[apple/xnu.git] / bsd / netkey / keysock.c

/*	$KAME: keysock.c,v 1.13 2000/03/25 07:24:13 sumikawa Exp $	*/

/*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. Neither the name of the project nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

/* This code has derived from sys/net/rtsock.c on FreeBSD2.2.5 */

#include <sys/types.h>
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/kernel.h>
#include <sys/sysctl.h>
#include <sys/mbuf.h>
#include <sys/malloc.h>
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/domain.h>
#include <sys/protosw.h>
#include <sys/errno.h>

#include <kern/locks.h>

#include <net/raw_cb.h>
#include <net/route.h>

#include <net/pfkeyv2.h>
#include <netkey/keydb.h>
#include <netkey/key.h>
#include <netkey/keysock.h>
#include <netkey/key_debug.h>

extern lck_mtx_t *raw_mtx;
extern lck_mtx_t *sadb_mutex;
extern void key_init(void);

struct sockaddr key_dst = { 2, PF_KEY, };
struct sockaddr key_src = { 2, PF_KEY, };

static int key_sendup0(struct rawcb *, struct mbuf *, int);

struct pfkeystat pfkeystat;

/*
 * key_output()
 */
int
#ifdef __APPLE__
/* No variable argument support? */
key_output(struct mbuf *m, struct socket *so)
#else
#if __STDC__
key_output(struct mbuf *m, ...)
#else
key_output(m, va_alist)
	struct mbuf *m;
	va_dcl
#endif
#endif
{
	struct sadb_msg *msg;
	int len, error = 0;
#ifndef __APPLE__
	struct socket *so;
	va_list ap;

	va_start(ap, m);
	so = va_arg(ap, struct socket *);
	va_end(ap);
#endif

	if (m == 0)
		panic("key_output: NULL pointer was passed.\n");

	socket_unlock(so, 0);
	lck_mtx_lock(sadb_mutex);
	pfkeystat.out_total++;
	pfkeystat.out_bytes += m->m_pkthdr.len;

	len = m->m_pkthdr.len;
	if (len < sizeof(struct sadb_msg)) {
#if IPSEC_DEBUG
		printf("key_output: Invalid message length.\n");
#endif
		pfkeystat.out_tooshort++;
		error = EINVAL;
		goto end;
	}

	if (m->m_len < sizeof(struct sadb_msg)) {
		if ((m = m_pullup(m, sizeof(struct sadb_msg))) == 0) {
#if IPSEC_DEBUG
			printf("key_output: can't pullup mbuf\n");
#endif
			pfkeystat.out_nomem++;
			error = ENOBUFS;
			goto end;
		}
	}

	if ((m->m_flags & M_PKTHDR) == 0)
		panic("key_output: not M_PKTHDR ??");

#if IPSEC_DEBUG
	KEYDEBUG(KEYDEBUG_KEY_DUMP, kdebug_mbuf(m));
#endif /* defined(IPSEC_DEBUG) */

	msg = mtod(m, struct sadb_msg *);
	pfkeystat.out_msgtype[msg->sadb_msg_type]++;
	if (len != PFKEY_UNUNIT64(msg->sadb_msg_len)) {
#if IPSEC_DEBUG
		printf("key_output: Invalid message length.\n");
#endif
		pfkeystat.out_invlen++;
		error = EINVAL;
		goto end;
	}

	error = key_parse(m, so);
	m = NULL;

end:
	if (m)
		m_freem(m);
	lck_mtx_unlock(sadb_mutex);
	socket_lock(so, 0);
	return error;
}

/*
 * send message to the socket.
 */
static int
key_sendup0(rp, m, promisc)
	struct rawcb *rp;
	struct mbuf *m;
	int promisc;
{
	int error;

	lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED);
	if (promisc) {
		struct sadb_msg *pmsg;

		M_PREPEND(m, sizeof(struct sadb_msg), M_NOWAIT);
		if (m && m->m_len < sizeof(struct sadb_msg))
			m = m_pullup(m, sizeof(struct sadb_msg));
		if (!m) {
#if IPSEC_DEBUG
			printf("key_sendup0: cannot pullup\n");
#endif
			pfkeystat.in_nomem++;
			m_freem(m);
			return ENOBUFS;
		}
		m->m_pkthdr.len += sizeof(*pmsg);

		pmsg = mtod(m, struct sadb_msg *);
		bzero(pmsg, sizeof(*pmsg));
		pmsg->sadb_msg_version = PF_KEY_V2;
		pmsg->sadb_msg_type = SADB_X_PROMISC;
		pmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
		/* pid and seq? */

		pfkeystat.in_msgtype[pmsg->sadb_msg_type]++;
	}

	if (!sbappendaddr(&rp->rcb_socket->so_rcv, (struct sockaddr *)&key_src,
	    m, NULL, &error)) {
#if IPSEC_DEBUG
		printf("key_sendup0: sbappendaddr failed\n");
#endif
		pfkeystat.in_nomem++;
	}
	else {
		sorwakeup(rp->rcb_socket);
	}
	return error;
}


/* so can be NULL if target != KEY_SENDUP_ONE */
int
key_sendup_mbuf(so, m, target)
	struct socket *so;
	struct mbuf *m;
	int target;
{
	struct mbuf *n;
	struct keycb *kp;
	int sendup;
	struct rawcb *rp;
	int error = 0;

	lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED);
	if (m == NULL)
		panic("key_sendup_mbuf: NULL pointer was passed.\n");
	if (so == NULL && target == KEY_SENDUP_ONE)
		panic("key_sendup_mbuf: NULL pointer was passed.\n");

	pfkeystat.in_total++;
	pfkeystat.in_bytes += m->m_pkthdr.len;
	if (m->m_len < sizeof(struct sadb_msg)) {
#if 1
		m = m_pullup(m, sizeof(struct sadb_msg));
		if (m == NULL) {
			pfkeystat.in_nomem++;
			return ENOBUFS;
		}
#else
		/* don't bother pulling it up just for stats */
#endif
	}
	if (m->m_len >= sizeof(struct sadb_msg)) {
		struct sadb_msg *msg;
		msg = mtod(m, struct sadb_msg *);
		pfkeystat.in_msgtype[msg->sadb_msg_type]++;
	}
	
	lck_mtx_lock(raw_mtx);
	LIST_FOREACH(rp, &rawcb_list, list)
	{
		if (rp->rcb_proto.sp_family != PF_KEY)
			continue;
		if (rp->rcb_proto.sp_protocol
		 && rp->rcb_proto.sp_protocol != PF_KEY_V2) {
			continue;
		}

		kp = (struct keycb *)rp;
		
		socket_lock(rp->rcb_socket, 1);
		/*
		 * If you are in promiscuous mode, and when you get broadcasted
		 * reply, you'll get two PF_KEY messages.
		 * (based on pf_key@inner.net message on 14 Oct 1998)
		 */
		if (((struct keycb *)rp)->kp_promisc) {
			if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) {
				(void)key_sendup0(rp, n, 1);
				n = NULL;
			}
		}

		/* the exact target will be processed later */
		if (so && sotorawcb(so) == rp) {
			socket_unlock(rp->rcb_socket, 1);
			continue;
		}

		sendup = 0;
		switch (target) {
		case KEY_SENDUP_ONE:
			/* the statement has no effect */
			break;
		case KEY_SENDUP_ALL:
			sendup++;
			break;
		case KEY_SENDUP_REGISTERED:
			if (kp->kp_registered)
				sendup++;
			break;
		}
		pfkeystat.in_msgtarget[target]++;

		if (!sendup) {
			socket_unlock(rp->rcb_socket, 1);
			continue;
		}
		else
			sendup = 0;  // clear for next iteration

		if ((n = m_copy(m, 0, (int)M_COPYALL)) == NULL) {
#if IPSEC_DEBUG
			printf("key_sendup: m_copy fail\n");
#endif
			m_freem(m);
			pfkeystat.in_nomem++;
			socket_unlock(rp->rcb_socket, 1);
			lck_mtx_unlock(raw_mtx);
			return ENOBUFS;
		}

		/*
		 * ignore error even if queue is full.  PF_KEY does not
		 * guarantee the delivery of the message.
		 * this is important when target == KEY_SENDUP_ALL.
		 */
		key_sendup0(rp, n, 0);
		socket_unlock(rp->rcb_socket, 1);
		n = NULL;
	}

	lck_mtx_unlock(raw_mtx);
	if (so) {
		socket_lock(so, 1);
		error = key_sendup0(sotorawcb(so), m, 0);
		socket_unlock(so, 1);
		m = NULL;
	} else {
		error = 0;
		m_freem(m);
	}
	return error;
}

/*
 * key_abort()
 * derived from net/rtsock.c:rts_abort()
 */
static int
key_abort(struct socket *so)
{
	int error;
	error = raw_usrreqs.pru_abort(so);
	return error;
}

/*
 * key_attach()
 * derived from net/rtsock.c:rts_attach()
 */
static int
key_attach(struct socket *so, int proto, struct proc *p)
{
	struct keycb *kp;
	int error;

	if (sotorawcb(so) != 0)
		return EISCONN;	/* XXX panic? */
	kp = (struct keycb *)_MALLOC(sizeof *kp, M_PCB, M_WAITOK); /* XXX */
	if (kp == 0)
		return ENOBUFS;
	bzero(kp, sizeof *kp);

	so->so_pcb = (caddr_t)kp;
	kp->kp_promisc = kp->kp_registered = 0;
	kp->kp_raw.rcb_laddr = &key_src;
	kp->kp_raw.rcb_faddr = &key_dst;

	error = raw_usrreqs.pru_attach(so, proto, p);
	kp = (struct keycb *)sotorawcb(so);
	if (error) {
		_FREE(kp, M_PCB);
		so->so_pcb = (caddr_t) 0;
		so->so_flags |= SOF_PCBCLEARING;
		printf("key_usrreq: key_usrreq results %d\n", error);
		return error;
	}

	socket_lock(so, 1);
	if (kp->kp_raw.rcb_proto.sp_protocol == PF_KEY) /* XXX: AF_KEY */
		key_cb.key_count++;
	key_cb.any_count++;
	soisconnected(so);
	so->so_options |= SO_USELOOPBACK;
	socket_unlock(so, 1);

	return 0;
}

/*
 * key_bind()
 * derived from net/rtsock.c:rts_bind()
 */
static int
key_bind(struct socket *so, struct sockaddr *nam, struct proc *p)
{
	int error;
	error = raw_usrreqs.pru_bind(so, nam, p); /* xxx just EINVAL */
	return error;
}

/*
 * key_connect()
 * derived from net/rtsock.c:rts_connect()
 */
static int
key_connect(struct socket *so, struct sockaddr *nam, struct proc *p)
{
	int error;
	error = raw_usrreqs.pru_connect(so, nam, p); /* XXX just EINVAL */
	return error;
}

/*
 * key_detach()
 * derived from net/rtsock.c:rts_detach()
 */
static int
key_detach(struct socket *so)
{
	struct keycb *kp = (struct keycb *)sotorawcb(so);
	int error;

	if (kp != 0) {
		if (kp->kp_raw.rcb_proto.sp_protocol == PF_KEY) /* XXX: AF_KEY */
			key_cb.key_count--;
		key_cb.any_count--;
		socket_unlock(so, 0);
		lck_mtx_lock(sadb_mutex);
		key_freereg(so);
		lck_mtx_unlock(sadb_mutex);
		socket_lock(so, 0);
	}
	error = raw_usrreqs.pru_detach(so);
	return error;
}

/*
 * key_disconnect()
 * derived from net/rtsock.c:key_disconnect()
 */
static int
key_disconnect(struct socket *so)
{
	int error;
	error = raw_usrreqs.pru_disconnect(so);
	return error;
}

/*
 * key_peeraddr()
 * derived from net/rtsock.c:rts_peeraddr()
 */
static int
key_peeraddr(struct socket *so, struct sockaddr **nam)
{
	int error;
	error = raw_usrreqs.pru_peeraddr(so, nam);
	return error;
}

/*
 * key_send()
 * derived from net/rtsock.c:rts_send()
 */
static int
key_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam,
	 struct mbuf *control, struct proc *p)
{
	int error;
	error = raw_usrreqs.pru_send(so, flags, m, nam, control, p);
	return error;
}

/*
 * key_shutdown()
 * derived from net/rtsock.c:rts_shutdown()
 */
static int
key_shutdown(struct socket *so)
{
	int error;
	error = raw_usrreqs.pru_shutdown(so);
	return error;
}

/*
 * key_sockaddr()
 * derived from net/rtsock.c:rts_sockaddr()
 */
static int
key_sockaddr(struct socket *so, struct sockaddr **nam)
{
	int error;
	error = raw_usrreqs.pru_sockaddr(so, nam);
	return error;
}

struct pr_usrreqs key_usrreqs = {
	key_abort, pru_accept_notsupp, key_attach, key_bind,
	key_connect,
	pru_connect2_notsupp, pru_control_notsupp, key_detach,
	key_disconnect, pru_listen_notsupp, key_peeraddr,
	pru_rcvd_notsupp,
	pru_rcvoob_notsupp, key_send, pru_sense_null, key_shutdown,
	key_sockaddr, sosend, soreceive, pru_sopoll_notsupp
};

/* sysctl */
SYSCTL_NODE(_net, PF_KEY, key, CTLFLAG_RW, 0, "Key Family");

/*
 * Definitions of protocols supported in the KEY domain.
 */

extern struct domain keydomain;

struct protosw keysw[] = {
{ SOCK_RAW,	&keydomain,	PF_KEY_V2,	PR_ATOMIC|PR_ADDR,
  0,		key_output,	raw_ctlinput,	0,
  0,
  key_init,	0,		0,		0,
  0,
  &key_usrreqs,
  0,		0,		0,
}
};

struct domain keydomain =
    { PF_KEY, "key", key_domain_init, 0, 0,
      keysw, 0,
      0,0,
      sizeof(struct key_cb), 0
    };

DOMAIN_SET(key);
Commit	Line	Data
1c79356b A	1	/* $KAME: keysock.c,v 1.13 2000/03/25 07:24:13 sumikawa Exp $ */
	2
	3	/*
	4	* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
	5	* All rights reserved.
	6	*
	7	* Redistribution and use in source and binary forms, with or without
	8	* modification, are permitted provided that the following conditions
	9	* are met:
	10	* 1. Redistributions of source code must retain the above copyright
	11	* notice, this list of conditions and the following disclaimer.
	12	* 2. Redistributions in binary form must reproduce the above copyright
	13	* notice, this list of conditions and the following disclaimer in the
	14	* documentation and/or other materials provided with the distribution.
	15	* 3. Neither the name of the project nor the names of its contributors
	16	* may be used to endorse or promote products derived from this software
	17	* without specific prior written permission.
	18	*
	19	* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
	20	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	21	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	22	* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
	23	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	24	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	25	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	26	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	27	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	28	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	29	* SUCH DAMAGE.
	30	*/
	31
1c79356b A	32	/* This code has derived from sys/net/rtsock.c on FreeBSD2.2.5 */
1c79356b A	33
1c79356b A	34	#include <sys/types.h>
	35	#include <sys/param.h>
	36	#include <sys/systm.h>
	37	#include <sys/kernel.h>
1c79356b	38	#include <sys/sysctl.h>
1c79356b	39	#include <sys/mbuf.h>
1c79356b	40	#include <sys/malloc.h>
1c79356b A	41	#include <sys/socket.h>
	42	#include <sys/socketvar.h>
	43	#include <sys/domain.h>
	44	#include <sys/protosw.h>
	45	#include <sys/errno.h>
1c79356b	46
91447636	47	#include <kern/locks.h>
1c79356b A	48
	49	#include <net/raw_cb.h>
	50	#include <net/route.h>
	51
	52	#include <net/pfkeyv2.h>
	53	#include <netkey/keydb.h>
	54	#include <netkey/key.h>
	55	#include <netkey/keysock.h>
	56	#include <netkey/key_debug.h>
	57
91447636 A	58	extern lck_mtx_t *raw_mtx;
	59	extern lck_mtx_t *sadb_mutex;
	60	extern void key_init(void);
	61
1c79356b A	62	struct sockaddr key_dst = { 2, PF_KEY, };
1c79356b A	63	struct sockaddr key_src = { 2, PF_KEY, };
1c79356b	64
91447636	65	static int key_sendup0(struct rawcb , struct mbuf , int);
1c79356b A	66
	67	struct pfkeystat pfkeystat;
	68
1c79356b	69	/*
9bccf70c	70	* key_output()
1c79356b	71	*/
1c79356b	72	int
9bccf70c A	73	#ifdef __APPLE__
	74	/* No variable argument support? */
	75	key_output(struct mbuf m, struct socket so)
1c79356b	76	#else
9bccf70c A	77	#if __STDC__
9bccf70c A	78	key_output(struct mbuf *m, ...)
1c79356b	79	#else
9bccf70c A	80	key_output(m, va_alist)
	81	struct mbuf *m;
	82	va_dcl
1c79356b	83	#endif
1c79356b	84	#endif
1c79356b	85	{
9bccf70c	86	struct sadb_msg *msg;
1c79356b	87	int len, error = 0;
9bccf70c A	88	#ifndef __APPLE__
	89	struct socket *so;
	90	va_list ap;
	91
	92	va_start(ap, m);
	93	so = va_arg(ap, struct socket *);
	94	va_end(ap);
	95	#endif
1c79356b A	96
	97	if (m == 0)
	98	panic("key_output: NULL pointer was passed.\n");
	99
91447636 A	100	socket_unlock(so, 0);
91447636 A	101	lck_mtx_lock(sadb_mutex);
1c79356b A	102	pfkeystat.out_total++;
	103	pfkeystat.out_bytes += m->m_pkthdr.len;
	104
	105	len = m->m_pkthdr.len;
	106	if (len < sizeof(struct sadb_msg)) {
	107	#if IPSEC_DEBUG
	108	printf("key_output: Invalid message length.\n");
	109	#endif
	110	pfkeystat.out_tooshort++;
	111	error = EINVAL;
	112	goto end;
	113	}
	114
	115	if (m->m_len < sizeof(struct sadb_msg)) {
	116	if ((m = m_pullup(m, sizeof(struct sadb_msg))) == 0) {
	117	#if IPSEC_DEBUG
	118	printf("key_output: can't pullup mbuf\n");
	119	#endif
	120	pfkeystat.out_nomem++;
	121	error = ENOBUFS;
	122	goto end;
	123	}
	124	}
	125
	126	if ((m->m_flags & M_PKTHDR) == 0)
	127	panic("key_output: not M_PKTHDR ??");
	128
9bccf70c	129	#if IPSEC_DEBUG
1c79356b A	130	KEYDEBUG(KEYDEBUG_KEY_DUMP, kdebug_mbuf(m));
	131	#endif /* defined(IPSEC_DEBUG) */
	132
	133	msg = mtod(m, struct sadb_msg *);
	134	pfkeystat.out_msgtype[msg->sadb_msg_type]++;
	135	if (len != PFKEY_UNUNIT64(msg->sadb_msg_len)) {
	136	#if IPSEC_DEBUG
	137	printf("key_output: Invalid message length.\n");
	138	#endif
	139	pfkeystat.out_invlen++;
	140	error = EINVAL;
	141	goto end;
	142	}
	143
9bccf70c A	144	error = key_parse(m, so);
9bccf70c A	145	m = NULL;
91447636	146
1c79356b	147	end:
9bccf70c A	148	if (m)
9bccf70c A	149	m_freem(m);
91447636 A	150	lck_mtx_unlock(sadb_mutex);
91447636 A	151	socket_lock(so, 0);
9bccf70c	152	return error;
1c79356b A	153	}
	154
	155	/*
	156	* send message to the socket.
	157	*/
	158	static int
	159	key_sendup0(rp, m, promisc)
	160	struct rawcb *rp;
	161	struct mbuf *m;
	162	int promisc;
	163	{
9bccf70c A	164	int error;
9bccf70c A	165
91447636	166	lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED);
1c79356b A	167	if (promisc) {
	168	struct sadb_msg *pmsg;
	169
	170	M_PREPEND(m, sizeof(struct sadb_msg), M_NOWAIT);
	171	if (m && m->m_len < sizeof(struct sadb_msg))
	172	m = m_pullup(m, sizeof(struct sadb_msg));
	173	if (!m) {
	174	#if IPSEC_DEBUG
	175	printf("key_sendup0: cannot pullup\n");
	176	#endif
9bccf70c	177	pfkeystat.in_nomem++;
1c79356b A	178	m_freem(m);
	179	return ENOBUFS;
	180	}
	181	m->m_pkthdr.len += sizeof(*pmsg);
	182
	183	pmsg = mtod(m, struct sadb_msg *);
	184	bzero(pmsg, sizeof(*pmsg));
	185	pmsg->sadb_msg_version = PF_KEY_V2;
	186	pmsg->sadb_msg_type = SADB_X_PROMISC;
	187	pmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
	188	/* pid and seq? */
	189
	190	pfkeystat.in_msgtype[pmsg->sadb_msg_type]++;
	191	}
	192
9bccf70c	193	if (!sbappendaddr(&rp->rcb_socket->so_rcv, (struct sockaddr *)&key_src,
91447636	194	m, NULL, &error)) {
1c79356b A	195	#if IPSEC_DEBUG
	196	printf("key_sendup0: sbappendaddr failed\n");
	197	#endif
	198	pfkeystat.in_nomem++;
91447636 A	199	}
	200	else {
	201	sorwakeup(rp->rcb_socket);
	202	}
9bccf70c	203	return error;
1c79356b A	204	}
1c79356b A	205
1c79356b	206
9bccf70c	207	/* so can be NULL if target != KEY_SENDUP_ONE */
1c79356b A	208	int
	209	key_sendup_mbuf(so, m, target)
	210	struct socket *so;
	211	struct mbuf *m;
	212	int target;
	213	{
	214	struct mbuf *n;
	215	struct keycb *kp;
	216	int sendup;
	217	struct rawcb *rp;
9bccf70c	218	int error = 0;
1c79356b	219
91447636	220	lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED);
9bccf70c A	221	if (m == NULL)
	222	panic("key_sendup_mbuf: NULL pointer was passed.\n");
	223	if (so == NULL && target == KEY_SENDUP_ONE)
1c79356b A	224	panic("key_sendup_mbuf: NULL pointer was passed.\n");
	225
	226	pfkeystat.in_total++;
	227	pfkeystat.in_bytes += m->m_pkthdr.len;
	228	if (m->m_len < sizeof(struct sadb_msg)) {
	229	#if 1
	230	m = m_pullup(m, sizeof(struct sadb_msg));
	231	if (m == NULL) {
	232	pfkeystat.in_nomem++;
	233	return ENOBUFS;
	234	}
	235	#else
	236	/* don't bother pulling it up just for stats */
	237	#endif
	238	}
	239	if (m->m_len >= sizeof(struct sadb_msg)) {
	240	struct sadb_msg *msg;
	241	msg = mtod(m, struct sadb_msg *);
	242	pfkeystat.in_msgtype[msg->sadb_msg_type]++;
	243	}
91447636 A	244
91447636 A	245	lck_mtx_lock(raw_mtx);
1c79356b	246	LIST_FOREACH(rp, &rawcb_list, list)
1c79356b A	247	{
	248	if (rp->rcb_proto.sp_family != PF_KEY)
	249	continue;
	250	if (rp->rcb_proto.sp_protocol
	251	&& rp->rcb_proto.sp_protocol != PF_KEY_V2) {
	252	continue;
	253	}
	254
	255	kp = (struct keycb *)rp;
91447636 A	256
91447636 A	257	socket_lock(rp->rcb_socket, 1);
1c79356b A	258	/*
	259	* If you are in promiscuous mode, and when you get broadcasted
	260	* reply, you'll get two PF_KEY messages.
	261	* (based on pf_key@inner.net message on 14 Oct 1998)
	262	*/
	263	if (((struct keycb *)rp)->kp_promisc) {
	264	if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) {
	265	(void)key_sendup0(rp, n, 1);
	266	n = NULL;
	267	}
	268	}
	269
	270	/* the exact target will be processed later */
91447636 A	271	if (so && sotorawcb(so) == rp) {
91447636 A	272	socket_unlock(rp->rcb_socket, 1);
1c79356b	273	continue;
91447636	274	}
1c79356b A	275
	276	sendup = 0;
	277	switch (target) {
	278	case KEY_SENDUP_ONE:
	279	/* the statement has no effect */
1c79356b A	280	break;
	281	case KEY_SENDUP_ALL:
	282	sendup++;
	283	break;
	284	case KEY_SENDUP_REGISTERED:
	285	if (kp->kp_registered)
	286	sendup++;
	287	break;
	288	}
	289	pfkeystat.in_msgtarget[target]++;
	290
91447636 A	291	if (!sendup) {
91447636 A	292	socket_unlock(rp->rcb_socket, 1);
1c79356b	293	continue;
91447636 A	294	}
	295	else
	296	sendup = 0; // clear for next iteration
1c79356b A	297
	298	if ((n = m_copy(m, 0, (int)M_COPYALL)) == NULL) {
	299	#if IPSEC_DEBUG
	300	printf("key_sendup: m_copy fail\n");
	301	#endif
	302	m_freem(m);
	303	pfkeystat.in_nomem++;
91447636 A	304	socket_unlock(rp->rcb_socket, 1);
91447636 A	305	lck_mtx_unlock(raw_mtx);
1c79356b A	306	return ENOBUFS;
	307	}
	308
91447636 A	309	/*
	310	* ignore error even if queue is full. PF_KEY does not
	311	* guarantee the delivery of the message.
	312	* this is important when target == KEY_SENDUP_ALL.
	313	*/
	314	key_sendup0(rp, n, 0);
	315	socket_unlock(rp->rcb_socket, 1);
1c79356b A	316	n = NULL;
	317	}
	318
91447636	319	lck_mtx_unlock(raw_mtx);
9bccf70c	320	if (so) {
91447636	321	socket_lock(so, 1);
9bccf70c	322	error = key_sendup0(sotorawcb(so), m, 0);
91447636	323	socket_unlock(so, 1);
9bccf70c A	324	m = NULL;
	325	} else {
	326	error = 0;
	327	m_freem(m);
	328	}
1c79356b A	329	return error;
	330	}
	331
1c79356b A	332	/*
	333	* key_abort()
	334	* derived from net/rtsock.c:rts_abort()
	335	*/
	336	static int
	337	key_abort(struct socket *so)
	338	{
91447636	339	int error;
1c79356b	340	error = raw_usrreqs.pru_abort(so);
1c79356b A	341	return error;
	342	}
	343
	344	/*
	345	* key_attach()
	346	* derived from net/rtsock.c:rts_attach()
	347	*/
	348	static int
	349	key_attach(struct socket so, int proto, struct proc p)
	350	{
	351	struct keycb *kp;
91447636	352	int error;
1c79356b A	353
	354	if (sotorawcb(so) != 0)
	355	return EISCONN; /* XXX panic? */
	356	kp = (struct keycb )_MALLOC(sizeof kp, M_PCB, M_WAITOK); /* XXX */
	357	if (kp == 0)
	358	return ENOBUFS;
	359	bzero(kp, sizeof *kp);
	360
1c79356b	361	so->so_pcb = (caddr_t)kp;
91447636 A	362	kp->kp_promisc = kp->kp_registered = 0;
	363	kp->kp_raw.rcb_laddr = &key_src;
	364	kp->kp_raw.rcb_faddr = &key_dst;
	365
1c79356b A	366	error = raw_usrreqs.pru_attach(so, proto, p);
	367	kp = (struct keycb *)sotorawcb(so);
	368	if (error) {
	369	_FREE(kp, M_PCB);
	370	so->so_pcb = (caddr_t) 0;
91447636	371	so->so_flags \|= SOF_PCBCLEARING;
1c79356b A	372	printf("key_usrreq: key_usrreq results %d\n", error);
	373	return error;
	374	}
	375
91447636	376	socket_lock(so, 1);
1c79356b A	377	if (kp->kp_raw.rcb_proto.sp_protocol == PF_KEY) /* XXX: AF_KEY */
	378	key_cb.key_count++;
	379	key_cb.any_count++;
1c79356b A	380	soisconnected(so);
1c79356b A	381	so->so_options \|= SO_USELOOPBACK;
91447636	382	socket_unlock(so, 1);
1c79356b	383
1c79356b A	384	return 0;
	385	}
	386
	387	/*
	388	* key_bind()
	389	* derived from net/rtsock.c:rts_bind()
	390	*/
	391	static int
	392	key_bind(struct socket so, struct sockaddr nam, struct proc *p)
	393	{
91447636	394	int error;
1c79356b	395	error = raw_usrreqs.pru_bind(so, nam, p); /* xxx just EINVAL */
1c79356b A	396	return error;
	397	}
	398
	399	/*
	400	* key_connect()
	401	* derived from net/rtsock.c:rts_connect()
	402	*/
	403	static int
	404	key_connect(struct socket so, struct sockaddr nam, struct proc *p)
	405	{
91447636	406	int error;
1c79356b	407	error = raw_usrreqs.pru_connect(so, nam, p); /* XXX just EINVAL */
1c79356b A	408	return error;
	409	}
	410
	411	/*
	412	* key_detach()
	413	* derived from net/rtsock.c:rts_detach()
	414	*/
	415	static int
	416	key_detach(struct socket *so)
	417	{
	418	struct keycb kp = (struct keycb )sotorawcb(so);
91447636	419	int error;
1c79356b	420
1c79356b	421	if (kp != 0) {
91447636	422	if (kp->kp_raw.rcb_proto.sp_protocol == PF_KEY) /* XXX: AF_KEY */
1c79356b A	423	key_cb.key_count--;
1c79356b A	424	key_cb.any_count--;
91447636 A	425	socket_unlock(so, 0);
91447636 A	426	lck_mtx_lock(sadb_mutex);
1c79356b	427	key_freereg(so);
91447636 A	428	lck_mtx_unlock(sadb_mutex);
91447636 A	429	socket_lock(so, 0);
1c79356b A	430	}
1c79356b A	431	error = raw_usrreqs.pru_detach(so);
1c79356b A	432	return error;
	433	}
	434
	435	/*
	436	* key_disconnect()
	437	* derived from net/rtsock.c:key_disconnect()
	438	*/
	439	static int
	440	key_disconnect(struct socket *so)
	441	{
91447636	442	int error;
1c79356b	443	error = raw_usrreqs.pru_disconnect(so);
1c79356b A	444	return error;
	445	}
	446
	447	/*
	448	* key_peeraddr()
	449	* derived from net/rtsock.c:rts_peeraddr()
	450	*/
	451	static int
	452	key_peeraddr(struct socket so, struct sockaddr *nam)
	453	{
91447636	454	int error;
1c79356b	455	error = raw_usrreqs.pru_peeraddr(so, nam);
1c79356b A	456	return error;
	457	}
	458
	459	/*
	460	* key_send()
	461	* derived from net/rtsock.c:rts_send()
	462	*/
	463	static int
	464	key_send(struct socket so, int flags, struct mbuf m, struct sockaddr *nam,
	465	struct mbuf control, struct proc p)
	466	{
91447636	467	int error;
1c79356b	468	error = raw_usrreqs.pru_send(so, flags, m, nam, control, p);
1c79356b A	469	return error;
	470	}
	471
	472	/*
	473	* key_shutdown()
	474	* derived from net/rtsock.c:rts_shutdown()
	475	*/
	476	static int
	477	key_shutdown(struct socket *so)
	478	{
91447636	479	int error;
1c79356b	480	error = raw_usrreqs.pru_shutdown(so);
1c79356b A	481	return error;
	482	}
	483
	484	/*
	485	* key_sockaddr()
	486	* derived from net/rtsock.c:rts_sockaddr()
	487	*/
	488	static int
	489	key_sockaddr(struct socket so, struct sockaddr *nam)
	490	{
91447636	491	int error;
1c79356b	492	error = raw_usrreqs.pru_sockaddr(so, nam);
1c79356b A	493	return error;
	494	}
	495
	496	struct pr_usrreqs key_usrreqs = {
	497	key_abort, pru_accept_notsupp, key_attach, key_bind,
	498	key_connect,
	499	pru_connect2_notsupp, pru_control_notsupp, key_detach,
	500	key_disconnect, pru_listen_notsupp, key_peeraddr,
	501	pru_rcvd_notsupp,
	502	pru_rcvoob_notsupp, key_send, pru_sense_null, key_shutdown,
91447636	503	key_sockaddr, sosend, soreceive, pru_sopoll_notsupp
1c79356b	504	};
1c79356b	505
1c79356b A	506	/* sysctl */
1c79356b A	507	SYSCTL_NODE(_net, PF_KEY, key, CTLFLAG_RW, 0, "Key Family");
1c79356b A	508
	509	/*
	510	* Definitions of protocols supported in the KEY domain.
	511	*/
	512
	513	extern struct domain keydomain;
	514
	515	struct protosw keysw[] = {
	516	{ SOCK_RAW, &keydomain, PF_KEY_V2, PR_ATOMIC\|PR_ADDR,
	517	0, key_output, raw_ctlinput, 0,
	518	0,
91447636 A	519	key_init, 0, 0, 0,
	520	0,
	521	&key_usrreqs,
	522	0, 0, 0,
1c79356b A	523	}
	524	};
	525
	526	struct domain keydomain =
91447636	527	{ PF_KEY, "key", key_domain_init, 0, 0,
1c79356b A	528	keysw, 0,
	529	0,0,
	530	sizeof(struct key_cb), 0
	531	};
	532
	533	DOMAIN_SET(key);