Module Name: src
Committed By: ozaki-r
Date: Wed Apr 19 03:42:11 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c key.c key_debug.h keysock.c
Log Message:
Tweak KEYDEBUG macros
Let's avoid passing statements to a macro.
To generate a diff of this commit:
cvs rdiff -u -r1.76 -r1.77 src/sys/netipsec/ipsec.c
cvs rdiff -u -r1.110 -r1.111 src/sys/netipsec/key.c
cvs rdiff -u -r1.7 -r1.8 src/sys/netipsec/key_debug.h
cvs rdiff -u -r1.51 -r1.52 src/sys/netipsec/keysock.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netipsec/ipsec.c
diff -u src/sys/netipsec/ipsec.c:1.76 src/sys/netipsec/ipsec.c:1.77
--- src/sys/netipsec/ipsec.c:1.76 Wed Apr 19 03:40:58 2017
+++ src/sys/netipsec/ipsec.c Wed Apr 19 03:42:11 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.76 2017/04/19 03:40:58 ozaki-r Exp $ */
+/* $NetBSD: ipsec.c,v 1.77 2017/04/19 03:42:11 ozaki-r Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.76 2017/04/19 03:40:58 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.77 2017/04/19 03:42:11 ozaki-r Exp $");
/*
* IPsec controller part.
@@ -264,10 +264,10 @@ ipsec_checkpcbcache(struct mbuf *m, stru
pcbsp->sp_cache[dir].cachesp->lastused = time_second;
pcbsp->sp_cache[dir].cachesp->refcnt++;
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s cause refcnt++:%d SP:%p\n", __func__,
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP cause refcnt++:%d SP:%p\n",
pcbsp->sp_cache[dir].cachesp->refcnt,
- pcbsp->sp_cache[dir].cachesp));
+ pcbsp->sp_cache[dir].cachesp);
return pcbsp->sp_cache[dir].cachesp;
}
@@ -298,10 +298,10 @@ ipsec_fillpcbcache(struct inpcbpolicy *p
pcbsp->sp_cache[dir].cachesp = sp;
if (pcbsp->sp_cache[dir].cachesp) {
pcbsp->sp_cache[dir].cachesp->refcnt++;
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s cause refcnt++:%d SP:%p\n", __func__,
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP cause refcnt++:%d SP:%p\n",
pcbsp->sp_cache[dir].cachesp->refcnt,
- pcbsp->sp_cache[dir].cachesp));
+ pcbsp->sp_cache[dir].cachesp);
/*
* If the PCB is connected, we can remember a hint to
@@ -378,8 +378,7 @@ key_allocsp_default(int af, const char *
{
struct secpolicy *sp;
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s from %s:%u\n", __func__, where, tag));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP, "DP from %s:%u\n", where, tag);
switch(af) {
case AF_INET:
@@ -391,9 +390,8 @@ key_allocsp_default(int af, const char *
break;
#endif
default:
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("%s: unexpected protocol family %u\n", __func__,
- af));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "unexpected protocol family %u\n", af);
return NULL;
}
@@ -405,8 +403,8 @@ key_allocsp_default(int af, const char *
}
sp->refcnt++;
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP, printf("DP %s returns SP:%p (%u)\n",
- __func__, sp, sp->refcnt));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP, "DP returns SP:%p (%u)\n",
+ sp, sp->refcnt);
return sp;
}
#define KEY_ALLOCSP_DEFAULT(af) \
@@ -571,9 +569,9 @@ ipsec_getpolicybysock(struct mbuf *m, u_
}
KASSERTMSG(sp != NULL, "null SP (priv %u policy %u", pcbsp->priv,
currsp->policy);
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s (priv %u policy %u) allocates SP:%p (refcnt %u)\n",
- __func__, pcbsp->priv, currsp->policy, sp, sp->refcnt));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP (priv %u policy %u) allocates SP:%p (refcnt %u)\n",
+ pcbsp->priv, currsp->policy, sp, sp->refcnt);
ipsec_fillpcbcache(pcbsp, m, sp, dir);
return sp;
}
@@ -1001,16 +999,16 @@ ipsec_setspidx(struct mbuf *m, struct se
for (n = m; n; n = n->m_next)
len += n->m_len;
if (m->m_pkthdr.len != len) {
- KEYDEBUG(KEYDEBUG_IPSEC_DUMP, printf("%s: total of m_len(%d) "
- "!= pkthdr.len(%d), ignored.\n", __func__, len,
- m->m_pkthdr.len));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DUMP,
+ "total of m_len(%d) != pkthdr.len(%d), ignored.\n",
+ len, m->m_pkthdr.len);
return EINVAL;
}
if (m->m_pkthdr.len < sizeof(struct ip)) {
- KEYDEBUG(KEYDEBUG_IPSEC_DUMP, printf("%s: pkthdr.len(%d) < "
- "sizeof(struct ip), ignored.\n", __func__,
- m->m_pkthdr.len));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DUMP,
+ "pkthdr.len(%d) < sizeof(struct ip), ignored.\n",
+ m->m_pkthdr.len);
return EINVAL;
}
@@ -1031,9 +1029,9 @@ ipsec_setspidx(struct mbuf *m, struct se
#ifdef INET6
case 6:
if (m->m_pkthdr.len < sizeof(struct ip6_hdr)) {
- KEYDEBUG(KEYDEBUG_IPSEC_DUMP, printf("%s: "
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DUMP,
"pkthdr.len(%d) < sizeof(struct ip6_hdr), "
- "ignored.\n", __func__, m->m_pkthdr.len));
+ "ignored.\n", m->m_pkthdr.len);
return EINVAL;
}
error = ipsec6_setspidx_ipaddr(m, spidx);
@@ -1043,8 +1041,8 @@ ipsec_setspidx(struct mbuf *m, struct se
return 0;
#endif
default:
- KEYDEBUG(KEYDEBUG_IPSEC_DUMP, printf("%s: unknown IP version "
- "%u, ignored.\n", __func__, v));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DUMP,
+ "unknown IP version %u, ignored.\n", v);
return EINVAL;
}
}
@@ -1180,8 +1178,10 @@ ipsec6_get_ulp(struct mbuf *m, struct se
if (m == NULL)
panic("%s: NULL pointer was passed", __func__);
- KEYDEBUG(KEYDEBUG_IPSEC_DUMP, printf("%s:\n", __func__);
- kdebug_mbuf(m));
+ if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DUMP)) {
+ printf("%s:\n", __func__);
+ kdebug_mbuf(m);
+ }
/* set default */
spidx->ul_proto = IPSEC_ULPROTO_ANY;
@@ -1421,8 +1421,10 @@ ipsec_set_policy(
return EINVAL;
xpl = (const struct sadb_x_policy *)request;
- KEYDEBUG(KEYDEBUG_IPSEC_DUMP, printf("%s: passed policy\n", __func__);
- kdebug_sadb_x_policy((const struct sadb_ext *)xpl));
+ if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DUMP)) {
+ printf("%s: passed policy\n", __func__);
+ kdebug_sadb_x_policy((const struct sadb_ext *)xpl);
+ }
/* check policy type */
/* ipsec_set_policy() accepts IPSEC, ENTRUST and BYPASS. */
@@ -1447,8 +1449,10 @@ ipsec_set_policy(
/* clear old SP and set new SP */
KEY_FREESP(policy);
*policy = newsp;
- KEYDEBUG(KEYDEBUG_IPSEC_DUMP, printf("%s: new policy\n", __func__);
- kdebug_secpolicy(newsp));
+ if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DUMP)) {
+ printf("%s: new policy\n", __func__);
+ kdebug_secpolicy(newsp);
+ }
return 0;
}
@@ -1468,8 +1472,10 @@ ipsec_get_policy(struct secpolicy *polic
}
(*mp)->m_type = MT_DATA;
- KEYDEBUG(KEYDEBUG_IPSEC_DUMP, printf("%s:\n", __func__);
- kdebug_mbuf(*mp));
+ if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DUMP)) {
+ printf("%s:\n", __func__);
+ kdebug_mbuf(*mp);
+ }
return 0;
}
@@ -1763,8 +1769,10 @@ ipsec_in_reject(const struct secpolicy *
struct ipsecrequest *isr;
int need_auth;
- KEYDEBUG(KEYDEBUG_IPSEC_DATA, printf("%s: using SP\n", __func__);
- kdebug_secpolicy(sp));
+ if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DATA)) {
+ printf("%s: using SP\n", __func__);
+ kdebug_secpolicy(sp);
+ }
/* check policy */
switch (sp->policy) {
@@ -1787,9 +1795,8 @@ ipsec_in_reject(const struct secpolicy *
switch (isr->saidx.proto) {
case IPPROTO_ESP:
if ((m->m_flags & M_DECRYPTED) == 0) {
- KEYDEBUG(KEYDEBUG_IPSEC_DUMP,
- printf("%s: ESP m_flags:%x\n", __func__,
- m->m_flags));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DUMP,
+ "ESP m_flags:%x\n", m->m_flags);
return 1;
}
@@ -1797,18 +1804,16 @@ ipsec_in_reject(const struct secpolicy *
isr->sav != NULL &&
isr->sav->tdb_authalgxform != NULL &&
(m->m_flags & M_AUTHIPDGM) == 0) {
- KEYDEBUG(KEYDEBUG_IPSEC_DUMP,
- printf("%s: ESP/AH m_flags:%x\n", __func__,
- m->m_flags));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DUMP,
+ "ESP/AH m_flags:%x\n", m->m_flags);
return 1;
}
break;
case IPPROTO_AH:
need_auth = 1;
if ((m->m_flags & M_AUTHIPHDR) == 0) {
- KEYDEBUG(KEYDEBUG_IPSEC_DUMP,
- printf("%s: AH m_flags:%x\n", __func__,
- m->m_flags));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DUMP,
+ "AH m_flags:%x\n", m->m_flags);
return 1;
}
break;
@@ -1913,8 +1918,10 @@ ipsec_hdrsiz(const struct secpolicy *sp)
const struct ipsecrequest *isr;
size_t siz;
- KEYDEBUG(KEYDEBUG_IPSEC_DATA, printf("%s: using SP\n", __func__);
- kdebug_secpolicy(sp));
+ if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DATA)) {
+ printf("%s: using SP\n", __func__);
+ kdebug_secpolicy(sp);
+ }
switch (sp->policy) {
case IPSEC_POLICY_DISCARD:
@@ -1989,8 +1996,8 @@ ipsec4_hdrsiz(struct mbuf *m, u_int dir,
if (sp != NULL) {
size = ipsec_hdrsiz(sp);
- KEYDEBUG(KEYDEBUG_IPSEC_DATA, printf("%s: size:%lu.\n",
- __func__, (unsigned long)size));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DATA, "size:%lu.\n",
+ (unsigned long)size);
KEY_FREESP(&sp);
} else {
@@ -2026,8 +2033,7 @@ ipsec6_hdrsiz(struct mbuf *m, u_int dir,
if (sp == NULL)
return 0;
size = ipsec_hdrsiz(sp);
- KEYDEBUG(KEYDEBUG_IPSEC_DATA,
- printf("%s: size:%zu.\n", __func__, size));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DATA, "size:%zu.\n", size);
KEY_FREESP(&sp);
return size;
Index: src/sys/netipsec/key.c
diff -u src/sys/netipsec/key.c:1.110 src/sys/netipsec/key.c:1.111
--- src/sys/netipsec/key.c:1.110 Wed Apr 19 03:40:58 2017
+++ src/sys/netipsec/key.c Wed Apr 19 03:42:11 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.110 2017/04/19 03:40:58 ozaki-r Exp $ */
+/* $NetBSD: key.c,v 1.111 2017/04/19 03:42:11 ozaki-r Exp $ */
/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.110 2017/04/19 03:40:58 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.111 2017/04/19 03:42:11 ozaki-r Exp $");
/*
* This code is referd to RFC 2367
@@ -597,19 +597,20 @@ key_allocsp(const struct secpolicyindex
KASSERTMSG(dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND,
"invalid direction %u", dir);
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s from %s:%u\n", __func__, where, tag));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP, "DP from %s:%u\n", where, tag);
/* get a SP entry */
s = splsoftnet(); /*called from softclock()*/
- KEYDEBUG(KEYDEBUG_IPSEC_DATA,
+ if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DATA)) {
printf("*** objects\n");
- kdebug_secpolicyindex(spidx));
+ kdebug_secpolicyindex(spidx);
+ }
LIST_FOREACH(sp, &sptree[dir], chain) {
- KEYDEBUG(KEYDEBUG_IPSEC_DATA,
+ if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DATA)) {
printf("*** in SPD\n");
- kdebug_secpolicyindex(&sp->spidx));
+ kdebug_secpolicyindex(&sp->spidx);
+ }
if (sp->state == IPSEC_SPSTATE_DEAD)
continue;
@@ -628,9 +629,9 @@ found:
}
splx(s);
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s return SP:%p (ID=%u) refcnt %u\n", __func__,
- sp, sp ? sp->id : 0, sp ? sp->refcnt : 0));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP return SP:%p (ID=%u) refcnt %u\n",
+ sp, sp ? sp->id : 0, sp ? sp->refcnt : 0);
return sp;
}
@@ -654,20 +655,21 @@ key_allocsp2(u_int32_t spi,
KASSERTMSG(dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND,
"invalid direction %u", dir);
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s from %s:%u\n", __func__, where, tag));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP, "DP from %s:%u\n", where, tag);
/* get a SP entry */
s = splsoftnet(); /*called from softclock()*/
- KEYDEBUG(KEYDEBUG_IPSEC_DATA,
+ if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DATA)) {
printf("*** objects\n");
printf("spi %u proto %u dir %u\n", spi, proto, dir);
- kdebug_sockaddr(&dst->sa));
+ kdebug_sockaddr(&dst->sa);
+ }
LIST_FOREACH(sp, &sptree[dir], chain) {
- KEYDEBUG(KEYDEBUG_IPSEC_DATA,
+ if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DATA)) {
printf("*** in SPD\n");
- kdebug_secpolicyindex(&sp->spidx));
+ kdebug_secpolicyindex(&sp->spidx);
+ }
if (sp->state == IPSEC_SPSTATE_DEAD)
continue;
@@ -692,9 +694,9 @@ found:
}
splx(s);
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s return SP:%p (ID=%u) refcnt %u\n", __func__,
- sp, sp ? sp->id : 0, sp ? sp->refcnt : 0));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP return SP:%p (ID=%u) refcnt %u\n",
+ sp, sp ? sp->id : 0, sp ? sp->refcnt : 0);
return sp;
}
@@ -715,8 +717,7 @@ key_gettunnel(const struct sockaddr *osr
struct ipsecrequest *r1, *r2, *p;
struct secpolicyindex spidx;
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s from %s:%u\n", __func__, where, tag));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP, "DP from %s:%u\n", where, tag);
if (isrc->sa_family != idst->sa_family) {
ipseclog((LOG_ERR, "protocol family mismatched %d != %d\n.",
@@ -769,9 +770,9 @@ found:
}
splx(s);
done:
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s return SP:%p (ID=%u) refcnt %u\n", __func__,
- sp, sp ? sp->id : 0, sp ? sp->refcnt : 0));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP return SP:%p (ID=%u) refcnt %u\n",
+ sp, sp ? sp->id : 0, sp ? sp->refcnt : 0);
return sp;
}
@@ -1049,9 +1050,9 @@ key_do_allocsa_policy(struct secashead *
if (candidate) {
SA_ADDREF(candidate);
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s cause refcnt++:%d SA:%p\n", __func__,
- candidate->refcnt, candidate));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP cause refcnt++:%d SA:%p\n",
+ candidate->refcnt, candidate);
}
return candidate;
}
@@ -1119,9 +1120,9 @@ key_allocsa(
must_check_alg = 1;
}
}
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s from %s:%u check_spi=%d, check_alg=%d\n",
- __func__, where, tag, must_check_spi, must_check_alg));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP from %s:%u check_spi=%d, check_alg=%d\n",
+ where, tag, must_check_spi, must_check_alg);
/*
@@ -1143,36 +1144,35 @@ key_allocsa(
for (stateidx = 0; stateidx < arraysize; stateidx++) {
state = saorder_state_valid[stateidx];
LIST_FOREACH(sav, &sah->savtree[state], chain) {
- KEYDEBUG(KEYDEBUG_MATCH,
- printf("try match spi %#x, %#x\n",
- ntohl(spi), ntohl(sav->spi)));
+ KEYDEBUG_PRINTF(KEYDEBUG_MATCH,
+ "try match spi %#x, %#x\n",
+ ntohl(spi), ntohl(sav->spi));
/* sanity check */
KEY_CHKSASTATE(sav->state, state, "key_allocsav");
/* do not return entries w/ unusable state */
if (sav->state != SADB_SASTATE_MATURE &&
sav->state != SADB_SASTATE_DYING) {
- KEYDEBUG(KEYDEBUG_MATCH,
- printf("bad state %d\n",
- sav->state));
+ KEYDEBUG_PRINTF(KEYDEBUG_MATCH,
+ "bad state %d\n", sav->state);
continue;
}
if (proto != sav->sah->saidx.proto) {
- KEYDEBUG(KEYDEBUG_MATCH,
- printf("proto fail %d != %d\n",
- proto, sav->sah->saidx.proto));
+ KEYDEBUG_PRINTF(KEYDEBUG_MATCH,
+ "proto fail %d != %d\n",
+ proto, sav->sah->saidx.proto);
continue;
}
if (must_check_spi && spi != sav->spi) {
- KEYDEBUG(KEYDEBUG_MATCH,
- printf("spi fail %#x != %#x\n",
- ntohl(spi), ntohl(sav->spi)));
+ KEYDEBUG_PRINTF(KEYDEBUG_MATCH,
+ "spi fail %#x != %#x\n",
+ ntohl(spi), ntohl(sav->spi));
continue;
}
/* XXX only on the ipcomp case */
if (must_check_alg && algo != sav->alg_comp) {
- KEYDEBUG(KEYDEBUG_MATCH,
- printf("algo fail %d != %d\n",
- algo, sav->alg_comp));
+ KEYDEBUG_PRINTF(KEYDEBUG_MATCH,
+ "algo fail %d != %d\n",
+ algo, sav->alg_comp);
continue;
}
@@ -1197,9 +1197,8 @@ key_allocsa(
done:
splx(s);
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s return SA:%p; refcnt %u\n", __func__,
- sav, sav ? sav->refcnt : 0));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP return SA:%p; refcnt %u\n", sav, sav ? sav->refcnt : 0);
return sav;
}
@@ -1216,9 +1215,9 @@ _key_freesp(struct secpolicy **spp, cons
SP_DELREF(sp);
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s SP:%p (ID=%u) from %s:%u; refcnt now %u\n",
- __func__, sp, sp->id, where, tag, sp->refcnt));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP SP:%p (ID=%u) from %s:%u; refcnt now %u\n",
+ sp, sp->id, where, tag, sp->refcnt);
if (sp->refcnt == 0) {
*spp = NULL;
@@ -1313,10 +1312,9 @@ key_freesav(struct secasvar **psav, cons
SA_DELREF(sav);
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s SA:%p (SPI %lu) from %s:%u; refcnt now %u\n",
- __func__, sav, (u_long)ntohl(sav->spi), where, tag,
- sav->refcnt));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP SA:%p (SPI %lu) from %s:%u; refcnt now %u\n",
+ sav, (u_long)ntohl(sav->spi), where, tag, sav->refcnt);
if (sav->refcnt == 0) {
*psav = NULL;
@@ -1429,9 +1427,8 @@ key_newsp(const char* where, int tag)
newsp->req = NULL;
}
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s from %s:%u return SP:%p\n", __func__,
- where, tag, newsp));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP from %s:%u return SP:%p\n", where, tag, newsp);
return newsp;
}
@@ -3011,9 +3008,8 @@ key_newsav(struct mbuf *m, const struct
LIST_INSERT_TAIL(&sah->savtree[SADB_SASTATE_LARVAL], newsav,
secasvar, chain);
done:
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s from %s:%u return SP:%p\n", __func__,
- where, tag, newsav));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP from %s:%u return SP:%p\n", where, tag, newsav);
return newsav;
}
@@ -4426,8 +4422,8 @@ key_portcomp(in_port_t port1, in_port_t
/*FALLTHROUGH*/
case PORT_STRICT:
if (port1 != port2) {
- KEYDEBUG(KEYDEBUG_MATCH,
- printf("port fail %d != %d\n", port1, port2));
+ KEYDEBUG_PRINTF(KEYDEBUG_MATCH,
+ "port fail %d != %d\n", port1, port2);
return 1;
}
return 0;
@@ -4448,39 +4444,36 @@ key_sockaddrcmp(
const struct sockaddr_in6 *sin61, *sin62;
if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len) {
- KEYDEBUG(KEYDEBUG_MATCH,
- printf("fam/len fail %d != %d || %d != %d\n",
+ KEYDEBUG_PRINTF(KEYDEBUG_MATCH,
+ "fam/len fail %d != %d || %d != %d\n",
sa1->sa_family, sa2->sa_family, sa1->sa_len,
- sa2->sa_len));
+ sa2->sa_len);
return 1;
}
switch (sa1->sa_family) {
case AF_INET:
if (sa1->sa_len != sizeof(struct sockaddr_in)) {
- KEYDEBUG(KEYDEBUG_MATCH,
- printf("len fail %d != %zu\n",
- sa1->sa_len, sizeof(struct sockaddr_in)));
+ KEYDEBUG_PRINTF(KEYDEBUG_MATCH,
+ "len fail %d != %zu\n",
+ sa1->sa_len, sizeof(struct sockaddr_in));
return 1;
}
sin1 = (const struct sockaddr_in *)sa1;
sin2 = (const struct sockaddr_in *)sa2;
if (sin1->sin_addr.s_addr != sin2->sin_addr.s_addr) {
- KEYDEBUG(KEYDEBUG_MATCH,
- printf("addr fail %#x != %#x\n",
- sin1->sin_addr.s_addr,
- sin2->sin_addr.s_addr));
+ KEYDEBUG_PRINTF(KEYDEBUG_MATCH,
+ "addr fail %#x != %#x\n",
+ sin1->sin_addr.s_addr, sin2->sin_addr.s_addr);
return 1;
}
if (key_portcomp(sin1->sin_port, sin2->sin_port, howport)) {
return 1;
}
- KEYDEBUG(KEYDEBUG_MATCH,
- printf("addr success %#x[%d] == %#x[%d]\n",
- sin1->sin_addr.s_addr,
- sin1->sin_port,
- sin2->sin_addr.s_addr,
- sin2->sin_port));
+ KEYDEBUG_PRINTF(KEYDEBUG_MATCH,
+ "addr success %#x[%d] == %#x[%d]\n",
+ sin1->sin_addr.s_addr, sin1->sin_port,
+ sin2->sin_addr.s_addr, sin2->sin_port);
break;
case AF_INET6:
sin61 = (const struct sockaddr_in6 *)sa1;
@@ -5447,9 +5440,9 @@ key_getsavbyseq(struct secashead *sah, u
if (sav->seq == seq) {
SA_ADDREF(sav);
- KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
- printf("DP %s cause refcnt++:%d SA:%p\n",
- __func__, sav->refcnt, sav));
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP cause refcnt++:%d SA:%p\n",
+ sav->refcnt, sav);
return sav;
}
}
@@ -7330,9 +7323,10 @@ key_parse(struct mbuf *m, struct socket
panic("key_parse: NULL pointer is passed");
#if 0 /*kdebug_sadb assumes msg in linear buffer*/
- KEYDEBUG(KEYDEBUG_KEY_DUMP,
+ if (KEYDEBUG_ON(KEYDEBUG_KEY_DUMP)) {
ipseclog((LOG_DEBUG, "key_parse: passed sadb_msg\n"));
- kdebug_sadb(msg));
+ kdebug_sadb(msg);
+ }
#endif
if (m->m_len < sizeof(struct sadb_msg)) {
Index: src/sys/netipsec/key_debug.h
diff -u src/sys/netipsec/key_debug.h:1.7 src/sys/netipsec/key_debug.h:1.8
--- src/sys/netipsec/key_debug.h:1.7 Sat Mar 5 20:11:09 2016
+++ src/sys/netipsec/key_debug.h Wed Apr 19 03:42:11 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: key_debug.h,v 1.7 2016/03/05 20:11:09 christos Exp $ */
+/* $NetBSD: key_debug.h,v 1.8 2017/04/19 03:42:11 ozaki-r Exp $ */
/* $FreeBSD: src/sys/netipsec/key_debug.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $KAME: key_debug.h,v 1.10 2001/08/05 08:37:52 itojun Exp $ */
@@ -55,8 +55,14 @@
#define KEYDEBUG_IPSEC_DATA (KEYDEBUG_IPSEC | KEYDEBUG_DATA)
#define KEYDEBUG_IPSEC_DUMP (KEYDEBUG_IPSEC | KEYDEBUG_DUMP)
-#define KEYDEBUG(lev,arg) \
- do { if ((key_debug_level & (lev)) == (lev)) { arg; } } while (/*CONSTCOND*/ 0)
+#define KEYDEBUG_ON(lev) ((key_debug_level & (lev)) == (lev))
+
+#define KEYDEBUG_PRINTF(lev, fmt, ...) \
+ do { \
+ if (KEYDEBUG_ON((lev))) \
+ log(LOG_DEBUG, "%s: " fmt, __func__, \
+ __VA_ARGS__); \
+ } while (0)
extern u_int32_t key_debug_level;
#endif /*_KERNEL*/
Index: src/sys/netipsec/keysock.c
diff -u src/sys/netipsec/keysock.c:1.51 src/sys/netipsec/keysock.c:1.52
--- src/sys/netipsec/keysock.c:1.51 Wed Apr 19 03:39:14 2017
+++ src/sys/netipsec/keysock.c Wed Apr 19 03:42:11 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: keysock.c,v 1.51 2017/04/19 03:39:14 ozaki-r Exp $ */
+/* $NetBSD: keysock.c,v 1.52 2017/04/19 03:42:11 ozaki-r Exp $ */
/* $FreeBSD: src/sys/netipsec/keysock.c,v 1.3.2.1 2003/01/24 05:11:36 sam Exp $ */
/* $KAME: keysock.c,v 1.25 2001/08/13 20:07:41 itojun Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: keysock.c,v 1.51 2017/04/19 03:39:14 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: keysock.c,v 1.52 2017/04/19 03:42:11 ozaki-r Exp $");
/* This code has derived from sys/net/rtsock.c on FreeBSD2.2.5 */
@@ -119,7 +119,8 @@ key_output(struct mbuf *m, struct socket
if ((m->m_flags & M_PKTHDR) == 0)
panic("key_output: not M_PKTHDR ??");
- KEYDEBUG(KEYDEBUG_KEY_DUMP, kdebug_mbuf(m));
+ if (KEYDEBUG_ON(KEYDEBUG_KEY_DUMP))
+ kdebug_mbuf(m);
msg = mtod(m, struct sadb_msg *);
PFKEY_STATINC(PFKEY_STAT_OUT_MSGTYPE + msg->sadb_msg_type);
@@ -205,9 +206,10 @@ key_sendup(struct socket *so, struct sad
if (so == 0 || msg == 0)
panic("key_sendup: NULL pointer was passed");
- KEYDEBUG(KEYDEBUG_KEY_DUMP,
+ if (KEYDEBUG_ON(KEYDEBUG_KEY_DUMP)) {
printf("key_sendup: \n");
- kdebug_sadb(msg));
+ kdebug_sadb(msg);
+ }
/*
* we increment statistics here, just in case we have ENOBUFS
