[src/trunk]: src/sys Add sadb_x_policy_flags to inform SP origination.

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys Add sadb_x_policy_flags to inform SP origination.
From: knakahara <knakahara%NetBSD.org@localhost>
Date: Thu, 13 Oct 2022 09:28:03 +0000

details:   https://anonhg.NetBSD.org/src/rev/def7e1471c28
branches:  trunk
changeset: 371792:def7e1471c28
user:      knakahara <knakahara%NetBSD.org@localhost>
date:      Tue Oct 11 09:51:47 2022 +0000

description:
Add sadb_x_policy_flags to inform SP origination.

This extension(struct sadb_x_policy) is *not* defined by RFC2367.

OpenBSD does not have reserved fields in struct sadb_x_policy.
Linux does not use this field yet.
FreeBSD uses this field as "sadb_x_policy_scope"; the value range is
from 0x00 to 0x04.

We use from most significant bit to avoid the above usage.

diffstat:

 sys/net/if_ipsec.c       |  6 +++---
 sys/net/pfkeyv2.h        |  5 +++--
 sys/netipsec/key.c       |  6 ++++--
 sys/netipsec/key_debug.c |  8 ++++----
 4 files changed, 14 insertions(+), 11 deletions(-)

diffs (103 lines):

diff -r 0dcf5c8f5892 -r def7e1471c28 sys/net/if_ipsec.c
--- a/sys/net/if_ipsec.c        Tue Oct 11 09:30:46 2022 +0000
+++ b/sys/net/if_ipsec.c        Tue Oct 11 09:51:47 2022 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if_ipsec.c,v 1.33 2022/10/06 06:59:24 knakahara Exp $  */
+/*     $NetBSD: if_ipsec.c,v 1.34 2022/10/11 09:51:47 knakahara Exp $  */
 
 /*
  * Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.33 2022/10/06 06:59:24 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.34 2022/10/11 09:51:47 knakahara Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -1706,7 +1706,7 @@
        xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
        xpl->sadb_x_policy_type = policy;
        xpl->sadb_x_policy_dir = dir;
-       xpl->sadb_x_policy_reserved = 0;
+       xpl->sadb_x_policy_flags = 0;
        xpl->sadb_x_policy_id = id;
        xpl->sadb_x_policy_reserved2 = 0;
 
diff -r 0dcf5c8f5892 -r def7e1471c28 sys/net/pfkeyv2.h
--- a/sys/net/pfkeyv2.h Tue Oct 11 09:30:46 2022 +0000
+++ b/sys/net/pfkeyv2.h Tue Oct 11 09:51:47 2022 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: pfkeyv2.h,v 1.33 2022/04/16 18:15:22 andvar Exp $      */
+/*     $NetBSD: pfkeyv2.h,v 1.34 2022/10/11 09:51:47 knakahara Exp $   */
 /*     $KAME: pfkeyv2.h,v 1.36 2003/07/25 09:33:37 itojun Exp $        */
 
 /*
@@ -228,7 +228,8 @@
   uint16_t sadb_x_policy_exttype;
   uint16_t sadb_x_policy_type;         /* See policy type of ipsec.h */
   uint8_t sadb_x_policy_dir;           /* direction, see ipsec.h */
-  uint8_t sadb_x_policy_reserved;
+  uint8_t sadb_x_policy_flags;
+#define IPSEC_POLICY_FLAG_ORIGIN_KERNEL 0x80   /* policy is generated by kernel */
   uint32_t sadb_x_policy_id;
   uint32_t sadb_x_policy_reserved2;
 };
diff -r 0dcf5c8f5892 -r def7e1471c28 sys/netipsec/key.c
--- a/sys/netipsec/key.c        Tue Oct 11 09:30:46 2022 +0000
+++ b/sys/netipsec/key.c        Tue Oct 11 09:51:47 2022 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: key.c,v 1.276 2022/08/09 08:03:22 knakahara Exp $      */
+/*     $NetBSD: key.c,v 1.277 2022/10/11 09:51:47 knakahara Exp $      */
 /*     $FreeBSD: key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
 /*     $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $   */
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.276 2022/08/09 08:03:22 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.277 2022/10/11 09:51:47 knakahara Exp $");
 
 /*
  * This code is referred to RFC 2367
@@ -2089,6 +2089,8 @@
        xpl->sadb_x_policy_type = sp->policy;
        xpl->sadb_x_policy_dir = sp->spidx.dir;
        xpl->sadb_x_policy_id = sp->id;
+       if (sp->origin == IPSEC_SPORIGIN_KERNEL)
+               xpl->sadb_x_policy_flags |= IPSEC_POLICY_FLAG_ORIGIN_KERNEL;
        p = (char *)xpl + sizeof(*xpl);
 
        /* if is the policy for ipsec ? */
diff -r 0dcf5c8f5892 -r def7e1471c28 sys/netipsec/key_debug.c
--- a/sys/netipsec/key_debug.c  Tue Oct 11 09:30:46 2022 +0000
+++ b/sys/netipsec/key_debug.c  Tue Oct 11 09:51:47 2022 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: key_debug.c,v 1.24 2022/05/18 15:20:18 christos Exp $  */
+/*     $NetBSD: key_debug.c,v 1.25 2022/10/11 09:51:47 knakahara Exp $ */
 /*     $FreeBSD: key_debug.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $   */
 /*     $KAME: key_debug.c,v 1.26 2001/06/27 10:46:50 sakane Exp $      */
 
@@ -33,7 +33,7 @@
 
 #ifdef _KERNEL
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key_debug.c,v 1.24 2022/05/18 15:20:18 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key_debug.c,v 1.25 2022/10/11 09:51:47 knakahara Exp $");
 #endif
 
 #if defined(_KERNEL_OPT)
@@ -377,9 +377,9 @@
        if (ext == NULL)
                panic("%s: NULL pointer was passed", __func__);
 
-       printf(" sadb_x_policy { type=%u dir=%u id=%x }",
+       printf(" sadb_x_policy { type=%u dir=%u flags=0x%02x id=%x }",
                xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir,
-               xpl->sadb_x_policy_id);
+               xpl->sadb_x_policy_flags, xpl->sadb_x_policy_id);
 
        if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) {
                int tlen;

Prev by Date: [src/trunk]: src/sys/dev/usb "Add" number of ports because the same speed's E...
Next by Date: [src/trunk]: src/sys/sys Welcome to 9.99.101
Previous by Thread: [src/trunk]: src/sys/dev/usb "Add" number of ports because the same speed's E...
Next by Thread: [src/trunk]: src/sys/sys Welcome to 9.99.101
Indexes:

Home | Main Index | Thread Index | Old Index