X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/91447636331957f3d9b5ca5b508f07c526b0074d..5c9f46613a83ebfc29a5b1f099448259e96a98f0:/bsd/netkey/keysock.c

diff --git a/bsd/netkey/keysock.c b/bsd/netkey/keysock.c
index a65bcc690..5502485d3 100644
--- a/bsd/netkey/keysock.c
+++ b/bsd/netkey/keysock.c
@@ -1,3 +1,31 @@
+/*
+ * Copyright (c) 2016 Apple Inc. All rights reserved.
+ *
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. The rights granted to you under the License
+ * may not be used to create, or enable the creation or redistribution of,
+ * unlawful or unlicensed copies of an Apple operating system, or to
+ * circumvent, violate, or enable the circumvention or violation of, any
+ * terms of an Apple operating system software license agreement.
+ *
+ * Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
+ */
+
 /*	$KAME: keysock.c,v 1.13 2000/03/25 07:24:13 sumikawa Exp $	*/
 
 /*
@@ -37,6 +65,7 @@
 #include <sys/kernel.h>
 #include <sys/sysctl.h>
 #include <sys/mbuf.h>
+#include <sys/mcache.h>
 #include <sys/malloc.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
@@ -56,16 +85,20 @@
 #include <netkey/key_debug.h>
 
 extern lck_mtx_t *raw_mtx;
-extern lck_mtx_t *sadb_mutex;
-extern void key_init(void);
+extern void key_init(struct protosw *, struct domain *);
 
-struct sockaddr key_dst = { 2, PF_KEY, };
-struct sockaddr key_src = { 2, PF_KEY, };
+struct sockaddr key_dst = { 2, PF_KEY, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,} };
+struct sockaddr key_src = { 2, PF_KEY, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,} };
 
+static void key_dinit(struct domain *);
 static int key_sendup0(struct rawcb *, struct mbuf *, int);
 
 struct pfkeystat pfkeystat;
 
+static struct domain *keydomain = NULL;
+
+extern lck_mtx_t *pfkey_stat_mutex;
+
 /*
  * key_output()
  */
@@ -98,16 +131,17 @@ key_output(m, va_alist)
 		panic("key_output: NULL pointer was passed.\n");
 
 	socket_unlock(so, 0);
-	lck_mtx_lock(sadb_mutex);
+	lck_mtx_lock(pfkey_stat_mutex);
 	pfkeystat.out_total++;
 	pfkeystat.out_bytes += m->m_pkthdr.len;
+	lck_mtx_unlock(pfkey_stat_mutex);
 
 	len = m->m_pkthdr.len;
 	if (len < sizeof(struct sadb_msg)) {
 #if IPSEC_DEBUG
 		printf("key_output: Invalid message length.\n");
 #endif
-		pfkeystat.out_tooshort++;
+		PFKEY_STAT_INCREMENT(pfkeystat.out_tooshort);
 		error = EINVAL;
 		goto end;
 	}
@@ -117,7 +151,7 @@ key_output(m, va_alist)
 #if IPSEC_DEBUG
 			printf("key_output: can't pullup mbuf\n");
 #endif
-			pfkeystat.out_nomem++;
+			PFKEY_STAT_INCREMENT(pfkeystat.out_nomem);
 			error = ENOBUFS;
 			goto end;
 		}
@@ -131,12 +165,12 @@ key_output(m, va_alist)
 #endif /* defined(IPSEC_DEBUG) */
 
 	msg = mtod(m, struct sadb_msg *);
-	pfkeystat.out_msgtype[msg->sadb_msg_type]++;
+	PFKEY_STAT_INCREMENT(pfkeystat.out_msgtype[msg->sadb_msg_type]);
 	if (len != PFKEY_UNUNIT64(msg->sadb_msg_len)) {
 #if IPSEC_DEBUG
 		printf("key_output: Invalid message length.\n");
 #endif
-		pfkeystat.out_invlen++;
+		PFKEY_STAT_INCREMENT(pfkeystat.out_invlen);
 		error = EINVAL;
 		goto end;
 	}
@@ -147,7 +181,6 @@ key_output(m, va_alist)
 end:
 	if (m)
 		m_freem(m);
-	lck_mtx_unlock(sadb_mutex);
 	socket_lock(so, 0);
 	return error;
 }
@@ -156,25 +189,21 @@ end:
  * send message to the socket.
  */
 static int
-key_sendup0(rp, m, promisc)
-	struct rawcb *rp;
-	struct mbuf *m;
-	int promisc;
+key_sendup0(struct rawcb *rp, struct mbuf *m, int promisc)
 {
 	int error;
 
-	lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED);
 	if (promisc) {
 		struct sadb_msg *pmsg;
 
-		M_PREPEND(m, sizeof(struct sadb_msg), M_NOWAIT);
+		M_PREPEND(m, sizeof(struct sadb_msg), M_NOWAIT, 1);
 		if (m && m->m_len < sizeof(struct sadb_msg))
 			m = m_pullup(m, sizeof(struct sadb_msg));
 		if (!m) {
 #if IPSEC_DEBUG
 			printf("key_sendup0: cannot pullup\n");
 #endif
-			pfkeystat.in_nomem++;
+			PFKEY_STAT_INCREMENT(pfkeystat.in_nomem);
 			m_freem(m);
 			return ENOBUFS;
 		}
@@ -187,7 +216,7 @@ key_sendup0(rp, m, promisc)
 		pmsg->sadb_msg_len = PFKEY_UNIT64(m->m_pkthdr.len);
 		/* pid and seq? */
 
-		pfkeystat.in_msgtype[pmsg->sadb_msg_type]++;
+		PFKEY_STAT_INCREMENT(pfkeystat.in_msgtype[pmsg->sadb_msg_type]);
 	}
 
 	if (!sbappendaddr(&rp->rcb_socket->so_rcv, (struct sockaddr *)&key_src,
@@ -195,7 +224,7 @@ key_sendup0(rp, m, promisc)
 #if IPSEC_DEBUG
 		printf("key_sendup0: sbappendaddr failed\n");
 #endif
-		pfkeystat.in_nomem++;
+		PFKEY_STAT_INCREMENT(pfkeystat.in_nomem);
 	}
 	else {
 		sorwakeup(rp->rcb_socket);
@@ -206,10 +235,7 @@ key_sendup0(rp, m, promisc)
 
 /* so can be NULL if target != KEY_SENDUP_ONE */
 int
-key_sendup_mbuf(so, m, target)
-	struct socket *so;
-	struct mbuf *m;
-	int target;
+key_sendup_mbuf(struct socket *so, struct mbuf *m, int target)
 {
 	struct mbuf *n;
 	struct keycb *kp;
@@ -217,19 +243,20 @@ key_sendup_mbuf(so, m, target)
 	struct rawcb *rp;
 	int error = 0;
 
-	lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED);
 	if (m == NULL)
 		panic("key_sendup_mbuf: NULL pointer was passed.\n");
 	if (so == NULL && target == KEY_SENDUP_ONE)
 		panic("key_sendup_mbuf: NULL pointer was passed.\n");
 
+	lck_mtx_lock(pfkey_stat_mutex);
 	pfkeystat.in_total++;
 	pfkeystat.in_bytes += m->m_pkthdr.len;
+	lck_mtx_unlock(pfkey_stat_mutex);
 	if (m->m_len < sizeof(struct sadb_msg)) {
 #if 1
 		m = m_pullup(m, sizeof(struct sadb_msg));
 		if (m == NULL) {
-			pfkeystat.in_nomem++;
+			PFKEY_STAT_INCREMENT(pfkeystat.in_nomem);
 			return ENOBUFS;
 		}
 #else
@@ -239,7 +266,7 @@ key_sendup_mbuf(so, m, target)
 	if (m->m_len >= sizeof(struct sadb_msg)) {
 		struct sadb_msg *msg;
 		msg = mtod(m, struct sadb_msg *);
-		pfkeystat.in_msgtype[msg->sadb_msg_type]++;
+		PFKEY_STAT_INCREMENT(pfkeystat.in_msgtype[msg->sadb_msg_type]);
 	}
 	
 	lck_mtx_lock(raw_mtx);
@@ -286,7 +313,7 @@ key_sendup_mbuf(so, m, target)
 				sendup++;
 			break;
 		}
-		pfkeystat.in_msgtarget[target]++;
+		PFKEY_STAT_INCREMENT(pfkeystat.in_msgtarget[target]);
 
 		if (!sendup) {
 			socket_unlock(rp->rcb_socket, 1);
@@ -300,7 +327,7 @@ key_sendup_mbuf(so, m, target)
 			printf("key_sendup: m_copy fail\n");
 #endif
 			m_freem(m);
-			pfkeystat.in_nomem++;
+			PFKEY_STAT_INCREMENT(pfkeystat.in_nomem);
 			socket_unlock(rp->rcb_socket, 1);
 			lck_mtx_unlock(raw_mtx);
 			return ENOBUFS;
@@ -353,10 +380,10 @@ key_attach(struct socket *so, int proto, struct proc *p)
 
 	if (sotorawcb(so) != 0)
 		return EISCONN;	/* XXX panic? */
-	kp = (struct keycb *)_MALLOC(sizeof *kp, M_PCB, M_WAITOK); /* XXX */
+	kp = (struct keycb *)_MALLOC(sizeof (*kp), M_PCB,
+	    M_WAITOK | M_ZERO); /* XXX */
 	if (kp == 0)
 		return ENOBUFS;
-	bzero(kp, sizeof *kp);
 
 	so->so_pcb = (caddr_t)kp;
 	kp->kp_promisc = kp->kp_registered = 0;
@@ -373,13 +400,12 @@ key_attach(struct socket *so, int proto, struct proc *p)
 		return error;
 	}
 
-	socket_lock(so, 1);
+	/* so is already locked when calling key_attach */
 	if (kp->kp_raw.rcb_proto.sp_protocol == PF_KEY) /* XXX: AF_KEY */
 		key_cb.key_count++;
 	key_cb.any_count++;
 	soisconnected(so);
 	so->so_options |= SO_USELOOPBACK;
-	socket_unlock(so, 1);
 
 	return 0;
 }
@@ -423,9 +449,7 @@ key_detach(struct socket *so)
 			key_cb.key_count--;
 		key_cb.any_count--;
 		socket_unlock(so, 0);
-		lck_mtx_lock(sadb_mutex);
 		key_freereg(so);
-		lck_mtx_unlock(sadb_mutex);
 		socket_lock(so, 0);
 	}
 	error = raw_usrreqs.pru_detach(so);
@@ -493,41 +517,62 @@ key_sockaddr(struct socket *so, struct sockaddr **nam)
 	return error;
 }
 
-struct pr_usrreqs key_usrreqs = {
-	key_abort, pru_accept_notsupp, key_attach, key_bind,
-	key_connect,
-	pru_connect2_notsupp, pru_control_notsupp, key_detach,
-	key_disconnect, pru_listen_notsupp, key_peeraddr,
-	pru_rcvd_notsupp,
-	pru_rcvoob_notsupp, key_send, pru_sense_null, key_shutdown,
-	key_sockaddr, sosend, soreceive, pru_sopoll_notsupp
+static struct pr_usrreqs key_usrreqs = {
+	.pru_abort =		key_abort,
+	.pru_attach =		key_attach,
+	.pru_bind =		key_bind,
+	.pru_connect =		key_connect,
+	.pru_detach =		key_detach,
+	.pru_disconnect =	key_disconnect,
+	.pru_peeraddr =		key_peeraddr,
+	.pru_send =		key_send,
+	.pru_shutdown =		key_shutdown,
+	.pru_sockaddr =		key_sockaddr,
+	.pru_sosend =		sosend,
+	.pru_soreceive =	soreceive,
 };
 
 /* sysctl */
-SYSCTL_NODE(_net, PF_KEY, key, CTLFLAG_RW, 0, "Key Family");
+SYSCTL_NODE(_net, PF_KEY, key, CTLFLAG_RW|CTLFLAG_LOCKED, 0, "Key Family");
 
 /*
  * Definitions of protocols supported in the KEY domain.
  */
 
-extern struct domain keydomain;
+extern struct domain keydomain_s;
 
-struct protosw keysw[] = {
-{ SOCK_RAW,	&keydomain,	PF_KEY_V2,	PR_ATOMIC|PR_ADDR,
-  0,		key_output,	raw_ctlinput,	0,
-  0,
-  key_init,	0,		0,		0,
-  0,
-  &key_usrreqs,
-  0,		0,		0,
+static struct protosw keysw[] = {
+{
+	.pr_type =		SOCK_RAW,
+	.pr_protocol =		PF_KEY_V2,
+	.pr_flags =		PR_ATOMIC|PR_ADDR,
+	.pr_output =		key_output,
+	.pr_ctlinput =		raw_ctlinput,
+	.pr_init =		key_init,
+	.pr_usrreqs =		&key_usrreqs,
 }
 };
 
-struct domain keydomain =
-    { PF_KEY, "key", key_domain_init, 0, 0,
-      keysw, 0,
-      0,0,
-      sizeof(struct key_cb), 0
-    };
+static int key_proto_count = (sizeof (keysw) / sizeof (struct protosw));
+
+struct domain keydomain_s = {
+	.dom_family =		PF_KEY,
+	.dom_name =		"key",
+	.dom_init =		key_dinit,
+	.dom_maxrtkey =		sizeof (struct key_cb),
+};
 
-DOMAIN_SET(key);
+static void
+key_dinit(struct domain *dp)
+{
+	struct protosw *pr;
+	int i;
+
+	VERIFY(!(dp->dom_flags & DOM_INITIALIZED));
+	VERIFY(keydomain == NULL);
+
+	keydomain = dp;
+
+	for (i = 0, pr = &keysw[0]; i < key_proto_count; i++, pr++)
+		net_add_proto(pr, dp, 1);
+}