Lines Matching defs:sah
215 * sah entries
217 * - A sah has sav lists for each SA state
224 * - Modifications to the key_sad.sahlists, sah.savlist and key_sad.savlut
226 * - Read accesses to the key_sad.sahlists, sah.savlist and key_sad.savlut
228 * - sah's lifetime is managed by localcount(9)
229 * - Getting an sah entry
230 * - We get an sah from the key_sad.sahlists
231 * - Must iterate the list and increment the reference count of a found sah
233 * - A gotten sah must be released after use by key_sah_unref
234 * - An sah is destroyed when its state become DEAD and no sav is
235 * listed to the sah
239 * - First get an sah by saidx and get an sav from either of sah's savlists
350 #define SAHLIST_ENTRY_INIT(sah) \
351 PSLIST_ENTRY_INIT((sah), pslist_entry)
352 #define SAHLIST_ENTRY_DESTROY(sah) \
353 PSLIST_ENTRY_DESTROY((sah), pslist_entry)
354 #define SAHLIST_WRITER_REMOVE(sah) \
355 PSLIST_WRITER_REMOVE((sah), pslist_entry)
356 #define SAHLIST_READER_FOREACH(sah) \
358 PSLIST_READER_FOREACH((sah), &key_sad.sahlists[_i_sah], \
360 #define SAHLIST_READER_FOREACH_SAIDX(sah, saidx) \
361 PSLIST_READER_FOREACH((sah), \
365 #define SAHLIST_WRITER_FOREACH(sah) \
367 PSLIST_WRITER_FOREACH((sah), &key_sad.sahlists[_i_sah], \
369 #define SAHLIST_WRITER_INSERT_HEAD(sah) \
371 &key_sad.sahlists[key_saidxhash(&(sah)->saidx, \
373 (sah), pslist_entry)
380 #define SAVLIST_READER_FIRST(sah, state) \
381 PSLIST_READER_FIRST(&(sah)->savlist[(state)], struct secasvar, \
385 #define SAVLIST_READER_FOREACH(sav, sah, state) \
386 PSLIST_READER_FOREACH((sav), &(sah)->savlist[(state)], \
388 #define SAVLIST_WRITER_FOREACH(sav, sah, state) \
389 PSLIST_WRITER_FOREACH((sav), &(sah)->savlist[(state)], \
395 #define SAVLIST_WRITER_EMPTY(sah, state) \
396 (PSLIST_WRITER_FIRST(&(sah)->savlist[(state)], struct secasvar, \
398 #define SAVLIST_WRITER_INSERT_HEAD(sah, state, sav) \
399 PSLIST_WRITER_INSERT_HEAD(&(sah)->savlist[(state)], (sav), \
403 #define SAVLIST_WRITER_INSERT_TAIL(sah, state, new) \
405 if (SAVLIST_WRITER_EMPTY((sah), (state))) { \
406 SAVLIST_WRITER_INSERT_HEAD((sah), (state), (new));\
409 SAVLIST_WRITER_FOREACH(__sav, (sah), (state)) { \
1125 struct secashead *sah;
1133 sah = key_getsah(saidx, CMP_MODE_REQID);
1134 if (sah == NULL)
1157 sav = SAVLIST_READER_FIRST(sah, state);
1162 SAVLIST_READER_FOREACH(sav, sah, state)
1187 satype = key_proto2satype(sav->sah->saidx.proto);
1197 m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, &sav->sah->saidx.src.sa,
1198 _BITS(sav->sah->saidx.src.sa.sa_len), IPSEC_ULPROTO_ANY);
1204 m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, &sav->sah->saidx.src.sa,
1205 _BITS(sav->sah->saidx.src.sa.sa_len), IPSEC_ULPROTO_ANY);
1323 if (proto != sav->sah->saidx.proto) {
1326 proto, sav->sah->saidx.proto);
1347 if (!key_sockaddr_match(&src->sa, &sav->sah->saidx.src.sa, PORT_NONE))
1353 if (!key_sockaddr_match(&dst->sa, &sav->sah->saidx.dst.sa, chkport))
1368 key_validate_savlist(const struct secashead *sah, const u_int state)
1379 SAVLIST_READER_FOREACH(sav, sah, state) {
1385 "savlist is not sorted: sah=%p, state=%d, "
1386 "sav=%" PRIu64 ", next=%" PRIu64, sah, state,
1577 * Remove the sav from the savlist of its sah and wait for references to the sav
1596 sah
3217 /* Add to the sah list */
3228 key_sah_has_sav(struct secashead *sah)
3235 if (!SAVLIST_WRITER_EMPTY(sah, state))
3243 key_unlink_sah(struct secashead *sah)
3248 KASSERTMSG(sah->state == SADB_SASTATE_DEAD, "sah->state=%u", sah->state);
3250 /* Remove from the sah list */
3251 SAHLIST_WRITER_REMOVE(sah);
3256 localcount_drain(&sah->localcount, &key_sad.cv_lc, &key_sad.lock);
3260 key_destroy_sah(struct secashead *sah)
3263 rtcache_free(&sah->sa_route);
3265 SAHLIST_ENTRY_DESTROY(sah);
3266 localcount_fini(&sah->localcount);
3268 if (sah->idents != NULL)
3269 kmem_free(sah->idents, sah->idents_len);
3270 if (sah->identd != NULL)
3271 kmem_free(sah->identd, sah->identd_len);
3273 kmem_free(sah, sizeof(*sah));
3398 * Must be called in a pserialize read section. A held sah
3402 key_sah_ref(struct secashead *sah)
3405 localcount_acquire(&sah->localcount);
3413 key_sah_unref(struct secashead *sah)
3418 localcount_release(&sah->localcount, &key_sad.cv_lc, &key_sad.lock);
3422 * Search SAD and return sah. Must be called in a pserialize
3431 struct secashead *sah;
3433 SAHLIST_READER_FOREACH_SAIDX(sah, saidx) {
3434 if (sah->state == SADB_SASTATE_DEAD)
3436 if (key_saidx_match(&sah->saidx, saidx, flag))
3437 return sah;
3444 * Search SAD and return sah. If sah is returned, the caller must call
3453 struct secashead *sah;
3457 sah = key_getsah(saidx, flag);
3458 if (sah != NULL)
3459 key_sah_ref(sah);
3462 return sah;
3475 struct secashead *sah;
3489 SAHLIST_WRITER_FOREACH(sah) {
3490 if (!key_ismyaddr((struct sockaddr *)&sah->saidx.dst))
3492 sav = key_getsavbyspi(sah, spi);
3511 key_getsavbyspi(struct secashead *sah, u_int32_t spi)
3520 SAVLIST_READER_FOREACH(sav, sah, state) {
3548 key_lookup_and_remove_sav(struct secashead *sah, u_int32_t spi,
3557 SAVLIST_WRITER_FOREACH(sav, sah, state) {
3819 switch (sav->sah->saidx.proto) {
3831 switch (sav->sah->saidx.proto) {
3837 sav->sah->saidx.proto,
3846 sav->sah->saidx.proto,
3856 switch (sav->sah->saidx.proto) {
3934 m = key_setsadbxsa2(sav->sah->saidx.mode,
3936 sav->sah->saidx.reqid);
3941 &sav->sah->saidx.src.sa,
3947 &sav->sah->saidx.dst.sa,
4008 key_portfromsaddr(&sav->sah->saidx.dst),
4016 key_portfromsaddr(&sav->sah->saidx.src),
4977 struct secashead *sah;
4983 SAHLIST_WRITER_FOREACH(sah) {
4984 /* If sah has been dead and has no sav, then delete it */
4985 if (sah->state == SADB_SASTATE_DEAD &&
4986 !key_sah_has_sav(sah)) {
4987 key_unlink_sah(sah);
4989 key_destroy_sah(sah);
4996 SAHLIST_READER_FOREACH(sah) {
4999 key_sah_ref(sah);
5009 SAVLIST_WRITER_FOREACH(sav, sah, SADB_SASTATE_LARVAL) {
5027 SAVLIST_WRITER_FOREACH(sav, sah, SADB_SASTATE_MATURE) {
5096 SAVLIST_WRITER_FOREACH(sav, sah, SADB_SASTATE_DYING) {
5148 SAVLIST_WRITER_FOREACH(sav, sah, SADB_SASTATE_DEAD) {
5157 key_sah_unref(sah);
5376 struct secashead *sah;
5428 sah = key_getsah_ref(&saidx, CMP_REQID);
5429 if (sah == NULL) {
5431 sah = key_newsah(&saidx);
5432 if (sah == NULL) {
5442 key_sah_unref(sah);
5450 /* Add to sah#savlist */
5452 newsav->sah = sah;
5455 SAVLIST_WRITER_INSERT_TAIL(sah, SADB_SASTATE_LARVAL, newsav);
5457 key_validate_savlist(sah, SADB_SASTATE_LARVAL);
5459 key_sah_unref(sah);
5656 key_porttosaddr(&sav->sah->saidx.src, sport->sadb_x_nat_t_port_port);
5657 key_porttosaddr(&sav->sah->saidx.dst, dport->sadb_x_nat_t_port_port);
5730 struct secashead *sah;
5787 sah = key_getsah_ref(&saidx, CMP_REQID);
5788 if (sah == NULL) {
5795 error = key_setident(sah, m, mhp);
5802 sav = key_getsavbyseq(sah, mhp->msg->sadb_msg_seq);
5812 sav = key_getsavbyspi(sah, sa0->sadb_sa_spi);
5822 if (sav->sah->saidx.proto != proto) {
5824 sav->sah->saidx.proto, proto);
5855 newsav->sah = sav->sah;
5879 /* Add to sah#savlist */
5883 SAVLIST_WRITER_INSERT_TAIL(sah, SADB_SASTATE_MATURE, newsav);
5886 key_validate_savlist(sah, SADB_SASTATE_MATURE);
5892 oldsav = key_lookup_and_remove_sav(sah, sa0->sadb_sa_spi, sav);
5905 key_sah_unref(sah);
5906 sah = NULL;
5924 key_sah_unref(sah);
5937 key_getsavbyseq(struct secashead *sah, u_int32_t seq)
5947 SAVLIST_READER_FOREACH(sav, sah, state) {
5986 struct secashead *sah;
6043 sah = key_getsah_ref(&saidx, CMP_REQID);
6044 if (sah == NULL) {
6046 sah = key_newsah(&saidx);
6047 if (sah == NULL) {
6055 error = key_setident(sah, m, mhp);
6063 sav = key_getsavbyspi(sah, sa0->sadb_sa_spi);
6076 newsav->sah = sah;
6091 /* Add to sah#savlist */
6095 SAVLIST_WRITER_INSERT_TAIL(sah, SADB_SASTATE_MATURE, newsav);
6098 key_validate_savlist(sah, SADB_SASTATE_MATURE);
6100 key_sah_unref(sah);
6101 sah = NULL;
6122 key_sah_unref(sah);
6128 key_setident(struct secashead *sah, struct mbuf *m,
6135 KASSERT(sah != NULL);
6141 * Can be called with an existing sah from key_api_update().
6143 if (sah->idents != NULL) {
6144 kmem_free(sah->idents, sah->idents_len);
6145 sah->idents = NULL;
6146 sah->idents_len = 0;
6148 if (sah->identd != NULL) {
6149 kmem_free(sah->identd, sah->identd_len);
6150 sah->identd = NULL;
6151 sah->identd_len = 0;
6157 sah->idents = NULL;
6158 sah->identd = NULL;
6193 sah->idents = NULL;
6194 sah->identd = NULL;
6199 sah->idents = kmem_alloc(idsrclen, KM_SLEEP);
6200 sah->idents_len = idsrclen;
6201 sah->identd = kmem_alloc(iddstlen, KM_SLEEP);
6202 sah->identd_len = iddstlen;
6203 memcpy(sah->idents, idsrc, idsrclen);
6204 memcpy(sah->identd, iddst, iddstlen);
6262 struct secashead *sah;
6312 sah = key_getsah_ref(&saidx, CMP_HEAD);
6313 if (sah != NULL) {
6315 sav = key_lookup_and_remove_sav(sah, sa0->sadb_sa_spi, NULL);
6316 key_sah_unref(sah);
6350 struct secashead *sah;
6366 sah = key_getsah_ref(&saidx, CMP_HEAD);
6367 if (sah != NULL) {
6374 SAVLIST_WRITER_FOREACH(sav, sah, state) {
6383 key_sah_unref(sah);
6454 struct secashead *sah;
6457 sah = key_getsah(&saidx, CMP_HEAD);
6458 if (sah != NULL) {
6460 sav = key_getsavbyspi(sah, sa0->sadb_sa_spi);
6474 satype = key_proto2satype(sav->sah->saidx.proto);
7223 struct secashead *sah;
7226 sah = key_getsah(&saidx, CMP_MODE_REQID);
7227 if (sah != NULL) {
7450 satype = key_proto2satype(sav->sah->saidx.proto);
7463 m = key_setsadbxsa2(sav->sah->saidx.mode,
7464 sav->replay ? sav->replay->count : 0, sav->sah->saidx.reqid);
7489 m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, &sav->sah->saidx.src.sa,
7494 m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, &sav->sah->saidx.dst.sa,
7544 struct secashead *sah;
7559 SAHLIST_READER_FOREACH(sah) {
7561 proto != sah->saidx.proto)
7564 key_sah_ref(sah);
7570 SAVLIST_WRITER_FOREACH(sav, sah, state) {
7581 sah->state = SADB_SASTATE_DEAD;
7582 key_sah_unref(sah);
7606 struct secashead *sah;
7627 SAHLIST_WRITER_FOREACH(sah) {
7629 proto != sah->saidx.proto)
7633 SAVLIST_WRITER_FOREACH(sav, sah, state) {
7647 SAHLIST_WRITER_FOREACH(sah) {
7649 proto != sah->saidx.proto)
7653 satype = key_proto2satype(sah->saidx.proto);
7661 SAVLIST_WRITER_FOREACH(sav, sah, state) {
8489 struct secashead *sah;
8493 SAHLIST_READER_FOREACH(sah) {
8497 key_sah_ref(sah);
8500 ro = &sah->sa_route;
8507 key_sah_unref(sah);
8533 SAVLIST_WRITER_INSERT_HEAD(sav->sah, state, sav);
8540 SAVLIST_WRITER_FOREACH(_sav, sav->sah, state) {
8548 SAVLIST_WRITER_INSERT_TAIL(sav->sah, state, sav);
8553 key_validate_savlist(sav->sah, state);
8604 struct secashead *sah;
8623 SAHLIST_WRITER_FOREACH(sah) {
8625 proto != sah->saidx.proto)
8629 SAVLIST_WRITER_FOREACH(sav, sah, state) {
8642 SAHLIST_WRITER_FOREACH(sah) {
8644 proto != sah->saidx.proto)
8648 satype = key_proto2satype(sah->saidx.proto);
8656 SAVLIST_WRITER_FOREACH(sav, sah, state) {
8766 hash = key_savluthash(&sav->sah->saidx.dst.sa,
8767 sav->sah->saidx.proto, hash_key, key_sad.savlutmask);
Indexes created Tue Sep 30 10:09:55 GMT 2025