Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future

KEY_SA_UNREF is still key_freesav so no functional change for now.

This change reduces diff of further changes.

sys/netinet/tcp_input.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: tcp_input.c,v 1.359 2017/07/07 01:37:34 ozaki-r Exp $	*/
+/*	$NetBSD: tcp_input.c,v 1.360 2017/08/03 06:32:51 ozaki-r Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -148,7 +148,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_input.c,v 1.359 2017/07/07 01:37:34 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_input.c,v 1.360 2017/08/03 06:32:51 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -3448,12 +3448,12 @@ tcp_dooptions(struct tcpcb *tp, const u_char *cp, int cnt,
 			TCP_STATINC(TCP_STAT_GOODSIG);
 
 		key_sa_recordxfer(sav, m);
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 	}
 	return 0;
 out:
 	if (sav != NULL)
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 	return -1;
 #endif
 }
@@ -4714,7 +4714,7 @@ syn_cache_respond(struct syn_cache *sc, struct mbuf *m)
 	if (sav) {
 		(void)tcp_signature(m, th, hlen, sav, sigp);
 		key_sa_recordxfer(sav, m);
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 	}
 #endif
 

sys/netinet/tcp_output.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: tcp_output.c,v 1.196 2017/06/02 03:41:20 ozaki-r Exp $	*/
+/*	$NetBSD: tcp_output.c,v 1.197 2017/08/03 06:32:51 ozaki-r Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -135,7 +135,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_output.c,v 1.196 2017/06/02 03:41:20 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_output.c,v 1.197 2017/08/03 06:32:51 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -1505,7 +1505,7 @@ reset:			TCP_REASS_UNLOCK(tp);
 		tcp_signature(m, th, (char *)th - mtod(m, char *), sav, sigp);
 
 		key_sa_recordxfer(sav, m);
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 	}
 #endif
 

sys/netipsec/ipsec.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec.c,v 1.115 2017/08/02 04:03:28 ozaki-r Exp $	*/
+/*	$NetBSD: ipsec.c,v 1.116 2017/08/03 06:32:51 ozaki-r Exp $	*/
 /*	$FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $	*/
 /*	$KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $	*/
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.115 2017/08/02 04:03:28 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.116 2017/08/03 06:32:51 ozaki-r Exp $");
 
 /*
  * IPsec controller part.
@@ -815,7 +815,7 @@ ipsec4_forward(struct mbuf *m, int *destmtu)
 			*destmtu -= ipsechdr;
 		}
 		rtcache_unref(rt, ro);
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 	}
 	KEY_SP_UNREF(&sp);
 	return 0;
@@ -1911,7 +1911,7 @@ ipsec_hdrsiz(const struct secpolicy *sp)
 			error = key_checkrequest(isr, &sav);
 			if (error == 0) {
 				clen = esp_hdrsiz(sav);
-				KEY_FREESAV(&sav);
+				KEY_SA_UNREF(&sav);
 			} else
 				clen = esp_hdrsiz(NULL);
 			break;
@@ -1919,7 +1919,7 @@ ipsec_hdrsiz(const struct secpolicy *sp)
 			error = key_checkrequest(isr, &sav);
 			if (error == 0) {
 				clen = ah_hdrsiz(sav);
-				KEY_FREESAV(&sav);
+				KEY_SA_UNREF(&sav);
 			} else
 				clen = ah_hdrsiz(NULL);
 			break;

sys/netipsec/ipsec_input.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec_input.c,v 1.50 2017/08/03 04:42:26 ozaki-r Exp $	*/
+/*	$NetBSD: ipsec_input.c,v 1.51 2017/08/03 06:32:51 ozaki-r Exp $	*/
 /*	$FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec_input.c,v 1.2.4.2 2003/03/28 20:32:53 sam Exp $	*/
 /*	$OpenBSD: ipsec_input.c,v 1.63 2003/02/20 18:35:43 deraadt Exp $	*/
 
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.50 2017/08/03 04:42:26 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.51 2017/08/03 06:32:51 ozaki-r Exp $");
 
 /*
  * IPsec input processing.
@@ -288,7 +288,7 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto)
 	 * everything else.
 	 */
 	error = (*sav->tdb_xform->xf_input)(m, sav, skip, protoff);
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 	splx(s);
 	return error;
 }

sys/netipsec/ipsec_netbsd.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec_netbsd.c,v 1.44 2017/07/07 01:37:34 ozaki-r Exp $	*/
+/*	$NetBSD: ipsec_netbsd.c,v 1.45 2017/08/03 06:32:51 ozaki-r Exp $	*/
 /*	$KAME: esp_input.c,v 1.60 2001/09/04 08:43:19 itojun Exp $	*/
 /*	$KAME: ah_input.c,v 1.64 2001/09/04 08:43:19 itojun Exp $	*/
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec_netbsd.c,v 1.44 2017/07/07 01:37:34 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec_netbsd.c,v 1.45 2017/08/03 06:32:51 ozaki-r Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -123,7 +123,7 @@ ah4_ctlinput(int cmd, const struct sockaddr *sa, void *v)
 				    offsetof(struct icmp, icmp_ip));
 				icmp_mtudisc(icp, ip->ip_dst);
 			}
-			KEY_FREESAV(&sav);
+			KEY_SA_UNREF(&sav);
 		}
 	}
 	return NULL;
@@ -168,7 +168,7 @@ esp4_ctlinput(int cmd, const struct sockaddr *sa, void *v)
 				    offsetof(struct icmp, icmp_ip));
 				icmp_mtudisc(icp, ip->ip_dst);
 			}
-			KEY_FREESAV(&sav);
+			KEY_SA_UNREF(&sav);
 		}
 	}
 	return NULL;
@@ -237,7 +237,7 @@ ah6_ctlinput(int cmd, const struct sockaddr *sa, void *d)
 			if (sav) {
 				if (SADB_SASTATE_USABLE_P(sav))
 					valid++;
-				KEY_FREESAV(&sav);
+				KEY_SA_UNREF(&sav);
 			}
 
 			/* XXX Further validation? */
@@ -342,7 +342,7 @@ esp6_ctlinput(int cmd, const struct sockaddr *sa, void *d)
 			if (sav) {
 				if (SADB_SASTATE_USABLE_P(sav))
 					valid++;
-				KEY_FREESAV(&sav);
+				KEY_SA_UNREF(&sav);
 			}
 
 			/* XXX Further validation? */

sys/netipsec/ipsec_output.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec_output.c,v 1.57 2017/07/27 06:59:28 ozaki-r Exp $	*/
+/*	$NetBSD: ipsec_output.c,v 1.58 2017/08/03 06:32:51 ozaki-r Exp $	*/
 
 /*-
  * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting
@@ -29,7 +29,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec_output.c,v 1.57 2017/07/27 06:59:28 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec_output.c,v 1.58 2017/08/03 06:32:51 ozaki-r Exp $");
 
 /*
  * IPsec output processing.
@@ -428,7 +428,7 @@ again:
 		    " to policy (check your sysctls)\n");
 		IPSEC_OSTAT(PDROPS);
 		*error = EHOSTUNREACH;
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 		goto bad;
 	}
 
@@ -491,7 +491,7 @@ ipsec4_process_packet(struct mbuf *m, struct ipsecrequest *isr,
 		if (ntohs(ip->ip_len) <= sav->esp_frag)
 			goto noneed;
 		*mtu = sav->esp_frag;
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 		splx(s);
 		return 0;
 	}
@@ -605,11 +605,11 @@ noneed:
 	} else {
 		error = ipsec_process_done(m, isr, sav);
 	}
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 	splx(s);
 	return error;
 unrefsav:
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 bad:
 	splx(s);
 	if (m)
@@ -791,11 +791,11 @@ ipsec6_process_packet(
 		compute_ipsec_pos(m, &i, &off);
 	}
 	error = (*sav->tdb_xform->xf_output)(m, isr, sav, NULL, i, off);
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 	splx(s);
 	return error;
 unrefsav:
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 bad:
 	splx(s);
 	if (m)

sys/netipsec/key.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: key.c,v 1.205 2017/08/03 06:31:58 ozaki-r Exp $	*/
+/*	$NetBSD: key.c,v 1.206 2017/08/03 06:32:51 ozaki-r Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $	*/
 /*	$KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $	*/
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.205 2017/08/03 06:31:58 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.206 2017/08/03 06:32:51 ozaki-r Exp $");
 
 /*
  * This code is referd to RFC 2367
@@ -3147,7 +3147,7 @@ key_checkspidup(const struct secasindex *saidx, u_int32_t spi)
 			continue;
 		sav = key_getsavbyspi(sah, spi);
 		if (sav != NULL) {
-			KEY_FREESAV(&sav);
+			KEY_SA_UNREF(&sav);
 			return true;
 		}
 	}
@@ -5439,7 +5439,7 @@ key_api_update(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
 	return key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
     }
 error:
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 	return key_senderror(so, m, error);
 }
 
@@ -5580,7 +5580,7 @@ key_api_add(struct socket *so, struct mbuf *m,
 	/* We can create new SA only if SPI is differenct. */
 	sav = key_getsavbyspi(sah, sa0->sadb_sa_spi);
 	if (sav != NULL) {
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 		IPSECLOG(LOG_DEBUG, "SA already exists.\n");
 		return key_senderror(so, m, EEXIST);
 	}
@@ -5987,7 +5987,7 @@ key_api_get(struct socket *so, struct mbuf *m,
 	/* map proto to satype */
 	satype = key_proto2satype(sah->saidx.proto);
 	if (satype == 0) {
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 		IPSECLOG(LOG_DEBUG, "there was invalid proto in SAD.\n");
 		return key_senderror(so, m, EINVAL);
 	}
@@ -5995,7 +5995,7 @@ key_api_get(struct socket *so, struct mbuf *m,
 	/* create new sadb_msg to reply. */
 	n = key_setdumpsa(sav, SADB_GET, satype, mhp->msg->sadb_msg_seq,
 	    mhp->msg->sadb_msg_pid);
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 	if (!n)
 		return key_senderror(so, m, ENOBUFS);
 

sys/netipsec/key.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: key.h,v 1.26 2017/08/02 01:28:03 ozaki-r Exp $	*/
+/*	$NetBSD: key.h,v 1.27 2017/08/03 06:32:51 ozaki-r Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/key.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$KAME: key.h,v 1.21 2001/07/27 03:51:30 itojun Exp $	*/
 
@@ -83,6 +83,8 @@ void key_socksplist_add(struct secpolicy *);
 	key_sp_ref(sp, __func__, __LINE__)
 #define KEY_SA_REF(sav)						\
 	key_sa_ref(sav, __func__, __LINE__)
+#define	KEY_SA_UNREF(psav)					\
+	key_freesav(psav, __func__, __LINE__)
 
 struct secasvar *key_lookup_sa(const union sockaddr_union *,
 		u_int, u_int32_t, u_int16_t, u_int16_t, const char*, int);

sys/netipsec/xform_ah.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_ah.c,v 1.70 2017/08/02 01:28:03 ozaki-r Exp $	*/
+/*	$NetBSD: xform_ah.c,v 1.71 2017/08/03 06:32:51 ozaki-r Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */
 /*
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.70 2017/08/02 01:28:03 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.71 2017/08/03 06:32:51 ozaki-r Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -817,7 +817,7 @@ ah_input_cb(struct cryptop *crp)
 
 	sav = tc->tc_sav;
 	if (__predict_false(!SADB_SASTATE_USABLE_P(sav))) {
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 		sav = KEY_LOOKUP_SA(&tc->tc_dst, tc->tc_proto, tc->tc_spi,
 		    sport, dport);
 		if (sav == NULL) {
@@ -932,12 +932,12 @@ ah_input_cb(struct cryptop *crp)
 
 	IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff);
 
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	return error;
 bad:
 	if (sav)
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	if (m != NULL)
 		m_freem(m);
@@ -1215,7 +1215,7 @@ ah_output_cb(struct cryptop *crp)
 		goto bad;
 	}
 	if (__predict_false(!SADB_SASTATE_USABLE_P(sav))) {
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 		sav = KEY_LOOKUP_SA(&tc->tc_dst, tc->tc_proto, tc->tc_spi, 0, 0);
 		if (sav == NULL) {
 			AH_STATINC(AH_STAT_NOTDB);
@@ -1269,13 +1269,13 @@ ah_output_cb(struct cryptop *crp)
 
 	/* NB: m is reclaimed by ipsec_process_done. */
 	err = ipsec_process_done(m, isr, sav);
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 	KEY_SP_UNREF(&isr->sp);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	return err;
 bad:
 	if (sav)
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 	KEY_SP_UNREF(&isr->sp);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	if (m)

sys/netipsec/xform_esp.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_esp.c,v 1.68 2017/08/02 01:28:03 ozaki-r Exp $	*/
+/*	$NetBSD: xform_esp.c,v 1.69 2017/08/03 06:32:51 ozaki-r Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
 
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.68 2017/08/02 01:28:03 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.69 2017/08/03 06:32:51 ozaki-r Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -521,7 +521,7 @@ esp_input_cb(struct cryptop *crp)
 
 	sav = tc->tc_sav;
 	if (__predict_false(!SADB_SASTATE_USABLE_P(sav))) {
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 		sav = KEY_LOOKUP_SA(&tc->tc_dst, tc->tc_proto, tc->tc_spi,
 		    sport, dport);
 		if (sav == NULL) {
@@ -549,7 +549,7 @@ esp_input_cb(struct cryptop *crp)
 			sav->tdb_cryptoid = crp->crp_sid;
 
 		if (crp->crp_etype == EAGAIN) {
-			KEY_FREESAV(&sav);
+			KEY_SA_UNREF(&sav);
 			IPSEC_RELEASE_GLOBAL_LOCKS();
 			return crypto_dispatch(crp);
 		}
@@ -673,12 +673,12 @@ esp_input_cb(struct cryptop *crp)
 
 	IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff);
 
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	return error;
 bad:
 	if (sav)
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	if (m != NULL)
 		m_freem(m);
@@ -987,7 +987,7 @@ esp_output_cb(struct cryptop *crp)
 		goto bad;
 	}
 	if (__predict_false(!SADB_SASTATE_USABLE_P(sav))) {
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 		sav = KEY_LOOKUP_SA(&tc->tc_dst, tc->tc_proto, tc->tc_spi, 0, 0);
 		if (sav == NULL) {
 			char buf[IPSEC_ADDRSTRLEN];
@@ -1046,13 +1046,13 @@ esp_output_cb(struct cryptop *crp)
 
 	/* NB: m is reclaimed by ipsec_process_done. */
 	err = ipsec_process_done(m, isr, sav);
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 	KEY_SP_UNREF(&isr->sp);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	return err;
 bad:
 	if (sav)
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 	KEY_SP_UNREF(&isr->sp);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	if (m)

sys/netipsec/xform_ipcomp.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_ipcomp.c,v 1.49 2017/08/02 01:28:03 ozaki-r Exp $	*/
+/*	$NetBSD: xform_ipcomp.c,v 1.50 2017/08/03 06:32:51 ozaki-r Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform_ipcomp.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /* $OpenBSD: ip_ipcomp.c,v 1.1 2001/07/05 12:08:52 jjbg Exp $ */
 
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.49 2017/08/02 01:28:03 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.50 2017/08/03 06:32:51 ozaki-r Exp $");
 
 /* IP payload compression protocol (IPComp), see RFC 2393 */
 #if defined(_KERNEL_OPT)
@@ -259,7 +259,7 @@ ipcomp_input_cb(struct cryptop *crp)
 
 	sav = tc->tc_sav;
 	if (__predict_false(!SADB_SASTATE_USABLE_P(sav))) {
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 		sav = KEY_LOOKUP_SA(&tc->tc_dst, tc->tc_proto, tc->tc_spi,
 		    sport, dport);
 		if (sav == NULL) {
@@ -282,7 +282,7 @@ ipcomp_input_cb(struct cryptop *crp)
 			sav->tdb_cryptoid = crp->crp_sid;
 
 		if (crp->crp_etype == EAGAIN) {
-			KEY_FREESAV(&sav);
+			KEY_SA_UNREF(&sav);
 			IPSEC_RELEASE_GLOBAL_LOCKS();
 			return crypto_dispatch(crp);
 		}
@@ -348,12 +348,12 @@ ipcomp_input_cb(struct cryptop *crp)
 
 	IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff);
 
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	return error;
 bad:
 	if (sav)
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	if (m)
 		m_freem(m);
@@ -555,7 +555,7 @@ ipcomp_output_cb(struct cryptop *crp)
 		goto bad;
 	}
 	if (__predict_false(!SADB_SASTATE_USABLE_P(sav))) {
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 		sav = KEY_LOOKUP_SA(&tc->tc_dst, tc->tc_proto, tc->tc_spi, 0, 0);
 		if (sav == NULL) {
 			IPCOMP_STATINC(IPCOMP_STAT_NOTDB);
@@ -660,13 +660,13 @@ ipcomp_output_cb(struct cryptop *crp)
 
 	/* NB: m is reclaimed by ipsec_process_done. */
 	error = ipsec_process_done(m, isr, sav);
-	KEY_FREESAV(&sav);
+	KEY_SA_UNREF(&sav);
 	KEY_SP_UNREF(&isr->sp);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	return error;
 bad:
 	if (sav)
-		KEY_FREESAV(&sav);
+		KEY_SA_UNREF(&sav);
 	KEY_SP_UNREF(&isr->sp);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	if (m)