Module Name: src
Committed By: maxv
Date: Thu May 10 05:15:14 UTC 2018
Modified Files:
src/sys/netipsec: ipsec.c
Log Message:
Replace dumb code by M_VERIFY_PACKET. In fact, perhaps we should not even
call M_VERIFY_PACKET here, there is no particular reason for this place to
be more wrong than the rest.
To generate a diff of this commit:
cvs rdiff -u -r1.162 -r1.163 src/sys/netipsec/ipsec.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netipsec/ipsec.c
diff -u src/sys/netipsec/ipsec.c:1.162 src/sys/netipsec/ipsec.c:1.163
--- src/sys/netipsec/ipsec.c:1.162 Thu May 10 05:08:53 2018
+++ src/sys/netipsec/ipsec.c Thu May 10 05:15:14 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.162 2018/05/10 05:08:53 maxv Exp $ */
+/* $NetBSD: ipsec.c,v 1.163 2018/05/10 05:15:14 maxv Exp $ */
/* $FreeBSD: ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.162 2018/05/10 05:08:53 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.163 2018/05/10 05:15:14 maxv Exp $");
/*
* IPsec controller part.
@@ -814,29 +814,10 @@ ipsec_setspidx(struct mbuf *m, struct se
struct ip *ip = NULL;
struct ip ipbuf;
u_int v;
- struct mbuf *n;
- int len;
int error;
KASSERT(m != NULL);
-
- /*
- * validate m->m_pkthdr.len. we see incorrect length if we
- * mistakenly call this function with inconsistent mbuf chain
- * (like 4.4BSD tcp/udp processing).
- *
- * XXX XXX XXX: We should remove this.
- */
- len = 0;
- for (n = m; n; n = n->m_next)
- len += n->m_len;
- if (m->m_pkthdr.len != len) {
- KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DUMP,
- "total of m_len(%d) != pkthdr.len(%d), ignored.\n",
- len, m->m_pkthdr.len);
- KASSERTMSG(0, "impossible");
- return EINVAL;
- }
+ M_VERIFY_PACKET(m);
if (m->m_pkthdr.len < sizeof(struct ip)) {
KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DUMP,
