Add sadb_x_policy_flags to inform SP origination. This extension(struct sadb_x_policy) is *not* defined by RFC2367. OpenBSD does not have reserved fields in struct sadb_x_policy. Linux does not use this field yet. FreeBSD uses this field as "sadb_x_policy_scope"; the value range is from 0x00 to 0x04. We use from most significant bit to avoid the above usage.diff -r1.33 -r1.34 src/sys/net/if_ipsec.c
(knakahara)
--- src/sys/net/if_ipsec.c 2022/10/06 06:59:24 1.33
+++ src/sys/net/if_ipsec.c 2022/10/11 09:51:47 1.34
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: if_ipsec.c,v 1.33 2022/10/06 06:59:24 knakahara Exp $ */ | 1 | /* $NetBSD: if_ipsec.c,v 1.34 2022/10/11 09:51:47 knakahara Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (c) 2017 Internet Initiative Japan Inc. | 4 | * Copyright (c) 2017 Internet Initiative Japan Inc. | |
5 | * All rights reserved. | 5 | * All rights reserved. | |
6 | * | 6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | 7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | 8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | 9 | * are met: | |
10 | * 1. Redistributions of source code must retain the above copyright | 10 | * 1. Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | 11 | * notice, this list of conditions and the following disclaimer. | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | 12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in the | 13 | * notice, this list of conditions and the following disclaimer in the | |
14 | * documentation and/or other materials provided with the distribution. | 14 | * documentation and/or other materials provided with the distribution. | |
@@ -17,27 +17,27 @@ | @@ -17,27 +17,27 @@ | |||
17 | * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED | 17 | * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED | |
18 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | 18 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
19 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS | 19 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS | |
20 | * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | 20 | * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | 21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | |
22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | 22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |
23 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | 23 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | |
24 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | 24 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
25 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | 25 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |
26 | * POSSIBILITY OF SUCH DAMAGE. | 26 | * POSSIBILITY OF SUCH DAMAGE. | |
27 | */ | 27 | */ | |
28 | 28 | |||
29 | #include <sys/cdefs.h> | 29 | #include <sys/cdefs.h> | |
30 | __KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.33 2022/10/06 06:59:24 knakahara Exp $"); | 30 | __KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.34 2022/10/11 09:51:47 knakahara Exp $"); | |
31 | 31 | |||
32 | #ifdef _KERNEL_OPT | 32 | #ifdef _KERNEL_OPT | |
33 | #include "opt_inet.h" | 33 | #include "opt_inet.h" | |
34 | #endif | 34 | #endif | |
35 | 35 | |||
36 | #include <sys/param.h> | 36 | #include <sys/param.h> | |
37 | #include <sys/atomic.h> | 37 | #include <sys/atomic.h> | |
38 | #include <sys/systm.h> | 38 | #include <sys/systm.h> | |
39 | #include <sys/kernel.h> | 39 | #include <sys/kernel.h> | |
40 | #include <sys/mbuf.h> | 40 | #include <sys/mbuf.h> | |
41 | #include <sys/socket.h> | 41 | #include <sys/socket.h> | |
42 | #include <sys/sockio.h> | 42 | #include <sys/sockio.h> | |
43 | #include <sys/errno.h> | 43 | #include <sys/errno.h> | |
@@ -1696,27 +1696,27 @@ if_ipsec_set_sadb_x_policy(struct sadb_x | @@ -1696,27 +1696,27 @@ if_ipsec_set_sadb_x_policy(struct sadb_x | |||
1696 | 1696 | |||
1697 | KASSERT(policy != IPSEC_POLICY_IPSEC || xisr != NULL); | 1697 | KASSERT(policy != IPSEC_POLICY_IPSEC || xisr != NULL); | |
1698 | 1698 | |||
1699 | size = sizeof(*xpl); | 1699 | size = sizeof(*xpl); | |
1700 | if (policy == IPSEC_POLICY_IPSEC) { | 1700 | if (policy == IPSEC_POLICY_IPSEC) { | |
1701 | size += PFKEY_ALIGN8(sizeof(*xisr)); | 1701 | size += PFKEY_ALIGN8(sizeof(*xisr)); | |
1702 | if (src != NULL && dst != NULL) | 1702 | if (src != NULL && dst != NULL) | |
1703 | size += PFKEY_ALIGN8(src->sa_len + dst->sa_len); | 1703 | size += PFKEY_ALIGN8(src->sa_len + dst->sa_len); | |
1704 | } | 1704 | } | |
1705 | xpl->sadb_x_policy_len = PFKEY_UNIT64(size); | 1705 | xpl->sadb_x_policy_len = PFKEY_UNIT64(size); | |
1706 | xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY; | 1706 | xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY; | |
1707 | xpl->sadb_x_policy_type = policy; | 1707 | xpl->sadb_x_policy_type = policy; | |
1708 | xpl->sadb_x_policy_dir = dir; | 1708 | xpl->sadb_x_policy_dir = dir; | |
1709 | xpl->sadb_x_policy_reserved = 0; | 1709 | xpl->sadb_x_policy_flags = 0; | |
1710 | xpl->sadb_x_policy_id = id; | 1710 | xpl->sadb_x_policy_id = id; | |
1711 | xpl->sadb_x_policy_reserved2 = 0; | 1711 | xpl->sadb_x_policy_reserved2 = 0; | |
1712 | 1712 | |||
1713 | if (policy == IPSEC_POLICY_IPSEC) { | 1713 | if (policy == IPSEC_POLICY_IPSEC) { | |
1714 | xisr->sadb_x_ipsecrequest_len = PFKEY_ALIGN8(sizeof(*xisr)); | 1714 | xisr->sadb_x_ipsecrequest_len = PFKEY_ALIGN8(sizeof(*xisr)); | |
1715 | if (src != NULL && dst != NULL) | 1715 | if (src != NULL && dst != NULL) | |
1716 | xisr->sadb_x_ipsecrequest_len += | 1716 | xisr->sadb_x_ipsecrequest_len += | |
1717 | PFKEY_ALIGN8(src->sa_len + dst->sa_len); | 1717 | PFKEY_ALIGN8(src->sa_len + dst->sa_len); | |
1718 | xisr->sadb_x_ipsecrequest_proto = IPPROTO_ESP; | 1718 | xisr->sadb_x_ipsecrequest_proto = IPPROTO_ESP; | |
1719 | xisr->sadb_x_ipsecrequest_mode = IPSEC_MODE_TRANSPORT; | 1719 | xisr->sadb_x_ipsecrequest_mode = IPSEC_MODE_TRANSPORT; | |
1720 | xisr->sadb_x_ipsecrequest_level = level; | 1720 | xisr->sadb_x_ipsecrequest_level = level; | |
1721 | if (level == IPSEC_LEVEL_UNIQUE) | 1721 | if (level == IPSEC_LEVEL_UNIQUE) | |
1722 | xisr->sadb_x_ipsecrequest_reqid = reqid; | 1722 | xisr->sadb_x_ipsecrequest_reqid = reqid; |
--- src/sys/net/pfkeyv2.h 2022/04/16 18:15:22 1.33
+++ src/sys/net/pfkeyv2.h 2022/10/11 09:51:47 1.34
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: pfkeyv2.h,v 1.33 2022/04/16 18:15:22 andvar Exp $ */ | 1 | /* $NetBSD: pfkeyv2.h,v 1.34 2022/10/11 09:51:47 knakahara Exp $ */ | |
2 | /* $KAME: pfkeyv2.h,v 1.36 2003/07/25 09:33:37 itojun Exp $ */ | 2 | /* $KAME: pfkeyv2.h,v 1.36 2003/07/25 09:33:37 itojun Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -218,27 +218,28 @@ struct sadb_x_sa2 { | @@ -218,27 +218,28 @@ struct sadb_x_sa2 { | |||
218 | uint8_t sadb_x_sa2_reserved1; | 218 | uint8_t sadb_x_sa2_reserved1; | |
219 | uint16_t sadb_x_sa2_reserved2; | 219 | uint16_t sadb_x_sa2_reserved2; | |
220 | uint32_t sadb_x_sa2_sequence; | 220 | uint32_t sadb_x_sa2_sequence; | |
221 | uint32_t sadb_x_sa2_reqid; /* topmost 16bits are always 0 */ | 221 | uint32_t sadb_x_sa2_reqid; /* topmost 16bits are always 0 */ | |
222 | }; | 222 | }; | |
223 | 223 | |||
224 | /* XXX Policy Extension */ | 224 | /* XXX Policy Extension */ | |
225 | /* sizeof(struct sadb_x_policy) == 16 */ | 225 | /* sizeof(struct sadb_x_policy) == 16 */ | |
226 | struct sadb_x_policy { | 226 | struct sadb_x_policy { | |
227 | uint16_t sadb_x_policy_len; | 227 | uint16_t sadb_x_policy_len; | |
228 | uint16_t sadb_x_policy_exttype; | 228 | uint16_t sadb_x_policy_exttype; | |
229 | uint16_t sadb_x_policy_type; /* See policy type of ipsec.h */ | 229 | uint16_t sadb_x_policy_type; /* See policy type of ipsec.h */ | |
230 | uint8_t sadb_x_policy_dir; /* direction, see ipsec.h */ | 230 | uint8_t sadb_x_policy_dir; /* direction, see ipsec.h */ | |
231 | uint8_t sadb_x_policy_reserved; | 231 | uint8_t sadb_x_policy_flags; | |
232 | #define IPSEC_POLICY_FLAG_ORIGIN_KERNEL 0x80 /* policy is generated by kernel */ | |||
232 | uint32_t sadb_x_policy_id; | 233 | uint32_t sadb_x_policy_id; | |
233 | uint32_t sadb_x_policy_reserved2; | 234 | uint32_t sadb_x_policy_reserved2; | |
234 | }; | 235 | }; | |
235 | /* | 236 | /* | |
236 | * When policy_type == IPSEC, it is followed by some of | 237 | * When policy_type == IPSEC, it is followed by some of | |
237 | * the ipsec policy request. | 238 | * the ipsec policy request. | |
238 | * [total length of ipsec policy requests] | 239 | * [total length of ipsec policy requests] | |
239 | * = (sadb_x_policy_len * sizeof(uint64_t) - sizeof(struct sadb_x_policy)) | 240 | * = (sadb_x_policy_len * sizeof(uint64_t) - sizeof(struct sadb_x_policy)) | |
240 | */ | 241 | */ | |
241 | 242 | |||
242 | /* XXX IPsec Policy Request Extension */ | 243 | /* XXX IPsec Policy Request Extension */ | |
243 | /* | 244 | /* | |
244 | * This structure is aligned 8 bytes. | 245 | * This structure is aligned 8 bytes. |
--- src/sys/netipsec/key.c 2022/08/09 08:03:22 1.276
+++ src/sys/netipsec/key.c 2022/10/11 09:51:47 1.277
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: key.c,v 1.276 2022/08/09 08:03:22 knakahara Exp $ */ | 1 | /* $NetBSD: key.c,v 1.277 2022/10/11 09:51:47 knakahara Exp $ */ | |
2 | /* $FreeBSD: key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */ | 2 | /* $FreeBSD: key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */ | |
3 | /* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */ | 3 | /* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */ | |
4 | 4 | |||
5 | /* | 5 | /* | |
6 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 6 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
7 | * All rights reserved. | 7 | * All rights reserved. | |
8 | * | 8 | * | |
9 | * Redistribution and use in source and binary forms, with or without | 9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | 10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | 11 | * are met: | |
12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | 14 | * 2. Redistributions in binary form must reproduce the above copyright | |
@@ -22,27 +22,27 @@ | @@ -22,27 +22,27 @@ | |||
22 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 22 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
23 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 23 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
24 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | 24 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | |
25 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 25 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
26 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 26 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
27 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 27 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
28 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 28 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
29 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 29 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
30 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 30 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
31 | * SUCH DAMAGE. | 31 | * SUCH DAMAGE. | |
32 | */ | 32 | */ | |
33 | 33 | |||
34 | #include <sys/cdefs.h> | 34 | #include <sys/cdefs.h> | |
35 | __KERNEL_RCSID(0, "$NetBSD: key.c,v 1.276 2022/08/09 08:03:22 knakahara Exp $"); | 35 | __KERNEL_RCSID(0, "$NetBSD: key.c,v 1.277 2022/10/11 09:51:47 knakahara Exp $"); | |
36 | 36 | |||
37 | /* | 37 | /* | |
38 | * This code is referred to RFC 2367 | 38 | * This code is referred to RFC 2367 | |
39 | */ | 39 | */ | |
40 | 40 | |||
41 | #if defined(_KERNEL_OPT) | 41 | #if defined(_KERNEL_OPT) | |
42 | #include "opt_inet.h" | 42 | #include "opt_inet.h" | |
43 | #include "opt_ipsec.h" | 43 | #include "opt_ipsec.h" | |
44 | #include "opt_gateway.h" | 44 | #include "opt_gateway.h" | |
45 | #include "opt_net_mpsafe.h" | 45 | #include "opt_net_mpsafe.h" | |
46 | #endif | 46 | #endif | |
47 | 47 | |||
48 | #include <sys/types.h> | 48 | #include <sys/types.h> | |
@@ -2079,26 +2079,28 @@ key_sp2msg(const struct secpolicy *sp, i | @@ -2079,26 +2079,28 @@ key_sp2msg(const struct secpolicy *sp, i | |||
2079 | return NULL; | 2079 | return NULL; | |
2080 | } | 2080 | } | |
2081 | 2081 | |||
2082 | m->m_len = tlen; | 2082 | m->m_len = tlen; | |
2083 | m->m_next = NULL; | 2083 | m->m_next = NULL; | |
2084 | xpl = mtod(m, struct sadb_x_policy *); | 2084 | xpl = mtod(m, struct sadb_x_policy *); | |
2085 | memset(xpl, 0, tlen); | 2085 | memset(xpl, 0, tlen); | |
2086 | 2086 | |||
2087 | xpl->sadb_x_policy_len = PFKEY_UNIT64(tlen); | 2087 | xpl->sadb_x_policy_len = PFKEY_UNIT64(tlen); | |
2088 | xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY; | 2088 | xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY; | |
2089 | xpl->sadb_x_policy_type = sp->policy; | 2089 | xpl->sadb_x_policy_type = sp->policy; | |
2090 | xpl->sadb_x_policy_dir = sp->spidx.dir; | 2090 | xpl->sadb_x_policy_dir = sp->spidx.dir; | |
2091 | xpl->sadb_x_policy_id = sp->id; | 2091 | xpl->sadb_x_policy_id = sp->id; | |
2092 | if (sp->origin == IPSEC_SPORIGIN_KERNEL) | |||
2093 | xpl->sadb_x_policy_flags |= IPSEC_POLICY_FLAG_ORIGIN_KERNEL; | |||
2092 | p = (char *)xpl + sizeof(*xpl); | 2094 | p = (char *)xpl + sizeof(*xpl); | |
2093 | 2095 | |||
2094 | /* if is the policy for ipsec ? */ | 2096 | /* if is the policy for ipsec ? */ | |
2095 | if (sp->policy == IPSEC_POLICY_IPSEC) { | 2097 | if (sp->policy == IPSEC_POLICY_IPSEC) { | |
2096 | struct sadb_x_ipsecrequest *xisr; | 2098 | struct sadb_x_ipsecrequest *xisr; | |
2097 | struct ipsecrequest *isr; | 2099 | struct ipsecrequest *isr; | |
2098 | 2100 | |||
2099 | for (isr = sp->req; isr != NULL; isr = isr->next) { | 2101 | for (isr = sp->req; isr != NULL; isr = isr->next) { | |
2100 | 2102 | |||
2101 | xisr = (struct sadb_x_ipsecrequest *)p; | 2103 | xisr = (struct sadb_x_ipsecrequest *)p; | |
2102 | 2104 | |||
2103 | xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto; | 2105 | xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto; | |
2104 | xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode; | 2106 | xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode; |
--- src/sys/netipsec/key_debug.c 2022/05/18 15:20:18 1.24
+++ src/sys/netipsec/key_debug.c 2022/10/11 09:51:47 1.25
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: key_debug.c,v 1.24 2022/05/18 15:20:18 christos Exp $ */ | 1 | /* $NetBSD: key_debug.c,v 1.25 2022/10/11 09:51:47 knakahara Exp $ */ | |
2 | /* $FreeBSD: key_debug.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */ | 2 | /* $FreeBSD: key_debug.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */ | |
3 | /* $KAME: key_debug.c,v 1.26 2001/06/27 10:46:50 sakane Exp $ */ | 3 | /* $KAME: key_debug.c,v 1.26 2001/06/27 10:46:50 sakane Exp $ */ | |
4 | 4 | |||
5 | /* | 5 | /* | |
6 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 6 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
7 | * All rights reserved. | 7 | * All rights reserved. | |
8 | * | 8 | * | |
9 | * Redistribution and use in source and binary forms, with or without | 9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | 10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | 11 | * are met: | |
12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | 14 | * 2. Redistributions in binary form must reproduce the above copyright | |
@@ -23,27 +23,27 @@ | @@ -23,27 +23,27 @@ | |||
23 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 23 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
24 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | 24 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | |
25 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 25 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
26 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 26 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
27 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 27 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
28 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 28 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
29 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 29 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
30 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 30 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
31 | * SUCH DAMAGE. | 31 | * SUCH DAMAGE. | |
32 | */ | 32 | */ | |
33 | 33 | |||
34 | #ifdef _KERNEL | 34 | #ifdef _KERNEL | |
35 | #include <sys/cdefs.h> | 35 | #include <sys/cdefs.h> | |
36 | __KERNEL_RCSID(0, "$NetBSD: key_debug.c,v 1.24 2022/05/18 15:20:18 christos Exp $"); | 36 | __KERNEL_RCSID(0, "$NetBSD: key_debug.c,v 1.25 2022/10/11 09:51:47 knakahara Exp $"); | |
37 | #endif | 37 | #endif | |
38 | 38 | |||
39 | #if defined(_KERNEL_OPT) | 39 | #if defined(_KERNEL_OPT) | |
40 | #include "opt_inet.h" | 40 | #include "opt_inet.h" | |
41 | #endif | 41 | #endif | |
42 | 42 | |||
43 | #include <sys/types.h> | 43 | #include <sys/types.h> | |
44 | #include <sys/param.h> | 44 | #include <sys/param.h> | |
45 | #ifdef _KERNEL | 45 | #ifdef _KERNEL | |
46 | #include <sys/systm.h> | 46 | #include <sys/systm.h> | |
47 | #include <sys/mbuf.h> | 47 | #include <sys/mbuf.h> | |
48 | #include <sys/queue.h> | 48 | #include <sys/queue.h> | |
49 | #endif | 49 | #endif | |
@@ -367,29 +367,29 @@ kdebug_sadb_x_sa2(const struct sadb_ext | @@ -367,29 +367,29 @@ kdebug_sadb_x_sa2(const struct sadb_ext | |||
367 | sa2->sadb_x_sa2_sequence); | 367 | sa2->sadb_x_sa2_sequence); | |
368 | } | 368 | } | |
369 | 369 | |||
370 | static void | 370 | static void | |
371 | kdebug_sadb_x_policy(const struct sadb_ext *ext) | 371 | kdebug_sadb_x_policy(const struct sadb_ext *ext) | |
372 | { | 372 | { | |
373 | const struct sadb_x_policy *xpl = (const struct sadb_x_policy *)ext; | 373 | const struct sadb_x_policy *xpl = (const struct sadb_x_policy *)ext; | |
374 | const struct sockaddr *addr; | 374 | const struct sockaddr *addr; | |
375 | 375 | |||
376 | /* sanity check */ | 376 | /* sanity check */ | |
377 | if (ext == NULL) | 377 | if (ext == NULL) | |
378 | panic("%s: NULL pointer was passed", __func__); | 378 | panic("%s: NULL pointer was passed", __func__); | |
379 | 379 | |||
380 | printf(" sadb_x_policy { type=%u dir=%u id=%x }", | 380 | printf(" sadb_x_policy { type=%u dir=%u flags=0x%02x id=%x }", | |
381 | xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir, | 381 | xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir, | |
382 | xpl->sadb_x_policy_id); | 382 | xpl->sadb_x_policy_flags, xpl->sadb_x_policy_id); | |
383 | 383 | |||
384 | if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) { | 384 | if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) { | |
385 | int tlen; | 385 | int tlen; | |
386 | const struct sadb_x_ipsecrequest *xisr; | 386 | const struct sadb_x_ipsecrequest *xisr; | |
387 | 387 | |||
388 | tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl); | 388 | tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl); | |
389 | xisr = (const struct sadb_x_ipsecrequest *)(xpl + 1); | 389 | xisr = (const struct sadb_x_ipsecrequest *)(xpl + 1); | |
390 | 390 | |||
391 | while (tlen > 0) { | 391 | while (tlen > 0) { | |
392 | printf(" { len=%u proto=%u mode=%u level=%u reqid=%u", | 392 | printf(" { len=%u proto=%u mode=%u level=%u reqid=%u", | |
393 | xisr->sadb_x_ipsecrequest_len, | 393 | xisr->sadb_x_ipsecrequest_len, | |
394 | xisr->sadb_x_ipsecrequest_proto, | 394 | xisr->sadb_x_ipsecrequest_proto, | |
395 | xisr->sadb_x_ipsecrequest_mode, | 395 | xisr->sadb_x_ipsecrequest_mode, |