Module Name: src
Committed By: martin
Date: Mon Oct 2 12:58:51 UTC 2023
Modified Files:
src/sys/net [netbsd-10]: if_ipsec.c
src/sys/netipsec [netbsd-10]: key.c
src/tests/net/if_ipsec [netbsd-10]: t_ipsec_unnumbered.sh
Log Message:
Pull up following revision(s) (requested by knakahara in ticket #378):
tests/net/if_ipsec/t_ipsec_unnumbered.sh: revision 1.2
sys/net/if_ipsec.c: revision 1.35
sys/netipsec/key.c: revision 1.281
Use kmem_free instead of kmem_intr_free, as key_freesaval() is not called in
softint after key.c:r1.223.
E.g. key_freesaval() was called the following call path before SAD MP-ify.
esp_input_cb()
KEY_FREESAV()
key_freesav()
key_delsav()
key_freesaval()
ok'ed by [email protected].
Use unit id instead of if_index to reduce fixed_reqid space.
Update for sys/net/if_ipsec.c:r1.35
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.34.2.1 src/sys/net/if_ipsec.c
cvs rdiff -u -r1.280 -r1.280.2.1 src/sys/netipsec/key.c
cvs rdiff -u -r1.1 -r1.1.2.1 src/tests/net/if_ipsec/t_ipsec_unnumbered.sh
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_ipsec.c
diff -u src/sys/net/if_ipsec.c:1.34 src/sys/net/if_ipsec.c:1.34.2.1
--- src/sys/net/if_ipsec.c:1.34 Tue Oct 11 09:51:47 2022
+++ src/sys/net/if_ipsec.c Mon Oct 2 12:58:51 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ipsec.c,v 1.34 2022/10/11 09:51:47 knakahara Exp $ */
+/* $NetBSD: if_ipsec.c,v 1.34.2.1 2023/10/02 12:58:51 martin Exp $ */
/*
* Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.34 2022/10/11 09:51:47 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.34.2.1 2023/10/02 12:58:51 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1798,9 +1798,10 @@ if_ipsec_get_reqids(struct ipsec_variant
mutex_enter(&ipsec_softcs.lock);
if (ipsec_softcs.use_fixed_reqid) {
- uint32_t reqid_base;
+ uint32_t unit, reqid_base;
- reqid_base = ipsec_softcs.reqid_base + ifp->if_index * 2;
+ unit = strtoul(ifp->if_xname + sizeof("ipsec") - 1, NULL, 10);
+ reqid_base = ipsec_softcs.reqid_base + unit * 2;
if (reqid_base + 1 > ipsec_softcs.reqid_last) {
log(LOG_ERR,
"%s: invalid fixed reqid(%"PRIu32"), "
Index: src/sys/netipsec/key.c
diff -u src/sys/netipsec/key.c:1.280 src/sys/netipsec/key.c:1.280.2.1
--- src/sys/netipsec/key.c:1.280 Thu Dec 8 08:07:07 2022
+++ src/sys/netipsec/key.c Mon Oct 2 12:58:51 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.280 2022/12/08 08:07:07 knakahara Exp $ */
+/* $NetBSD: key.c,v 1.280.2.1 2023/10/02 12:58:51 martin Exp $ */
/* $FreeBSD: key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.280 2022/12/08 08:07:07 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.280.2.1 2023/10/02 12:58:51 martin Exp $");
/*
* This code is referred to RFC 2367
@@ -3589,21 +3589,21 @@ key_freesaval(struct secasvar *sav)
key_sa_refcnt(sav));
if (sav->replay != NULL)
- kmem_intr_free(sav->replay, sav->replay_len);
+ kmem_free(sav->replay, sav->replay_len);
if (sav->key_auth != NULL)
- kmem_intr_free(sav->key_auth, sav->key_auth_len);
+ kmem_free(sav->key_auth, sav->key_auth_len);
if (sav->key_enc != NULL)
- kmem_intr_free(sav->key_enc, sav->key_enc_len);
+ kmem_free(sav->key_enc, sav->key_enc_len);
if (sav->lft_c_counters_percpu != NULL) {
percpu_free(sav->lft_c_counters_percpu,
sizeof(lifetime_counters_t));
}
if (sav->lft_c != NULL)
- kmem_intr_free(sav->lft_c, sizeof(*(sav->lft_c)));
+ kmem_free(sav->lft_c, sizeof(*(sav->lft_c)));
if (sav->lft_h != NULL)
- kmem_intr_free(sav->lft_h, sizeof(*(sav->lft_h)));
+ kmem_free(sav->lft_h, sizeof(*(sav->lft_h)));
if (sav->lft_s != NULL)
- kmem_intr_free(sav->lft_s, sizeof(*(sav->lft_s)));
+ kmem_free(sav->lft_s, sizeof(*(sav->lft_s)));
}
/*
Index: src/tests/net/if_ipsec/t_ipsec_unnumbered.sh
diff -u src/tests/net/if_ipsec/t_ipsec_unnumbered.sh:1.1 src/tests/net/if_ipsec/t_ipsec_unnumbered.sh:1.1.2.1
--- src/tests/net/if_ipsec/t_ipsec_unnumbered.sh:1.1 Fri Nov 25 08:43:16 2022
+++ src/tests/net/if_ipsec/t_ipsec_unnumbered.sh Mon Oct 2 12:58:50 2023
@@ -1,4 +1,4 @@
-# $NetBSD: t_ipsec_unnumbered.sh,v 1.1 2022/11/25 08:43:16 knakahara Exp $
+# $NetBSD: t_ipsec_unnumbered.sh,v 1.1.2.1 2023/10/02 12:58:50 martin Exp $
#
# Copyright (c) 2022 Internet Initiative Japan Inc.
# All rights reserved.
@@ -73,7 +73,7 @@ add_sa()
local tmpfile=./tmp
local spi=10000
local algo_args="$(generate_algo_args esp $algo)"
- local uniq=8200 # 8192(reqid_base) + 2 * 4(lo0, shmif0, shmif1 and ipsec0)
+ local uniq=8192 # 8192(reqid_base) + 2 * 0(unit id of "ipsec0")
export RUMP_SERVER=$SOCK_LOCAL
cat > $tmpfile <<-EOF
