Lines Matching defs:sav
214 * - SAs are managed by the list called key_sad.sahlists and sav lists of
216 * - An sav is supposed to be an SA from a viewpoint of users
217 * - A sah has sav lists for each SA state
221 * - All sav whose state is MATURE or DYING are registered to the lookup
223 * - The table is used to search an sav without use of saidx.
234 * - An sah is destroyed when its state become DEAD and no sav is
237 * - sav's lifetime is managed by localcount(9)
238 * - Getting an sav entry
239 * - First get an sah by saidx and get an sav from either of sah's savlists
240 * - Must iterate the list and increment the reference count of a found sav
245 * - A gotten sav must be released after use by key_sa_unref
246 * - An sav is destroyed when its state become DEAD
376 #define SAVLIST_ENTRY_INIT(sav) \
377 PSLIST_ENTRY_INIT((sav), pslist_entry)
378 #define SAVLIST_ENTRY_DESTROY(sav) \
379 PSLIST_ENTRY_DESTROY((sav), pslist_entry)
383 #define SAVLIST_WRITER_REMOVE(sav) \
384 PSLIST_WRITER_REMOVE((sav), pslist_entry)
385 #define SAVLIST_READER_FOREACH(sav, sah, state) \
386 PSLIST_READER_FOREACH((sav), &(sah)->savlist[(state)], \
388 #define SAVLIST_WRITER_FOREACH(sav, sah, state) \
389 PSLIST_WRITER_FOREACH((sav), &(sah)->savlist[(state)], \
391 #define SAVLIST_WRITER_INSERT_BEFORE(sav, new) \
392 PSLIST_WRITER_INSERT_BEFORE((sav), (new), pslist_entry)
393 #define SAVLIST_WRITER_INSERT_AFTER(sav, new) \
394 PSLIST_WRITER_INSERT_AFTER((sav), (new), pslist_entry)
398 #define SAVLIST_WRITER_INSERT_HEAD(sah, state, sav) \
399 PSLIST_WRITER_INSERT_HEAD(&(sah)->savlist[(state)], (sav), \
401 #define SAVLIST_WRITER_NEXT(sav) \
402 PSLIST_WRITER_NEXT((sav), struct secasvar, pslist_entry)
418 #define SAVLIST_READER_NEXT(sav) \
419 PSLIST_READER_NEXT((sav), struct secasvar, pslist_entry)
422 #define SAVLUT_ENTRY_INIT(sav) \
423 PSLIST_ENTRY_INIT((sav), pslist_entry_savlut)
424 #define SAVLUT_READER_FOREACH(sav, dst, proto, hash_key) \
425 PSLIST_READER_FOREACH((sav), \
429 #define SAVLUT_WRITER_INSERT_HEAD(sav) \
430 key_savlut_writer_insert_head((sav))
431 #define SAVLUT_WRITER_REMOVE(sav) \
433 if (!(sav)->savlut_added) \
435 PSLIST_WRITER_REMOVE((sav), pslist_entry_savlut); \
436 (sav)->savlut_added = false; \
606 #define KEY_CHKSASTATE(head, sav) \
608 if ((head) != (sav)) { \
611 (head), (sav)); \
839 key_savlut_writer_insert_head(struct secasvar *sav);
1075 struct secasvar *sav;
1087 * thread as they reference ipsecrequest.sav which we
1092 sav = key_lookup_sa_bysaidx(saidx);
1093 if (sav != NULL) {
1094 *ret = sav;
1126 struct secasvar *sav = NULL;
1157 sav = SAVLIST_READER_FIRST(sah, state);
1162 SAVLIST_READER_FOREACH(sav, sah, state)
1163 last = sav;
1164 sav = last;
1166 if (sav != NULL) {
1167 KEY_SA_REF(sav);
1170 key_sa_refcnt(sav), sav);
1177 return sav;
1182 key_sendup_message_delete(struct secasvar *sav)
1187 satype = key_proto2satype(sav->sah->saidx.proto);
1191 m = key_setsadbmsg(SADB_DELETE, 0, satype, 0, 0, key_sa_refcnt(sav) - 1);
1197 m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, &sav->sah->saidx.src.sa,
1198 _BITS(sav->sah->saidx.src.sa.sa_len), IPSEC_ULPROTO_ANY);
1204 m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, &sav->sah->saidx.src.sa,
1205 _BITS(sav->sah->saidx.src.sa.sa_len), IPSEC_ULPROTO_ANY);
1211 m = key_setsadbsa(sav);
1238 * OUT: positive: pointer to a usable sav (i.e. MATURE or DYING state).
1261 struct secasvar *sav;
1312 SAVLUT_READER_FOREACH(sav, &dst->sa, proto, hash_key) {
1315 ntohl(spi), ntohl(sav->spi));
1318 if (!SADB_SASTATE_USABLE_P(sav)) {
1320 "bad state %d\n", sav->state);
1323 if (proto != sav->sah->saidx.proto) {
1326 proto, sav->sah->saidx.proto);
1329 if (must_check_spi && spi != sav->spi) {
1332 ntohl(spi), ntohl(sav->spi));
1336 if (must_check_alg && algo != sav->alg_comp) {
1339 algo, sav->alg_comp);
1347 if (!key_sockaddr_match(&src->sa, &sav->sah->saidx.src.sa, PORT_NONE))
1353 if (!key_sockaddr_match(&dst->sa, &sav->sah->saidx.dst.sa, chkport))
1355 key_sa_ref(sav, where, tag);
1358 sav = NULL;
1363 "DP return SA:%p; refcnt %u\n", sav, key_sa_refcnt(sav));
1364 return sav;
1371 struct secasvar *sav, *next;
1379 SAVLIST_READER_FOREACH(sav, sah, state) {
1380 next = SAVLIST_READER_NEXT(sav);
1382 sav->lft_c != NULL && next->lft_c != NULL) {
1383 KDASSERTMSG(sav->lft_c->sadb_lifetime_addtime <=
1386 "sav=%" PRIu64 ", next=%" PRIu64, sah, state,
1387 sav->lft_c->sadb_lifetime_addtime,
1441 key_init_sav(struct secasvar *sav)
1446 localcount_init(&sav->localcount);
1447 SAVLIST_ENTRY_INIT(sav);
1448 SAVLUT_ENTRY_INIT(sav);
1452 key_sa_refcnt(const struct secasvar *sav)
1460 key_sa_ref(struct secasvar *sav, const char* where, int tag)
1463 localcount_acquire(&sav->localcount);
1467 sav, where, tag);
1471 key_sa_unref(struct secasvar *sav, const char* where, int tag)
1478 sav, where, tag);
1480 localcount_release(&sav->localcount, &key_sad.cv_lc, &key_sad.lock);
1577 * Remove the sav from the savlist of its sah and wait for references to the sav
1581 key_unlink_sav(struct secasvar *sav)
1586 SAVLIST_WRITER_REMOVE(sav);
1587 SAVLUT_WRITER_REMOVE(sav);
1592 localcount_drain(&sav->localcount, &key_sad.cv_lc, &key_sad.lock);
1596 * Destroy an sav where the sav must be unlinked from an sah
1600 key_destroy_sav(struct secasvar *sav)
1605 localcount_fini(&sav->localcount);
1606 SAVLIST_ENTRY_DESTROY(sav);
1608 key_delsav(sav);
1612 * Wait for references of a passed sav to go away.
1615 key_wait_sav(struct secasvar *sav)
1621 KASSERT(sav->state == SADB_SASTATE_DEAD);
1624 localcount_drain(&sav->localcount, &key_sad.cv_lc, &key_sad.lock);
3333 /* copy sav values */
3365 key_clear_xform(struct secasvar *sav)
3372 if (sav->tdb_xform != NULL) {
3373 sav->tdb_xform->xf_zeroize(sav);
3374 sav->tdb_xform = NULL;
3376 if (sav->key_auth != NULL)
3377 explicit_memset(_KEYBUF(sav->key_auth), 0,
3378 _KEYLEN(sav->key_auth));
3379 if (sav->key_enc != NULL)
3380 explicit_memset(_KEYBUF(sav->key_enc), 0,
3381 _KEYLEN(sav->key_enc));
3389 key_delsav(struct secasvar *sav)
3392 key_clear_xform(sav);
3393 key_freesaval(sav);
3394 kmem_free(sav, sizeof(*sav));
3476 struct secasvar *sav;
3492 sav = key_getsavbyspi(sah, spi);
3493 if (sav != NULL) {
3494 KEY_SA_UNREF(&sav);
3513 struct secasvar *sav = NULL;
3520 SAVLIST_READER_FOREACH(sav, sah, state) {
3522 if (sav->state != state) {
3524 "invalid sav->state (queue: %d SA: %d)\n",
3525 state, sav->state);
3529 if (sav->spi == spi) {
3530 KEY_SA_REF(sav);
3538 return sav;
3551 struct secasvar *sav = NULL;
3557 SAVLIST_WRITER_FOREACH(sav, sah, state) {
3558 KASSERT(sav->state == state);
3560 if (sav->spi == spi) {
3561 if (hint != NULL && hint != sav)
3563 sav->state = SADB_SASTATE_DEAD;
3564 SAVLIST_WRITER_REMOVE(sav);
3565 SAVLUT_WRITER_REMOVE(sav);
3573 return sav;
3577 * Free allocated data to member variables of sav:
3578 * sav->replay, sav->key_* and sav->lft_*.
3581 key_freesaval(struct secasvar *sav)
3584 KASSERTMSG(key_sa_refcnt(sav) == 0, "key_sa_refcnt(sav)=%u",
3585 key_sa_refcnt(sav));
3587 if (sav->replay != NULL)
3588 kmem_free(sav->replay, sav->replay_len);
3589 if (sav->key_auth != NULL)
3590 kmem_free(sav->key_auth, sav->key_auth_len);
3591 if (sav->key_enc != NULL)
3592 kmem_free(sav->key_enc, sav->key_enc_len);
3593 if (sav->lft_c_counters_percpu != NULL) {
3594 percpu_free(sav->lft_c_counters_percpu,
3597 if (sav->lft_c != NULL)
3598 kmem_free(sav->lft_c, sizeof(*(sav->lft_c)));
3599 if (sav->lft_h != NULL)
3600 kmem_free(sav->lft_h, sizeof(*(sav->lft_h)));
3601 if (sav->lft_s != NULL)
3602 kmem_free(sav->lft_s, sizeof(*(sav->lft_s)));
3614 key_setsaval(struct secasvar *sav, struct mbuf *m,
3624 /* We shouldn't initialize sav variables while someone uses it. */
3625 KASSERTMSG(key_sa_refcnt(sav) == 0, "key_sa_refcnt(sav)=%u",
3626 key_sa_refcnt(sav));
3638 sav->alg_auth = sa0->sadb_sa_auth;
3639 sav->alg_enc = sa0->sadb_sa_encrypt;
3640 sav->flags = sa0->sadb_sa_flags;
3646 sav->replay = kmem_zalloc(len, KM_SLEEP);
3647 sav->replay_len = len;
3649 sav->replay->bitmap = (char*)(sav->replay+1);
3650 sav->replay->wsize = sa0->sadb_sa_replay;
3672 sav->alg_auth != SADB_X_AALG_NULL)
3685 sav->key_auth = key_newbuf(key0, len);
3686 sav->key_auth_len = len;
3705 sav->alg_enc != SADB_EALG_NULL) {
3709 sav->key_enc = key_newbuf(key0, len);
3710 sav->key_enc_len = len;
3715 sav->key_enc = NULL; /*just in case*/
3730 sav->ivlen = 0;
3734 error = xform_init(sav, XF_AH);
3737 error = xform_init(sav, XF_ESP);
3740 error = xform_init(sav, XF_IPCOMP);
3743 error = xform_init(sav, XF_TCPSIGNATURE);
3756 sav->created = time_uptime;
3759 sav->lft_c = kmem_alloc(sizeof(struct sadb_lifetime), KM_SLEEP);
3761 sav->lft_c->sadb_lifetime_len =
3763 sav->lft_c->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
3764 sav->lft_c->sadb_lifetime_allocations = 0;
3765 sav->lft_c->sadb_lifetime_bytes = 0;
3766 sav->lft_c->sadb_lifetime_addtime = time_uptime;
3767 sav->lft_c->sadb_lifetime_usetime = 0;
3769 sav->lft_c_counters_percpu = percpu_alloc(sizeof(lifetime_counters_t));
3781 sav->lft_h = key_newbuf(lft0, sizeof(*lft0));
3790 sav->lft_s = key_newbuf(lft0, sizeof(*lft0));
3798 key_clear_xform(sav);
3799 key_freesaval(sav);
3810 key_init_xform(struct secasvar *sav)
3814 /* We shouldn't initialize sav variables while someone uses it. */
3815 KASSERTMSG(key_sa_refcnt(sav) == 0, "key_sa_refcnt(sav)=%u",
3816 key_sa_refcnt(sav));
3819 switch (sav->sah->saidx.proto) {
3822 if (ntohl(sav->spi) <= 255) {
3824 (u_int32_t)ntohl(sav->spi));
3831 switch (sav->sah->saidx.proto) {
3834 if (sav->alg_enc != SADB_EALG_NONE) {
3837 sav->sah->saidx.proto,
3838 sav->alg_enc, SADB_EALG_NONE);
3843 if (sav->alg_auth != SADB_AALG_NONE) {
3846 sav->sah->saidx.proto,
3847 sav->alg_auth, SADB_AALG_NONE);
3856 switch (sav->sah->saidx.proto) {
3859 if ((sav->flags & (SADB_X_EXT_OLD|SADB_X_EXT_DERIV)) ==
3865 error = xform_init(sav, XF_ESP);
3869 if (sav->flags & SADB_X_EXT_DERIV) {
3874 error = xform_init(sav, XF_AH);
3877 if ((sav->flags & SADB_X_EXT_RAWCPI) == 0
3878 && ntohl(sav->spi) >= 0x10000) {
3882 error = xform_init(sav, XF_IPCOMP);
3885 error = xform_init(sav, XF_TCPSIGNATURE);
3900 key_setdumpsa(struct secasvar *sav, u_int8_t type, u_int8_t satype,
3922 m = key_setsadbmsg(type, 0, satype, seq, pid, key_sa_refcnt(sav), M_WAITOK);
3930 m = key_setsadbsa(sav);
3934 m = key_setsadbxsa2(sav->sah->saidx.mode,
3935 sav->replay ? sav->replay->count : 0,
3936 sav->sah->saidx.reqid);
3941 &sav->sah->saidx.src.sa,
3947 &sav->sah->saidx.dst.sa,
3952 if (!sav->key_auth)
3954 l = PFKEY_UNUNIT64(sav->key_auth->sadb_key_len);
3955 p = sav->key_auth;
3959 if (!sav->key_enc)
3961 l = PFKEY_UNUNIT64(sav->key_enc->sadb_key_len);
3962 p = sav->key_enc;
3968 KASSERT(sav->lft_c != NULL);
3969 l = PFKEY_UNUNIT64(((struct sadb_ext *)sav->lft_c)->sadb_ext_len);
3970 memcpy(<, sav->lft_c, sizeof(struct sadb_lifetime));
3975 percpu_foreach_xcall(sav->lft_c_counters_percpu,
3987 if (!sav->lft_h)
3989 l = PFKEY_UNUNIT64(((struct sadb_ext *)sav->lft_h)->sadb_ext_len);
3990 p = sav->lft_h;
3994 if (!sav->lft_s)
3996 l = PFKEY_UNUNIT64(((struct sadb_ext *)sav->lft_s)->sadb_ext_len);
3997 p = sav->lft_s;
4001 m = key_setsadbxtype(sav->natt_type);
4005 if (sav->natt_type == 0)
4008 key_portfromsaddr(&sav->sah->saidx.dst),
4013 if (sav->natt_type == 0)
4016 key_portfromsaddr(&sav->sah->saidx.src),
4022 if (sav->natt_type == 0 || sav->esp_frag == IP_MAXPACKET)
4024 m = key_setsadbxfrag(sav->esp_frag);
4269 key_setsadbsa(struct secasvar *sav)
4284 p->sadb_sa_spi = sav->spi;
4285 p->sadb_sa_replay = (sav->replay != NULL ? sav->replay->wsize : 0);
4286 p->sadb_sa_state = sav->state;
4287 p->sadb_sa_auth = sav->alg_auth;
4288 p->sadb_sa_encrypt = sav->alg_enc;
4289 p->sadb_sa_flags = sav->flags;
4984 /* If sah has been dead and has no sav, then delete it */
4997 struct secasvar *sav;
5009 SAVLIST_WRITER_FOREACH(sav, sah, SADB_SASTATE_LARVAL) {
5010 if (now - sav->created > key_larval_lifetime) {
5011 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
5027 SAVLIST_WRITER_FOREACH(sav, sah, SADB_SASTATE_MATURE) {
5029 if (sav->lft_s == NULL)
5033 KASSERT(sav->lft_c != NULL);
5036 if (sav->lft_s->sadb_lifetime_addtime != 0 &&
5037 now - sav->created > sav->lft_s->sadb_lifetime_addtime) {
5042 if (sav->lft_c->sadb_lifetime_usetime == 0) {
5043 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
5046 key_sa_chgstate(sav, SADB_SASTATE_DYING);
5053 key_expire(sav);
5067 percpu_foreach_xcall(sav->lft_c_counters_percpu,
5072 if (sav->lft_s->sadb_lifetime_bytes == 0 ||
5073 sav->lft_s->sadb_lifetime_bytes >= lft_c_bytes)
5076 key_sa_chgstate(sav, SADB_SASTATE_DYING);
5083 key_expire(sav);
5096 SAVLIST_WRITER_FOREACH(sav, sah, SADB_SASTATE_DYING) {
5098 if (sav->lft_h == NULL)
5102 KASSERT(sav->lft_c != NULL);
5104 if (sav->lft_h->sadb_lifetime_addtime != 0 &&
5105 now - sav->created > sav->lft_h->sadb_lifetime_addtime) {
5106 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
5110 else if (sav->lft_s != NULL
5111 && sav->lft_s->sadb_lifetime_addtime != 0
5112 && now - sav->created > sav->lft_s->sadb_lifetime_addtime) {
5122 key_expire(sav);
5130 percpu_foreach_xcall(sav->lft_c_counters_percpu,
5135 if (sav->lft_h->sadb_lifetime_bytes == 0 ||
5136 sav->lft_h->sadb_lifetime_bytes >= lft_c_bytes)
5139 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
5148 SAVLIST_WRITER_FOREACH(sav, sah, SADB_SASTATE_DEAD) {
5149 key_unlink_sav(sav);
5151 key_destroy_sav(sav);
5591 key_handle_natt_info(struct secasvar *sav,
5655 sav->natt_type = type->sadb_x_nat_t_type_type;
5656 key_porttosaddr(&sav->sah->saidx.src, sport->sadb_x_nat_t_port_port);
5657 key_porttosaddr(&sav->sah->saidx.dst, dport->sadb_x_nat_t_port_port);
5659 sav->esp_frag = frag->sadb_x_nat_t_frag_fraglen;
5661 sav->esp_frag = IP_MAXPACKET;
5731 struct secasvar *sav, *newsav, *oldsav;
5802 sav = key_getsavbyseq(sah, mhp->msg->sadb_msg_seq);
5803 if (sav == NULL) {
5812 sav = key_getsavbyspi(sah, sa0->sadb_sa_spi);
5813 if (sav == NULL) {
5822 if (sav->sah->saidx.proto != proto) {
5824 sav->sah->saidx.proto, proto);
5829 if (sav->spi != sa0->sadb_sa_spi) {
5831 (u_int32_t)ntohl(sav->spi),
5837 if (sav->pid != mhp->msg->sadb_msg_pid) {
5839 sav->pid, mhp->msg->sadb_msg_pid);
5850 /* copy sav values */
5851 newsav->spi = sav->spi;
5852 newsav->seq = sav->seq;
5853 newsav->created = sav->created;
5854 newsav->pid = sav->pid;
5855 newsav->sah = sav->sah;
5858 __func__, __LINE__, sav, newsav,
5889 * We need to lookup and remove the sav atomically, so get it again
5892 oldsav = key_lookup_and_remove_sav(sah, sa0->sadb_sa_spi, sav);
5893 KASSERT(oldsav == NULL || oldsav == sav);
5895 KEY_SA_UNREF(&sav);
5897 /* Someone has already removed the sav. Nothing to do. */
5903 sav = NULL;
5922 KEY_SA_UNREF(&sav);
5939 struct secasvar *sav;
5947 SAVLIST_READER_FOREACH(sav, sah, state) {
5948 KEY_CHKSASTATE(state, sav->state);
5950 if (sav->seq == seq) {
5951 SA_ADDREF(sav);
5954 key_sa_refcnt(sav), sav);
5960 return sav;
6060 struct secasvar *sav;
6063 sav = key_getsavbyspi(sah, sa0->sadb_sa_spi);
6064 if (sav != NULL) {
6065 KEY_SA_UNREF(&sav);
6263 struct secasvar *sav = NULL;
6315 sav = key_lookup_and_remove_sav(sah, sa0->sadb_sa_spi, NULL);
6319 if (sav == NULL) {
6324 key_wait_sav(sav);
6325 key_destroy_sav(sav);
6326 sav = NULL;
6351 struct secasvar *sav;
6374 SAVLIST_WRITER_FOREACH(sav, sah, state) {
6375 sav->state = SADB_SASTATE_DEAD;
6376 key_unlink_sav(sav);
6378 key_destroy_sav(sav);
6417 struct secasvar *sav = NULL;
6460 sav = key_getsavbyspi(sah, sa0->sadb_sa_spi);
6464 if (sav == NULL) {
6474 satype = key_proto2satype(sav->sah->saidx.proto);
6476 KEY_SA_UNREF(&sav);
6482 n = key_setdumpsa(sav, SADB_GET, satype, mhp->msg->sadb_msg_seq,
6484 KEY_SA_UNREF(&sav);
7435 key_expire(struct secasvar *sav)
7448 KASSERT(sav != NULL);
7450 satype = key_proto2satype(sav->sah->saidx.proto);
7454 m = key_setsadbmsg(SADB_EXPIRE, 0, satype, sav->seq, 0, key_sa_refcnt(sav),
7459 m = key_setsadbsa(sav);
7463 m = key_setsadbxsa2(sav->sah->saidx.mode,
7464 sav->replay ? sav->replay->count : 0, sav->sah->saidx.reqid);
7476 percpu_foreach_xcall(sav->lft_c_counters_percpu,
7481 time_mono_to_wall(sav->lft_c->sadb_lifetime_addtime);
7483 time_mono_to_wall(sav->lft_c->sadb_lifetime_usetime);
7485 memcpy(lt, sav->lft_s, sizeof(*lt));
7489 m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, &sav->sah->saidx.src.sa,
7494 m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, &sav->sah->saidx.dst.sa,
7545 struct secasvar *sav;
7570 SAVLIST_WRITER_FOREACH(sav, sah, state) {
7571 sav->state = SADB_SASTATE_DEAD;
7572 key_unlink_sav(sav);
7574 key_destroy_sav(sav);
7607 struct secasvar *sav;
7625 /* count sav entries to be sent to userland. */
7633 SAVLIST_WRITER_FOREACH(sav, sah, state) {
7661 SAVLIST_WRITER_FOREACH(sav, sah, state) {
7662 n = key_setdumpsa(sav, SADB_DUMP, satype,
8363 struct secasvar *sav,
8441 key_sa_recordxfer(struct secasvar *sav, struct mbuf *m)
8445 KASSERT(sav != NULL);
8446 KASSERT(sav->lft_c != NULL);
8449 counters = percpu_getref(sav->lft_c_counters_percpu);
8466 percpu_putref(sav->lft_c_counters_percpu);
8479 sav->lft_c->sadb_lifetime_usetime = time_uptime;
8515 key_sa_chgstate(struct secasvar *sav, u_int8_t state)
8522 if (sav->state == state)
8525 key_unlink_sav(sav);
8526 localcount_fini(&sav->localcount);
8527 SAVLIST_ENTRY_DESTROY(sav);
8528 key_init_sav(sav);
8530 sav->state = state;
8531 if (!SADB_SASTATE_USABLE_P(sav)) {
8533 SAVLIST_WRITER_INSERT_HEAD(sav->sah, state, sav);
8540 SAVLIST_WRITER_FOREACH(_sav, sav->sah, state) {
8542 sav->lft_c->sadb_lifetime_addtime) {
8543 SAVLIST_WRITER_INSERT_BEFORE(_sav, sav);
8548 SAVLIST_WRITER_INSERT_TAIL(sav->sah, state, sav);
8551 SAVLUT_WRITER_INSERT_HEAD(sav);
8553 key_validate_savlist(sav->sah, state);
8605 struct secasvar *sav;
8621 /* count sav entries to be sent to the userland. */
8629 SAVLIST_WRITER_FOREACH(sav, sah, state) {
8656 SAVLIST_WRITER_FOREACH(sav, sah, state) {
8657 n = key_setdumpsa(sav, SADB_DUMP, satype,
8756 key_savlut_writer_insert_head(struct secasvar *sav)
8762 KASSERT(!sav->savlut_added);
8764 hash_key = sav->spi;
8766 hash = key_savluthash(&sav->sah->saidx.dst.sa,
8767 sav->sah->saidx.proto, hash_key, key_sad.savlutmask);
8769 PSLIST_WRITER_INSERT_HEAD(&key_sad.savlut[hash], sav,
8771 sav->savlut_added = true;