The diff below documents locks of 'ipsec_ids', 'ipsec_acquire' and
'ipsec_policy' structures.
I marked `ipa_pcb' as immutable, but we never set or access it and I
want to remove it with the next diff.
Index: sys/netinet/ip_ipsp.h
===================================================================
RCS file: /cvs/src/sys/netinet/ip_ipsp.h,v
retrieving revision 1.200
diff -u -p -r1.200 ip_ipsp.h
--- sys/netinet/ip_ipsp.h 8 Jul 2021 21:07:19 -0000 1.200
+++ sys/netinet/ip_ipsp.h 11 Jul 2021 00:59:18 -0000
@@ -45,6 +45,12 @@
#include <sys/types.h>
#include <netinet/in.h>
+/*
+ * Locks used to protect struct members in this file:
+ * I Immutable after creation
+ * N netlock
+ */
+
union sockaddr_union {
struct sockaddr sa;
struct sockaddr_in sin;
@@ -230,36 +236,37 @@ struct ipsec_id {
};
struct ipsec_ids {
- RBT_ENTRY(ipsec_ids) id_node_id;
- RBT_ENTRY(ipsec_ids) id_node_flow;
- struct ipsec_id *id_local;
- struct ipsec_id *id_remote;
- u_int32_t id_flow;
- int id_refcount;
+ RBT_ENTRY(ipsec_ids) id_node_id; /* [N] */
+ RBT_ENTRY(ipsec_ids) id_node_flow; /* [N] */
+ struct ipsec_id *id_local; /* [I] */
+ struct ipsec_id *id_remote; /* [I] */
+ u_int32_t id_flow; /* [N] */
+ int id_refcount; /* [N] */
struct timeout id_timeout;
};
RBT_HEAD(ipsec_ids_flows, ipsec_ids);
RBT_HEAD(ipsec_ids_tree, ipsec_ids);
struct ipsec_acquire {
- union sockaddr_union ipa_addr;
- u_int32_t ipa_seq;
- struct sockaddr_encap ipa_info;
- struct sockaddr_encap ipa_mask;
+ union sockaddr_union ipa_addr; /* [I] */
+ u_int32_t ipa_seq; /* [I] */
+ struct sockaddr_encap ipa_info; /* [I] */
+ struct sockaddr_encap ipa_mask; /* [I] */
struct timeout ipa_timeout;
- struct ipsec_policy *ipa_policy;
- struct inpcb *ipa_pcb;
- TAILQ_ENTRY(ipsec_acquire) ipa_ipo_next;
- TAILQ_ENTRY(ipsec_acquire) ipa_next;
+ struct ipsec_policy *ipa_policy; /* [I] */
+ struct inpcb *ipa_pcb; /* [I] */
+ TAILQ_ENTRY(ipsec_acquire) ipa_ipo_next; /* [N] */
+ TAILQ_ENTRY(ipsec_acquire) ipa_next; /* [N] */
};
struct ipsec_policy {
struct radix_node ipo_nodes[2]; /* radix tree glue */
- struct sockaddr_encap ipo_addr;
- struct sockaddr_encap ipo_mask;
+ struct sockaddr_encap ipo_addr; /* [I] */
+ struct sockaddr_encap ipo_mask; /* [I] */
- union sockaddr_union ipo_src; /* Local address to use */
- union sockaddr_union ipo_dst; /* Remote gateway -- if it's
zeroed:
+ union sockaddr_union ipo_src; /* [N] Local address to use */
+ union sockaddr_union ipo_dst; /* [N] Remote gateway --
+ * if it's zeroed:
* - on output, we try to
* contact the remote host
* directly (if needed).
@@ -270,22 +277,28 @@ struct ipsec_policy {
* mode was used.
*/
- u_int64_t ipo_last_searched; /* Timestamp of last
lookup */
-
- u_int8_t ipo_flags; /* See IPSP_POLICY_*
definitions */
- u_int8_t ipo_type; /* USE/ACQUIRE/... */
- u_int8_t ipo_sproto; /* ESP/AH; if zero, use system
dflts */
- u_int ipo_rdomain;
-
- int ipo_ref_count;
-
- struct tdb *ipo_tdb; /* Cached entry */
-
- struct ipsec_ids *ipo_ids;
+ u_int64_t ipo_last_searched; /* [N] Timestamp
+ of last lookup */
- TAILQ_HEAD(ipo_acquires_head, ipsec_acquire) ipo_acquires; /* List of
acquires */
- TAILQ_ENTRY(ipsec_policy) ipo_tdb_next; /* List TDB policies */
- TAILQ_ENTRY(ipsec_policy) ipo_list; /* List of all policies
*/
+ u_int8_t ipo_flags; /* [N] See IPSP_POLICY_*
+ definitions */
+ u_int8_t ipo_type; /* [N] USE/ACQUIRE/... */
+ u_int8_t ipo_sproto; /* [N] ESP/AH; if zero,
+ use system dflts */
+ u_int ipo_rdomain; /* [I] */
+
+ int ipo_ref_count; /* [N] */
+
+ struct tdb *ipo_tdb; /* [N] Cached entry */
+
+ struct ipsec_ids *ipo_ids; /* [N] */
+
+ TAILQ_HEAD(ipo_acquires_head, ipsec_acquire) ipo_acquires; /* [N]
+ List of acquires */
+ TAILQ_ENTRY(ipsec_policy) ipo_tdb_next; /* [N] List TDB
+ policies */
+ TAILQ_ENTRY(ipsec_policy) ipo_list; /* [N] List of all
+ policies */
};
#define IPSP_POLICY_NONE 0x0000 /* No flags set */
