Thu May 31 05:52:09 2018 UTC ()
style


(maxv)
diff -r1.94 -r1.95 src/sys/netipsec/xform_esp.c
cvs diff -r1.94 -r1.95 src/sys/netipsec/xform_esp.c (expand / switch to unified diff)

--- src/sys/netipsec/xform_esp.c 2018/05/30 17:17:11 1.94
+++ src/sys/netipsec/xform_esp.c 2018/05/31 05:52:09 1.95
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: xform_esp.c,v 1.94 2018/05/30 17:17:11 maxv Exp $ */ 1/* $NetBSD: xform_esp.c,v 1.95 2018/05/31 05:52:09 maxv Exp $ */
2/* $FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */ 2/* $FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */
3/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */ 3/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
4 4
5/* 5/*
6 * The authors of this code are John Ioannidis (ji@tla.org), 6 * The authors of this code are John Ioannidis (ji@tla.org),
7 * Angelos D. Keromytis (kermit@csd.uch.gr) and 7 * Angelos D. Keromytis (kermit@csd.uch.gr) and
8 * Niels Provos (provos@physnet.uni-hamburg.de). 8 * Niels Provos (provos@physnet.uni-hamburg.de).
9 * 9 *
10 * The original version of this code was written by John Ioannidis 10 * The original version of this code was written by John Ioannidis
11 * for BSD/OS in Athens, Greece, in November 1995. 11 * for BSD/OS in Athens, Greece, in November 1995.
12 * 12 *
13 * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, 13 * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
14 * by Angelos D. Keromytis. 14 * by Angelos D. Keromytis.
@@ -29,27 +29,27 @@ @@ -29,27 +29,27 @@
29 * You may use this code under the GNU public license if you so wish. Please 29 * You may use this code under the GNU public license if you so wish. Please
30 * contribute changes back to the authors under this freer than GPL license 30 * contribute changes back to the authors under this freer than GPL license
31 * so that we may further the use of strong encryption without limitations to 31 * so that we may further the use of strong encryption without limitations to
32 * all. 32 * all.
33 * 33 *
34 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 34 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
35 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 35 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
36 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 36 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
37 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 37 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
38 * PURPOSE. 38 * PURPOSE.
39 */ 39 */
40 40
41#include <sys/cdefs.h> 41#include <sys/cdefs.h>
42__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.94 2018/05/30 17:17:11 maxv Exp $"); 42__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.95 2018/05/31 05:52:09 maxv Exp $");
43 43
44#if defined(_KERNEL_OPT) 44#if defined(_KERNEL_OPT)
45#include "opt_inet.h" 45#include "opt_inet.h"
46#include "opt_ipsec.h" 46#include "opt_ipsec.h"
47#endif 47#endif
48 48
49#include <sys/param.h> 49#include <sys/param.h>
50#include <sys/systm.h> 50#include <sys/systm.h>
51#include <sys/mbuf.h> 51#include <sys/mbuf.h>
52#include <sys/socket.h> 52#include <sys/socket.h>
53#include <sys/syslog.h> 53#include <sys/syslog.h>
54#include <sys/kernel.h> 54#include <sys/kernel.h>
55#include <sys/sysctl.h> 55#include <sys/sysctl.h>
@@ -233,27 +233,27 @@ esp_init(struct secasvar *sav, const str @@ -233,27 +233,27 @@ esp_init(struct secasvar *sav, const str
233 break; 233 break;
234 case 28: 234 case 28:
235 sav->alg_auth = SADB_X_AALG_AES192GMAC; 235 sav->alg_auth = SADB_X_AALG_AES192GMAC;
236 sav->tdb_authalgxform = &auth_hash_gmac_aes_192; 236 sav->tdb_authalgxform = &auth_hash_gmac_aes_192;
237 break; 237 break;
238 case 36: 238 case 36:
239 sav->alg_auth = SADB_X_AALG_AES256GMAC; 239 sav->alg_auth = SADB_X_AALG_AES256GMAC;
240 sav->tdb_authalgxform = &auth_hash_gmac_aes_256; 240 sav->tdb_authalgxform = &auth_hash_gmac_aes_256;
241 break; 241 break;
242 default: 242 default:
243 DPRINTF(("%s: invalid key length %u, must be either of " 243 DPRINTF(("%s: invalid key length %u, must be either of "
244 "20, 28 or 36\n", __func__, keylen)); 244 "20, 28 or 36\n", __func__, keylen));
245 return EINVAL; 245 return EINVAL;
246 } 246 }
247 247
248 memset(&cria, 0, sizeof(cria)); 248 memset(&cria, 0, sizeof(cria));
249 cria.cri_alg = sav->tdb_authalgxform->type; 249 cria.cri_alg = sav->tdb_authalgxform->type;
250 cria.cri_klen = _KEYBITS(sav->key_enc); 250 cria.cri_klen = _KEYBITS(sav->key_enc);
251 cria.cri_key = _KEYBUF(sav->key_enc); 251 cria.cri_key = _KEYBUF(sav->key_enc);
252 break; 252 break;
253 default: 253 default:
254 break; 254 break;
255 } 255 }
256 256
257 /* Initialize crypto session. */ 257 /* Initialize crypto session. */
258 memset(&crie, 0, sizeof(crie)); 258 memset(&crie, 0, sizeof(crie));
259 crie.cri_alg = sav->tdb_encalgxform->type; 259 crie.cri_alg = sav->tdb_encalgxform->type;
@@ -303,27 +303,27 @@ esp_zeroize(struct secasvar *sav) @@ -303,27 +303,27 @@ esp_zeroize(struct secasvar *sav)
303static int 303static int
304esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) 304esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
305{ 305{
306 const struct auth_hash *esph; 306 const struct auth_hash *esph;
307 const struct enc_xform *espx; 307 const struct enc_xform *espx;
308 struct tdb_crypto *tc; 308 struct tdb_crypto *tc;
309 int plen, alen, hlen, error, stat = ESP_STAT_CRYPTO; 309 int plen, alen, hlen, error, stat = ESP_STAT_CRYPTO;
310 struct newesp *esp; 310 struct newesp *esp;
311 struct cryptodesc *crde; 311 struct cryptodesc *crde;
312 struct cryptop *crp; 312 struct cryptop *crp;
313 313
314 KASSERT(sav != NULL); 314 KASSERT(sav != NULL);
315 KASSERT(sav->tdb_encalgxform != NULL); 315 KASSERT(sav->tdb_encalgxform != NULL);
316 KASSERTMSG((skip&3) == 0 && (m->m_pkthdr.len&3) == 0, 316 KASSERTMSG((skip & 3) == 0 && (m->m_pkthdr.len & 3) == 0,
317 "misaligned packet, skip %u pkt len %u", 317 "misaligned packet, skip %u pkt len %u",
318 skip, m->m_pkthdr.len); 318 skip, m->m_pkthdr.len);
319 319
320 /* XXX don't pullup, just copy header */ 320 /* XXX don't pullup, just copy header */
321 M_REGION_GET(esp, struct newesp *, m, skip, sizeof(struct newesp)); 321 M_REGION_GET(esp, struct newesp *, m, skip, sizeof(struct newesp));
322 if (esp == NULL) { 322 if (esp == NULL) {
323 /* m already freed */ 323 /* m already freed */
324 return ENOBUFS; 324 return ENOBUFS;
325 } 325 }
326 326
327 esph = sav->tdb_authalgxform; 327 esph = sav->tdb_authalgxform;
328 espx = sav->tdb_encalgxform; 328 espx = sav->tdb_encalgxform;
329 KASSERT(espx != NULL); 329 KASSERT(espx != NULL);
@@ -359,27 +359,27 @@ esp_input(struct mbuf *m, struct secasva @@ -359,27 +359,27 @@ esp_input(struct mbuf *m, struct secasva
359 /* 359 /*
360 * Check sequence number. 360 * Check sequence number.
361 */ 361 */
362 if (esph && sav->replay && !ipsec_chkreplay(ntohl(esp->esp_seq), sav)) { 362 if (esph && sav->replay && !ipsec_chkreplay(ntohl(esp->esp_seq), sav)) {
363 char logbuf[IPSEC_LOGSASTRLEN]; 363 char logbuf[IPSEC_LOGSASTRLEN];
364 DPRINTF(("%s: packet replay check for %s\n", __func__, 364 DPRINTF(("%s: packet replay check for %s\n", __func__,
365 ipsec_logsastr(sav, logbuf, sizeof(logbuf)))); 365 ipsec_logsastr(sav, logbuf, sizeof(logbuf))));
366 stat = ESP_STAT_REPLAY; 366 stat = ESP_STAT_REPLAY;
367 error = EACCES; 367 error = EACCES;
368 goto out; 368 goto out;
369 } 369 }
370 370
371 /* Update the counters */ 371 /* Update the counters */
372 ESP_STATADD(ESP_STAT_IBYTES, m->m_pkthdr.len - skip - hlen - alen); 372 ESP_STATADD(ESP_STAT_IBYTES, plen);
373 373
374 /* Get crypto descriptors */ 374 /* Get crypto descriptors */
375 crp = crypto_getreq(esph ? 2 : 1); 375 crp = crypto_getreq(esph ? 2 : 1);
376 if (crp == NULL) { 376 if (crp == NULL) {
377 DPRINTF(("%s: failed to acquire crypto descriptors\n", 377 DPRINTF(("%s: failed to acquire crypto descriptors\n",
378 __func__)); 378 __func__));
379 error = ENOBUFS; 379 error = ENOBUFS;
380 goto out; 380 goto out;
381 } 381 }
382 382
383 /* Get IPsec-specific opaque pointer */ 383 /* Get IPsec-specific opaque pointer */
384 size_t extra __diagused = esph == NULL ? 0 : alen; 384 size_t extra __diagused = esph == NULL ? 0 : alen;
385 KASSERTMSG(sizeof(*tc) + extra <= esp_pool_item_size, 385 KASSERTMSG(sizeof(*tc) + extra <= esp_pool_item_size,
@@ -479,35 +479,35 @@ esp_input(struct mbuf *m, struct secasva @@ -479,35 +479,35 @@ esp_input(struct mbuf *m, struct secasva
479 return crypto_dispatch(crp); 479 return crypto_dispatch(crp);
480 480
481out2: 481out2:
482 pool_cache_put(esp_tdb_crypto_pool_cache, tc); 482 pool_cache_put(esp_tdb_crypto_pool_cache, tc);
483out1: 483out1:
484 crypto_freereq(crp); 484 crypto_freereq(crp);
485out: 485out:
486 ESP_STATINC(stat); 486 ESP_STATINC(stat);
487 m_freem(m); 487 m_freem(m);
488 return error; 488 return error;
489} 489}
490 490
491#ifdef INET6 491#ifdef INET6
492#define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) do { \ 492#define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) do { \
493 if (saidx->dst.sa.sa_family == AF_INET6) { \ 493 if (saidx->dst.sa.sa_family == AF_INET6) { \
494 error = ipsec6_common_input_cb(m, sav, skip, protoff); \ 494 error = ipsec6_common_input_cb(m, sav, skip, protoff); \
495 } else { \ 495 } else { \
496 error = ipsec4_common_input_cb(m, sav, skip, protoff); \ 496 error = ipsec4_common_input_cb(m, sav, skip, protoff); \
497 } \ 497 } \
498} while (0) 498} while (0)
499#else 499#else
500#define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) \ 500#define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) \
501 (error = ipsec4_common_input_cb(m, sav, skip, protoff)) 501 (error = ipsec4_common_input_cb(m, sav, skip, protoff))
502#endif 502#endif
503 503
504/* 504/*
505 * ESP input callback from the crypto driver. 505 * ESP input callback from the crypto driver.
506 */ 506 */
507static int 507static int
508esp_input_cb(struct cryptop *crp) 508esp_input_cb(struct cryptop *crp)
509{ 509{
510 char buf[IPSEC_ADDRSTRLEN]; 510 char buf[IPSEC_ADDRSTRLEN];
511 uint8_t lastthree[3], aalg[AH_ALEN_MAX]; 511 uint8_t lastthree[3], aalg[AH_ALEN_MAX];
512 int hlen, skip, protoff, error; 512 int hlen, skip, protoff, error;
513 struct mbuf *m; 513 struct mbuf *m;
@@ -699,35 +699,33 @@ esp_output(struct mbuf *m, const struct  @@ -699,35 +699,33 @@ esp_output(struct mbuf *m, const struct
699 struct tdb_crypto *tc; 699 struct tdb_crypto *tc;
700 struct secasindex *saidx; 700 struct secasindex *saidx;
701 unsigned char *tail; 701 unsigned char *tail;
702 uint8_t prot; 702 uint8_t prot;
703 int error, maxpacketsize; 703 int error, maxpacketsize;
704 struct esptail *esptail; 704 struct esptail *esptail;
705 struct cryptodesc *crde, *crda; 705 struct cryptodesc *crde, *crda;
706 struct cryptop *crp; 706 struct cryptop *crp;
707 707
708 esph = sav->tdb_authalgxform; 708 esph = sav->tdb_authalgxform;
709 espx = sav->tdb_encalgxform; 709 espx = sav->tdb_encalgxform;
710 KASSERT(espx != NULL); 710 KASSERT(espx != NULL);
711 711
 712 /* Determine the ESP header length */
712 if (sav->flags & SADB_X_EXT_OLD) 713 if (sav->flags & SADB_X_EXT_OLD)
713 hlen = sizeof(struct esp) + sav->ivlen; 714 hlen = sizeof(struct esp) + sav->ivlen;
714 else 715 else
715 hlen = sizeof(struct newesp) + sav->ivlen; 716 hlen = sizeof(struct newesp) + sav->ivlen;
716 717 /* Authenticator hash size */
717 if (esph) 718 alen = esph ? esph->authsize : 0;
718 alen = esph->authsize; 
719 else 
720 alen = 0; 
721 719
722 /* 720 /*
723 * NB: The null encoding transform has a blocksize of 4 721 * NB: The null encoding transform has a blocksize of 4
724 * so that headers are properly aligned. 722 * so that headers are properly aligned.
725 */ 723 */
726 blks = espx->blocksize; /* IV blocksize */ 724 blks = espx->blocksize; /* IV blocksize */
727 725
728 /* Raw payload length. */ 726 /* Raw payload length. */
729 rlen = m->m_pkthdr.len - skip; 727 rlen = m->m_pkthdr.len - skip;
730 728
731 /* Encryption padding. */ 729 /* Encryption padding. */
732 padlen = ((blks - ((rlen + sizeof(struct esptail)) % blks)) % blks); 730 padlen = ((blks - ((rlen + sizeof(struct esptail)) % blks)) % blks);
733 731