git.saurik.com Git - apple/xnu.git/blame_incremental

... / ...

Commit	Line	Data
	1	/*
	2	* Copyright (c) 2016 Apple Inc. All rights reserved.
	3	*
	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
	14	*
	15	* Please obtain a copy of the License at
	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
	17	*
	18	* The Original Code and all software distributed under the License are
	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
	24	* limitations under the License.
	25	*
	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
	27	*/
	28
	29	/* $KAME: keydb.c,v 1.61 2000/03/25 07:24:13 sumikawa Exp $ */
	30
	31	/*
	32	* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
	33	* All rights reserved.
	34	*
	35	* Redistribution and use in source and binary forms, with or without
	36	* modification, are permitted provided that the following conditions
	37	* are met:
	38	* 1. Redistributions of source code must retain the above copyright
	39	* notice, this list of conditions and the following disclaimer.
	40	* 2. Redistributions in binary form must reproduce the above copyright
	41	* notice, this list of conditions and the following disclaimer in the
	42	* documentation and/or other materials provided with the distribution.
	43	* 3. Neither the name of the project nor the names of its contributors
	44	* may be used to endorse or promote products derived from this software
	45	* without specific prior written permission.
	46	*
	47	* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
	48	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	49	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	50	* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
	51	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	52	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	53	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	54	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	55	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	56	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	57	* SUCH DAMAGE.
	58	*/
	59
	60	#include <sys/types.h>
	61	#include <sys/socket.h>
	62	#include <sys/param.h>
	63	#include <sys/systm.h>
	64	#include <sys/kernel.h>
	65	#include <sys/malloc.h>
	66	#include <sys/errno.h>
	67	#include <sys/queue.h>
	68
	69	#include <net/if.h>
	70	#include <net/route.h>
	71
	72	#include <netinet/in.h>
	73
	74	#include <net/pfkeyv2.h>
	75	#include <netkey/keydb.h>
	76	#include <netinet6/ipsec.h>
	77
	78	#include <net/net_osdep.h>
	79
	80	extern lck_mtx_t *sadb_mutex;
	81
	82	MALLOC_DEFINE(M_SECA, "key mgmt", "security associations, key management");
	83
	84	// static void keydb_delsecasvar(struct secasvar *); // not used
	85
	86	/*
	87	* secpolicy management
	88	*/
	89	struct secpolicy *
	90	keydb_newsecpolicy(void)
	91	{
	92	struct secpolicy *p;
	93
	94	LCK_MTX_ASSERT(sadb_mutex, LCK_MTX_ASSERT_NOTOWNED);
	95
	96	return (struct secpolicy )_MALLOC(sizeof(p), M_SECA,
	97	M_WAITOK \| M_ZERO);
	98	}
	99
	100	void
	101	keydb_delsecpolicy(struct secpolicy *p)
	102	{
	103	_FREE(p, M_SECA);
	104	}
	105
	106	/*
	107	* secashead management
	108	*/
	109	struct secashead *
	110	keydb_newsecashead(void)
	111	{
	112	struct secashead *p;
	113	int i;
	114
	115	LCK_MTX_ASSERT(sadb_mutex, LCK_MTX_ASSERT_OWNED);
	116
	117	p = (struct secashead )_MALLOC(sizeof(p), M_SECA, M_NOWAIT \| M_ZERO);
	118	if (!p) {
	119	lck_mtx_unlock(sadb_mutex);
	120	p = (struct secashead )_MALLOC(sizeof(p), M_SECA,
	121	M_WAITOK \| M_ZERO);
	122	lck_mtx_lock(sadb_mutex);
	123	}
	124	if (!p)
	125	return p;
	126	for (i = 0; i < sizeof(p->savtree)/sizeof(p->savtree[0]); i++)
	127	LIST_INIT(&p->savtree[i]);
	128	return p;
	129	}
	130
	131	#if 0
	132	void
	133	keydb_delsecashead(p)
	134	struct secashead *p;
	135	{
	136
	137	_FREE(p, M_SECA);
	138	}
	139
	140
	141
	142	/*
	143	* secasvar management (reference counted)
	144	*/
	145	struct secasvar *
	146	keydb_newsecasvar()
	147	{
	148	struct secasvar *p;
	149
	150	LCK_MTX_ASSERT(sadb_mutex, LCK_MTX_ASSERT_NOTOWNED);
	151
	152	p = (struct secasvar )_MALLOC(sizeof(p), M_SECA, M_WAITOK);
	153	if (!p)
	154	return p;
	155	bzero(p, sizeof(*p));
	156	p->refcnt = 1;
	157	return p;
	158	}
	159
	160	void
	161	keydb_refsecasvar(p)
	162	struct secasvar *p;
	163	{
	164
	165	LCK_MTX_ASSERT(sadb_mutex, LCK_MTX_ASSERT_OWNED);
	166
	167	p->refcnt++;
	168	}
	169
	170	void
	171	keydb_freesecasvar(p)
	172	struct secasvar *p;
	173	{
	174
	175	LCK_MTX_ASSERT(sadb_mutex, LCK_MTX_ASSERT_OWNED);
	176
	177	p->refcnt--;
	178	/* negative refcnt will cause panic intentionally */
	179	if (p->refcnt <= 0)
	180	keydb_delsecasvar(p);
	181	}
	182
	183	static void
	184	keydb_delsecasvar(p)
	185	struct secasvar *p;
	186	{
	187
	188	if (p->refcnt)
	189	panic("keydb_delsecasvar called with refcnt != 0");
	190
	191	_FREE(p, M_SECA);
	192	}
	193	#endif
	194
	195	/*
	196	* secreplay management
	197	*/
	198	struct secreplay *
	199	keydb_newsecreplay(size_t wsize)
	200	{
	201	struct secreplay *p;
	202
	203	LCK_MTX_ASSERT(sadb_mutex, LCK_MTX_ASSERT_OWNED);
	204
	205	p = (struct secreplay )_MALLOC(sizeof(p), M_SECA, M_NOWAIT \| M_ZERO);
	206	if (!p) {
	207	lck_mtx_unlock(sadb_mutex);
	208	p = (struct secreplay )_MALLOC(sizeof(p), M_SECA,
	209	M_WAITOK \| M_ZERO);
	210	lck_mtx_lock(sadb_mutex);
	211	}
	212	if (!p)
	213	return p;
	214
	215	if (wsize != 0) {
	216	p->bitmap = (caddr_t)_MALLOC(wsize, M_SECA, M_NOWAIT \| M_ZERO);
	217	if (!p->bitmap) {
	218	lck_mtx_unlock(sadb_mutex);
	219	p->bitmap = (caddr_t)_MALLOC(wsize, M_SECA,
	220	M_WAITOK \| M_ZERO);
	221	lck_mtx_lock(sadb_mutex);
	222	if (!p->bitmap) {
	223	_FREE(p, M_SECA);
	224	return NULL;
	225	}
	226	}
	227	}
	228	p->wsize = wsize;
	229	return p;
	230	}
	231
	232	void
	233	keydb_delsecreplay(struct secreplay *p)
	234	{
	235	if (p->bitmap)
	236	_FREE(p->bitmap, M_SECA);
	237	_FREE(p, M_SECA);
	238	}
	239
	240	#if 0
	241	/* NOT USED
	242	* secreg management
	243	*/
	244	struct secreg *
	245	keydb_newsecreg()
	246	{
	247	struct secreg *p;
	248
	249	p = (struct secreg )_MALLOC(sizeof(p), M_SECA, M_WAITOK);
	250	if (p)
	251	bzero(p, sizeof(*p));
	252	return p;
	253	}
	254
	255	void
	256	keydb_delsecreg(p)
	257	struct secreg *p;
	258	{
	259
	260	_FREE(p, M_SECA);
	261	}
	262	#endif