Date: Wed, 24 Sep 2003 13:03:06 -0700 (PDT) From: Sam Leffler <sam@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 38530 for review Message-ID: <200309242003.h8OK36mO012564@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=38530 Change 38530 by sam@sam_ebb on 2003/09/24 13:03:06 convert explicit mtx calls to #defines to simpify future changes and to improve portability Affected files ... .. //depot/projects/netperf/sys/netipsec/ipsec.c#6 edit .. //depot/projects/netperf/sys/netipsec/ipsec.h#5 edit .. //depot/projects/netperf/sys/netipsec/key.c#7 edit .. //depot/projects/netperf/sys/netipsec/keydb.h#4 edit .. //depot/projects/netperf/sys/netipsec/xform_ah.c#5 edit .. //depot/projects/netperf/sys/netipsec/xform_esp.c#5 edit .. //depot/projects/netperf/sys/netipsec/xform_ipcomp.c#5 edit Differences ... ==== //depot/projects/netperf/sys/netipsec/ipsec.c#6 (text+ko) ==== @@ -903,21 +903,15 @@ struct ipsecrequest *p; p = malloc(sizeof(struct ipsecrequest), M_IPSEC_SR, M_NOWAIT|M_ZERO); - if (p != NULL) { - /* - * Need recursion for when crypto callbacks happen - * directly, as in the case of software crypto. Need - * to look at how hard it is to remove this... - */ - mtx_init(&p->lock, "ipsec request", NULL, MTX_DEF|MTX_RECURSE); - } + if (p != NULL) + IPSECREQUEST_LOCK_INIT(p); return p; } void ipsec_delisr(struct ipsecrequest *p) { - mtx_destroy(&p->lock); + IPSECREQUEST_LOCK_DESTROY(p); free(p, M_IPSEC_SR); } ==== //depot/projects/netperf/sys/netipsec/ipsec.h#5 (text+ko) ==== @@ -99,6 +99,13 @@ long validtime; /* duration this policy is valid without use */ }; +#define SECPOLICY_LOCK_INIT(_sp) \ + mtx_init(&(_sp)->lock, "ipsec policy", NULL, MTX_DEF) +#define SECPOLICY_LOCK(_sp) mtx_lock(&(_sp)->lock) +#define SECPOLICY_UNLOCK(_sp) mtx_unlock(&(_sp)->lock) +#define SECPOLICY_LOCK_DESTROY(_sp) mtx_destroy(&(_sp)->lock) +#define SECPOLICY_LOCK_ASSERT(_sp) mtx_assert(&(_sp)->lock, MA_OWNED) + /* Request for IPsec */ struct ipsecrequest { struct ipsecrequest *next; @@ -113,6 +120,18 @@ struct mtx lock; /* to interlock updates */ }; +/* + * Need recursion for when crypto callbacks happen directly, + * as in the case of software crypto. Need to look at how + * hard it is to remove this... + */ +#define IPSECREQUEST_LOCK_INIT(_isr) \ + mtx_init(&(_isr)->lock, "ipsec request", NULL, MTX_DEF | MTX_RECURSE) +#define IPSECREQUEST_LOCK(_isr) mtx_lock(&(_isr)->lock) +#define IPSECREQUEST_UNLOCK(_isr) mtx_unlock(&(_isr)->lock) +#define IPSECREQUEST_LOCK_DESTROY(_isr) mtx_destroy(&(_isr)->lock) +#define IPSECREQUEST_LOCK_ASSERT(_isr) mtx_assert(&(_isr)->lock, MA_OWNED) + /* security policy in PCB */ struct inpcbpolicy { struct secpolicy *sp_in; @@ -368,7 +387,9 @@ struct m_tag; extern void ah4_input(struct mbuf *m, int off); +extern void ah4_ctlinput(int cmd, struct sockaddr *sa, void *); extern void esp4_input(struct mbuf *m, int off); +extern void esp4_ctlinput(int cmd, struct sockaddr *sa, void *); extern void ipcomp4_input(struct mbuf *m, int off); extern int ipsec4_common_input(struct mbuf *m, ...); extern int ipsec4_common_input_cb(struct mbuf *m, struct secasvar *sav, ==== //depot/projects/netperf/sys/netipsec/key.c#7 (text+ko) ==== @@ -746,7 +746,7 @@ * temporarily null out below. Need to rethink how we * handle bundled SA's in the callback thread. */ - mtx_assert(&isr->lock, MA_OWNED); + IPSECREQUEST_LOCK_ASSERT(isr); /* get current level */ level = ipsec_get_reqlevel(isr); @@ -1281,7 +1281,7 @@ newsp = (struct secpolicy *) malloc(sizeof(struct secpolicy), M_IPSEC_SP, M_NOWAIT|M_ZERO); if (newsp) { - mtx_init(&newsp->lock, "ipsec policy", NULL, MTX_DEF); + SECPOLICY_LOCK_INIT(newsp); newsp->refcnt = 1; newsp->req = NULL; } @@ -1295,7 +1295,7 @@ static void _key_delsp(struct secpolicy *sp) { - mtx_destroy(&sp->lock); + SECPOLICY_LOCK_DESTROY(sp); free(sp, M_IPSEC_SP); } @@ -2029,7 +2029,7 @@ xpl0->sadb_x_policy_id = sp->id; sp->state = IPSEC_SPSTATE_DEAD; - mtx_destroy(&sp->lock); + SECPOLICY_LOCK_DESTROY(sp); KEY_FREESP(&sp); { @@ -2093,7 +2093,7 @@ } sp->state = IPSEC_SPSTATE_DEAD; - mtx_destroy(&sp->lock); + SECPOLICY_LOCK_DESTROY(sp); KEY_FREESP(&sp); { @@ -2736,7 +2736,7 @@ } } - mtx_init(&newsav->lock, "ipsec sa", NULL, MTX_DEF); + SECASVAR_LOCK_INIT(newsav); /* reset created */ newsav->created = time_second; @@ -2826,7 +2826,7 @@ if (__LIST_CHAINED(sav)) LIST_REMOVE(sav, chain); key_cleansav(sav); - mtx_destroy(&sav->lock); + SECASVAR_LOCK_DESTROY(sav); free(sav, M_IPSEC_SA); } ==== //depot/projects/netperf/sys/netipsec/keydb.h#4 (text+ko) ==== @@ -125,6 +125,13 @@ u_int64_t tdb_cryptoid; /* crypto session id */ }; +#define SECASVAR_LOCK_INIT(_sav) \ + mtx_init(&(_sav)->lock, "ipsec association", NULL, MTX_DEF) +#define SECASVAR_LOCK(_sav) mtx_lock(&(_sav)->lock) +#define SECASVAR_UNLOCK(_sav) mtx_unlock(&(_sav)->lock) +#define SECASVAR_LOCK_DESTROY(_sav) mtx_destroy(&(_sav)->lock) +#define SECASVAR_LOCK_ASSERT(_sav) mtx_assert(&(_sav)->lock, MA_OWNED) + /* replay prevention */ struct secreplay { u_int32_t count; ==== //depot/projects/netperf/sys/netipsec/xform_ah.c#5 (text+ko) ==== @@ -1122,7 +1122,7 @@ m = (struct mbuf *) crp->crp_buf; isr = tc->tc_isr; - mtx_lock(&isr->lock); + IPSECREQUEST_LOCK(isr); sav = KEY_ALLOCSA(&tc->tc_dst, tc->tc_proto, tc->tc_spi); if (sav == NULL) { ahstat.ahs_notdb++; @@ -1139,7 +1139,7 @@ if (crp->crp_etype == EAGAIN) { KEY_FREESAV(&sav); - mtx_unlock(&isr->lock); + IPSECREQUEST_UNLOCK(isr); return crypto_dispatch(crp); } @@ -1171,13 +1171,13 @@ /* NB: m is reclaimed by ipsec_process_done. */ err = ipsec_process_done(m, isr); KEY_FREESAV(&sav); - mtx_unlock(&isr->lock); + IPSECREQUEST_UNLOCK(isr); return err; bad: if (sav) KEY_FREESAV(&sav); - mtx_unlock(&isr->lock); + IPSECREQUEST_UNLOCK(isr); if (m) m_freem(m); free(tc, M_XDATA); ==== //depot/projects/netperf/sys/netipsec/xform_esp.c#5 (text+ko) ==== @@ -866,7 +866,7 @@ m = (struct mbuf *) crp->crp_buf; isr = tc->tc_isr; - mtx_lock(&isr->lock); + IPSECREQUEST_LOCK(isr); sav = KEY_ALLOCSA(&tc->tc_dst, tc->tc_proto, tc->tc_spi); if (sav == NULL) { espstat.esps_notdb++; @@ -887,7 +887,7 @@ if (crp->crp_etype == EAGAIN) { KEY_FREESAV(&sav); - mtx_unlock(&isr->lock); + IPSECREQUEST_UNLOCK(isr); return crypto_dispatch(crp); } @@ -915,13 +915,13 @@ /* NB: m is reclaimed by ipsec_process_done. */ err = ipsec_process_done(m, isr); KEY_FREESAV(&sav); - mtx_unlock(&isr->lock); + IPSECREQUEST_UNLOCK(isr); return err; bad: if (sav) KEY_FREESAV(&sav); - mtx_unlock(&isr->lock); + IPSECREQUEST_UNLOCK(isr); if (m) m_freem(m); free(tc, M_XDATA); ==== //depot/projects/netperf/sys/netipsec/xform_ipcomp.c#5 (text+ko) ==== @@ -500,7 +500,7 @@ rlen = crp->crp_ilen - skip; isr = tc->tc_isr; - mtx_lock(&isr->lock); + IPSECREQUEST_LOCK(isr); sav = KEY_ALLOCSA(&tc->tc_dst, tc->tc_proto, tc->tc_spi); if (sav == NULL) { ipcompstat.ipcomps_notdb++; @@ -518,7 +518,7 @@ if (crp->crp_etype == EAGAIN) { KEY_FREESAV(&sav); - mtx_unlock(&isr->lock); + IPSECREQUEST_UNLOCK(isr); return crypto_dispatch(crp); } ipcompstat.ipcomps_noxform++; @@ -571,13 +571,13 @@ /* NB: m is reclaimed by ipsec_process_done. */ error = ipsec_process_done(m, isr); KEY_FREESAV(&sav); - mtx_unlock(&isr->lock); + IPSECREQUEST_UNLOCK(isr); return error; bad: if (sav) KEY_FREESAV(&sav); - mtx_unlock(&isr->lock); + IPSECREQUEST_UNLOCK(isr); if (m) m_freem(m); free(tc, M_XDATA);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200309242003.h8OK36mO012564>