*
3455 3209 * Hold again, because sadb_common_add() consumes a reference,
3456 3210 * and we don't want to clear_lpkt() without a reference.
3457 3211 */
3458 3212 IPSA_REFHOLD(larval);
3459 3213 }
3460 3214
3461 3215 rc = sadb_common_add(espstack->esp_pfkey_q,
3462 3216 mp, samsg, ksi, primary, secondary, larval, clone, is_inbound,
3463 3217 diagnostic, espstack->ipsecesp_netstack, &espstack->esp_sadb);
3464 3218
3465 3219 if (larval != NULL) {
3466 3220 if (rc == 0) {
3467 3221 lpkt = sadb_clear_lpkt(larval);
3468 3222 if (lpkt != NULL) {
3469 3223 rc = !taskq_dispatch(esp_taskq, inbound_task,
3470 3224 lpkt, TQ_NOSLEEP);
3471 3225 }
3472 3226 }
3473 3227 IPSA_REFRELE(larval);
3474 3228 }
3475 3229
3476 3230 /*
3477 3231 * How much more stack will I create with all of these
3478 3232 * esp_outbound() calls?
3479 3233 */
3480 3234
3481 3235 /* Handle the packets queued waiting for the SA */
3482 3236 while (acq_msgs != NULL) {
3483 3237 mblk_t *asyncmp;
3484 3238 mblk_t *data_mp;
3485 3239 ip_xmit_attr_t ixas;
3486 3240 ill_t *ill;
3487 3241
3488 3242 asyncmp = acq_msgs;
3489 3243 acq_msgs = acq_msgs->b_next;
3490 3244 asyncmp->b_next = NULL;
3491 3245
3492 3246 /*
3493 3247 * Extract the ip_xmit_attr_t from the first mblk.
3494 3248 * Verifies that the netstack and ill is still around; could
3495 3249 * have vanished while iked was doing its work.
3496 3250 * On succesful return we have a nce_t and the ill/ipst can't
3497 3251 * disappear until we do the nce_refrele in ixa_cleanup.
3498 3252 */
3499 3253 data_mp = asyncmp->b_cont;
3500 3254 asyncmp->b_cont = NULL;
3501 3255 if (!ip_xmit_attr_from_mblk(asyncmp, &ixas)) {
3502 3256 ESP_BUMP_STAT(espstack, out_discards);
3503 3257 ip_drop_packet(data_mp, B_FALSE, NULL,
3504 3258 DROPPER(ipss, ipds_sadb_acquire_timeout),
3505 3259 &espstack->esp_dropper);
3506 3260 } else if (rc != 0) {
3507 3261 ill = ixas.ixa_nce->nce_ill;
3508 3262 ESP_BUMP_STAT(espstack, out_discards);
3509 3263 ip_drop_packet(data_mp, B_FALSE, ill,
3510 3264 DROPPER(ipss, ipds_sadb_acquire_timeout),
3511 3265 &espstack->esp_dropper);
3512 3266 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards);
3513 3267 } else {
3514 3268 esp_outbound_finish(data_mp, &ixas);
3515 3269 }
3516 3270 ixa_cleanup(&ixas);
3517 3271 }
3518 3272
3519 3273 return (rc);
3520 3274 }
3521 3275
3522 3276 /*
3523 3277 * Process one of the queued messages (from ipsacq_mp) once the SA
3524 3278 * has been added.
3525 3279 */
3526 3280 static void
3527 3281 esp_outbound_finish(mblk_t *data_mp, ip_xmit_attr_t *ixa)
3528 3282 {
3529 3283 netstack_t *ns = ixa->ixa_ipst->ips_netstack;
3530 3284 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
3531 3285 ipsec_stack_t *ipss = ns->netstack_ipsec;
3532 3286 ill_t *ill = ixa->ixa_nce->nce_ill;
3533 3287
3534 3288 if (!ipsec_outbound_sa(data_mp, ixa, IPPROTO_ESP)) {
3535 3289 ESP_BUMP_STAT(espstack, out_discards);
3536 3290 ip_drop_packet(data_mp, B_FALSE, ill,
3537 3291 DROPPER(ipss, ipds_sadb_acquire_timeout),
3538 3292 &espstack->esp_dropper);
3539 3293 BUMP_MIB(ill->ill_ip_mib, ipIfStatsOutDiscards);
3540 3294 return;
3541 3295 }
3542 3296
3543 3297 data_mp = esp_outbound(data_mp, ixa);
3544 3298 if (data_mp == NULL)
3545 3299 return;
3546 3300
3547 3301 /* do AH processing if needed */
3548 3302 data_mp = esp_do_outbound_ah(data_mp, ixa);
3549 3303 if (data_mp == NULL)
3550 3304 return;
3551 3305
3552 3306 (void) ip_output_post_ipsec(data_mp, ixa);
3553 3307 }
3554 3308
3555 3309 /*
3556 3310 * Add new ESP security association. This may become a generic AH/ESP
3557 3311 * routine eventually.
3558 3312 */
3559 3313 static int
3560 3314 esp_add_sa(mblk_t *mp, keysock_in_t *ksi, int *diagnostic, netstack_t *ns)
3561 3315 {
3562 3316 sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
3563 3317 sadb_address_t *srcext =
3564 3318 (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_SRC];
3565 3319 sadb_address_t *dstext =
3566 3320 (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
3567 3321 sadb_address_t *isrcext =
3568 3322 (sadb_address_t *)ksi->ks_in_extv[SADB_X_EXT_ADDRESS_INNER_SRC];
3569 3323 sadb_address_t *idstext =
3570 3324 (sadb_address_t *)ksi->ks_in_extv[SADB_X_EXT_ADDRESS_INNER_DST];
3571 3325 sadb_address_t *nttext_loc =
3572 3326 (sadb_address_t *)ksi->ks_in_extv[SADB_X_EXT_ADDRESS_NATT_LOC];
3573 3327 sadb_address_t *nttext_rem =
3574 3328 (sadb_address_t *)ksi->ks_in_extv[SADB_X_EXT_ADDRESS_NATT_REM];
3575 3329 sadb_key_t *akey = (sadb_key_t *)ksi->ks_in_extv[SADB_EXT_KEY_AUTH];
3576 3330 sadb_key_t *ekey = (sadb_key_t *)ksi->ks_in_extv[SADB_EXT_KEY_ENCRYPT];
3577 3331 struct sockaddr_in *src, *dst;
3578 3332 struct sockaddr_in *natt_loc, *natt_rem;
3579 3333 struct sockaddr_in6 *natt_loc6, *natt_rem6;
3580 3334 sadb_lifetime_t *soft =
3581 3335 (sadb_lifetime_t *)ksi->ks_in_extv[SADB_EXT_LIFETIME_SOFT];
3582 3336 sadb_lifetime_t *hard =
3583 3337 (sadb_lifetime_t *)ksi->ks_in_extv[SADB_EXT_LIFETIME_HARD];
3584 3338 sadb_lifetime_t *idle =
3585 3339 (sadb_lifetime_t *)ksi->ks_in_extv[SADB_X_EXT_LIFETIME_IDLE];
3586 3340 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
3587 3341 ipsec_stack_t *ipss = ns->netstack_ipsec;
3588 3342
3589 3343
3590 3344
3591 3345 /* I need certain extensions present for an ADD message. */
3592 3346 if (srcext == NULL) {
3593 3347 *diagnostic = SADB_X_DIAGNOSTIC_MISSING_SRC;
3594 3348 return (EINVAL);
3595 3349 }
3596 3350 if (dstext == NULL) {
3597 3351 *diagnostic = SADB_X_DIAGNOSTIC_MISSING_DST;
3598 3352 return (EINVAL);
3599 3353 }
3600 3354 if (isrcext == NULL && idstext != NULL) {
3601 3355 *diagnostic = SADB_X_DIAGNOSTIC_MISSING_INNER_SRC;
3602 3356 return (EINVAL);
3603 3357 }
3604 3358 if (isrcext != NULL && idstext == NULL) {
3605 3359 *diagnostic = SADB_X_DIAGNOSTIC_MISSING_INNER_DST;
3606 3360 return (EINVAL);
3607 3361 }
3608 3362 if (assoc == NULL) {
3609 3363 *diagnostic = SADB_X_DIAGNOSTIC_MISSING_SA;
3610 3364 return (EINVAL);
3611 3365 }
3612 3366 if (ekey == NULL && assoc->sadb_sa_encrypt != SADB_EALG_NULL) {
3613 3367 *diagnostic = SADB_X_DIAGNOSTIC_MISSING_EKEY;
3614 3368 return (EINVAL);
3615 3369 }
3616 3370
3617 3371 src = (struct sockaddr_in *)(srcext + 1);
3618 3372 dst = (struct sockaddr_in *)(dstext + 1);
3619 3373 natt_loc = (struct sockaddr_in *)(nttext_loc + 1);
3620 3374 natt_loc6 = (struct sockaddr_in6 *)(nttext_loc + 1);
3621 3375 natt_rem = (struct sockaddr_in *)(nttext_rem + 1);
3622 3376 natt_rem6 = (struct sockaddr_in6 *)(nttext_rem + 1);
3623 3377
3624 3378 /* Sundry ADD-specific reality checks. */
3625 3379 /* XXX STATS : Logging/stats here? */
3626 3380
3627 3381 if ((assoc->sadb_sa_state != SADB_SASTATE_MATURE) &&
3628 3382 (assoc->sadb_sa_state != SADB_X_SASTATE_ACTIVE_ELSEWHERE)) {
3629 3383 *diagnostic = SADB_X_DIAGNOSTIC_BAD_SASTATE;
3630 3384 return (EINVAL);
3631 3385 }
3632 3386 if (assoc->sadb_sa_encrypt == SADB_EALG_NONE) {
3633 3387 *diagnostic = SADB_X_DIAGNOSTIC_BAD_EALG;
3634 3388 return (EINVAL);
3635 3389 }
3636 3390
3637 3391 #ifndef IPSEC_LATENCY_TEST
3638 3392 if (assoc->sadb_sa_encrypt == SADB_EALG_NULL &&
3639 3393 assoc->sadb_sa_auth == SADB_AALG_NONE) {
3640 3394 *diagnostic = SADB_X_DIAGNOSTIC_BAD_AALG;
3641 3395 return (EINVAL);
3642 3396 }
3643 3397 #endif
3644 3398
3645 3399 if (assoc->sadb_sa_flags & ~espstack->esp_sadb.s_addflags) {
3646 3400 *diagnostic = SADB_X_DIAGNOSTIC_BAD_SAFLAGS;
3647 3401 return (EINVAL);
3648 3402 }
3649 3403
3650 3404 if ((*diagnostic = sadb_hardsoftchk(hard, soft, idle)) != 0) {
3651 3405 return (EINVAL);
3652 3406 }
3653 3407 ASSERT(src->sin_family == dst->sin_family);
3654 3408
3655 3409 if (assoc->sadb_sa_flags & SADB_X_SAFLAGS_NATT_LOC) {
3656 3410 if (nttext_loc == NULL) {
3657 3411 *diagnostic = SADB_X_DIAGNOSTIC_MISSING_NATT_LOC;
3658 3412 return (EINVAL);
3659 3413 }
3660 3414
3661 3415 if (natt_loc->sin_family == AF_INET6 &&
3662 3416 !IN6_IS_ADDR_V4MAPPED(&natt_loc6->sin6_addr)) {
3663 3417 *diagnostic = SADB_X_DIAGNOSTIC_MALFORMED_NATT_LOC;
3664 3418 return (EINVAL);
3665 3419 }
3666 3420 }
3667 3421
3668 3422 if (assoc->sadb_sa_flags & SADB_X_SAFLAGS_NATT_REM) {
3669 3423 if (nttext_rem == NULL) {
3670 3424 *diagnostic = SADB_X_DIAGNOSTIC_MISSING_NATT_REM;
3671 3425 return (EINVAL);
3672 3426 }
3673 3427 if (natt_rem->sin_family == AF_INET6 &&
3674 3428 !IN6_IS_ADDR_V4MAPPED(&natt_rem6->sin6_addr)) {
3675 3429 *diagnostic = SADB_X_DIAGNOSTIC_MALFORMED_NATT_REM;
3676 3430 return (EINVAL);
3677 3431 }
3678 3432 }
3679 3433
3680 3434
3681 3435 /* Stuff I don't support, for now. XXX Diagnostic? */
3682 3436 if (ksi->ks_in_extv[SADB_EXT_LIFETIME_CURRENT] != NULL)
3683 3437 return (EOPNOTSUPP);
3684 3438
3685 3439 if ((*diagnostic = sadb_labelchk(ksi)) != 0)
3686 3440 return (EINVAL);
3687 3441
3688 3442 /*
3689 3443 * XXX Policy : I'm not checking identities at this time,
3690 3444 * but if I did, I'd do them here, before I sent
3691 3445 * the weak key check up to the algorithm.
3692 3446 */
3693 3447
3694 3448 rw_enter(&ipss->ipsec_alg_lock, RW_READER);
3695 3449
3696 3450 /*
3697 3451 * First locate the authentication algorithm.
3698 3452 */
3699 3453 #ifdef IPSEC_LATENCY_TEST
3700 3454 if (akey != NULL && assoc->sadb_sa_auth != SADB_AALG_NONE) {
3701 3455 #else
3702 3456 if (akey != NULL) {
3703 3457 #endif
3704 3458 ipsec_alginfo_t *aalg;
3705 3459
3706 3460 aalg = ipss->ipsec_alglists[IPSEC_ALG_AUTH]
3707 3461 [assoc->sadb_sa_auth];
3708 3462 if (aalg == NULL || !ALG_VALID(aalg)) {
3709 3463 rw_exit(&ipss->ipsec_alg_lock);
3710 3464 esp1dbg(espstack, ("Couldn't find auth alg #%d.\n",
3711 3465 assoc->sadb_sa_auth));
3712 3466 *diagnostic = SADB_X_DIAGNOSTIC_BAD_AALG;
3713 3467 return (EINVAL);
3714 3468 }
3715 3469
3716 3470 /*
3717 3471 * Sanity check key sizes.
3718 3472 * Note: It's not possible to use SADB_AALG_NONE because
3719 3473 * this auth_alg is not defined with ALG_FLAG_VALID. If this
3720 3474 * ever changes, the same check for SADB_AALG_NONE and
3721 3475 * a auth_key != NULL should be made here ( see below).
3722 3476 */
3723 3477 if (!ipsec_valid_key_size(akey->sadb_key_bits, aalg)) {
3724 3478 rw_exit(&ipss->ipsec_alg_lock);
3725 3479 *diagnostic = SADB_X_DIAGNOSTIC_BAD_AKEYBITS;
3726 3480 return (EINVAL);
3727 3481 }
3728 3482 ASSERT(aalg->alg_mech_type != CRYPTO_MECHANISM_INVALID);
3729 3483
3730 3484 /* check key and fix parity if needed */
3731 3485 if (ipsec_check_key(aalg->alg_mech_type, akey, B_TRUE,
3732 3486 diagnostic) != 0) {
3733 3487 rw_exit(&ipss->ipsec_alg_lock);
3734 3488 return (EINVAL);
3735 3489 }
3736 3490 }
3737 3491
3738 3492 /*
3739 3493 * Then locate the encryption algorithm.
3740 3494 */
3741 3495 if (ekey != NULL) {
3742 3496 uint_t keybits;
3743 3497 ipsec_alginfo_t *ealg;
3744 3498
3745 3499 ealg = ipss->ipsec_alglists[IPSEC_ALG_ENCR]
3746 3500 [assoc->sadb_sa_encrypt];
3747 3501 if (ealg == NULL || !ALG_VALID(ealg)) {
3748 3502 rw_exit(&ipss->ipsec_alg_lock);
3749 3503 esp1dbg(espstack, ("Couldn't find encr alg #%d.\n",
3750 3504 assoc->sadb_sa_encrypt));
3751 3505 *diagnostic = SADB_X_DIAGNOSTIC_BAD_EALG;
3752 3506 return (EINVAL);
3753 3507 }
3754 3508
3755 3509 /*
3756 3510 * Sanity check key sizes. If the encryption algorithm is
3757 3511 * SADB_EALG_NULL but the encryption key is NOT
3758 3512 * NULL then complain.
3759 3513 *
3760 3514 * The keying material includes salt bits if required by
3761 3515 * algorithm and optionally the Initial IV, check the
3762 3516 * length of whats left.
3763 3517 */
3764 3518 keybits = ekey->sadb_key_bits;
3765 3519 keybits -= ekey->sadb_key_reserved;
3766 3520 keybits -= SADB_8TO1(ealg->alg_saltlen);
3767 3521 if ((assoc->sadb_sa_encrypt == SADB_EALG_NULL) ||
3768 3522 (!ipsec_valid_key_size(keybits, ealg))) {
3769 3523 rw_exit(&ipss->ipsec_alg_lock);
3770 3524 *diagnostic = SADB_X_DIAGNOSTIC_BAD_EKEYBITS;
3771 3525 return (EINVAL);
3772 3526 }
3773 3527 ASSERT(ealg->alg_mech_type != CRYPTO_MECHANISM_INVALID);
3774 3528
3775 3529 /* check key */
3776 3530 if (ipsec_check_key(ealg->alg_mech_type, ekey, B_FALSE,
3777 3531 diagnostic) != 0) {
3778 3532 rw_exit(&ipss->ipsec_alg_lock);
3779 3533 return (EINVAL);
3780 3534 }
3781 3535 }
3782 3536 rw_exit(&ipss->ipsec_alg_lock);
3783 3537
3784 3538 return (esp_add_sa_finish(mp, (sadb_msg_t *)mp->b_cont->b_rptr, ksi,
3785 3539 diagnostic, espstack));
3786 3540 }
3787 3541
3788 3542 /*
3789 3543 * Update a security association. Updates come in two varieties. The first
3790 3544 * is an update of lifetimes on a non-larval SA. The second is an update of
3791 3545 * a larval SA, which ends up looking a lot more like an add.
3792 3546 */
3793 3547 static int
3794 3548 esp_update_sa(mblk_t *mp, keysock_in_t *ksi, int *diagnostic,
3795 3549 ipsecesp_stack_t *espstack, uint8_t sadb_msg_type)
3796 3550 {
3797 3551 sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
3798 3552 mblk_t *buf_pkt;
3799 3553 int rcode;
3800 3554
3801 3555 sadb_address_t *dstext =
3802 3556 (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
3803 3557
3804 3558 if (dstext == NULL) {
3805 3559 *diagnostic = SADB_X_DIAGNOSTIC_MISSING_DST;
3806 3560 return (EINVAL);
3807 3561 }
3808 3562
3809 3563 rcode = sadb_update_sa(mp, ksi, &buf_pkt, &espstack->esp_sadb,
3810 3564 diagnostic, espstack->esp_pfkey_q, esp_add_sa,
3811 3565 espstack->ipsecesp_netstack, sadb_msg_type);
3812 3566
3813 3567 if ((assoc->sadb_sa_state != SADB_X_SASTATE_ACTIVE) ||
3814 3568 (rcode != 0)) {
3815 3569 return (rcode);
3816 3570 }
3817 3571
3818 3572 HANDLE_BUF_PKT(esp_taskq, espstack->ipsecesp_netstack->netstack_ipsec,
3819 3573 espstack->esp_dropper, buf_pkt);
3820 3574
3821 3575 return (rcode);
3822 3576 }
3823 3577
3824 3578 /* XXX refactor me */
3825 3579 /*
3826 3580 * Delete a security association. This is REALLY likely to be code common to
3827 3581 * both AH and ESP. Find the association, then unlink it.
3828 3582 */
3829 3583 static int
3830 3584 esp_del_sa(mblk_t *mp, keysock_in_t *ksi, int *diagnostic,
3831 3585 ipsecesp_stack_t *espstack, uint8_t sadb_msg_type)
3832 3586 {
3833 3587 sadb_sa_t *assoc = (sadb_sa_t *)ksi->ks_in_extv[SADB_EXT_SA];
3834 3588 sadb_address_t *dstext =
3835 3589 (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_DST];
3836 3590 sadb_address_t *srcext =
3837 3591 (sadb_address_t *)ksi->ks_in_extv[SADB_EXT_ADDRESS_SRC];
3838 3592 struct sockaddr_in *sin;
3839 3593
3840 3594 if (assoc == NULL) {
3841 3595 if (dstext != NULL) {
3842 3596 sin = (struct sockaddr_in *)(dstext + 1);
3843 3597 } else if (srcext != NULL) {
3844 3598 sin = (struct sockaddr_in *)(srcext + 1);
3845 3599 } else {
3846 3600 *diagnostic = SADB_X_DIAGNOSTIC_MISSING_SA;
3847 3601 return (EINVAL);
3848 3602 }
3849 3603 return (sadb_purge_sa(mp, ksi,
3850 3604 (sin->sin_family == AF_INET6) ? &espstack->esp_sadb.s_v6 :
3851 3605 &espstack->esp_sadb.s_v4, diagnostic,
3852 3606 espstack->esp_pfkey_q));
3853 3607 }
3854 3608
3855 3609 return (sadb_delget_sa(mp, ksi, &espstack->esp_sadb, diagnostic,
3856 3610 espstack->esp_pfkey_q, sadb_msg_type));
3857 3611 }
3858 3612
3859 3613 /* XXX refactor me */
3860 3614 /*
3861 3615 * Convert the entire contents of all of ESP's SA tables into PF_KEY SADB_DUMP
3862 3616 * messages.
3863 3617 */
3864 3618 static void
3865 3619 esp_dump(mblk_t *mp, keysock_in_t *ksi, ipsecesp_stack_t *espstack)
3866 3620 {
3867 3621 int error;
3868 3622 sadb_msg_t *samsg;
3869 3623
3870 3624 /*
3871 3625 * Dump each fanout, bailing if error is non-zero.
3872 3626 */
3873 3627
3874 3628 error = sadb_dump(espstack->esp_pfkey_q, mp, ksi,
3875 3629 &espstack->esp_sadb.s_v4);
3876 3630 if (error != 0)
3877 3631 goto bail;
3878 3632
3879 3633 error = sadb_dump(espstack->esp_pfkey_q, mp, ksi,
3880 3634 &espstack->esp_sadb.s_v6);
3881 3635 bail:
3882 3636 ASSERT(mp->b_cont != NULL);
3883 3637 samsg = (sadb_msg_t *)mp->b_cont->b_rptr;
3884 3638 samsg->sadb_msg_errno = (uint8_t)error;
3885 3639 sadb_pfkey_echo(espstack->esp_pfkey_q, mp,
3886 3640 (sadb_msg_t *)mp->b_cont->b_rptr, ksi, NULL);
3887 3641 }
3888 3642
3889 3643 /*
3890 3644 * First-cut reality check for an inbound PF_KEY message.
3891 3645 */
3892 3646 static boolean_t
3893 3647 esp_pfkey_reality_failures(mblk_t *mp, keysock_in_t *ksi,
3894 3648 ipsecesp_stack_t *espstack)
3895 3649 {
3896 3650 int diagnostic;
3897 3651
3898 3652 if (ksi->ks_in_extv[SADB_EXT_PROPOSAL] != NULL) {
3899 3653 diagnostic = SADB_X_DIAGNOSTIC_PROP_PRESENT;
3900 3654 goto badmsg;
3901 3655 }
3902 3656 if (ksi->ks_in_extv[SADB_EXT_SUPPORTED_AUTH] != NULL ||
3903 3657 ksi->ks_in_extv[SADB_EXT_SUPPORTED_ENCRYPT] != NULL) {
3904 3658 diagnostic = SADB_X_DIAGNOSTIC_SUPP_PRESENT;
3905 3659 goto badmsg;
3906 3660 }
3907 3661 return (B_FALSE); /* False ==> no failures */
3908 3662
3909 3663 badmsg:
3910 3664 sadb_pfkey_error(espstack->esp_pfkey_q, mp, EINVAL, diagnostic,
3911 3665 ksi->ks_in_serial);
3912 3666 return (B_TRUE); /* True ==> failures */
3913 3667 }
3914 3668
3915 3669 /*
3916 3670 * ESP parsing of PF_KEY messages. Keysock did most of the really silly
3917 3671 * error cases. What I receive is a fully-formed, syntactically legal
3918 3672 * PF_KEY message. I then need to check semantics...
3919 3673 *
3920 3674 * This code may become common to AH and ESP. Stay tuned.
3921 3675 *
3922 3676 * I also make the assumption that db_ref's are cool. If this assumption
3923 3677 * is wrong, this means that someone other than keysock or me has been
3924 3678 * mucking with PF_KEY messages.
3925 3679 */
3926 3680 static void
3927 3681 esp_parse_pfkey(mblk_t *mp, ipsecesp_stack_t *espstack)
3928 3682 {
3929 3683 mblk_t *msg = mp->b_cont;
3930 3684 sadb_msg_t *samsg;
3931 3685 keysock_in_t *ksi;
3932 3686 int error;
3933 3687 int diagnostic = SADB_X_DIAGNOSTIC_NONE;
3934 3688
3935 3689 ASSERT(msg != NULL);
3936 3690
3937 3691 samsg = (sadb_msg_t *)msg->b_rptr;
3938 3692 ksi = (keysock_in_t *)mp->b_rptr;
3939 3693
3940 3694 /*
3941 3695 * If applicable, convert unspecified AF_INET6 to unspecified
3942 3696 * AF_INET. And do other address reality checks.
3943 3697 */
3944 3698 if (!sadb_addrfix(ksi, espstack->esp_pfkey_q, mp,
3945 3699 espstack->ipsecesp_netstack) ||
3946 3700 esp_pfkey_reality_failures(mp, ksi, espstack)) {
3947 3701 return;
3948 3702 }
3949 3703
3950 3704 switch (samsg->sadb_msg_type) {
3951 3705 case SADB_ADD:
3952 3706 error = esp_add_sa(mp, ksi, &diagnostic,
3953 3707 espstack->ipsecesp_netstack);
3954 3708 if (error != 0) {
3955 3709 sadb_pfkey_error(espstack->esp_pfkey_q, mp, error,
3956 3710 diagnostic, ksi->ks_in_serial);
3957 3711 }
3958 3712 /* else esp_add_sa() took care of things. */
3959 3713 break;
3960 3714 case SADB_DELETE:
3961 3715 case SADB_X_DELPAIR:
3962 3716 case SADB_X_DELPAIR_STATE:
3963 3717 error = esp_del_sa(mp, ksi, &diagnostic, espstack,
3964 3718 samsg->sadb_msg_type);
3965 3719 if (error != 0) {
3966 3720 sadb_pfkey_error(espstack->esp_pfkey_q, mp, error,
3967 3721 diagnostic, ksi->ks_in_serial);
3968 3722 }
3969 3723 /* Else esp_del_sa() took care of things. */
3970 3724 break;
3971 3725 case SADB_GET:
3972 3726 error = sadb_delget_sa(mp, ksi, &espstack->esp_sadb,
3973 3727 &diagnostic, espstack->esp_pfkey_q, samsg->sadb_msg_type);
3974 3728 if (error != 0) {
3975 3729 sadb_pfkey_error(espstack->esp_pfkey_q, mp, error,
3976 3730 diagnostic, ksi->ks_in_serial);
3977 3731 }
3978 3732 /* Else sadb_get_sa() took care of things. */
3979 3733 break;
3980 3734 case SADB_FLUSH:
3981 3735 sadbp_flush(&espstack->esp_sadb, espstack->ipsecesp_netstack);
3982 3736 sadb_pfkey_echo(espstack->esp_pfkey_q, mp, samsg, ksi, NULL);
3983 3737 break;
3984 3738 case SADB_REGISTER:
3985 3739 /*
3986 3740 * Hmmm, let's do it! Check for extensions (there should
3987 3741 * be none), extract the fields, call esp_register_out(),
3988 3742 * then either free or report an error.
3989 3743 *
3990 3744 * Keysock takes care of the PF_KEY bookkeeping for this.
3991 3745 */
3992 3746 if (esp_register_out(samsg->sadb_msg_seq, samsg->sadb_msg_pid,
3993 3747 ksi->ks_in_serial, espstack, msg_getcred(mp, NULL))) {
3994 3748 freemsg(mp);
3995 3749 } else {
3996 3750 /*
3997 3751 * Only way this path hits is if there is a memory
3998 3752 * failure. It will not return B_FALSE because of
3999 3753 * lack of esp_pfkey_q if I am in wput().
4000 3754 */
4001 3755 sadb_pfkey_error(espstack->esp_pfkey_q, mp, ENOMEM,
4002 3756 diagnostic, ksi->ks_in_serial);
4003 3757 }
4004 3758 break;
4005 3759 case SADB_UPDATE:
4006 3760 case SADB_X_UPDATEPAIR:
4007 3761 /*
4008 3762 * Find a larval, if not there, find a full one and get
4009 3763 * strict.
4010 3764 */
4011 3765 error = esp_update_sa(mp, ksi, &diagnostic, espstack,
4012 3766 samsg->sadb_msg_type);
4013 3767 if (error != 0) {
4014 3768 sadb_pfkey_error(espstack->esp_pfkey_q, mp, error,
4015 3769 diagnostic, ksi->ks_in_serial);
4016 3770 }
4017 3771 /* else esp_update_sa() took care of things. */
4018 3772 break;
4019 3773 case SADB_GETSPI:
4020 3774 /*
4021 3775 * Reserve a new larval entry.
4022 3776 */
4023 3777 esp_getspi(mp, ksi, espstack);
4024 3778 break;
4025 3779 case SADB_ACQUIRE:
4026 3780 /*
4027 3781 * Find larval and/or ACQUIRE record and kill it (them), I'm
4028 3782 * most likely an error. Inbound ACQUIRE messages should only
4029 3783 * have the base header.
4030 3784 */
4031 3785 sadb_in_acquire(samsg, &espstack->esp_sadb,
4032 3786 espstack->esp_pfkey_q, espstack->ipsecesp_netstack);
4033 3787 freemsg(mp);
4034 3788 break;
4035 3789 case SADB_DUMP:
4036 3790 /*
4037 3791 * Dump all entries.
4038 3792 */
4039 3793 esp_dump(mp, ksi, espstack);
4040 3794 /* esp_dump will take care of the return message, etc. */
4041 3795 break;
4042 3796 case SADB_EXPIRE:
4043 3797 /* Should never reach me. */
4044 3798 sadb_pfkey_error(espstack->esp_pfkey_q, mp, EOPNOTSUPP,
4045 3799 diagnostic, ksi->ks_in_serial);
4046 3800 break;
4047 3801 default:
4048 3802 sadb_pfkey_error(espstack->esp_pfkey_q, mp, EINVAL,
4049 3803 SADB_X_DIAGNOSTIC_UNKNOWN_MSG, ksi->ks_in_serial);
4050 3804 break;
4051 3805 }
4052 3806 }
4053 3807
4054 3808 /*
4055 3809 * Handle case where PF_KEY says it can't find a keysock for one of my
4056 3810 * ACQUIRE messages.
4057 3811 */
4058 3812 static void
4059 3813 esp_keysock_no_socket(mblk_t *mp, ipsecesp_stack_t *espstack)
4060 3814 {
4061 3815 sadb_msg_t *samsg;
4062 3816 keysock_out_err_t *kse = (keysock_out_err_t *)mp->b_rptr;
4063 3817
4064 3818 if (mp->b_cont == NULL) {
4065 3819 freemsg(mp);
4066 3820 return;
4067 3821 }
4068 3822 samsg = (sadb_msg_t *)mp->b_cont->b_rptr;
4069 3823
4070 3824 /*
4071 3825 * If keysock can't find any registered, delete the acquire record
4072 3826 * immediately, and handle errors.
4073 3827 */
4074 3828 if (samsg->sadb_msg_type == SADB_ACQUIRE) {
4075 3829 samsg->sadb_msg_errno = kse->ks_err_errno;
4076 3830 samsg->sadb_msg_len = SADB_8TO64(sizeof (*samsg));
4077 3831 /*
4078 3832 * Use the write-side of the esp_pfkey_q
4079 3833 */
4080 3834 sadb_in_acquire(samsg, &espstack->esp_sadb,
4081 3835 WR(espstack->esp_pfkey_q), espstack->ipsecesp_netstack);
4082 3836 }
4083 3837
4084 3838 freemsg(mp);
4085 3839 }
4086 3840
4087 3841 /*
4088 3842 * ESP module write put routine.
4089 3843 */
4090 3844 static void
4091 3845 ipsecesp_wput(queue_t *q, mblk_t *mp)
4092 3846 {
4093 3847 ipsec_info_t *ii;
4094 3848 struct iocblk *iocp;
4095 3849 ipsecesp_stack_t *espstack = (ipsecesp_stack_t *)q->q_ptr;
4096 3850
4097 3851 esp3dbg(espstack, ("In esp_wput().\n"));
4098 3852
4099 3853 /* NOTE: Each case must take care of freeing or passing mp. */
4100 3854 switch (mp->b_datap->db_type) {
4101 3855 case M_CTL:
4102 3856 if ((mp->b_wptr - mp->b_rptr) < sizeof (ipsec_info_t)) {
4103 3857 /* Not big enough message. */
4104 3858 freemsg(mp);
4105 3859 break;
4106 3860 }
4107 3861 ii = (ipsec_info_t *)mp->b_rptr;
4108 3862
4109 3863 switch (ii->ipsec_info_type) {
4110 3864 case KEYSOCK_OUT_ERR:
4111 3865 esp1dbg(espstack, ("Got KEYSOCK_OUT_ERR message.\n"));
4112 3866 esp_keysock_no_socket(mp, espstack);
4113 3867 break;
4114 3868 case KEYSOCK_IN:
4115 3869 ESP_BUMP_STAT(espstack, keysock_in);
4116 3870 esp3dbg(espstack, ("Got KEYSOCK_IN message.\n"));
4117 3871
4118 3872 /* Parse the message. */
4119 3873 esp_parse_pfkey(mp, espstack);
4120 3874 break;
4121 3875 case KEYSOCK_HELLO:
4122 3876 sadb_keysock_hello(&espstack->esp_pfkey_q, q, mp,
4123 3877 esp_ager, (void *)espstack, &espstack->esp_event,
4124 3878 SADB_SATYPE_ESP);
4125 3879 break;
4126 3880 default:
4127 3881 esp2dbg(espstack, ("Got M_CTL from above of 0x%x.\n",
4128 3882 ii->ipsec_info_type));
4129 3883 freemsg(mp);
4130 3884 break;
4131 3885 }
4132 3886 break;
4133 3887 case M_IOCTL:
4134 3888 iocp = (struct iocblk *)mp->b_rptr;
4135 3889 switch (iocp->ioc_cmd) {
4136 3890 case ND_SET:
4137 3891 case ND_GET:
4138 3892 if (nd_getset(q, espstack->ipsecesp_g_nd, mp)) {
4139 3893 qreply(q, mp);
4140 3894 return;
4141 3895 } else {
4142 3896 iocp->ioc_error = ENOENT;
4143 3897 }
4144 3898 /* FALLTHRU */
4145 3899 default:
4146 3900 /* We really don't support any other ioctls, do we? */
4147 3901
4148 3902 /* Return EINVAL */
4149 3903 if (iocp->ioc_error != ENOENT)
4150 3904 iocp->ioc_error = EINVAL;
4151 3905 iocp->ioc_count = 0;
4152 3906 mp->b_datap->db_type = M_IOCACK;
4153 3907 qreply(q, mp);
4154 3908 return;
4155 3909 }
4156 3910 default:
4157 3911 esp3dbg(espstack,
4158 3912 ("Got default message, type %d, passing to IP.\n",
4159 3913 mp->b_datap->db_type));
4160 3914 putnext(q, mp);
4161 3915 }
4162 3916 }
4163 3917
4164 3918 /*
4165 3919 * Wrapper to allow IP to trigger an ESP association failure message
4166 3920 * during inbound SA selection.
4167 3921 */
4168 3922 void
4169 3923 ipsecesp_in_assocfailure(mblk_t *mp, char level, ushort_t sl, char *fmt,
4170 3924 uint32_t spi, void *addr, int af, ip_recv_attr_t *ira)
4171 3925 {
4172 3926 netstack_t *ns = ira->ira_ill->ill_ipst->ips_netstack;
4173 3927 ipsecesp_stack_t *espstack = ns->netstack_ipsecesp;
4174 3928 ipsec_stack_t *ipss = ns->netstack_ipsec;
4175 3929
4176 3930 if (espstack->ipsecesp_log_unknown_spi) {
4177 3931 ipsec_assocfailure(info.mi_idnum, 0, level, sl, fmt, spi,
4178 3932 addr, af, espstack->ipsecesp_netstack);
4179 3933 }
4180 3934
4181 3935 ip_drop_packet(mp, B_TRUE, ira->ira_ill,
4182 3936 DROPPER(ipss, ipds_esp_no_sa),
4183 3937 &espstack->esp_dropper);
4184 3938 }
4185 3939
4186 3940 /*
4187 3941 * Initialize the ESP input and output processing functions.
4188 3942 */
4189 3943 void
4190 3944 ipsecesp_init_funcs(ipsa_t *sa)
4191 3945 {
4192 3946 if (sa->ipsa_output_func == NULL)
4193 3947 sa->ipsa_output_func = esp_outbound;
4194 3948 if (sa->ipsa_input_func == NULL)
4195 3949 sa->ipsa_input_func = esp_inbound;
4196 3950 }
|
↓ open down ↓ |
2368 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX