aboutsummaryrefslogtreecommitdiff
path: root/sys/netipsec/key_debug.c
Commit message (Collapse)AuthorAgeFilesLines
* pfkey: Fix some checks in kdebug_sadb()Tobias Heider2024-12-041-3/+3
| | | | | | | | | | | | Besides not doing any sufficient check that the length of a parsed message is not bigger than the actual allocated buffer, kdebug_sadb() incorrectly compares ext->sadb_ext_len, the extension payload size in 8 byte chunks, with tlen, which is the full message payload size in bytes. This should compare PFKEY_UNUNIT64(ext->sadb_ext_len) with tlen instead. PR: 277456 MFC after: 2 weeks
* ipsec_offload: kernel infrastructureKonstantin Belousov2024-07-121-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Inline IPSEC offload moves almost whole IPSEC processing from the CPU/MCU and possibly crypto accelerator, to the network card. The transmitted packet content is not touched by CPU during TX operations, kernel only does the required policy and security association lookups to find out that given flow is offloaded, and then packet is transmitted as plain text to the card. For driver convenience, a metadata is attached to the packet identifying SA which must process the packet. Card does encryption of the payload, padding, calculates authentication, and does the reformat according to the policy. Similarly, on receive, card does the decapsulation, decryption, and authentification. Kernel receives the identifier of SA that was used to process the packet, together with the plain-text packet. Overall, payload octets are only read or written by card DMA engine, removing a lot of memory subsystem overhead, and saving CPU time because IPSEC algos calculations are avoided. If driver declares support for inline IPSEC offload (with the IFCAP2_IPSEC_OFFLOAD capability set and registering method table struct if_ipsec_accel_methods), kernel offers the SPD and SAD to driver. Driver decides which policies and SAs can be offloaded based on hardware capacity, and acks/nacks each SA for given interface to kernel. Kernel needs to keep this information to make a decision to skip software processing on TX, and to assume processing already done on RX. This shadow SPD/SAD database of offloads is rooted from policies (struct secpolicy accel_ifps, struct ifp_handle_sp) and SAs (struct secasvar accel_ipfs, struct ifp_handle_sav). Some extensions to the PF_KEY socket allow to limit interfaces for which given SP/SA could be offloaded (proposed for offload). Also, additional statistics extensions allow to observe allocation/octet/use counters for specific SA. Since SPs and SAs are typically instantiated in non-sleepable context, while offloading them into card is expected to require costly async manipulations of the card state, calls to the driver for offload and termination are executed in the threaded taskqueue. It also solves the issue of allocating resources needed for the offload database. Neither ipf_handle_sp nor ipf_handle_sav do not add reference to the owning SP/SA, the offload must be terminated before last reference is dropped. ipsec_accel only adds transient references to ensure safe pointer ownership by taskqueue. Maintaining the SA counters for hardware-accelerated packets is the duty of the driver. The helper ipsec_accel_drv_sa_lifetime_update() is provided to hide accel infrastructure from drivers which would use expected callout to query hardware periodically for updates. Reviewed by: rscheff (transport, stack integration), np Sponsored by: NVIDIA networking Differential revision: https://reviews.freebsd.org/D44219
* sys: Remove $FreeBSD$: one-line .c comment patternWarner Losh2023-08-161-1/+0
| | | | Remove /^/[*/]\s*\$FreeBSD\$.*\n/
* kdebug_secasv: Update for recent locking changes.John Baldwin2022-12-151-2/+4
| | | | | | | Reviewed by: kp Fixes: 0361f165f219 ipsec: replace SECASVAR mtx by rmlock Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D37690
* Fix unused variable warning in netipsec's key_debug.cDimitry Andric2022-07-261-3/+2
| | | | | | | | | | | | | | With clang 15, the following -Werror warning is produced: sys/netipsec/key_debug.c:923:9: error: variable 'j' set but not used [-Werror,-Wunused-but-set-variable] int i, j; ^ The 'j' variable was in key_debug.c when it was first added, but it appears to have been a debugging aid that has never been used, so remove it. MFC after: 3 days
* ipsec: replace SECASVAR mtx by rmlockKristof Provost2022-07-191-0/+4
| | | | | | | | | | | | | This mutex is a significant point of contention in the ipsec code, and can be relatively trivially replaced by a read-mostly lock. It does require a separate lock for the replay protection, which we do here by adding a separate mutex. This improves throughput (without replay protection) by 10-15%. MFC after: 3 weeks Sponsored by: Orange Business Services Differential Revision: https://reviews.freebsd.org/D35763
* Implement anti-replay algorithm with ESN supportMarcin Wojtas2020-10-161-2/+2
| | | | | | | | | | | | | | | | | | | | | | As RFC 4304 describes there is anti-replay algorithm responsibility to provide appropriate value of Extended Sequence Number. This patch introduces anti-replay algorithm with ESN support based on RFC 4304, however to avoid performance regressions window implementation was based on RFC 6479, which was already implemented in FreeBSD. To keep things clean and improve code readability, implementation of window is kept in seperate functions. Submitted by: Grzegorz Jaszczyk <jaz@semihalf.com> Patryk Duda <pdk@semihalf.com> Reviewed by: jhb Differential revision: https://reviews.freebsd.org/D22367 Obtained from: Semihalf Sponsored by: Stormshield Notes: svn path=/head/; revision=366757
* net: clean up empty lines in .c and .h filesMateusz Guzik2020-09-011-2/+0
| | | | Notes: svn path=/head/; revision=365071
* r335795 build fix: make static functions staticEd Maste2018-06-291-2/+2
| | | | | | | | | | -Werror,-Wmissing-prototypes makes this an error otherwise. MFC with: 335795 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=335796
* Make debug output produced by `setkey -x` command a more human readable.Andrey V. Elsukov2018-06-291-3/+84
| | | | | | | | | | | | Add text names of SADB message types and extension headers to the output. Obtained from: Yandex LLC MFC after: 2 weeks Sponsored by: Yandex LLC Differential Revision: https://reviews.freebsd.org/D16036 Notes: svn path=/head/; revision=335795
* sys: further adoption of SPDX licensing ID tags.Pedro F. Giffuni2017-11-201-0/+2
| | | | | | | | | | | | | | | | | Mainly focus on files that use BSD 3-Clause license. The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts. Special thanks to Wind River for providing access to "The Duke of Highlander" tool: an older (2014) run over FreeBSD tree was useful as a starting point. Notes: svn path=/head/; revision=326023
* Build kdebug_secreplay() function only when IPSEC_DEBUG is defined.Andrey V. Elsukov2017-06-011-4/+2
| | | | | | | | | | This should fix the build on sparc. Reported by: emaste X-MFC with: r319118 Notes: svn path=/head/; revision=319412
* Add large replay widow support to setkey(8) and libipsec.Andrey V. Elsukov2017-04-131-25/+78
| | | | | | | | | | | | | | | | | | | | When the replay window size is large than UINT8_MAX, add to the request the SADB_X_EXT_SA_REPLAY extension header that was added in r309144. Also add support of SADB_X_EXT_NAT_T_TYPE, SADB_X_EXT_NAT_T_SPORT, SADB_X_EXT_NAT_T_DPORT, SADB_X_EXT_NAT_T_OAI, SADB_X_EXT_NAT_T_OAR, SADB_X_EXT_SA_REPLAY, SADB_X_EXT_NEW_ADDRESS_SRC, SADB_X_EXT_NEW_ADDRESS_DST extension headers to the key_debug that is used by `setkey -x`. Modify kdebug_sockaddr() to use inet_ntop() for IP addresses formatting. And modify kdebug_sadb_x_policy() to show policy scope and priority. Reviewed by: gnn, Emeric Poupon MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D10375 Notes: svn path=/head/; revision=316759
* Merge projects/ipsec into head/.Andrey V. Elsukov2017-02-061-105/+282
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Small summary ------------- o Almost all IPsec releated code was moved into sys/netipsec. o New kernel modules added: ipsec.ko and tcpmd5.ko. New kernel option IPSEC_SUPPORT added. It enables support for loading and unloading of ipsec.ko and tcpmd5.ko kernel modules. o IPSEC_NAT_T option was removed. Now NAT-T support is enabled by default. The UDP_ENCAP_ESPINUDP_NON_IKE encapsulation type support was removed. Added TCP/UDP checksum handling for inbound packets that were decapsulated by transport mode SAs. setkey(8) modified to show run-time NAT-T configuration of SA. o New network pseudo interface if_ipsec(4) added. For now it is build as part of ipsec.ko module (or with IPSEC kernel). It implements IPsec virtual tunnels to create route-based VPNs. o The network stack now invokes IPsec functions using special methods. The only one header file <netipsec/ipsec_support.h> should be included to declare all the needed things to work with IPsec. o All IPsec protocols handlers (ESP/AH/IPCOMP protosw) were removed. Now these protocols are handled directly via IPsec methods. o TCP_SIGNATURE support was reworked to be more close to RFC. o PF_KEY SADB was reworked: - now all security associations stored in the single SPI namespace, and all SAs MUST have unique SPI. - several hash tables added to speed up lookups in SADB. - SADB now uses rmlock to protect access, and concurrent threads can do SA lookups in the same time. - many PF_KEY message handlers were reworked to reflect changes in SADB. - SADB_UPDATE message was extended to support new PF_KEY headers: SADB_X_EXT_NEW_ADDRESS_SRC and SADB_X_EXT_NEW_ADDRESS_DST. They can be used by IKE daemon to change SA addresses. o ipsecrequest and secpolicy structures were cardinally changed to avoid locking protection for ipsecrequest. Now we support only limited number (4) of bundled SAs, but they are supported for both INET and INET6. o INPCB security policy cache was introduced. Each PCB now caches used security policies to avoid SP lookup for each packet. o For inbound security policies added the mode, when the kernel does check for full history of applied IPsec transforms. o References counting rules for security policies and security associations were changed. The proper SA locking added into xform code. o xform code was also changed. Now it is possible to unregister xforms. tdb_xxx structures were changed and renamed to reflect changes in SADB/SPDB, and changed rules for locking and refcounting. Reviewed by: gnn, wblock Obtained from: Yandex LLC Relnotes: yes Sponsored by: Yandex LLC Differential Revision: https://reviews.freebsd.org/D9352 Notes: svn path=/head/; revision=313330
* netipsec: fix build after 309144Ed Maste2016-11-261-0/+2
| | | | | | | Reported by: rakuco Notes: svn path=/head/; revision=309174
* IPsec RFC6479 support for replay window sizes up to 2^32 - 32 packets.Fabien Thomas2016-11-251-4/+7
| | | | | | | | | | | | | | | | | | | Since the previous algorithm, based on bit shifting, does not scale with large replay windows, the algorithm used here is based on RFC 6479: IPsec Anti-Replay Algorithm without Bit Shifting. The replay window will be fast to be updated, but will cost as many bits in RAM as its size. The previous implementation did not provide a lock on the replay window, which may lead to replay issues. Reviewed by: ae Obtained from: emeric.poupon@stormshield.eu Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D8468 Notes: svn path=/head/; revision=309144
* Use ipsec_address() function to print IP addresses.Andrey V. Elsukov2016-04-241-16/+8
| | | | Notes: svn path=/head/; revision=298536
* Constify mbuf pointer for IPSEC functions where mbuf isn't modified.Andrey V. Elsukov2016-04-211-4/+4
| | | | Notes: svn path=/head/; revision=298398
* These files were getting sys/malloc.h and vm/uma.h with header pollutionGleb Smirnoff2016-02-011-1/+1
| | | | | | | via sys/mbuf.h Notes: svn path=/head/; revision=295126
* Make IPsec work with AES-GCM and AES-ICM (aka CTR) in OCF... IPsecJohn-Mark Gurney2015-08-041-5/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | defines the keys differently than NIST does, so we have to muck with key lengths and nonce/IVs to be standard compliant... Remove the iv from secasvar as it was unused... Add a counter protected by a mutex to ensure that the counter for GCM and ICM will never be repeated.. This is a requirement for security.. I would use atomics, but we don't have a 64bit one on all platforms.. Fix a bug where IPsec was depending upon the OCF to ensure that the blocksize was always at least 4 bytes to maintain alignment... Move this logic into IPsec so changes to OCF won't break IPsec... In one place, espx was always non-NULL, so don't test that it's non-NULL before doing work.. minor style cleanups... drop setting key and klen as they were not used... Enforce that OCF won't pass invalid key lengths to AES that would panic the machine... This was has been tested by others too... I tested this against NetBSD 6.1.5 using mini-test suite in https://github.com/jmgurney/ipseccfgs and the only things that don't pass are keyed md5 and sha1, and 3des-deriv (setkey syntax error), all other modes listed in setkey's man page... The nice thing is that NetBSD uses setkey, so same config files were used on both... Reviewed by: gnn Notes: svn path=/head/; revision=286292
* Rename ip4_def_policy variable to def_policy. It is used by both IPv4 andAndrey V. Elsukov2014-12-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IPv6. Initialize it only once in def_policy_init(). Remove its initialization from key_init() and make it static. Remove several fields from struct secpolicy: * lock - it isn't so useful having mutex in the structure, but the only thing we do with it is initialization and destroying. * state - it has only two values - DEAD and ALIVE. Instead of take a lock and change the state to DEAD, then take lock again in GC function and delete policy from the chain - keep in the chain only ALIVE policies. * scangen - it was used in GC function to protect from sending several SADB_SPDEXPIRE messages for one SPD entry. Now we don't keep DEAD entries in the chain and there is no need to have scangen variable. Use TAILQ to implement SPD entries chain. Use rmlock to protect access to SPD entries chain. Protect all SP lookup with RLOCK, and use WLOCK when we are inserting (or removing) SP entry in the chain. Instead of using pattern "LOCK(); refcnt++; UNLOCK();", use refcount(9) API to implement refcounting in SPD. Merge code from key_delsp() and _key_delsp() into _key_freesp(). And use KEY_FREESP() macro in all cases when we want to release reference or just delete SP entry. Obtained from: Yandex LLC Sponsored by: Yandex LLC Notes: svn path=/head/; revision=276188
* Remove __P() macro.Andrey V. Elsukov2014-12-031-9/+9
| | | | | | | | Suggested by: kevlo Sponsored by: Yandex LLC Notes: svn path=/head/; revision=275438
* ANSIfy function declarations.Andrey V. Elsukov2014-12-031-42/+20
| | | | | | | Sponsored by: Yandex LLC Notes: svn path=/head/; revision=275437
* Remove route chaching support from ipsec code. It isn't used for some time.Andrey V. Elsukov2014-12-021-1/+0
| | | | | | | | | | | | * remove sa_route_union declaration and route_cache member from struct secashead; * remove key_sa_routechange() call from ICMP and ICMPv6 code; * simplify ip_ipsec_mtu(); * remove #include <net/route.h>; Sponsored by: Yandex LLC Notes: svn path=/head/; revision=275392
* Fix style bug: rename the refcount field of m_ext to ext_cnt, to matchGleb Smirnoff2014-07-111-2/+2
| | | | | | | | | other members. Sponsored by: Nginx, Inc. Notes: svn path=/head/; revision=268530
* Build on Jeff Roberson's linker-set based dynamic per-CPU allocatorRobert Watson2009-07-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (DPCPU), as suggested by Peter Wemm, and implement a new per-virtual network stack memory allocator. Modify vnet to use the allocator instead of monolithic global container structures (vinet, ...). This change solves many binary compatibility problems associated with VIMAGE, and restores ELF symbols for virtualized global variables. Each virtualized global variable exists as a "reference copy", and also once per virtual network stack. Virtualized global variables are tagged at compile-time, placing the in a special linker set, which is loaded into a contiguous region of kernel memory. Virtualized global variables in the base kernel are linked as normal, but those in modules are copied and relocated to a reserved portion of the kernel's vnet region with the help of a the kernel linker. Virtualized global variables exist in per-vnet memory set up when the network stack instance is created, and are initialized statically from the reference copy. Run-time access occurs via an accessor macro, which converts from the current vnet and requested symbol to a per-vnet address. When "options VIMAGE" is not compiled into the kernel, normal global ELF symbols will be used instead and indirection is avoided. This change restores static initialization for network stack global variables, restores support for non-global symbols and types, eliminates the need for many subsystem constructors, eliminates large per-subsystem structures that caused many binary compatibility issues both for monitoring applications (netstat) and kernel modules, removes the per-function INIT_VNET_*() macros throughout the stack, eliminates the need for vnet_symmap ksym(2) munging, and eliminates duplicate definitions of virtualized globals under VIMAGE_GLOBALS. Bump __FreeBSD_version and update UPDATING. Portions submitted by: bz Reviewed by: bz, zec Discussed with: gnn, jamie, jeff, jhb, julian, sam Suggested by: peter Approved by: re (kensmith) Notes: svn path=/head/; revision=195699
* Shuffle the vimage.h includes or add where missing.Bjoern A. Zeeb2009-02-271-0/+1
| | | | Notes: svn path=/head/; revision=189103
* Fix bugs when allocating and passing information of current lifetime andBjoern A. Zeeb2008-03-021-4/+22
| | | | | | | | | | | | | | | soft lifetime [1] introduced in rev. 1.21 of key.c. Along with that, fix a related problem in key_debug printing the correct data. While there replace a printf by panic in a sanity check. PR: 120751 Submitted by: Kazuaki ODA (kazuaki aliceblue.jp) [1] MFC after: 5 days Notes: svn path=/head/; revision=176743
* Commit IPv6 support for FAST_IPSEC to the tree.George V. Neville-Neil2007-07-011-1/+1
| | | | | | | | | | | | This commit includes only the kernel files, the rest of the files will follow in a second commit. Reviewed by: bz Approved by: re Supported by: Secure Computing Notes: svn path=/head/; revision=171133
* Fix -Wundef warnings found when compiling i386 LINT, GENERIC andRuslan Ermilov2005-12-051-1/+1
| | | | | | | custom kernels. Notes: svn path=/head/; revision=153110
* /* -> /*- for license, minor formatting changesWarner Losh2005-01-071-1/+1
| | | | Notes: svn path=/head/; revision=139823
* MFp4: portability work, general cleanup, locking fixesSam Leffler2003-09-291-25/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | change 38496 o add ipsec_osdep.h that holds os-specific definitions for portability o s/KASSERT/IPSEC_ASSERT/ for portability o s/SPLASSERT/IPSEC_SPLASSERT/ for portability o remove function names from ASSERT strings since line#+file pinpints the location o use __func__ uniformly to reduce string storage o convert some random #ifdef DIAGNOSTIC code to assertions o remove some debuggging assertions no longer needed change 38498 o replace numerous bogus panic's with equally bogus assertions that at least go away on a production system change 38502 + 38530 o change explicit mtx operations to #defines to simplify future changes to a different lock type change 38531 o hookup ipv4 ctlinput paths to a noop routine; we should be handling path mtu changes at least o correct potential null pointer deref in ipsec4_common_input_cb chnage 38685 o fix locking for bundled SA's and for when key exchange is required change 38770 o eliminate recursion on the SAHTREE lock change 38804 o cleanup some types: long -> time_t o remove refrence to dead #define change 38805 o correct some types: long -> time_t o add scan generation # to secpolicy to deal with locking issues change 38806 o use LIST_FOREACH_SAFE instead of handrolled code o change key_flush_spd to drop the sptree lock before purging an entry to avoid lock recursion and to avoid holding the lock over a long-running operation o misc cleanups of tangled and twisty code There is still much to do here but for now things look to be working again. Supported by: FreeBSD Foundation Notes: svn path=/head/; revision=120585
* "Fast IPsec": this is an experimental IPsec implementation that is derivedSam Leffler2002-10-161-0/+747
from the KAME IPsec implementation, but with heavy borrowing and influence of openbsd. A key feature of this implementation is that it uses the kernel crypto framework to do all crypto work so when h/w crypto support is present IPsec operation is automatically accelerated. Otherwise the protocol implementations are rather differet while the SADB and policy management code is very similar to KAME (for the moment). Note that this implementation is enabled with a FAST_IPSEC option. With this you get all protocols; i.e. there is no FAST_IPSEC_ESP option. FAST_IPSEC and IPSEC are mutually exclusive; you cannot build both into a single system. This software is well tested with IPv4 but should be considered very experimental (i.e. do not deploy in production environments). This software does NOT currently support IPv6. In fact do not configure FAST_IPSEC and INET6 in the same system. Obtained from: KAME + openbsd Supported by: Vernier Networks Notes: svn path=/head/; revision=105197