The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/netipsec/xform_ah.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*      $FreeBSD$       */
    2 /*      $OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */
    3 /*-
    4  * The authors of this code are John Ioannidis (ji@tla.org),
    5  * Angelos D. Keromytis (kermit@csd.uch.gr) and
    6  * Niels Provos (provos@physnet.uni-hamburg.de).
    7  *
    8  * The original version of this code was written by John Ioannidis
    9  * for BSD/OS in Athens, Greece, in November 1995.
   10  *
   11  * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
   12  * by Angelos D. Keromytis.
   13  *
   14  * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis
   15  * and Niels Provos.
   16  *
   17  * Additional features in 1999 by Angelos D. Keromytis and Niklas Hallqvist.
   18  *
   19  * Copyright (c) 1995, 1996, 1997, 1998, 1999 by John Ioannidis,
   20  * Angelos D. Keromytis and Niels Provos.
   21  * Copyright (c) 1999 Niklas Hallqvist.
   22  * Copyright (c) 2001 Angelos D. Keromytis.
   23  *
   24  * Permission to use, copy, and modify this software with or without fee
   25  * is hereby granted, provided that this entire notice is included in
   26  * all copies of any software which is or includes a copy or
   27  * modification of this software.
   28  * You may use this code under the GNU public license if you so wish. Please
   29  * contribute changes back to the authors under this freer than GPL license
   30  * so that we may further the use of strong encryption without limitations to
   31  * all.
   32  *
   33  * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
   34  * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
   35  * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
   36  * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
   37  * PURPOSE.
   38  */
   39 #include "opt_inet.h"
   40 #include "opt_inet6.h"
   41 #include "opt_ipsec.h"
   42 
   43 #include <sys/param.h>
   44 #include <sys/systm.h>
   45 #include <sys/mbuf.h>
   46 #include <sys/socket.h>
   47 #include <sys/syslog.h>
   48 #include <sys/kernel.h>
   49 #include <sys/lock.h>
   50 #include <sys/mutex.h>
   51 #include <sys/sysctl.h>
   52 
   53 #include <net/if.h>
   54 #include <net/vnet.h>
   55 
   56 #include <netinet/in.h>
   57 #include <netinet/in_systm.h>
   58 #include <netinet/ip.h>
   59 #include <netinet/ip_ecn.h>
   60 #include <netinet/ip6.h>
   61 
   62 #include <netipsec/ipsec.h>
   63 #include <netipsec/ah.h>
   64 #include <netipsec/ah_var.h>
   65 #include <netipsec/xform.h>
   66 
   67 #ifdef INET6
   68 #include <netinet6/ip6_var.h>
   69 #include <netipsec/ipsec6.h>
   70 #include <netinet6/ip6_ecn.h>
   71 #endif
   72 
   73 #include <netipsec/key.h>
   74 #include <netipsec/key_debug.h>
   75 
   76 #include <opencrypto/cryptodev.h>
   77 
   78 /*
   79  * Return header size in bytes.  The old protocol did not support
   80  * the replay counter; the new protocol always includes the counter.
   81  */
   82 #define HDRSIZE(sav) \
   83         (((sav)->flags & SADB_X_EXT_OLD) ? \
   84                 sizeof (struct ah) : sizeof (struct ah) + sizeof (u_int32_t))
   85 /* 
   86  * Return authenticator size in bytes, based on a field in the
   87  * algorithm descriptor.
   88  */
   89 #define AUTHSIZE(sav)   ((sav->flags & SADB_X_EXT_OLD) ? 16 :   \
   90                          xform_ah_authsize((sav)->tdb_authalgxform))
   91 
   92 VNET_DEFINE(int, ah_enable) = 1;        /* control flow of packets with AH */
   93 VNET_DEFINE(int, ah_cleartos) = 1;      /* clear ip_tos when doing AH calc */
   94 VNET_PCPUSTAT_DEFINE(struct ahstat, ahstat);
   95 VNET_PCPUSTAT_SYSINIT(ahstat);
   96 
   97 #ifdef VIMAGE
   98 VNET_PCPUSTAT_SYSUNINIT(ahstat);
   99 #endif /* VIMAGE */
  100 
  101 #ifdef INET
  102 SYSCTL_DECL(_net_inet_ah);
  103 SYSCTL_INT(_net_inet_ah, OID_AUTO, ah_enable,
  104         CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ah_enable), 0, "");
  105 SYSCTL_INT(_net_inet_ah, OID_AUTO, ah_cleartos,
  106         CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ah_cleartos), 0, "");
  107 SYSCTL_VNET_PCPUSTAT(_net_inet_ah, IPSECCTL_STATS, stats, struct ahstat,
  108     ahstat, "AH statistics (struct ahstat, netipsec/ah_var.h)");
  109 #endif
  110 
  111 static unsigned char ipseczeroes[256];  /* larger than an ip6 extension hdr */
  112 static struct timeval md5warn, ripewarn, kpdkmd5warn, kpdksha1warn;
  113 
  114 static int ah_input_cb(struct cryptop*);
  115 static int ah_output_cb(struct cryptop*);
  116 
  117 int
  118 xform_ah_authsize(const struct auth_hash *esph)
  119 {
  120         int alen;
  121 
  122         if (esph == NULL)
  123                 return 0;
  124 
  125         switch (esph->type) {
  126         case CRYPTO_SHA2_256_HMAC:
  127         case CRYPTO_SHA2_384_HMAC:
  128         case CRYPTO_SHA2_512_HMAC:
  129                 alen = esph->hashsize / 2;      /* RFC4868 2.3 */
  130                 break;
  131 
  132         case CRYPTO_AES_128_NIST_GMAC:
  133         case CRYPTO_AES_192_NIST_GMAC:
  134         case CRYPTO_AES_256_NIST_GMAC:
  135                 alen = esph->hashsize;
  136                 break;
  137 
  138         default:
  139                 alen = AH_HMAC_HASHLEN;
  140                 break;
  141         }
  142 
  143         return alen;
  144 }
  145 
  146 size_t
  147 ah_hdrsiz(struct secasvar *sav)
  148 {
  149         size_t size;
  150 
  151         if (sav != NULL) {
  152                 int authsize;
  153                 IPSEC_ASSERT(sav->tdb_authalgxform != NULL, ("null xform"));
  154                 /*XXX not right for null algorithm--does it matter??*/
  155                 authsize = AUTHSIZE(sav);
  156                 size = roundup(authsize, sizeof (u_int32_t)) + HDRSIZE(sav);
  157         } else {
  158                 /* default guess */
  159                 size = sizeof (struct ah) + sizeof (u_int32_t) + 16;
  160         }
  161         return size;
  162 }
  163 
  164 /*
  165  * NB: public for use by esp_init.
  166  */
  167 int
  168 ah_init0(struct secasvar *sav, struct xformsw *xsp, struct cryptoini *cria)
  169 {
  170         const struct auth_hash *thash;
  171         int keylen;
  172 
  173         thash = auth_algorithm_lookup(sav->alg_auth);
  174         if (thash == NULL) {
  175                 DPRINTF(("%s: unsupported authentication algorithm %u\n",
  176                         __func__, sav->alg_auth));
  177                 return EINVAL;
  178         }
  179 
  180         switch (sav->alg_auth) {
  181         case SADB_AALG_MD5HMAC:
  182                 if (ratecheck(&md5warn, &ipsec_warn_interval))
  183                         gone_in(13, "MD5-HMAC authenticator for IPsec");
  184                 break;
  185         case SADB_X_AALG_RIPEMD160HMAC:
  186                 if (ratecheck(&ripewarn, &ipsec_warn_interval))
  187                         gone_in(13, "RIPEMD160-HMAC authenticator for IPsec");
  188                 break;
  189         case SADB_X_AALG_MD5:
  190                 if (ratecheck(&kpdkmd5warn, &ipsec_warn_interval))
  191                         gone_in(13, "Keyed-MD5 authenticator for IPsec");
  192                 break;
  193         case SADB_X_AALG_SHA:
  194                 if (ratecheck(&kpdksha1warn, &ipsec_warn_interval))
  195                         gone_in(13, "Keyed-SHA1 authenticator for IPsec");
  196                 break;
  197         }
  198 
  199         /*
  200          * Verify the replay state block allocation is consistent with
  201          * the protocol type.  We check here so we can make assumptions
  202          * later during protocol processing.
  203          */
  204         /* NB: replay state is setup elsewhere (sigh) */
  205         if (((sav->flags&SADB_X_EXT_OLD) == 0) ^ (sav->replay != NULL)) {
  206                 DPRINTF(("%s: replay state block inconsistency, "
  207                         "%s algorithm %s replay state\n", __func__,
  208                         (sav->flags & SADB_X_EXT_OLD) ? "old" : "new",
  209                         sav->replay == NULL ? "without" : "with"));
  210                 return EINVAL;
  211         }
  212         if (sav->key_auth == NULL) {
  213                 DPRINTF(("%s: no authentication key for %s algorithm\n",
  214                         __func__, thash->name));
  215                 return EINVAL;
  216         }
  217         keylen = _KEYLEN(sav->key_auth);
  218         if (keylen != thash->keysize && thash->keysize != 0) {
  219                 DPRINTF(("%s: invalid keylength %d, algorithm %s requires "
  220                         "keysize %d\n", __func__,
  221                          keylen, thash->name, thash->keysize));
  222                 return EINVAL;
  223         }
  224 
  225         sav->tdb_xform = xsp;
  226         sav->tdb_authalgxform = thash;
  227 
  228         /* Initialize crypto session. */
  229         bzero(cria, sizeof (*cria));
  230         cria->cri_alg = sav->tdb_authalgxform->type;
  231         cria->cri_klen = _KEYBITS(sav->key_auth);
  232         cria->cri_key = sav->key_auth->key_data;
  233         cria->cri_mlen = AUTHSIZE(sav);
  234 
  235         return 0;
  236 }
  237 
  238 /*
  239  * ah_init() is called when an SPI is being set up.
  240  */
  241 static int
  242 ah_init(struct secasvar *sav, struct xformsw *xsp)
  243 {
  244         struct cryptoini cria;
  245         int error;
  246 
  247         error = ah_init0(sav, xsp, &cria);
  248         return error ? error :
  249                  crypto_newsession(&sav->tdb_cryptoid, &cria, V_crypto_support);
  250 }
  251 
  252 /*
  253  * Paranoia.
  254  *
  255  * NB: public for use by esp_zeroize (XXX).
  256  */
  257 int
  258 ah_zeroize(struct secasvar *sav)
  259 {
  260         int err;
  261 
  262         if (sav->key_auth)
  263                 bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth));
  264 
  265         err = crypto_freesession(sav->tdb_cryptoid);
  266         sav->tdb_cryptoid = 0;
  267         sav->tdb_authalgxform = NULL;
  268         sav->tdb_xform = NULL;
  269         return err;
  270 }
  271 
  272 /*
  273  * Massage IPv4/IPv6 headers for AH processing.
  274  */
  275 static int
  276 ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out)
  277 {
  278         struct mbuf *m = *m0;
  279         unsigned char *ptr;
  280         int off, count;
  281 
  282 #ifdef INET
  283         struct ip *ip;
  284 #endif /* INET */
  285 
  286 #ifdef INET6
  287         struct ip6_ext *ip6e;
  288         struct ip6_hdr ip6;
  289         int ad, alloc, nxt, noff;
  290 #endif /* INET6 */
  291 
  292         switch (proto) {
  293 #ifdef INET
  294         case AF_INET:
  295                 /*
  296                  * This is the least painful way of dealing with IPv4 header
  297                  * and option processing -- just make sure they're in
  298                  * contiguous memory.
  299                  */
  300                 *m0 = m = m_pullup(m, skip);
  301                 if (m == NULL) {
  302                         DPRINTF(("%s: m_pullup failed\n", __func__));
  303                         return ENOBUFS;
  304                 }
  305 
  306                 /* Fix the IP header */
  307                 ip = mtod(m, struct ip *);
  308                 if (V_ah_cleartos)
  309                         ip->ip_tos = 0;
  310                 ip->ip_ttl = 0;
  311                 ip->ip_sum = 0;
  312 
  313                 if (alg == CRYPTO_MD5_KPDK || alg == CRYPTO_SHA1_KPDK)
  314                         ip->ip_off &= htons(IP_DF);
  315                 else
  316                         ip->ip_off = htons(0);
  317 
  318                 ptr = mtod(m, unsigned char *);
  319 
  320                 /* IPv4 option processing */
  321                 for (off = sizeof(struct ip); off < skip;) {
  322                         if (ptr[off] == IPOPT_EOL || ptr[off] == IPOPT_NOP ||
  323                             off + 1 < skip)
  324                                 ;
  325                         else {
  326                                 DPRINTF(("%s: illegal IPv4 option length for "
  327                                         "option %d\n", __func__, ptr[off]));
  328 
  329                                 m_freem(m);
  330                                 return EINVAL;
  331                         }
  332 
  333                         switch (ptr[off]) {
  334                         case IPOPT_EOL:
  335                                 off = skip;  /* End the loop. */
  336                                 break;
  337 
  338                         case IPOPT_NOP:
  339                                 off++;
  340                                 break;
  341 
  342                         case IPOPT_SECURITY:    /* 0x82 */
  343                         case 0x85:      /* Extended security. */
  344                         case 0x86:      /* Commercial security. */
  345                         case 0x94:      /* Router alert */
  346                         case 0x95:      /* RFC1770 */
  347                                 /* Sanity check for option length. */
  348                                 if (ptr[off + 1] < 2) {
  349                                         DPRINTF(("%s: illegal IPv4 option "
  350                                                 "length for option %d\n",
  351                                                 __func__, ptr[off]));
  352 
  353                                         m_freem(m);
  354                                         return EINVAL;
  355                                 }
  356 
  357                                 off += ptr[off + 1];
  358                                 break;
  359 
  360                         case IPOPT_LSRR:
  361                         case IPOPT_SSRR:
  362                                 /* Sanity check for option length. */
  363                                 if (ptr[off + 1] < 2) {
  364                                         DPRINTF(("%s: illegal IPv4 option "
  365                                                 "length for option %d\n",
  366                                                 __func__, ptr[off]));
  367 
  368                                         m_freem(m);
  369                                         return EINVAL;
  370                                 }
  371 
  372                                 /*
  373                                  * On output, if we have either of the
  374                                  * source routing options, we should
  375                                  * swap the destination address of the
  376                                  * IP header with the last address
  377                                  * specified in the option, as that is
  378                                  * what the destination's IP header
  379                                  * will look like.
  380                                  */
  381                                 if (out)
  382                                         bcopy(ptr + off + ptr[off + 1] -
  383                                             sizeof(struct in_addr),
  384                                             &(ip->ip_dst), sizeof(struct in_addr));
  385 
  386                                 /* Fall through */
  387                         default:
  388                                 /* Sanity check for option length. */
  389                                 if (ptr[off + 1] < 2) {
  390                                         DPRINTF(("%s: illegal IPv4 option "
  391                                                 "length for option %d\n",
  392                                                 __func__, ptr[off]));
  393                                         m_freem(m);
  394                                         return EINVAL;
  395                                 }
  396 
  397                                 /* Zeroize all other options. */
  398                                 count = ptr[off + 1];
  399                                 bcopy(ipseczeroes, ptr + off, count);
  400                                 off += count;
  401                                 break;
  402                         }
  403 
  404                         /* Sanity check. */
  405                         if (off > skip) {
  406                                 DPRINTF(("%s: malformed IPv4 options header\n",
  407                                         __func__));
  408 
  409                                 m_freem(m);
  410                                 return EINVAL;
  411                         }
  412                 }
  413 
  414                 break;
  415 #endif /* INET */
  416 
  417 #ifdef INET6
  418         case AF_INET6:  /* Ugly... */
  419                 /* Copy and "cook" the IPv6 header. */
  420                 m_copydata(m, 0, sizeof(ip6), (caddr_t) &ip6);
  421 
  422                 /* We don't do IPv6 Jumbograms. */
  423                 if (ip6.ip6_plen == 0) {
  424                         DPRINTF(("%s: unsupported IPv6 jumbogram\n", __func__));
  425                         m_freem(m);
  426                         return EMSGSIZE;
  427                 }
  428 
  429                 ip6.ip6_flow = 0;
  430                 ip6.ip6_hlim = 0;
  431                 ip6.ip6_vfc &= ~IPV6_VERSION_MASK;
  432                 ip6.ip6_vfc |= IPV6_VERSION;
  433 
  434                 /* Scoped address handling. */
  435                 if (IN6_IS_SCOPE_LINKLOCAL(&ip6.ip6_src))
  436                         ip6.ip6_src.s6_addr16[1] = 0;
  437                 if (IN6_IS_SCOPE_LINKLOCAL(&ip6.ip6_dst))
  438                         ip6.ip6_dst.s6_addr16[1] = 0;
  439 
  440                 /* Done with IPv6 header. */
  441                 m_copyback(m, 0, sizeof(struct ip6_hdr), (caddr_t) &ip6);
  442 
  443                 /* Let's deal with the remaining headers (if any). */
  444                 if (skip - sizeof(struct ip6_hdr) > 0) {
  445                         if (m->m_len <= skip) {
  446                                 ptr = (unsigned char *) malloc(
  447                                     skip - sizeof(struct ip6_hdr),
  448                                     M_XDATA, M_NOWAIT);
  449                                 if (ptr == NULL) {
  450                                         DPRINTF(("%s: failed to allocate memory"
  451                                                 "for IPv6 headers\n",__func__));
  452                                         m_freem(m);
  453                                         return ENOBUFS;
  454                                 }
  455 
  456                                 /*
  457                                  * Copy all the protocol headers after
  458                                  * the IPv6 header.
  459                                  */
  460                                 m_copydata(m, sizeof(struct ip6_hdr),
  461                                     skip - sizeof(struct ip6_hdr), ptr);
  462                                 alloc = 1;
  463                         } else {
  464                                 /* No need to allocate memory. */
  465                                 ptr = mtod(m, unsigned char *) +
  466                                     sizeof(struct ip6_hdr);
  467                                 alloc = 0;
  468                         }
  469                 } else
  470                         break;
  471 
  472                 nxt = ip6.ip6_nxt & 0xff; /* Next header type. */
  473 
  474                 for (off = 0; off < skip - sizeof(struct ip6_hdr);)
  475                         switch (nxt) {
  476                         case IPPROTO_HOPOPTS:
  477                         case IPPROTO_DSTOPTS:
  478                                 ip6e = (struct ip6_ext *)(ptr + off);
  479                                 noff = off + ((ip6e->ip6e_len + 1) << 3);
  480 
  481                                 /* Sanity check. */
  482                                 if (noff > skip - sizeof(struct ip6_hdr))
  483                                         goto error6;
  484 
  485                                 /*
  486                                  * Zero out mutable options.
  487                                  */
  488                                 for (count = off + sizeof(struct ip6_ext);
  489                                      count < noff;) {
  490                                         if (ptr[count] == IP6OPT_PAD1) {
  491                                                 count++;
  492                                                 continue; /* Skip padding. */
  493                                         }
  494 
  495                                         ad = ptr[count + 1] + 2;
  496                                         if (count + ad > noff)
  497                                                 goto error6;
  498 
  499                                         if (ptr[count] & IP6OPT_MUTABLE)
  500                                                 memset(ptr + count, 0, ad);
  501                                         count += ad;
  502                                 }
  503 
  504                                 if (count != noff)
  505                                         goto error6;
  506 
  507                                 /* Advance. */
  508                                 off += ((ip6e->ip6e_len + 1) << 3);
  509                                 nxt = ip6e->ip6e_nxt;
  510                                 break;
  511 
  512                         case IPPROTO_ROUTING:
  513                                 /*
  514                                  * Always include routing headers in
  515                                  * computation.
  516                                  */
  517                                 ip6e = (struct ip6_ext *) (ptr + off);
  518                                 off += ((ip6e->ip6e_len + 1) << 3);
  519                                 nxt = ip6e->ip6e_nxt;
  520                                 break;
  521 
  522                         default:
  523                                 DPRINTF(("%s: unexpected IPv6 header type %d",
  524                                         __func__, off));
  525 error6:
  526                                 if (alloc)
  527                                         free(ptr, M_XDATA);
  528                                 m_freem(m);
  529                                 return EINVAL;
  530                         }
  531 
  532                 /* Copyback and free, if we allocated. */
  533                 if (alloc) {
  534                         m_copyback(m, sizeof(struct ip6_hdr),
  535                             skip - sizeof(struct ip6_hdr), ptr);
  536                         free(ptr, M_XDATA);
  537                 }
  538 
  539                 break;
  540 #endif /* INET6 */
  541         }
  542 
  543         return 0;
  544 }
  545 
  546 /*
  547  * ah_input() gets called to verify that an input packet
  548  * passes authentication.
  549  */
  550 static int
  551 ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
  552 {
  553         IPSEC_DEBUG_DECLARE(char buf[128]);
  554         const struct auth_hash *ahx;
  555         struct cryptodesc *crda;
  556         struct cryptop *crp;
  557         struct xform_data *xd;
  558         struct newah *ah;
  559         uint64_t cryptoid;
  560         int hl, rplen, authsize, error;
  561 
  562         IPSEC_ASSERT(sav != NULL, ("null SA"));
  563         IPSEC_ASSERT(sav->key_auth != NULL, ("null authentication key"));
  564         IPSEC_ASSERT(sav->tdb_authalgxform != NULL,
  565                 ("null authentication xform"));
  566 
  567         /* Figure out header size. */
  568         rplen = HDRSIZE(sav);
  569 
  570         /* XXX don't pullup, just copy header */
  571         IP6_EXTHDR_GET(ah, struct newah *, m, skip, rplen);
  572         if (ah == NULL) {
  573                 DPRINTF(("ah_input: cannot pullup header\n"));
  574                 AHSTAT_INC(ahs_hdrops);         /*XXX*/
  575                 error = ENOBUFS;
  576                 goto bad;
  577         }
  578 
  579         /* Check replay window, if applicable. */
  580         SECASVAR_LOCK(sav);
  581         if (sav->replay != NULL && sav->replay->wsize != 0 &&
  582             ipsec_chkreplay(ntohl(ah->ah_seq), sav) == 0) {
  583                 SECASVAR_UNLOCK(sav);
  584                 AHSTAT_INC(ahs_replay);
  585                 DPRINTF(("%s: packet replay failure: %s\n", __func__,
  586                     ipsec_sa2str(sav, buf, sizeof(buf))));
  587                 error = EACCES;
  588                 goto bad;
  589         }
  590         cryptoid = sav->tdb_cryptoid;
  591         SECASVAR_UNLOCK(sav);
  592 
  593         /* Verify AH header length. */
  594         hl = ah->ah_len * sizeof (u_int32_t);
  595         ahx = sav->tdb_authalgxform;
  596         authsize = AUTHSIZE(sav);
  597         if (hl != authsize + rplen - sizeof (struct ah)) {
  598                 DPRINTF(("%s: bad authenticator length %u (expecting %lu)"
  599                     " for packet in SA %s/%08lx\n", __func__, hl,
  600                     (u_long) (authsize + rplen - sizeof (struct ah)),
  601                     ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)),
  602                     (u_long) ntohl(sav->spi)));
  603                 AHSTAT_INC(ahs_badauthl);
  604                 error = EACCES;
  605                 goto bad;
  606         }
  607         if (skip + authsize + rplen > m->m_pkthdr.len) {
  608                 DPRINTF(("%s: bad mbuf length %u (expecting %lu)"
  609                     " for packet in SA %s/%08lx\n", __func__,
  610                     m->m_pkthdr.len, (u_long) (skip + authsize + rplen),
  611                     ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)),
  612                     (u_long) ntohl(sav->spi)));
  613                 AHSTAT_INC(ahs_badauthl);
  614                 error = EACCES;
  615                 goto bad;
  616         }
  617         AHSTAT_ADD(ahs_ibytes, m->m_pkthdr.len - skip - hl);
  618 
  619         /* Get crypto descriptors. */
  620         crp = crypto_getreq(1);
  621         if (crp == NULL) {
  622                 DPRINTF(("%s: failed to acquire crypto descriptor\n",
  623                     __func__));
  624                 AHSTAT_INC(ahs_crypto);
  625                 error = ENOBUFS;
  626                 goto bad;
  627         }
  628 
  629         crda = crp->crp_desc;
  630         IPSEC_ASSERT(crda != NULL, ("null crypto descriptor"));
  631 
  632         crda->crd_skip = 0;
  633         crda->crd_len = m->m_pkthdr.len;
  634         crda->crd_inject = skip + rplen;
  635 
  636         /* Authentication operation. */
  637         crda->crd_alg = ahx->type;
  638         crda->crd_klen = _KEYBITS(sav->key_auth);
  639         crda->crd_key = sav->key_auth->key_data;
  640 
  641         /* Allocate IPsec-specific opaque crypto info. */
  642         xd = malloc(sizeof(*xd) + skip + rplen + authsize, M_XDATA,
  643             M_NOWAIT | M_ZERO);
  644         if (xd == NULL) {
  645                 DPRINTF(("%s: failed to allocate xform_data\n", __func__));
  646                 AHSTAT_INC(ahs_crypto);
  647                 crypto_freereq(crp);
  648                 error = ENOBUFS;
  649                 goto bad;
  650         }
  651 
  652         /*
  653          * Save the authenticator, the skipped portion of the packet,
  654          * and the AH header.
  655          */
  656         m_copydata(m, 0, skip + rplen + authsize, (caddr_t)(xd + 1));
  657 
  658         /* Zeroize the authenticator on the packet. */
  659         m_copyback(m, skip + rplen, authsize, ipseczeroes);
  660 
  661         /* Save ah_nxt, since ah pointer can become invalid after "massage" */
  662         hl = ah->ah_nxt;
  663 
  664         /* "Massage" the packet headers for crypto processing. */
  665         error = ah_massage_headers(&m, sav->sah->saidx.dst.sa.sa_family,
  666             skip, ahx->type, 0);
  667         if (error != 0) {
  668                 /* NB: mbuf is free'd by ah_massage_headers */
  669                 AHSTAT_INC(ahs_hdrops);
  670                 free(xd, M_XDATA);
  671                 crypto_freereq(crp);
  672                 key_freesav(&sav);
  673                 return (error);
  674         }
  675 
  676         /* Crypto operation descriptor. */
  677         crp->crp_ilen = m->m_pkthdr.len; /* Total input length. */
  678         crp->crp_flags = CRYPTO_F_IMBUF | CRYPTO_F_CBIFSYNC;
  679         crp->crp_buf = (caddr_t) m;
  680         crp->crp_callback = ah_input_cb;
  681         crp->crp_sid = cryptoid;
  682         crp->crp_opaque = (caddr_t) xd;
  683 
  684         /* These are passed as-is to the callback. */
  685         xd->sav = sav;
  686         xd->nxt = hl;
  687         xd->protoff = protoff;
  688         xd->skip = skip;
  689         xd->cryptoid = cryptoid;
  690         xd->vnet = curvnet;
  691         return (crypto_dispatch(crp));
  692 bad:
  693         m_freem(m);
  694         key_freesav(&sav);
  695         return (error);
  696 }
  697 
  698 /*
  699  * AH input callback from the crypto driver.
  700  */
  701 static int
  702 ah_input_cb(struct cryptop *crp)
  703 {
  704         IPSEC_DEBUG_DECLARE(char buf[IPSEC_ADDRSTRLEN]);
  705         unsigned char calc[AH_ALEN_MAX];
  706         const struct auth_hash *ahx;
  707         struct mbuf *m;
  708         struct cryptodesc *crd;
  709         struct xform_data *xd;
  710         struct secasvar *sav;
  711         struct secasindex *saidx;
  712         caddr_t ptr;
  713         uint64_t cryptoid;
  714         int authsize, rplen, error, skip, protoff;
  715         uint8_t nxt;
  716 
  717         crd = crp->crp_desc;
  718         m = (struct mbuf *) crp->crp_buf;
  719         xd = (struct xform_data *) crp->crp_opaque;
  720         CURVNET_SET(xd->vnet);
  721         sav = xd->sav;
  722         skip = xd->skip;
  723         nxt = xd->nxt;
  724         protoff = xd->protoff;
  725         cryptoid = xd->cryptoid;
  726         saidx = &sav->sah->saidx;
  727         IPSEC_ASSERT(saidx->dst.sa.sa_family == AF_INET ||
  728                 saidx->dst.sa.sa_family == AF_INET6,
  729                 ("unexpected protocol family %u", saidx->dst.sa.sa_family));
  730 
  731         ahx = sav->tdb_authalgxform;
  732 
  733         /* Check for crypto errors. */
  734         if (crp->crp_etype) {
  735                 if (crp->crp_etype == EAGAIN) {
  736                         /* Reset the session ID */
  737                         if (ipsec_updateid(sav, &crp->crp_sid, &cryptoid) != 0)
  738                                 crypto_freesession(cryptoid);
  739                         xd->cryptoid = crp->crp_sid;
  740                         CURVNET_RESTORE();
  741                         return (crypto_dispatch(crp));
  742                 }
  743                 AHSTAT_INC(ahs_noxform);
  744                 DPRINTF(("%s: crypto error %d\n", __func__, crp->crp_etype));
  745                 error = crp->crp_etype;
  746                 goto bad;
  747         } else {
  748                 AHSTAT_INC(ahs_hist[sav->alg_auth]);
  749                 crypto_freereq(crp);            /* No longer needed. */
  750                 crp = NULL;
  751         }
  752 
  753         /* Shouldn't happen... */
  754         if (m == NULL) {
  755                 AHSTAT_INC(ahs_crypto);
  756                 DPRINTF(("%s: bogus returned buffer from crypto\n", __func__));
  757                 error = EINVAL;
  758                 goto bad;
  759         }
  760 
  761         /* Figure out header size. */
  762         rplen = HDRSIZE(sav);
  763         authsize = AUTHSIZE(sav);
  764 
  765         /* Copy authenticator off the packet. */
  766         m_copydata(m, skip + rplen, authsize, calc);
  767 
  768         /* Verify authenticator. */
  769         ptr = (caddr_t) (xd + 1);
  770         if (timingsafe_bcmp(ptr + skip + rplen, calc, authsize)) {
  771                 DPRINTF(("%s: authentication hash mismatch for packet "
  772                     "in SA %s/%08lx\n", __func__,
  773                     ipsec_address(&saidx->dst, buf, sizeof(buf)),
  774                     (u_long) ntohl(sav->spi)));
  775                 AHSTAT_INC(ahs_badauth);
  776                 error = EACCES;
  777                 goto bad;
  778         }
  779         /* Fix the Next Protocol field. */
  780         ((uint8_t *) ptr)[protoff] = nxt;
  781 
  782         /* Copyback the saved (uncooked) network headers. */
  783         m_copyback(m, 0, skip, ptr);
  784         free(xd, M_XDATA), xd = NULL;                   /* No longer needed */
  785 
  786         /*
  787          * Header is now authenticated.
  788          */
  789         m->m_flags |= M_AUTHIPHDR|M_AUTHIPDGM;
  790 
  791         /*
  792          * Update replay sequence number, if appropriate.
  793          */
  794         if (sav->replay) {
  795                 u_int32_t seq;
  796 
  797                 m_copydata(m, skip + offsetof(struct newah, ah_seq),
  798                            sizeof (seq), (caddr_t) &seq);
  799                 SECASVAR_LOCK(sav);
  800                 if (ipsec_updatereplay(ntohl(seq), sav)) {
  801                         SECASVAR_UNLOCK(sav);
  802                         AHSTAT_INC(ahs_replay);
  803                         error = EACCES;
  804                         goto bad;
  805                 }
  806                 SECASVAR_UNLOCK(sav);
  807         }
  808 
  809         /*
  810          * Remove the AH header and authenticator from the mbuf.
  811          */
  812         error = m_striphdr(m, skip, rplen + authsize);
  813         if (error) {
  814                 DPRINTF(("%s: mangled mbuf chain for SA %s/%08lx\n", __func__,
  815                     ipsec_address(&saidx->dst, buf, sizeof(buf)),
  816                     (u_long) ntohl(sav->spi)));
  817                 AHSTAT_INC(ahs_hdrops);
  818                 goto bad;
  819         }
  820 
  821         switch (saidx->dst.sa.sa_family) {
  822 #ifdef INET6
  823         case AF_INET6:
  824                 error = ipsec6_common_input_cb(m, sav, skip, protoff);
  825                 break;
  826 #endif
  827 #ifdef INET
  828         case AF_INET:
  829                 error = ipsec4_common_input_cb(m, sav, skip, protoff);
  830                 break;
  831 #endif
  832         default:
  833                 panic("%s: Unexpected address family: %d saidx=%p", __func__,
  834                     saidx->dst.sa.sa_family, saidx);
  835         }
  836         CURVNET_RESTORE();
  837         return error;
  838 bad:
  839         CURVNET_RESTORE();
  840         if (sav)
  841                 key_freesav(&sav);
  842         if (m != NULL)
  843                 m_freem(m);
  844         if (xd != NULL)
  845                 free(xd, M_XDATA);
  846         if (crp != NULL)
  847                 crypto_freereq(crp);
  848         return error;
  849 }
  850 
  851 /*
  852  * AH output routine, called by ipsec[46]_perform_request().
  853  */
  854 static int
  855 ah_output(struct mbuf *m, struct secpolicy *sp, struct secasvar *sav,
  856     u_int idx, int skip, int protoff)
  857 {
  858         IPSEC_DEBUG_DECLARE(char buf[IPSEC_ADDRSTRLEN]);
  859         const struct auth_hash *ahx;
  860         struct cryptodesc *crda;
  861         struct xform_data *xd;
  862         struct mbuf *mi;
  863         struct cryptop *crp;
  864         struct newah *ah;
  865         uint64_t cryptoid;
  866         uint16_t iplen;
  867         int error, rplen, authsize, maxpacketsize, roff;
  868         uint8_t prot;
  869 
  870         IPSEC_ASSERT(sav != NULL, ("null SA"));
  871         ahx = sav->tdb_authalgxform;
  872         IPSEC_ASSERT(ahx != NULL, ("null authentication xform"));
  873 
  874         AHSTAT_INC(ahs_output);
  875 
  876         /* Figure out header size. */
  877         rplen = HDRSIZE(sav);
  878 
  879         /* Check for maximum packet size violations. */
  880         switch (sav->sah->saidx.dst.sa.sa_family) {
  881 #ifdef INET
  882         case AF_INET:
  883                 maxpacketsize = IP_MAXPACKET;
  884                 break;
  885 #endif /* INET */
  886 #ifdef INET6
  887         case AF_INET6:
  888                 maxpacketsize = IPV6_MAXPACKET;
  889                 break;
  890 #endif /* INET6 */
  891         default:
  892                 DPRINTF(("%s: unknown/unsupported protocol family %u, "
  893                     "SA %s/%08lx\n", __func__,
  894                     sav->sah->saidx.dst.sa.sa_family,
  895                     ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)),
  896                     (u_long) ntohl(sav->spi)));
  897                 AHSTAT_INC(ahs_nopf);
  898                 error = EPFNOSUPPORT;
  899                 goto bad;
  900         }
  901         authsize = AUTHSIZE(sav);
  902         if (rplen + authsize + m->m_pkthdr.len > maxpacketsize) {
  903                 DPRINTF(("%s: packet in SA %s/%08lx got too big "
  904                     "(len %u, max len %u)\n", __func__,
  905                     ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)),
  906                     (u_long) ntohl(sav->spi),
  907                     rplen + authsize + m->m_pkthdr.len, maxpacketsize));
  908                 AHSTAT_INC(ahs_toobig);
  909                 error = EMSGSIZE;
  910                 goto bad;
  911         }
  912 
  913         /* Update the counters. */
  914         AHSTAT_ADD(ahs_obytes, m->m_pkthdr.len - skip);
  915 
  916         m = m_unshare(m, M_NOWAIT);
  917         if (m == NULL) {
  918                 DPRINTF(("%s: cannot clone mbuf chain, SA %s/%08lx\n", __func__,
  919                     ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)),
  920                     (u_long) ntohl(sav->spi)));
  921                 AHSTAT_INC(ahs_hdrops);
  922                 error = ENOBUFS;
  923                 goto bad;
  924         }
  925 
  926         /* Inject AH header. */
  927         mi = m_makespace(m, skip, rplen + authsize, &roff);
  928         if (mi == NULL) {
  929                 DPRINTF(("%s: failed to inject %u byte AH header for SA "
  930                     "%s/%08lx\n", __func__,
  931                     rplen + authsize,
  932                     ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)),
  933                     (u_long) ntohl(sav->spi)));
  934                 AHSTAT_INC(ahs_hdrops);         /*XXX differs from openbsd */
  935                 error = ENOBUFS;
  936                 goto bad;
  937         }
  938 
  939         /*
  940          * The AH header is guaranteed by m_makespace() to be in
  941          * contiguous memory, at roff bytes offset into the returned mbuf.
  942          */
  943         ah = (struct newah *)(mtod(mi, caddr_t) + roff);
  944 
  945         /* Initialize the AH header. */
  946         m_copydata(m, protoff, sizeof(u_int8_t), (caddr_t) &ah->ah_nxt);
  947         ah->ah_len = (rplen + authsize - sizeof(struct ah)) / sizeof(u_int32_t);
  948         ah->ah_reserve = 0;
  949         ah->ah_spi = sav->spi;
  950 
  951         /* Zeroize authenticator. */
  952         m_copyback(m, skip + rplen, authsize, ipseczeroes);
  953 
  954         /* Insert packet replay counter, as requested.  */
  955         SECASVAR_LOCK(sav);
  956         if (sav->replay) {
  957                 if (sav->replay->count == ~0 &&
  958                     (sav->flags & SADB_X_EXT_CYCSEQ) == 0) {
  959                         SECASVAR_UNLOCK(sav);
  960                         DPRINTF(("%s: replay counter wrapped for SA %s/%08lx\n",
  961                             __func__, ipsec_address(&sav->sah->saidx.dst, buf,
  962                             sizeof(buf)), (u_long) ntohl(sav->spi)));
  963                         AHSTAT_INC(ahs_wrap);
  964                         error = EACCES;
  965                         goto bad;
  966                 }
  967 #ifdef REGRESSION
  968                 /* Emulate replay attack when ipsec_replay is TRUE. */
  969                 if (!V_ipsec_replay)
  970 #endif
  971                         sav->replay->count++;
  972                 ah->ah_seq = htonl(sav->replay->count);
  973         }
  974         cryptoid = sav->tdb_cryptoid;
  975         SECASVAR_UNLOCK(sav);
  976 
  977         /* Get crypto descriptors. */
  978         crp = crypto_getreq(1);
  979         if (crp == NULL) {
  980                 DPRINTF(("%s: failed to acquire crypto descriptors\n",
  981                         __func__));
  982                 AHSTAT_INC(ahs_crypto);
  983                 error = ENOBUFS;
  984                 goto bad;
  985         }
  986 
  987         crda = crp->crp_desc;
  988         crda->crd_skip = 0;
  989         crda->crd_inject = skip + rplen;
  990         crda->crd_len = m->m_pkthdr.len;
  991 
  992         /* Authentication operation. */
  993         crda->crd_alg = ahx->type;
  994         crda->crd_key = sav->key_auth->key_data;
  995         crda->crd_klen = _KEYBITS(sav->key_auth);
  996 
  997         /* Allocate IPsec-specific opaque crypto info. */
  998         xd =  malloc(sizeof(struct xform_data) + skip, M_XDATA,
  999             M_NOWAIT | M_ZERO);
 1000         if (xd == NULL) {
 1001                 crypto_freereq(crp);
 1002                 DPRINTF(("%s: failed to allocate xform_data\n", __func__));
 1003                 AHSTAT_INC(ahs_crypto);
 1004                 error = ENOBUFS;
 1005                 goto bad;
 1006         }
 1007 
 1008         /* Save the skipped portion of the packet. */
 1009         m_copydata(m, 0, skip, (caddr_t) (xd + 1));
 1010 
 1011         /*
 1012          * Fix IP header length on the header used for
 1013          * authentication. We don't need to fix the original
 1014          * header length as it will be fixed by our caller.
 1015          */
 1016         switch (sav->sah->saidx.dst.sa.sa_family) {
 1017 #ifdef INET
 1018         case AF_INET:
 1019                 bcopy(((caddr_t)(xd + 1)) +
 1020                     offsetof(struct ip, ip_len),
 1021                     (caddr_t) &iplen, sizeof(u_int16_t));
 1022                 iplen = htons(ntohs(iplen) + rplen + authsize);
 1023                 m_copyback(m, offsetof(struct ip, ip_len),
 1024                     sizeof(u_int16_t), (caddr_t) &iplen);
 1025                 break;
 1026 #endif /* INET */
 1027 
 1028 #ifdef INET6
 1029         case AF_INET6:
 1030                 bcopy(((caddr_t)(xd + 1)) +
 1031                     offsetof(struct ip6_hdr, ip6_plen),
 1032                     (caddr_t) &iplen, sizeof(uint16_t));
 1033                 iplen = htons(ntohs(iplen) + rplen + authsize);
 1034                 m_copyback(m, offsetof(struct ip6_hdr, ip6_plen),
 1035                     sizeof(uint16_t), (caddr_t) &iplen);
 1036                 break;
 1037 #endif /* INET6 */
 1038         }
 1039 
 1040         /* Fix the Next Header field in saved header. */
 1041         ((uint8_t *) (xd + 1))[protoff] = IPPROTO_AH;
 1042 
 1043         /* Update the Next Protocol field in the IP header. */
 1044         prot = IPPROTO_AH;
 1045         m_copyback(m, protoff, sizeof(uint8_t), (caddr_t) &prot);
 1046 
 1047         /* "Massage" the packet headers for crypto processing. */
 1048         error = ah_massage_headers(&m, sav->sah->saidx.dst.sa.sa_family,
 1049                         skip, ahx->type, 1);
 1050         if (error != 0) {
 1051                 m = NULL;       /* mbuf was free'd by ah_massage_headers. */
 1052                 free(xd, M_XDATA);
 1053                 crypto_freereq(crp);
 1054                 goto bad;
 1055         }
 1056 
 1057         /* Crypto operation descriptor. */
 1058         crp->crp_ilen = m->m_pkthdr.len; /* Total input length. */
 1059         crp->crp_flags = CRYPTO_F_IMBUF | CRYPTO_F_CBIFSYNC;
 1060         crp->crp_buf = (caddr_t) m;
 1061         crp->crp_callback = ah_output_cb;
 1062         crp->crp_sid = cryptoid;
 1063         crp->crp_opaque = (caddr_t) xd;
 1064 
 1065         /* These are passed as-is to the callback. */
 1066         xd->sp = sp;
 1067         xd->sav = sav;
 1068         xd->skip = skip;
 1069         xd->idx = idx;
 1070         xd->cryptoid = cryptoid;
 1071         xd->vnet = curvnet;
 1072 
 1073         return crypto_dispatch(crp);
 1074 bad:
 1075         if (m)
 1076                 m_freem(m);
 1077         key_freesav(&sav);
 1078         key_freesp(&sp);
 1079         return (error);
 1080 }
 1081 
 1082 /*
 1083  * AH output callback from the crypto driver.
 1084  */
 1085 static int
 1086 ah_output_cb(struct cryptop *crp)
 1087 {
 1088         struct xform_data *xd;
 1089         struct secpolicy *sp;
 1090         struct secasvar *sav;
 1091         struct mbuf *m;
 1092         uint64_t cryptoid;
 1093         caddr_t ptr;
 1094         u_int idx;
 1095         int skip, error;
 1096 
 1097         m = (struct mbuf *) crp->crp_buf;
 1098         xd = (struct xform_data *) crp->crp_opaque;
 1099         CURVNET_SET(xd->vnet);
 1100         sp = xd->sp;
 1101         sav = xd->sav;
 1102         skip = xd->skip;
 1103         idx = xd->idx;
 1104         cryptoid = xd->cryptoid;
 1105         ptr = (caddr_t) (xd + 1);
 1106 
 1107         /* Check for crypto errors. */
 1108         if (crp->crp_etype) {
 1109                 if (crp->crp_etype == EAGAIN) {
 1110                         /* Reset the session ID */
 1111                         if (ipsec_updateid(sav, &crp->crp_sid, &cryptoid) != 0)
 1112                                 crypto_freesession(cryptoid);
 1113                         xd->cryptoid = crp->crp_sid;
 1114                         CURVNET_RESTORE();
 1115                         return (crypto_dispatch(crp));
 1116                 }
 1117                 AHSTAT_INC(ahs_noxform);
 1118                 DPRINTF(("%s: crypto error %d\n", __func__, crp->crp_etype));
 1119                 error = crp->crp_etype;
 1120                 m_freem(m);
 1121                 goto bad;
 1122         }
 1123 
 1124         /* Shouldn't happen... */
 1125         if (m == NULL) {
 1126                 AHSTAT_INC(ahs_crypto);
 1127                 DPRINTF(("%s: bogus returned buffer from crypto\n", __func__));
 1128                 error = EINVAL;
 1129                 goto bad;
 1130         }
 1131         /*
 1132          * Copy original headers (with the new protocol number) back
 1133          * in place.
 1134          */
 1135         m_copyback(m, 0, skip, ptr);
 1136 
 1137         free(xd, M_XDATA);
 1138         crypto_freereq(crp);
 1139         AHSTAT_INC(ahs_hist[sav->alg_auth]);
 1140 #ifdef REGRESSION
 1141         /* Emulate man-in-the-middle attack when ipsec_integrity is TRUE. */
 1142         if (V_ipsec_integrity) {
 1143                 int alen;
 1144 
 1145                 /*
 1146                  * Corrupt HMAC if we want to test integrity verification of
 1147                  * the other side.
 1148                  */
 1149                 alen = AUTHSIZE(sav);
 1150                 m_copyback(m, m->m_pkthdr.len - alen, alen, ipseczeroes);
 1151         }
 1152 #endif
 1153 
 1154         /* NB: m is reclaimed by ipsec_process_done. */
 1155         error = ipsec_process_done(m, sp, sav, idx);
 1156         CURVNET_RESTORE();
 1157         return (error);
 1158 bad:
 1159         CURVNET_RESTORE();
 1160         free(xd, M_XDATA);
 1161         crypto_freereq(crp);
 1162         key_freesav(&sav);
 1163         key_freesp(&sp);
 1164         return (error);
 1165 }
 1166 
 1167 static struct xformsw ah_xformsw = {
 1168         .xf_type =      XF_AH,
 1169         .xf_name =      "IPsec AH",
 1170         .xf_init =      ah_init,
 1171         .xf_zeroize =   ah_zeroize,
 1172         .xf_input =     ah_input,
 1173         .xf_output =    ah_output,
 1174 };
 1175 
 1176 SYSINIT(ah_xform_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE,
 1177     xform_attach, &ah_xformsw);
 1178 SYSUNINIT(ah_xform_uninit, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE,
 1179     xform_detach, &ah_xformsw);

Cache object: 609fd4dcf1bfe2287b3b40a3248976c4


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.