Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys Assert inph_locked on ipsec_pcb_skip_ipsec (was IPSEC_PC...
details: https://anonhg.NetBSD.org/src/rev/4c40be3c780f
branches: trunk
changeset: 354042:4c40be3c780f
user: ozaki-r <ozaki-r%NetBSD.org@localhost>
date: Fri Jun 02 03:41:20 2017 +0000
description:
Assert inph_locked on ipsec_pcb_skip_ipsec (was IPSEC_PCB_SKIP_IPSEC)
The assertion confirms SP caches are accessed under inph lock (solock).
diffstat:
sys/netinet/in_pcb_hdr.h | 3 ++-
sys/netinet/tcp_output.c | 14 +++++++-------
sys/netipsec/ipsec.c | 8 ++++----
sys/netipsec/ipsec.h | 20 ++++++++++++++------
4 files changed, 27 insertions(+), 18 deletions(-)
diffs (165 lines):
diff -r cc6a665b1c21 -r 4c40be3c780f sys/netinet/in_pcb_hdr.h
--- a/sys/netinet/in_pcb_hdr.h Fri Jun 02 03:39:28 2017 +0000
+++ b/sys/netinet/in_pcb_hdr.h Fri Jun 02 03:41:20 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: in_pcb_hdr.h,v 1.12 2017/04/25 05:44:11 ozaki-r Exp $ */
+/* $NetBSD: in_pcb_hdr.h,v 1.13 2017/06/02 03:41:20 ozaki-r Exp $ */
/*
* Copyright (C) 2003 WIDE Project.
@@ -89,6 +89,7 @@
LIST_HEAD(inpcbhead, inpcb_hdr);
struct vestigial_inpcb;
+struct in6_addr;
/* Hooks for vestigial pcb entries.
* If vestigial entries exist for a table (TCP only)
diff -r cc6a665b1c21 -r 4c40be3c780f sys/netinet/tcp_output.c
--- a/sys/netinet/tcp_output.c Fri Jun 02 03:39:28 2017 +0000
+++ b/sys/netinet/tcp_output.c Fri Jun 02 03:41:20 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: tcp_output.c,v 1.195 2017/03/03 07:13:06 ozaki-r Exp $ */
+/* $NetBSD: tcp_output.c,v 1.196 2017/06/02 03:41:20 ozaki-r Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -135,7 +135,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_output.c,v 1.195 2017/03/03 07:13:06 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_output.c,v 1.196 2017/06/02 03:41:20 ozaki-r Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -361,7 +361,7 @@
if (inp) {
#if defined(IPSEC)
if (ipsec_used &&
- !IPSEC_PCB_SKIP_IPSEC(inp->inp_sp, IPSEC_DIR_OUTBOUND))
+ !ipsec_pcb_skip_ipsec(inp->inp_sp, IPSEC_DIR_OUTBOUND))
optlen += ipsec4_hdrsiz_tcp(tp);
#endif
optlen += ip_optlen(inp);
@@ -372,7 +372,7 @@
if (in6p && tp->t_family == AF_INET) {
#if defined(IPSEC)
if (ipsec_used &&
- !IPSEC_PCB_SKIP_IPSEC(in6p->in6p_sp, IPSEC_DIR_OUTBOUND))
+ !ipsec_pcb_skip_ipsec(in6p->in6p_sp, IPSEC_DIR_OUTBOUND))
optlen += ipsec4_hdrsiz_tcp(tp);
#endif
/* XXX size -= ip_optlen(in6p); */
@@ -381,7 +381,7 @@
if (in6p && tp->t_family == AF_INET6) {
#if defined(IPSEC)
if (ipsec_used &&
- !IPSEC_PCB_SKIP_IPSEC(in6p->in6p_sp, IPSEC_DIR_OUTBOUND))
+ !ipsec_pcb_skip_ipsec(in6p->in6p_sp, IPSEC_DIR_OUTBOUND))
optlen += ipsec6_hdrsiz_tcp(tp);
#endif
optlen += ip6_optlen(in6p);
@@ -641,7 +641,7 @@
#if defined(INET)
has_tso4 = tp->t_inpcb != NULL &&
#if defined(IPSEC)
- (!ipsec_used || IPSEC_PCB_SKIP_IPSEC(tp->t_inpcb->inp_sp,
+ (!ipsec_used || ipsec_pcb_skip_ipsec(tp->t_inpcb->inp_sp,
IPSEC_DIR_OUTBOUND)) &&
#endif
(rt = rtcache_validate(&tp->t_inpcb->inp_route)) != NULL &&
@@ -654,7 +654,7 @@
#if defined(INET6)
has_tso6 = tp->t_in6pcb != NULL &&
#if defined(IPSEC)
- (!ipsec_used || IPSEC_PCB_SKIP_IPSEC(tp->t_in6pcb->in6p_sp,
+ (!ipsec_used || ipsec_pcb_skip_ipsec(tp->t_in6pcb->in6p_sp,
IPSEC_DIR_OUTBOUND)) &&
#endif
(rt = rtcache_validate(&tp->t_in6pcb->in6p_route)) != NULL &&
diff -r cc6a665b1c21 -r 4c40be3c780f sys/netipsec/ipsec.c
--- a/sys/netipsec/ipsec.c Fri Jun 02 03:39:28 2017 +0000
+++ b/sys/netipsec/ipsec.c Fri Jun 02 03:41:20 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.98 2017/06/02 03:39:28 ozaki-r Exp $ */
+/* $NetBSD: ipsec.c,v 1.99 2017/06/02 03:41:20 ozaki-r Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.98 2017/06/02 03:39:28 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.99 2017/06/02 03:41:20 ozaki-r Exp $");
/*
* IPsec controller part.
@@ -673,7 +673,7 @@
return 0;
}
s = splsoftnet();
- if (inp && IPSEC_PCB_SKIP_IPSEC(inp->inp_sp, IPSEC_DIR_OUTBOUND)) {
+ if (inp && ipsec_pcb_skip_ipsec(inp->inp_sp, IPSEC_DIR_OUTBOUND)) {
splx(s);
return 0;
}
@@ -2281,7 +2281,7 @@
if (!ipsec_outdone(m)) {
s = splsoftnet();
if (in6p != NULL &&
- IPSEC_PCB_SKIP_IPSEC(in6p->in6p_sp, IPSEC_DIR_OUTBOUND)) {
+ ipsec_pcb_skip_ipsec(in6p->in6p_sp, IPSEC_DIR_OUTBOUND)) {
splx(s);
goto skippolicycheck;
}
diff -r cc6a665b1c21 -r 4c40be3c780f sys/netipsec/ipsec.h
--- a/sys/netipsec/ipsec.h Fri Jun 02 03:39:28 2017 +0000
+++ b/sys/netipsec/ipsec.h Fri Jun 02 03:41:20 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.h,v 1.49 2017/06/02 03:39:28 ozaki-r Exp $ */
+/* $NetBSD: ipsec.h,v 1.50 2017/06/02 03:41:20 ozaki-r Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.h,v 1.2.4.2 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */
@@ -46,7 +46,9 @@
#include <net/pfkeyv2.h>
#ifdef _KERNEL
+#include <sys/socketvar.h>
+#include <netinet/in_pcb_hdr.h>
#include <netipsec/keydb.h>
/*
@@ -133,9 +135,17 @@
struct inpcb_hdr *sp_inph; /* back pointer */
};
-#define IPSEC_PCB_SKIP_IPSEC(inpp, dir) \
- ((inpp)->sp_cache[(dir)].cachehint == IPSEC_PCBHINT_NO && \
- (inpp)->sp_cache[(dir)].cachegen == ipsec_spdgen)
+extern u_int ipsec_spdgen;
+
+static inline bool
+ipsec_pcb_skip_ipsec(struct inpcbpolicy *pcbsp, int dir)
+{
+
+ KASSERT(inph_locked(pcbsp->sp_inph));
+
+ return pcbsp->sp_cache[(dir)].cachehint == IPSEC_PCBHINT_NO &&
+ pcbsp->sp_cache[(dir)].cachegen == ipsec_spdgen;
+}
/* SP acquiring list table. */
struct secspacq {
@@ -257,8 +267,6 @@
void ipsec_pcbdisconn (struct inpcbpolicy *);
void ipsec_invalpcbcacheall (void);
-extern u_int ipsec_spdgen;
-
struct tdb_ident;
struct secpolicy *ipsec_getpolicy (const struct tdb_ident*, u_int);
struct inpcb;
Home |
Main Index |
Thread Index |
Old Index