FreeBSD/Linux Kernel Cross Reference
sys/netkey/keydb.c
1 /* $NetBSD: keydb.c,v 1.15 2003/09/12 07:38:11 itojun Exp $ */
2 /* $KAME: keydb.c,v 1.81 2003/09/07 05:25:20 itojun Exp $ */
3
4 /*
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33 #include <sys/cdefs.h>
34 __KERNEL_RCSID(0, "$NetBSD: keydb.c,v 1.15 2003/09/12 07:38:11 itojun Exp $");
35
36 #include "opt_inet.h"
37 #include "opt_ipsec.h"
38
39 #include <sys/param.h>
40 #include <sys/socket.h>
41 #include <sys/systm.h>
42 #include <sys/kernel.h>
43 #include <sys/malloc.h>
44 #include <sys/errno.h>
45 #include <sys/queue.h>
46 #include <sys/mbuf.h>
47
48 #include <net/if.h>
49 #include <net/route.h>
50
51 #include <netinet/in.h>
52
53 #include <net/pfkeyv2.h>
54 #include <netkey/keydb.h>
55 #include <netkey/key.h>
56 #include <netinet6/ipsec.h>
57
58 #include <net/net_osdep.h>
59
60 MALLOC_DEFINE(M_SECA, "key mgmt", "security associations, key management");
61
62 /*
63 * secpolicy management
64 */
65 struct secpolicy *
66 keydb_newsecpolicy()
67 {
68 struct secpolicy *p;
69
70 p = (struct secpolicy *)malloc(sizeof(*p), M_SECA, M_NOWAIT);
71 if (!p)
72 return p;
73 bzero(p, sizeof(*p));
74 TAILQ_INSERT_TAIL(&sptailq, p, tailq);
75
76 return p;
77 }
78
79 u_int32_t
80 keydb_newspid(void)
81 {
82 u_int32_t newid = 0;
83 static u_int32_t lastalloc = IPSEC_MANUAL_POLICYID_MAX;
84 struct secpolicy *sp;
85
86 newid = lastalloc + 1;
87 /* XXX possible infinite loop */
88 again:
89 TAILQ_FOREACH(sp, &sptailq, tailq) {
90 if (sp->id == newid)
91 break;
92 }
93 if (sp != NULL) {
94 if (newid + 1 < newid) /* wraparound */
95 newid = IPSEC_MANUAL_POLICYID_MAX + 1;
96 else
97 newid++;
98 goto again;
99 }
100 lastalloc = newid;
101
102 return newid;
103 }
104
105 void
106 keydb_delsecpolicy(p)
107 struct secpolicy *p;
108 {
109
110 TAILQ_REMOVE(&sptailq, p, tailq);
111 if (p->spidx)
112 free(p->spidx, M_SECA);
113 #ifdef SADB_X_EXT_TAG
114 if (p->tag)
115 m_nametag_unref(p->tag);
116 #endif
117 free(p, M_SECA);
118 }
119
120 int
121 keydb_setsecpolicyindex(p, idx)
122 struct secpolicy *p;
123 struct secpolicyindex *idx;
124 {
125
126 if (!p->spidx)
127 p->spidx = (struct secpolicyindex *)malloc(sizeof(*p->spidx),
128 M_SECA, M_NOWAIT);
129 if (!p->spidx)
130 return ENOMEM;
131 memcpy(p->spidx, idx, sizeof(*p->spidx));
132 return 0;
133 }
134
135 /*
136 * secashead management
137 */
138 struct secashead *
139 keydb_newsecashead()
140 {
141 struct secashead *p;
142 int i;
143
144 p = (struct secashead *)malloc(sizeof(*p), M_SECA, M_NOWAIT);
145 if (!p)
146 return p;
147 bzero(p, sizeof(*p));
148 for (i = 0; i < sizeof(p->savtree)/sizeof(p->savtree[0]); i++)
149 LIST_INIT(&p->savtree[i]);
150 return p;
151 }
152
153 void
154 keydb_delsecashead(p)
155 struct secashead *p;
156 {
157
158 free(p, M_SECA);
159 }
160
161 /*
162 * secasvar management (reference counted)
163 */
164 struct secasvar *
165 keydb_newsecasvar()
166 {
167 struct secasvar *p, *q;
168 static u_int32_t said = 0;
169
170 p = (struct secasvar *)malloc(sizeof(*p), M_SECA, M_NOWAIT);
171 if (!p)
172 return p;
173
174 again:
175 said++;
176 if (said == 0)
177 said++;
178 TAILQ_FOREACH(q, &satailq, tailq) {
179 if (q->id == said)
180 goto again;
181 if (TAILQ_NEXT(q, tailq)) {
182 if (q->id < said && said < TAILQ_NEXT(q, tailq)->id)
183 break;
184 if (q->id + 1 < TAILQ_NEXT(q, tailq)->id) {
185 said = q->id + 1;
186 break;
187 }
188 }
189 }
190
191 bzero(p, sizeof(*p));
192 p->id = said;
193 if (q)
194 TAILQ_INSERT_AFTER(&satailq, q, p, tailq);
195 else
196 TAILQ_INSERT_TAIL(&satailq, p, tailq);
197 return p;
198 }
199
200 void
201 keydb_delsecasvar(p)
202 struct secasvar *p;
203 {
204
205 TAILQ_REMOVE(&satailq, p, tailq);
206
207 free(p, M_SECA);
208 }
209
210 /*
211 * secreplay management
212 */
213 struct secreplay *
214 keydb_newsecreplay(wsize)
215 size_t wsize;
216 {
217 struct secreplay *p;
218
219 p = (struct secreplay *)malloc(sizeof(*p), M_SECA, M_NOWAIT);
220 if (!p)
221 return p;
222
223 bzero(p, sizeof(*p));
224 if (wsize != 0) {
225 p->bitmap = malloc(wsize, M_SECA, M_NOWAIT);
226 if (!p->bitmap) {
227 free(p, M_SECA);
228 return NULL;
229 }
230 bzero(p->bitmap, wsize);
231 }
232 p->wsize = wsize;
233 return p;
234 }
235
236 void
237 keydb_delsecreplay(p)
238 struct secreplay *p;
239 {
240
241 if (p->bitmap)
242 free(p->bitmap, M_SECA);
243 free(p, M_SECA);
244 }
245
246 /*
247 * secreg management
248 */
249 struct secreg *
250 keydb_newsecreg()
251 {
252 struct secreg *p;
253
254 p = (struct secreg *)malloc(sizeof(*p), M_SECA, M_NOWAIT);
255 if (p)
256 bzero(p, sizeof(*p));
257 return p;
258 }
259
260 void
261 keydb_delsecreg(p)
262 struct secreg *p;
263 {
264
265 free(p, M_SECA);
266 }
Cache object: 4c4523e6979fb9f216d7f209a10a283b
|