Module Name: src
Committed By: maxv
Date: Tue Feb 27 15:01:30 UTC 2018
Modified Files:
src/sys/netinet: ip_output.c
src/sys/netinet6: ip6_output.c
src/sys/netipsec: ipsec.c ipsec.h ipsec6.h
src/sys/rump/librump/rumpnet: net_stub.c
Log Message:
Dedup: merge ipsec4_set_policy and ipsec6_set_policy. The content of the
original ipsec_set_policy function is inlined into the new one.
To generate a diff of this commit:
cvs rdiff -u -r1.296 -r1.297 src/sys/netinet/ip_output.c
cvs rdiff -u -r1.202 -r1.203 src/sys/netinet6/ip6_output.c
cvs rdiff -u -r1.145 -r1.146 src/sys/netipsec/ipsec.c
cvs rdiff -u -r1.70 -r1.71 src/sys/netipsec/ipsec.h
cvs rdiff -u -r1.25 -r1.26 src/sys/netipsec/ipsec6.h
cvs rdiff -u -r1.30 -r1.31 src/sys/rump/librump/rumpnet/net_stub.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/ip_output.c
diff -u src/sys/netinet/ip_output.c:1.296 src/sys/netinet/ip_output.c:1.297
--- src/sys/netinet/ip_output.c:1.296 Tue Feb 27 14:44:10 2018
+++ src/sys/netinet/ip_output.c Tue Feb 27 15:01:30 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ip_output.c,v 1.296 2018/02/27 14:44:10 maxv Exp $ */
+/* $NetBSD: ip_output.c,v 1.297 2018/02/27 15:01:30 maxv Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_output.c,v 1.296 2018/02/27 14:44:10 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_output.c,v 1.297 2018/02/27 15:01:30 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1263,7 +1263,7 @@ ip_ctloutput(int op, struct socket *so,
#if defined(IPSEC)
case IP_IPSEC_POLICY:
if (ipsec_enabled) {
- error = ipsec4_set_policy(inp, sopt->sopt_name,
+ error = ipsec_set_policy(inp, sopt->sopt_name,
sopt->sopt_data, sopt->sopt_size,
curlwp->l_cred);
break;
Index: src/sys/netinet6/ip6_output.c
diff -u src/sys/netinet6/ip6_output.c:1.202 src/sys/netinet6/ip6_output.c:1.203
--- src/sys/netinet6/ip6_output.c:1.202 Tue Feb 27 14:44:10 2018
+++ src/sys/netinet6/ip6_output.c Tue Feb 27 15:01:30 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ip6_output.c,v 1.202 2018/02/27 14:44:10 maxv Exp $ */
+/* $NetBSD: ip6_output.c,v 1.203 2018/02/27 15:01:30 maxv Exp $ */
/* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */
/*
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.202 2018/02/27 14:44:10 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.203 2018/02/27 15:01:30 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1773,7 +1773,7 @@ else \
#if defined(IPSEC)
case IPV6_IPSEC_POLICY:
if (ipsec_enabled) {
- error = ipsec6_set_policy(in6p, optname,
+ error = ipsec_set_policy(in6p, optname,
sopt->sopt_data, sopt->sopt_size,
kauth_cred_get());
break;
Index: src/sys/netipsec/ipsec.c
diff -u src/sys/netipsec/ipsec.c:1.145 src/sys/netipsec/ipsec.c:1.146
--- src/sys/netipsec/ipsec.c:1.145 Tue Feb 27 14:52:51 2018
+++ src/sys/netipsec/ipsec.c Tue Feb 27 15:01:30 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.145 2018/02/27 14:52:51 maxv Exp $ */
+/* $NetBSD: ipsec.c,v 1.146 2018/02/27 15:01:30 maxv Exp $ */
/* $FreeBSD: src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.145 2018/02/27 14:52:51 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.146 2018/02/27 15:01:30 maxv Exp $");
/*
* IPsec controller part.
@@ -185,8 +185,6 @@ static void ipsec_delpcbpolicy(struct in
#if 0 /* unused */
static struct secpolicy *ipsec_deepcopy_policy(const struct secpolicy *);
#endif
-static int ipsec_set_policy(struct secpolicy **, int, const void *, size_t,
- kauth_cred_t);
static void ipsec_destroy_policy(struct secpolicy *);
static int ipsec_sp_reject(const struct secpolicy *, const struct mbuf *);
static void vshiftl(unsigned char *, int, int);
@@ -1272,21 +1270,44 @@ ipsec_destroy_policy(struct secpolicy *s
}
}
-/* set policy and ipsec request if present. */
-static int
-ipsec_set_policy(struct secpolicy **policy, int optname, const void *request,
- size_t len, kauth_cred_t cred)
+int
+ipsec_set_policy(void *inp, int optname, const void *request, size_t len,
+ kauth_cred_t cred)
{
+ struct inpcb_hdr *inph = (struct inpcb_hdr *)inp;
const struct sadb_x_policy *xpl;
struct secpolicy *newsp, *oldsp;
+ struct secpolicy **policy;
int error;
KASSERT(!cpu_softintr_p());
+ KASSERT(inph != NULL);
+ KASSERT(inph_locked(inph));
+ KASSERT(request != NULL);
+
+ if (len < sizeof(*xpl))
+ return EINVAL;
+ xpl = (const struct sadb_x_policy *)request;
+
+ KASSERT(inph->inph_sp != NULL);
+
+ /* select direction */
+ switch (xpl->sadb_x_policy_dir) {
+ case IPSEC_DIR_INBOUND:
+ policy = &inph->inph_sp->sp_in;
+ break;
+ case IPSEC_DIR_OUTBOUND:
+ policy = &inph->inph_sp->sp_out;
+ break;
+ default:
+ IPSECLOG(LOG_ERR, "invalid direction=%u\n",
+ xpl->sadb_x_policy_dir);
+ return EINVAL;
+ }
/* sanity check. */
if (policy == NULL || *policy == NULL)
return EINVAL;
- xpl = (const struct sadb_x_policy *)request;
if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DUMP)) {
kdebug_sadb_xpolicy("set passed policy", request);
@@ -1329,42 +1350,6 @@ ipsec_set_policy(struct secpolicy **poli
}
int
-ipsec4_set_policy(struct inpcb *inp, int optname, const void *request,
- size_t len, kauth_cred_t cred)
-{
- struct inpcb_hdr *inph = (struct inpcb_hdr *)inp;
- const struct sadb_x_policy *xpl;
- struct secpolicy **policy;
-
- KASSERT(!cpu_softintr_p());
- KASSERT(inph != NULL);
- KASSERT(inph_locked(inph));
- KASSERT(request != NULL);
-
- if (len < sizeof(*xpl))
- return EINVAL;
- xpl = (const struct sadb_x_policy *)request;
-
- KASSERT(inph->inph_sp != NULL);
-
- /* select direction */
- switch (xpl->sadb_x_policy_dir) {
- case IPSEC_DIR_INBOUND:
- policy = &inph->inph_sp->sp_in;
- break;
- case IPSEC_DIR_OUTBOUND:
- policy = &inph->inph_sp->sp_out;
- break;
- default:
- IPSECLOG(LOG_ERR, "invalid direction=%u\n",
- xpl->sadb_x_policy_dir);
- return EINVAL;
- }
-
- return ipsec_set_policy(policy, optname, request, len, cred);
-}
-
-int
ipsec_get_policy(void *inp, const void *request, size_t len,
struct mbuf **mp)
{
@@ -1435,42 +1420,6 @@ ipsec_delete_pcbpolicy(void *inp)
return 0;
}
-#ifdef INET6
-int
-ipsec6_set_policy(struct in6pcb *in6p, int optname, const void *request,
- size_t len, kauth_cred_t cred)
-{
- struct inpcb_hdr *inph = (struct inpcb_hdr *)in6p;
- const struct sadb_x_policy *xpl;
- struct secpolicy **policy;
-
- KASSERT(!cpu_softintr_p());
- KASSERT(inph != NULL);
- KASSERT(inph_locked(inph));
- KASSERT(request != NULL);
-
- if (len < sizeof(*xpl))
- return EINVAL;
- xpl = (const struct sadb_x_policy *)request;
-
- /* select direction */
- switch (xpl->sadb_x_policy_dir) {
- case IPSEC_DIR_INBOUND:
- policy = &inph->inph_sp->sp_in;
- break;
- case IPSEC_DIR_OUTBOUND:
- policy = &inph->inph_sp->sp_out;
- break;
- default:
- IPSECLOG(LOG_ERR, "invalid direction=%u\n",
- xpl->sadb_x_policy_dir);
- return EINVAL;
- }
-
- return ipsec_set_policy(policy, optname, request, len, cred);
-}
-#endif
-
/*
* Return the current level (either IPSEC_LEVEL_USE or IPSEC_LEVEL_REQUIRE).
*/
Index: src/sys/netipsec/ipsec.h
diff -u src/sys/netipsec/ipsec.h:1.70 src/sys/netipsec/ipsec.h:1.71
--- src/sys/netipsec/ipsec.h:1.70 Tue Feb 27 14:44:10 2018
+++ src/sys/netipsec/ipsec.h Tue Feb 27 15:01:30 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.h,v 1.70 2018/02/27 14:44:10 maxv Exp $ */
+/* $NetBSD: ipsec.h,v 1.71 2018/02/27 15:01:30 maxv Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.h,v 1.2.4.2 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */
@@ -291,7 +291,7 @@ int ipsec_init_policy(struct socket *so,
int ipsec_copy_policy(const struct inpcbpolicy *, struct inpcbpolicy *);
u_int ipsec_get_reqlevel(const struct ipsecrequest *);
-int ipsec4_set_policy(struct inpcb *, int, const void *, size_t, kauth_cred_t);
+int ipsec_set_policy(void *, int, const void *, size_t, kauth_cred_t);
int ipsec_get_policy(void *, const void *, size_t, struct mbuf **);
int ipsec_delete_pcbpolicy(void *);
int ipsec_in_reject(struct mbuf *, void *);
Index: src/sys/netipsec/ipsec6.h
diff -u src/sys/netipsec/ipsec6.h:1.25 src/sys/netipsec/ipsec6.h:1.26
--- src/sys/netipsec/ipsec6.h:1.25 Tue Feb 27 14:44:10 2018
+++ src/sys/netipsec/ipsec6.h Tue Feb 27 15:01:30 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec6.h,v 1.25 2018/02/27 14:44:10 maxv Exp $ */
+/* $NetBSD: ipsec6.h,v 1.26 2018/02/27 15:01:30 maxv Exp $ */
/* $FreeBSD: src/sys/netipsec/ipsec6.h,v 1.1.4.1 2003/01/24 05:11:35 sam Exp $ */
/* $KAME: ipsec.h,v 1.44 2001/03/23 08:08:47 itojun Exp $ */
@@ -53,7 +53,6 @@ extern struct secpolicy ip6_def_policy;
struct inpcb;
struct in6pcb;
-int ipsec6_set_policy(struct in6pcb *, int, const void *, size_t, kauth_cred_t);
struct secpolicy *ipsec6_check_policy(struct mbuf *,
struct in6pcb *, int, int*,int*);
Index: src/sys/rump/librump/rumpnet/net_stub.c
diff -u src/sys/rump/librump/rumpnet/net_stub.c:1.30 src/sys/rump/librump/rumpnet/net_stub.c:1.31
--- src/sys/rump/librump/rumpnet/net_stub.c:1.30 Tue Feb 27 14:45:43 2018
+++ src/sys/rump/librump/rumpnet/net_stub.c Tue Feb 27 15:01:30 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: net_stub.c,v 1.30 2018/02/27 14:45:43 maxv Exp $ */
+/* $NetBSD: net_stub.c,v 1.31 2018/02/27 15:01:30 maxv Exp $ */
/*
* Copyright (c) 2008 Antti Kantee. All Rights Reserved.
@@ -26,7 +26,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: net_stub.c,v 1.30 2018/02/27 14:45:43 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: net_stub.c,v 1.31 2018/02/27 15:01:30 maxv Exp $");
#include <sys/mutex.h>
#include <sys/param.h>
@@ -91,12 +91,11 @@ __weak_alias(ipsec4_output,rumpnet_stub)
__weak_alias(ipsec4_common_input,rumpnet_stub);
__weak_alias(ipsec4_forward,rumpnet_stub);
__weak_alias(ipsec4_input,rumpnet_stub);
-__weak_alias(ipsec4_set_policy,rumpnet_stub);
__weak_alias(ipsec6_common_input,rumpnet_stub);
__weak_alias(ipsec6_input,rumpnet_stub);
__weak_alias(ipsec6_check_policy,rumpnet_stub);
__weak_alias(ipsec6_process_packet,rumpnet_stub);
-__weak_alias(ipsec6_set_policy,rumpnet_stub);
+__weak_alias(ipsec_set_policy,rumpnet_stub);
__weak_alias(ipsec_get_policy,rumpnet_stub);
__weak_alias(ipsec_delete_pcbpolicy,rumpnet_stub);
__weak_alias(ipsec_hdrsiz,rumpnet_stub);
