netipsec

Ryota Ozaki Wed, 02 Aug 2017 23:30:28 -0700

Module Name:    src
Committed By:   ozaki-r
Date:           Thu Aug  3 06:30:04 UTC 2017


Modified Files:
        src/sys/netipsec: key.c keydb.h

Log Message:
Use pslist(9) for sahtree


To generate a diff of this commit:
cvs rdiff -u -r1.201 -r1.202 src/sys/netipsec/key.c
cvs rdiff -u -r1.15 -r1.16 src/sys/netipsec/keydb.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netipsec/key.c
diff -u src/sys/netipsec/key.c:1.201 src/sys/netipsec/key.c:1.202
--- src/sys/netipsec/key.c:1.201	Thu Aug  3 03:12:02 2017
+++ src/sys/netipsec/key.c	Thu Aug  3 06:30:04 2017
@@ -1,4 +1,4 @@
-/*	$NetBSD: key.c,v 1.201 2017/08/03 03:12:02 ozaki-r Exp $	*/
+/*	$NetBSD: key.c,v 1.202 2017/08/03 06:30:04 ozaki-r Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $	*/
 /*	$KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $	*/
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.201 2017/08/03 03:12:02 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.202 2017/08/03 06:30:04 ozaki-r Exp $");
 
 /*
  * This code is referd to RFC 2367
@@ -193,7 +193,7 @@ static int key_prefered_oldsa = 0;	/* pr
 static u_int32_t acq_seq = 0;
 
 static struct pslist_head sptree[IPSEC_DIR_MAX];		/* SPD */
-static LIST_HEAD(_sahtree, secashead) sahtree;			/* SAD */
+static struct pslist_head sahtree;				/* SAD */
 static LIST_HEAD(_regtree, secreg) regtree[SADB_SATYPE_MAX + 1];
 							/* registed list */
 #ifndef IPSEC_NONBLOCK_ACQUIRE
@@ -243,6 +243,21 @@ static LIST_HEAD(_spacqtree, secspacq) s
 		}							\
 	} while (0)
 
+#define SAHLIST_ENTRY_INIT(sah)						\
+	PSLIST_ENTRY_INIT((sah), pslist_entry)
+#define SAHLIST_ENTRY_DESTROY(sah)					\
+	PSLIST_ENTRY_DESTROY((sah), pslist_entry)
+#define SAHLIST_WRITER_REMOVE(sah)					\
+	PSLIST_WRITER_REMOVE((sah), pslist_entry)
+#define SAHLIST_READER_FOREACH(sah)					\
+	PSLIST_READER_FOREACH((sah), &sahtree, struct secashead,	\
+	                      pslist_entry)
+#define SAHLIST_WRITER_FOREACH(sah)					\
+	PSLIST_WRITER_FOREACH((sah), &sahtree, struct secashead,	\
+	                      pslist_entry)
+#define SAHLIST_WRITER_INSERT_HEAD(sah)					\
+	PSLIST_WRITER_INSERT_HEAD(&sahtree, (sah), pslist_entry)
+
 /*
  * The list has SPs that are set to a socket via setsockopt(IP_IPSEC_POLICY)
  * from userland. See ipsec_set_policy.
@@ -1114,7 +1129,7 @@ key_lookup_sa(
 		saorder_state_valid = saorder_state_valid_prefer_new;
 		arraysize = _ARRAYLEN(saorder_state_valid_prefer_new);
 	}
-	LIST_FOREACH(sah, &sahtree, chain) {
+	SAHLIST_READER_FOREACH(sah) {
 		/* search valid state */
 		for (stateidx = 0; stateidx < arraysize; stateidx++) {
 			state = saorder_state_valid[stateidx];
@@ -2854,7 +2869,8 @@ key_newsah(const struct secasindex *said
 
 	/* add to saidxtree */
 	newsah->state = SADB_SASTATE_MATURE;
-	LIST_INSERT_HEAD(&sahtree, newsah, chain);
+	SAHLIST_ENTRY_INIT(newsah);
+	SAHLIST_WRITER_INSERT_HEAD(newsah);
 
 	return newsah;
 }
@@ -2892,14 +2908,14 @@ key_delsah(struct secashead *sah)
 	rtcache_free(&sah->sa_route);
 
 	/* remove from tree of SA index */
-	KASSERT(__LIST_CHAINED(sah));
-	LIST_REMOVE(sah, chain);
+	SAHLIST_WRITER_REMOVE(sah);
 
 	if (sah->idents != NULL)
 		kmem_free(sah->idents, sah->idents_len);
 	if (sah->identd != NULL)
 		kmem_free(sah->identd, sah->identd_len);
 
+	SAHLIST_ENTRY_DESTROY(sah);
 	kmem_free(sah, sizeof(*sah));
 
 	splx(s);
@@ -3040,7 +3056,7 @@ key_getsah(const struct secasindex *said
 {
 	struct secashead *sah;
 
-	LIST_FOREACH(sah, &sahtree, chain) {
+	SAHLIST_READER_FOREACH(sah) {
 		if (sah->state == SADB_SASTATE_DEAD)
 			continue;
 		if (key_saidx_match(&sah->saidx, saidx, flag))
@@ -3070,7 +3086,7 @@ key_checkspidup(const struct secasindex 
 	}
 
 	/* check all SAD */
-	LIST_FOREACH(sah, &sahtree, chain) {
+	SAHLIST_READER_FOREACH(sah) {
 		if (!key_ismyaddr((struct sockaddr *)&sah->saidx.dst))
 			continue;
 		sav = key_getsavbyspi(sah, spi);
@@ -4484,14 +4500,15 @@ key_timehandler_spd(time_t now)
 static void
 key_timehandler_sad(time_t now)
 {
-	struct secashead *sah, *nextsah;
+	struct secashead *sah;
 	struct secasvar *sav, *nextsav;
 
-	LIST_FOREACH_SAFE(sah, &sahtree, chain, nextsah) {
+restart:
+	SAHLIST_WRITER_FOREACH(sah) {
 		/* if sah has been dead, then delete it and process next sah. */
 		if (sah->state == SADB_SASTATE_DEAD) {
 			key_delsah(sah);
-			continue;
+			goto restart;
 		}
 
 		/* if LARVAL entry doesn't become MATURE, delete it. */
@@ -6935,7 +6952,7 @@ key_api_flush(struct socket *so, struct 
 	}
 
 	/* no SATYPE specified, i.e. flushing all SA. */
-	LIST_FOREACH(sah, &sahtree, chain) {
+	SAHLIST_READER_FOREACH(sah) {
 		if (mhp->msg->sadb_msg_satype != SADB_SATYPE_UNSPEC &&
 		    proto != sah->saidx.proto)
 			continue;
@@ -6991,7 +7008,7 @@ key_setdump_chain(u_int8_t req_satype, i
 
 	/* count sav entries to be sent to userland. */
 	cnt = 0;
-	LIST_FOREACH(sah, &sahtree, chain) {
+	SAHLIST_READER_FOREACH(sah) {
 		if (req_satype != SADB_SATYPE_UNSPEC &&
 		    proto != sah->saidx.proto)
 			continue;
@@ -7011,7 +7028,7 @@ key_setdump_chain(u_int8_t req_satype, i
 	/* send this to the userland, one at a time. */
 	m = NULL;
 	prev = m;
-	LIST_FOREACH(sah, &sahtree, chain) {
+	SAHLIST_READER_FOREACH(sah) {
 		if (req_satype != SADB_SATYPE_UNSPEC &&
 		    proto != sah->saidx.proto)
 			continue;
@@ -7675,7 +7692,7 @@ key_do_init(void)
 
 	PSLIST_INIT(&key_socksplist);
 
-	LIST_INIT(&sahtree);
+	PSLIST_INIT(&sahtree);
 
 	for (i = 0; i <= SADB_SATYPE_MAX; i++) {
 		LIST_INIT(&regtree[i]);
@@ -7857,7 +7874,7 @@ key_sa_routechange(struct sockaddr *dst)
 	struct route *ro;
 	const struct sockaddr *sa;
 
-	LIST_FOREACH(sah, &sahtree, chain) {
+	SAHLIST_READER_FOREACH(sah) {
 		ro = &sah->sa_route;
 		sa = rtcache_getdst(ro);
 		if (sa != NULL && dst->sa_len == sa->sa_len &&
@@ -7963,7 +7980,7 @@ key_setdump(u_int8_t req_satype, int *er
 
 	/* count sav entries to be sent to the userland. */
 	cnt = 0;
-	LIST_FOREACH(sah, &sahtree, chain) {
+	SAHLIST_READER_FOREACH(sah) {
 		if (req_satype != SADB_SATYPE_UNSPEC &&
 		    proto != sah->saidx.proto)
 			continue;
@@ -7982,7 +7999,7 @@ key_setdump(u_int8_t req_satype, int *er
 
 	/* send this to the userland, one at a time. */
 	m = NULL;
-	LIST_FOREACH(sah, &sahtree, chain) {
+	SAHLIST_READER_FOREACH(sah) {
 		if (req_satype != SADB_SATYPE_UNSPEC &&
 		    proto != sah->saidx.proto)
 			continue;

Index: src/sys/netipsec/keydb.h
diff -u src/sys/netipsec/keydb.h:1.15 src/sys/netipsec/keydb.h:1.16
--- src/sys/netipsec/keydb.h:1.15	Wed May 17 02:19:09 2017
+++ src/sys/netipsec/keydb.h	Thu Aug  3 06:30:04 2017
@@ -1,4 +1,4 @@
-/*	$NetBSD: keydb.h,v 1.15 2017/05/17 02:19:09 ozaki-r Exp $	*/
+/*	$NetBSD: keydb.h,v 1.16 2017/08/03 06:30:04 ozaki-r Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/keydb.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$KAME: keydb.h,v 1.14 2000/08/02 17:58:26 sakane Exp $	*/
 
@@ -65,7 +65,7 @@ struct secasindex {
 
 /* Security Association Data Base */
 struct secashead {
-	LIST_ENTRY(secashead) chain;
+	struct pslist_entry pslist_entry;
 
 	struct secasindex saidx;

CVS commit: src/sys/netipsec

Reply via email to