X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/378393581903b274cb7a4d18e0d978071a6b592d..5c9f46613a83ebfc29a5b1f099448259e96a98f0:/bsd/netkey/keysock.c?ds=sidebyside diff --git a/bsd/netkey/keysock.c b/bsd/netkey/keysock.c index dcf0b5e68..5502485d3 100644 --- a/bsd/netkey/keysock.c +++ b/bsd/netkey/keysock.c @@ -1,3 +1,31 @@ +/* + * Copyright (c) 2016 Apple Inc. All rights reserved. + * + * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. The rights granted to you under the License + * may not be used to create, or enable the creation or redistribution of, + * unlawful or unlicensed copies of an Apple operating system, or to + * circumvent, violate, or enable the circumvention or violation of, any + * terms of an Apple operating system software license agreement. + * + * Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, + * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. + * + * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ + */ + /* $KAME: keysock.c,v 1.13 2000/03/25 07:24:13 sumikawa Exp $ */ /* @@ -37,6 +65,7 @@ #include #include #include +#include #include #include #include @@ -56,16 +85,20 @@ #include extern lck_mtx_t *raw_mtx; -extern lck_mtx_t *sadb_mutex; -extern void key_init(void); +extern void key_init(struct protosw *, struct domain *); -struct sockaddr key_dst = { 2, PF_KEY, }; -struct sockaddr key_src = { 2, PF_KEY, }; +struct sockaddr key_dst = { 2, PF_KEY, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,} }; +struct sockaddr key_src = { 2, PF_KEY, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,} }; +static void key_dinit(struct domain *); static int key_sendup0(struct rawcb *, struct mbuf *, int); struct pfkeystat pfkeystat; +static struct domain *keydomain = NULL; + +extern lck_mtx_t *pfkey_stat_mutex; + /* * key_output() */ @@ -98,16 +131,17 @@ key_output(m, va_alist) panic("key_output: NULL pointer was passed.\n"); socket_unlock(so, 0); - lck_mtx_lock(sadb_mutex); + lck_mtx_lock(pfkey_stat_mutex); pfkeystat.out_total++; pfkeystat.out_bytes += m->m_pkthdr.len; + lck_mtx_unlock(pfkey_stat_mutex); len = m->m_pkthdr.len; if (len < sizeof(struct sadb_msg)) { #if IPSEC_DEBUG printf("key_output: Invalid message length.\n"); #endif - pfkeystat.out_tooshort++; + PFKEY_STAT_INCREMENT(pfkeystat.out_tooshort); error = EINVAL; goto end; } @@ -117,7 +151,7 @@ key_output(m, va_alist) #if IPSEC_DEBUG printf("key_output: can't pullup mbuf\n"); #endif - pfkeystat.out_nomem++; + PFKEY_STAT_INCREMENT(pfkeystat.out_nomem); error = ENOBUFS; goto end; } @@ -131,12 +165,12 @@ key_output(m, va_alist) #endif /* defined(IPSEC_DEBUG) */ msg = mtod(m, struct sadb_msg *); - pfkeystat.out_msgtype[msg->sadb_msg_type]++; + PFKEY_STAT_INCREMENT(pfkeystat.out_msgtype[msg->sadb_msg_type]); if (len != PFKEY_UNUNIT64(msg->sadb_msg_len)) { #if IPSEC_DEBUG printf("key_output: Invalid message length.\n"); #endif - pfkeystat.out_invlen++; + PFKEY_STAT_INCREMENT(pfkeystat.out_invlen); error = EINVAL; goto end; } @@ -147,7 +181,6 @@ key_output(m, va_alist) end: if (m) m_freem(m); - lck_mtx_unlock(sadb_mutex); socket_lock(so, 0); return error; } @@ -156,25 +189,21 @@ end: * send message to the socket. */ static int -key_sendup0(rp, m, promisc) - struct rawcb *rp; - struct mbuf *m; - int promisc; +key_sendup0(struct rawcb *rp, struct mbuf *m, int promisc) { int error; - lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED); if (promisc) { struct sadb_msg *pmsg; - M_PREPEND(m, sizeof(struct sadb_msg), M_NOWAIT); + M_PREPEND(m, sizeof(struct sadb_msg), M_NOWAIT, 1); if (m && m->m_len < sizeof(struct sadb_msg)) m = m_pullup(m, sizeof(struct sadb_msg)); if (!m) { #if IPSEC_DEBUG printf("key_sendup0: cannot pullup\n"); #endif - pfkeystat.in_nomem++; + PFKEY_STAT_INCREMENT(pfkeystat.in_nomem); m_freem(m); return ENOBUFS; } @@ -187,7 +216,7 @@ key_sendup0(rp, m, promisc) pmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len); /* pid and seq? */ - pfkeystat.in_msgtype[pmsg->sadb_msg_type]++; + PFKEY_STAT_INCREMENT(pfkeystat.in_msgtype[pmsg->sadb_msg_type]); } if (!sbappendaddr(&rp->rcb_socket->so_rcv, (struct sockaddr *)&key_src, @@ -195,7 +224,7 @@ key_sendup0(rp, m, promisc) #if IPSEC_DEBUG printf("key_sendup0: sbappendaddr failed\n"); #endif - pfkeystat.in_nomem++; + PFKEY_STAT_INCREMENT(pfkeystat.in_nomem); } else { sorwakeup(rp->rcb_socket); @@ -206,10 +235,7 @@ key_sendup0(rp, m, promisc) /* so can be NULL if target != KEY_SENDUP_ONE */ int -key_sendup_mbuf(so, m, target) - struct socket *so; - struct mbuf *m; - int target; +key_sendup_mbuf(struct socket *so, struct mbuf *m, int target) { struct mbuf *n; struct keycb *kp; @@ -217,19 +243,20 @@ key_sendup_mbuf(so, m, target) struct rawcb *rp; int error = 0; - lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED); if (m == NULL) panic("key_sendup_mbuf: NULL pointer was passed.\n"); if (so == NULL && target == KEY_SENDUP_ONE) panic("key_sendup_mbuf: NULL pointer was passed.\n"); + lck_mtx_lock(pfkey_stat_mutex); pfkeystat.in_total++; pfkeystat.in_bytes += m->m_pkthdr.len; + lck_mtx_unlock(pfkey_stat_mutex); if (m->m_len < sizeof(struct sadb_msg)) { #if 1 m = m_pullup(m, sizeof(struct sadb_msg)); if (m == NULL) { - pfkeystat.in_nomem++; + PFKEY_STAT_INCREMENT(pfkeystat.in_nomem); return ENOBUFS; } #else @@ -239,7 +266,7 @@ key_sendup_mbuf(so, m, target) if (m->m_len >= sizeof(struct sadb_msg)) { struct sadb_msg *msg; msg = mtod(m, struct sadb_msg *); - pfkeystat.in_msgtype[msg->sadb_msg_type]++; + PFKEY_STAT_INCREMENT(pfkeystat.in_msgtype[msg->sadb_msg_type]); } lck_mtx_lock(raw_mtx); @@ -286,7 +313,7 @@ key_sendup_mbuf(so, m, target) sendup++; break; } - pfkeystat.in_msgtarget[target]++; + PFKEY_STAT_INCREMENT(pfkeystat.in_msgtarget[target]); if (!sendup) { socket_unlock(rp->rcb_socket, 1); @@ -300,7 +327,7 @@ key_sendup_mbuf(so, m, target) printf("key_sendup: m_copy fail\n"); #endif m_freem(m); - pfkeystat.in_nomem++; + PFKEY_STAT_INCREMENT(pfkeystat.in_nomem); socket_unlock(rp->rcb_socket, 1); lck_mtx_unlock(raw_mtx); return ENOBUFS; @@ -353,10 +380,10 @@ key_attach(struct socket *so, int proto, struct proc *p) if (sotorawcb(so) != 0) return EISCONN; /* XXX panic? */ - kp = (struct keycb *)_MALLOC(sizeof *kp, M_PCB, M_WAITOK); /* XXX */ + kp = (struct keycb *)_MALLOC(sizeof (*kp), M_PCB, + M_WAITOK | M_ZERO); /* XXX */ if (kp == 0) return ENOBUFS; - bzero(kp, sizeof *kp); so->so_pcb = (caddr_t)kp; kp->kp_promisc = kp->kp_registered = 0; @@ -422,9 +449,7 @@ key_detach(struct socket *so) key_cb.key_count--; key_cb.any_count--; socket_unlock(so, 0); - lck_mtx_lock(sadb_mutex); key_freereg(so); - lck_mtx_unlock(sadb_mutex); socket_lock(so, 0); } error = raw_usrreqs.pru_detach(so); @@ -492,41 +517,62 @@ key_sockaddr(struct socket *so, struct sockaddr **nam) return error; } -struct pr_usrreqs key_usrreqs = { - key_abort, pru_accept_notsupp, key_attach, key_bind, - key_connect, - pru_connect2_notsupp, pru_control_notsupp, key_detach, - key_disconnect, pru_listen_notsupp, key_peeraddr, - pru_rcvd_notsupp, - pru_rcvoob_notsupp, key_send, pru_sense_null, key_shutdown, - key_sockaddr, sosend, soreceive, pru_sopoll_notsupp +static struct pr_usrreqs key_usrreqs = { + .pru_abort = key_abort, + .pru_attach = key_attach, + .pru_bind = key_bind, + .pru_connect = key_connect, + .pru_detach = key_detach, + .pru_disconnect = key_disconnect, + .pru_peeraddr = key_peeraddr, + .pru_send = key_send, + .pru_shutdown = key_shutdown, + .pru_sockaddr = key_sockaddr, + .pru_sosend = sosend, + .pru_soreceive = soreceive, }; /* sysctl */ -SYSCTL_NODE(_net, PF_KEY, key, CTLFLAG_RW, 0, "Key Family"); +SYSCTL_NODE(_net, PF_KEY, key, CTLFLAG_RW|CTLFLAG_LOCKED, 0, "Key Family"); /* * Definitions of protocols supported in the KEY domain. */ -extern struct domain keydomain; +extern struct domain keydomain_s; -struct protosw keysw[] = { -{ SOCK_RAW, &keydomain, PF_KEY_V2, PR_ATOMIC|PR_ADDR, - 0, key_output, raw_ctlinput, 0, - 0, - key_init, 0, 0, 0, - 0, - &key_usrreqs, - 0, 0, 0, +static struct protosw keysw[] = { +{ + .pr_type = SOCK_RAW, + .pr_protocol = PF_KEY_V2, + .pr_flags = PR_ATOMIC|PR_ADDR, + .pr_output = key_output, + .pr_ctlinput = raw_ctlinput, + .pr_init = key_init, + .pr_usrreqs = &key_usrreqs, } }; -struct domain keydomain = - { PF_KEY, "key", key_domain_init, 0, 0, - keysw, 0, - 0,0, - sizeof(struct key_cb), 0 - }; +static int key_proto_count = (sizeof (keysw) / sizeof (struct protosw)); + +struct domain keydomain_s = { + .dom_family = PF_KEY, + .dom_name = "key", + .dom_init = key_dinit, + .dom_maxrtkey = sizeof (struct key_cb), +}; -DOMAIN_SET(key); +static void +key_dinit(struct domain *dp) +{ + struct protosw *pr; + int i; + + VERIFY(!(dp->dom_flags & DOM_INITIALIZED)); + VERIFY(keydomain == NULL); + + keydomain = dp; + + for (i = 0, pr = &keysw[0]; i < key_proto_count; i++, pr++) + net_add_proto(pr, dp, 1); +}