Hello - Here is another diff to switch some bcopy's to memcpy's. Most bcopy's are on freshly alloc'd memory.
for netinet/ Index: ip_ah.c =================================================================== RCS file: /cvs/src/sys/netinet/ip_ah.c,v retrieving revision 1.122 diff -u -p -r1.122 ip_ah.c --- ip_ah.c 13 Sep 2016 19:56:55 -0000 1.122 +++ ip_ah.c 15 Sep 2016 16:14:33 -0000 @@ -151,7 +151,7 @@ ah_init(struct tdb *tdbp, struct xformsw tdbp->tdb_amxkeylen = ii->ii_authkeylen; tdbp->tdb_amxkey = malloc(tdbp->tdb_amxkeylen, M_XDATA, M_WAITOK); - bcopy(ii->ii_authkey, tdbp->tdb_amxkey, tdbp->tdb_amxkeylen); + memcpy(tdbp->tdb_amxkey, ii->ii_authkey, tdbp->tdb_amxkeylen); /* Initialize crypto session. */ memset(&cria, 0, sizeof(cria)); @@ -312,7 +312,7 @@ ah_massage_headers(struct mbuf **m0, int /* Zeroize all other options. */ count = ptr[off + 1]; - bcopy(ipseczeroes, ptr, count); + memcpy(ptr, ipseczeroes, count); off += count; break; } @@ -422,7 +422,7 @@ ah_massage_headers(struct mbuf **m0, int /* If mutable option, zeroize. */ if (ptr[count] & IP6OPT_MUTABLE) - bcopy(ipseczeroes, ptr + count, + memcpy(ptr + count, ipseczeroes, ptr[count + 1]); count += ad; @@ -642,7 +642,7 @@ ah_input(struct mbuf *m, struct tdb *tdb if ((tdb->tdb_wnd > 0) && (tdb->tdb_flags & TDBF_ESN)) { esn = htonl(esn); - bcopy(&esn, crda->crd_esn, 4); + memcpy(crda->crd_esn, &esn, 4); crda->crd_flags |= CRD_F_ESN; } @@ -689,7 +689,7 @@ ah_input(struct mbuf *m, struct tdb *tdb tc->tc_spi = tdb->tdb_spi; tc->tc_proto = tdb->tdb_sproto; tc->tc_rdomain = tdb->tdb_rdomain; - bcopy(&tdb->tdb_dst, &tc->tc_dst, sizeof(union sockaddr_union)); + memcpy(&tc->tc_dst, &tdb->tdb_dst, sizeof(union sockaddr_union)); return crypto_dispatch(crp); } @@ -1114,7 +1114,7 @@ ah_output(struct mbuf *m, struct tdb *td u_int32_t esn; esn = htonl((u_int32_t)(tdb->tdb_rpl >> 32)); - bcopy(&esn, crda->crd_esn, 4); + memcpy(crda->crd_esn, &esn, 4); crda->crd_flags |= CRD_F_ESN; } @@ -1138,9 +1138,8 @@ ah_output(struct mbuf *m, struct tdb *td */ switch (tdb->tdb_dst.sa.sa_family) { case AF_INET: - bcopy(((caddr_t)(tc + 1)) + - offsetof(struct ip, ip_len), - (caddr_t) &iplen, sizeof(u_int16_t)); + memcpy((caddr_t) &iplen, ((caddr_t)(tc + 1)) + + offsetof(struct ip, ip_len), sizeof(u_int16_t)); iplen = htons(ntohs(iplen) + rplen + ahx->authsize); m_copyback(m, offsetof(struct ip, ip_len), sizeof(u_int16_t), &iplen, M_NOWAIT); @@ -1148,9 +1147,8 @@ ah_output(struct mbuf *m, struct tdb *td #ifdef INET6 case AF_INET6: - bcopy(((caddr_t)(tc + 1)) + - offsetof(struct ip6_hdr, ip6_plen), - (caddr_t) &iplen, sizeof(u_int16_t)); + memcpy((caddr_t) &iplen, ((caddr_t)(tc + 1)) + + offsetof(struct ip6_hdr, ip6_plen), sizeof(u_int16_t)); iplen = htons(ntohs(iplen) + rplen + ahx->authsize); m_copyback(m, offsetof(struct ip6_hdr, ip6_plen), sizeof(u_int16_t), &iplen, M_NOWAIT); @@ -1188,7 +1186,7 @@ ah_output(struct mbuf *m, struct tdb *td tc->tc_spi = tdb->tdb_spi; tc->tc_proto = tdb->tdb_sproto; tc->tc_rdomain = tdb->tdb_rdomain; - bcopy(&tdb->tdb_dst, &tc->tc_dst, sizeof(union sockaddr_union)); + memcpy(&tc->tc_dst, &tdb->tdb_dst, sizeof(union sockaddr_union)); return crypto_dispatch(crp); } Index: ip_esp.c =================================================================== RCS file: /cvs/src/sys/netinet/ip_esp.c,v retrieving revision 1.140 diff -u -p -r1.140 ip_esp.c --- ip_esp.c 13 Sep 2016 19:56:55 -0000 1.140 +++ ip_esp.c 15 Sep 2016 16:14:33 -0000 @@ -262,7 +262,7 @@ esp_init(struct tdb *tdbp, struct xforms tdbp->tdb_emxkeylen = ii->ii_enckeylen; tdbp->tdb_emxkey = malloc(tdbp->tdb_emxkeylen, M_XDATA, M_WAITOK); - bcopy(ii->ii_enckey, tdbp->tdb_emxkey, tdbp->tdb_emxkeylen); + memcpy(tdbp->tdb_emxkey, ii->ii_enckey, tdbp->tdb_emxkeylen); memset(&crie, 0, sizeof(crie)); @@ -283,7 +283,7 @@ esp_init(struct tdb *tdbp, struct xforms tdbp->tdb_amxkeylen = ii->ii_authkeylen; tdbp->tdb_amxkey = malloc(tdbp->tdb_amxkeylen, M_XDATA, M_WAITOK); - bcopy(ii->ii_authkey, tdbp->tdb_amxkey, tdbp->tdb_amxkeylen); + memcpy(tdbp->tdb_amxkey, ii->ii_authkey, tdbp->tdb_amxkeylen); memset(&cria, 0, sizeof(cria)); @@ -474,7 +474,7 @@ esp_input(struct mbuf *m, struct tdb *td if ((tdb->tdb_wnd > 0) && (tdb->tdb_flags & TDBF_ESN)) { esn = htonl(esn); - bcopy(&esn, crda->crd_esn, 4); + memcpy(crda->crd_esn, &esn, 4); crda->crd_flags |= CRD_F_ESN; } @@ -504,7 +504,7 @@ esp_input(struct mbuf *m, struct tdb *td tc->tc_spi = tdb->tdb_spi; tc->tc_proto = tdb->tdb_sproto; tc->tc_rdomain = tdb->tdb_rdomain; - bcopy(&tdb->tdb_dst, &tc->tc_dst, sizeof(union sockaddr_union)); + memcpy(&tc->tc_dst, &tdb->tdb_dst, sizeof(union sockaddr_union)); /* Decryption descriptor */ if (espx) { @@ -922,7 +922,7 @@ esp_output(struct mbuf *m, struct tdb *t sizeof(u_int32_t)); tdb->tdb_rpl++; replay = htonl((u_int32_t)tdb->tdb_rpl); - bcopy((caddr_t) &replay, mtod(mo, caddr_t) + roff + sizeof(u_int32_t), + memcpy(mtod(mo, caddr_t) + roff + sizeof(u_int32_t), (caddr_t) &replay, sizeof(u_int32_t)); #if NPFSYNC > 0 @@ -1000,7 +1000,7 @@ esp_output(struct mbuf *m, struct tdb *t tc->tc_spi = tdb->tdb_spi; tc->tc_proto = tdb->tdb_sproto; tc->tc_rdomain = tdb->tdb_rdomain; - bcopy(&tdb->tdb_dst, &tc->tc_dst, sizeof(union sockaddr_union)); + memcpy(&tc->tc_dst, &tdb->tdb_dst, sizeof(union sockaddr_union)); /* Crypto operation descriptor. */ crp->crp_ilen = m->m_pkthdr.len; /* Total input length. */ @@ -1024,7 +1024,7 @@ esp_output(struct mbuf *m, struct tdb *t u_int32_t esn; esn = htonl((u_int32_t)(tdb->tdb_rpl >> 32)); - bcopy(&esn, crda->crd_esn, 4); + memcpy(crda->crd_esn, &esn, 4); crda->crd_flags |= CRD_F_ESN; } Index: ip_ipsp.c =================================================================== RCS file: /cvs/src/sys/netinet/ip_ipsp.c,v retrieving revision 1.215 diff -u -p -r1.215 ip_ipsp.c --- ip_ipsp.c 15 Sep 2016 03:37:09 -0000 1.215 +++ ip_ipsp.c 15 Sep 2016 16:14:33 -0000 @@ -238,8 +238,8 @@ reserve_spi(u_int rdomain, u_int32_t ssp tdbp->tdb_spi = spi; - bcopy(&dst->sa, &tdbp->tdb_dst.sa, SA_LEN(&dst->sa)); - bcopy(&src->sa, &tdbp->tdb_src.sa, SA_LEN(&src->sa)); + memcpy(&tdbp->tdb_dst.sa, &dst->sa, SA_LEN(&dst->sa)); + memcpy(&tdbp->tdb_src.sa, &src->sa, SA_LEN(&src->sa)); tdbp->tdb_sproto = sproto; tdbp->tdb_flags |= TDBF_INVALID; /* Mark SA invalid for now. */ tdbp->tdb_satype = SADB_SATYPE_UNSPEC;