Module Name: src
Committed By: maxv
Date: Tue Feb 27 14:44:10 UTC 2018
Modified Files:
src/sys/netinet: in_pcb.c ip_output.c sctp_pcb.c
src/sys/netinet6: in6_pcb.c ip6_output.c
src/sys/netipsec: ipsec.c ipsec.h ipsec6.h
Log Message:
Dedup: merge
ipsec4_get_policy and ipsec6_get_policy
ipsec4_delete_pcbpolicy and ipsec6_delete_pcbpolicy
The already-existing ipsec_get_policy() function is inlined in the new
one.
To generate a diff of this commit:
cvs rdiff -u -r1.181 -r1.182 src/sys/netinet/in_pcb.c
cvs rdiff -u -r1.295 -r1.296 src/sys/netinet/ip_output.c
cvs rdiff -u -r1.15 -r1.16 src/sys/netinet/sctp_pcb.c
cvs rdiff -u -r1.164 -r1.165 src/sys/netinet6/in6_pcb.c
cvs rdiff -u -r1.201 -r1.202 src/sys/netinet6/ip6_output.c
cvs rdiff -u -r1.143 -r1.144 src/sys/netipsec/ipsec.c
cvs rdiff -u -r1.69 -r1.70 src/sys/netipsec/ipsec.h
cvs rdiff -u -r1.24 -r1.25 src/sys/netipsec/ipsec6.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/in_pcb.c
diff -u src/sys/netinet/in_pcb.c:1.181 src/sys/netinet/in_pcb.c:1.182
--- src/sys/netinet/in_pcb.c:1.181 Mon Jan 1 00:51:36 2018
+++ src/sys/netinet/in_pcb.c Tue Feb 27 14:44:10 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: in_pcb.c,v 1.181 2018/01/01 00:51:36 christos Exp $ */
+/* $NetBSD: in_pcb.c,v 1.182 2018/02/27 14:44:10 maxv Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -93,7 +93,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: in_pcb.c,v 1.181 2018/01/01 00:51:36 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in_pcb.c,v 1.182 2018/02/27 14:44:10 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -628,7 +628,7 @@ in_pcbdetach(void *v)
#if defined(IPSEC)
if (ipsec_enabled)
- ipsec4_delete_pcbpolicy(inp);
+ ipsec_delete_pcbpolicy(inp);
#endif
so->so_pcb = NULL;
Index: src/sys/netinet/ip_output.c
diff -u src/sys/netinet/ip_output.c:1.295 src/sys/netinet/ip_output.c:1.296
--- src/sys/netinet/ip_output.c:1.295 Mon Feb 12 18:19:12 2018
+++ src/sys/netinet/ip_output.c Tue Feb 27 14:44:10 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ip_output.c,v 1.295 2018/02/12 18:19:12 christos Exp $ */
+/* $NetBSD: ip_output.c,v 1.296 2018/02/27 14:44:10 maxv Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_output.c,v 1.295 2018/02/12 18:19:12 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_output.c,v 1.296 2018/02/27 14:44:10 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1384,7 +1384,7 @@ ip_ctloutput(int op, struct socket *so,
struct mbuf *m = NULL;
/* XXX this will return EINVAL as sopt is empty */
- error = ipsec4_get_policy(inp, sopt->sopt_data,
+ error = ipsec_get_policy(inp, sopt->sopt_data,
sopt->sopt_size, &m);
if (error == 0)
error = sockopt_setmbuf(sopt, m);
Index: src/sys/netinet/sctp_pcb.c
diff -u src/sys/netinet/sctp_pcb.c:1.15 src/sys/netinet/sctp_pcb.c:1.16
--- src/sys/netinet/sctp_pcb.c:1.15 Tue Oct 17 19:23:42 2017
+++ src/sys/netinet/sctp_pcb.c Tue Feb 27 14:44:10 2018
@@ -1,5 +1,5 @@
/* $KAME: sctp_pcb.c,v 1.39 2005/06/16 18:29:25 jinmei Exp $ */
-/* $NetBSD: sctp_pcb.c,v 1.15 2017/10/17 19:23:42 rjs Exp $ */
+/* $NetBSD: sctp_pcb.c,v 1.16 2018/02/27 14:44:10 maxv Exp $ */
/*
* Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,7 +33,7 @@
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.15 2017/10/17 19:23:42 rjs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.16 2018/02/27 14:44:10 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -2153,7 +2153,7 @@ sctp_inpcb_free(struct sctp_inpcb *inp,
/* First take care of socket level things */
#ifdef IPSEC
if (ipsec_enabled)
- ipsec4_delete_pcbpolicy(ip_pcb);
+ ipsec_delete_pcbpolicy(ip_pcb);
#endif /*IPSEC*/
so->so_pcb = 0;
}
Index: src/sys/netinet6/in6_pcb.c
diff -u src/sys/netinet6/in6_pcb.c:1.164 src/sys/netinet6/in6_pcb.c:1.165
--- src/sys/netinet6/in6_pcb.c:1.164 Thu Feb 8 09:05:20 2018
+++ src/sys/netinet6/in6_pcb.c Tue Feb 27 14:44:10 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: in6_pcb.c,v 1.164 2018/02/08 09:05:20 dholland Exp $ */
+/* $NetBSD: in6_pcb.c,v 1.165 2018/02/27 14:44:10 maxv Exp $ */
/* $KAME: in6_pcb.c,v 1.84 2001/02/08 18:02:08 itojun Exp $ */
/*
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: in6_pcb.c,v 1.164 2018/02/08 09:05:20 dholland Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6_pcb.c,v 1.165 2018/02/27 14:44:10 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -628,7 +628,7 @@ in6_pcbdetach(struct in6pcb *in6p)
#if defined(IPSEC)
if (ipsec_enabled)
- ipsec6_delete_pcbpolicy(in6p);
+ ipsec_delete_pcbpolicy(in6p);
#endif
so->so_pcb = NULL;
Index: src/sys/netinet6/ip6_output.c
diff -u src/sys/netinet6/ip6_output.c:1.201 src/sys/netinet6/ip6_output.c:1.202
--- src/sys/netinet6/ip6_output.c:1.201 Mon Feb 12 12:52:12 2018
+++ src/sys/netinet6/ip6_output.c Tue Feb 27 14:44:10 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ip6_output.c,v 1.201 2018/02/12 12:52:12 maxv Exp $ */
+/* $NetBSD: ip6_output.c,v 1.202 2018/02/27 14:44:10 maxv Exp $ */
/* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */
/*
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.201 2018/02/12 12:52:12 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.202 2018/02/27 14:44:10 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1980,7 +1980,7 @@ else \
* XXX: this will return EINVAL as sopt is
* empty
*/
- error = ipsec6_get_policy(in6p, sopt->sopt_data,
+ error = ipsec_get_policy(in6p, sopt->sopt_data,
sopt->sopt_size, &m);
if (!error)
error = sockopt_setmbuf(sopt, m);
Index: src/sys/netipsec/ipsec.c
diff -u src/sys/netipsec/ipsec.c:1.143 src/sys/netipsec/ipsec.c:1.144
--- src/sys/netipsec/ipsec.c:1.143 Tue Feb 27 13:36:21 2018
+++ src/sys/netipsec/ipsec.c Tue Feb 27 14:44:10 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.143 2018/02/27 13:36:21 maxv Exp $ */
+/* $NetBSD: ipsec.c,v 1.144 2018/02/27 14:44:10 maxv Exp $ */
/* $FreeBSD: src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.143 2018/02/27 13:36:21 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.144 2018/02/27 14:44:10 maxv Exp $");
/*
* IPsec controller part.
@@ -187,7 +187,6 @@ static struct secpolicy *ipsec_deepcopy_
#endif
static int ipsec_set_policy(struct secpolicy **, int, const void *, size_t,
kauth_cred_t);
-static int ipsec_get_policy(struct secpolicy *, struct mbuf **);
static void ipsec_destroy_policy(struct secpolicy *);
static int ipsec_sp_reject(const struct secpolicy *, const struct mbuf *);
static void vshiftl(unsigned char *, int, int);
@@ -1331,28 +1330,6 @@ ipsec_set_policy(struct secpolicy **poli
return 0;
}
-static int
-ipsec_get_policy(struct secpolicy *policy, struct mbuf **mp)
-{
-
- /* sanity check. */
- if (policy == NULL || mp == NULL)
- return EINVAL;
-
- *mp = key_sp2msg(policy, M_NOWAIT);
- if (!*mp) {
- IPSECLOG(LOG_DEBUG, "No more memory.\n");
- return ENOBUFS;
- }
-
- (*mp)->m_type = MT_DATA;
- if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DUMP)) {
- kdebug_mbuf(__func__, *mp);
- }
-
- return 0;
-}
-
int
ipsec4_set_policy(struct inpcb *inp, int optname, const void *request,
size_t len, kauth_cred_t cred)
@@ -1390,7 +1367,7 @@ ipsec4_set_policy(struct inpcb *inp, int
}
int
-ipsec4_get_policy(struct inpcb *inp, const void *request, size_t len,
+ipsec_get_policy(void *inp, const void *request, size_t len,
struct mbuf **mp)
{
struct inpcb_hdr *inph = (struct inpcb_hdr *)inp;
@@ -1419,11 +1396,26 @@ ipsec4_get_policy(struct inpcb *inp, con
return EINVAL;
}
- return ipsec_get_policy(policy, mp);
+ /* sanity check. */
+ if (policy == NULL || mp == NULL)
+ return EINVAL;
+
+ *mp = key_sp2msg(policy, M_NOWAIT);
+ if (!*mp) {
+ IPSECLOG(LOG_DEBUG, "No more memory.\n");
+ return ENOBUFS;
+ }
+
+ (*mp)->m_type = MT_DATA;
+ if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DUMP)) {
+ kdebug_mbuf(__func__, *mp);
+ }
+
+ return 0;
}
int
-ipsec4_delete_pcbpolicy(struct inpcb *inp)
+ipsec_delete_pcbpolicy(void *inp)
{
struct inpcb_hdr *inph = (struct inpcb_hdr *)inp;
@@ -1480,63 +1472,6 @@ ipsec6_set_policy(struct in6pcb *in6p, i
return ipsec_set_policy(policy, optname, request, len, cred);
}
-
-int
-ipsec6_get_policy(struct in6pcb *in6p, const void *request, size_t len,
- struct mbuf **mp)
-{
- struct inpcb_hdr *inph = (struct inpcb_hdr *)in6p;
- const struct sadb_x_policy *xpl;
- struct secpolicy *policy;
-
- /* sanity check. */
- if (inph == NULL || request == NULL || mp == NULL)
- return EINVAL;
- KASSERT(inph->inph_sp != NULL);
- if (len < sizeof(*xpl))
- return EINVAL;
- xpl = (const struct sadb_x_policy *)request;
-
- /* select direction */
- switch (xpl->sadb_x_policy_dir) {
- case IPSEC_DIR_INBOUND:
- policy = inph->inph_sp->sp_in;
- break;
- case IPSEC_DIR_OUTBOUND:
- policy = inph->inph_sp->sp_out;
- break;
- default:
- IPSECLOG(LOG_ERR, "invalid direction=%u\n",
- xpl->sadb_x_policy_dir);
- return EINVAL;
- }
-
- return ipsec_get_policy(policy, mp);
-}
-
-int
-ipsec6_delete_pcbpolicy(struct in6pcb *in6p)
-{
- struct inpcb_hdr *inph = (struct inpcb_hdr *)in6p;
-
- KASSERT(inph != NULL);
-
- if (inph->inph_sp == NULL)
- return 0;
-
- if (inph->inph_sp->sp_in != NULL)
- ipsec_destroy_policy(inph->inph_sp->sp_in);
-
- if (inph->inph_sp->sp_out != NULL)
- ipsec_destroy_policy(inph->inph_sp->sp_out);
-
- ipsec_invalpcbcache(inph->inph_sp, IPSEC_DIR_ANY);
-
- ipsec_delpcbpolicy(inph->inph_sp);
- inph->inph_sp = NULL;
-
- return 0;
-}
#endif
/*
Index: src/sys/netipsec/ipsec.h
diff -u src/sys/netipsec/ipsec.h:1.69 src/sys/netipsec/ipsec.h:1.70
--- src/sys/netipsec/ipsec.h:1.69 Mon Feb 26 09:04:29 2018
+++ src/sys/netipsec/ipsec.h Tue Feb 27 14:44:10 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.h,v 1.69 2018/02/26 09:04:29 maxv Exp $ */
+/* $NetBSD: ipsec.h,v 1.70 2018/02/27 14:44:10 maxv Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.h,v 1.2.4.2 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */
@@ -292,8 +292,8 @@ int ipsec_copy_policy(const struct inpcb
u_int ipsec_get_reqlevel(const struct ipsecrequest *);
int ipsec4_set_policy(struct inpcb *, int, const void *, size_t, kauth_cred_t);
-int ipsec4_get_policy(struct inpcb *, const void *, size_t, struct mbuf **);
-int ipsec4_delete_pcbpolicy(struct inpcb *);
+int ipsec_get_policy(void *, const void *, size_t, struct mbuf **);
+int ipsec_delete_pcbpolicy(void *);
int ipsec_in_reject(struct mbuf *, void *);
struct secasvar *ipsec_lookup_sa(const struct ipsecrequest *,
Index: src/sys/netipsec/ipsec6.h
diff -u src/sys/netipsec/ipsec6.h:1.24 src/sys/netipsec/ipsec6.h:1.25
--- src/sys/netipsec/ipsec6.h:1.24 Mon Feb 26 09:04:29 2018
+++ src/sys/netipsec/ipsec6.h Tue Feb 27 14:44:10 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec6.h,v 1.24 2018/02/26 09:04:29 maxv Exp $ */
+/* $NetBSD: ipsec6.h,v 1.25 2018/02/27 14:44:10 maxv Exp $ */
/* $FreeBSD: src/sys/netipsec/ipsec6.h,v 1.1.4.1 2003/01/24 05:11:35 sam Exp $ */
/* $KAME: ipsec.h,v 1.44 2001/03/23 08:08:47 itojun Exp $ */
@@ -53,9 +53,7 @@ extern struct secpolicy ip6_def_policy;
struct inpcb;
struct in6pcb;
-int ipsec6_delete_pcbpolicy(struct in6pcb *);
int ipsec6_set_policy(struct in6pcb *, int, const void *, size_t, kauth_cred_t);
-int ipsec6_get_policy(struct in6pcb *, const void *, size_t, struct mbuf **);
struct secpolicy *ipsec6_check_policy(struct mbuf *,
struct in6pcb *, int, int*,int*);
