PERFORCE change 38530 for review

Sam Leffler sam at FreeBSD.org
Wed Sep 24 13:03:08 PDT 2003 

http://perforce.freebsd.org/chv.cgi?CH=38530

Change 38530 by sam at sam_ebb on 2003/09/24 13:03:06

	convert explicit mtx calls to #defines to simpify future
	changes and to improve portability

Affected files ...

.. //depot/projects/netperf/sys/netipsec/ipsec.c#6 edit
.. //depot/projects/netperf/sys/netipsec/ipsec.h#5 edit
.. //depot/projects/netperf/sys/netipsec/key.c#7 edit
.. //depot/projects/netperf/sys/netipsec/keydb.h#4 edit
.. //depot/projects/netperf/sys/netipsec/xform_ah.c#5 edit
.. //depot/projects/netperf/sys/netipsec/xform_esp.c#5 edit
.. //depot/projects/netperf/sys/netipsec/xform_ipcomp.c#5 edit

Differences ...

==== //depot/projects/netperf/sys/netipsec/ipsec.c#6 (text+ko) ====

@@ -903,21 +903,15 @@
 	struct ipsecrequest *p;
 
 	p = malloc(sizeof(struct ipsecrequest), M_IPSEC_SR, M_NOWAIT|M_ZERO);
-	if (p != NULL) {
-		/*
-		 * Need recursion for when crypto callbacks happen
-		 * directly, as in the case of software crypto.  Need
-		 * to look at how hard it is to remove this...
-		 */
-		mtx_init(&p->lock, "ipsec request", NULL, MTX_DEF|MTX_RECURSE);
-	}
+	if (p != NULL)
+		IPSECREQUEST_LOCK_INIT(p);
 	return p;
 }
 
 void
 ipsec_delisr(struct ipsecrequest *p)
 {
-	mtx_destroy(&p->lock);
+	IPSECREQUEST_LOCK_DESTROY(p);
 	free(p, M_IPSEC_SR);
 }
 

==== //depot/projects/netperf/sys/netipsec/ipsec.h#5 (text+ko) ====

@@ -99,6 +99,13 @@
 	long validtime;		/* duration this policy is valid without use */
 };
 
+#define	SECPOLICY_LOCK_INIT(_sp) \
+	mtx_init(&(_sp)->lock, "ipsec policy", NULL, MTX_DEF)
+#define	SECPOLICY_LOCK(_sp)		mtx_lock(&(_sp)->lock)
+#define	SECPOLICY_UNLOCK(_sp)		mtx_unlock(&(_sp)->lock)
+#define	SECPOLICY_LOCK_DESTROY(_sp)	mtx_destroy(&(_sp)->lock)
+#define	SECPOLICY_LOCK_ASSERT(_sp)	mtx_assert(&(_sp)->lock, MA_OWNED)
+
 /* Request for IPsec */
 struct ipsecrequest {
 	struct ipsecrequest *next;
@@ -113,6 +120,18 @@
 	struct mtx lock;	/* to interlock updates */
 };
 
+/*
+ * Need recursion for when crypto callbacks happen directly,
+ * as in the case of software crypto.  Need to look at how
+ * hard it is to remove this...
+ */
+#define	IPSECREQUEST_LOCK_INIT(_isr) \
+	mtx_init(&(_isr)->lock, "ipsec request", NULL, MTX_DEF | MTX_RECURSE)
+#define	IPSECREQUEST_LOCK(_isr)		mtx_lock(&(_isr)->lock)
+#define	IPSECREQUEST_UNLOCK(_isr)	mtx_unlock(&(_isr)->lock)
+#define	IPSECREQUEST_LOCK_DESTROY(_isr)	mtx_destroy(&(_isr)->lock)
+#define	IPSECREQUEST_LOCK_ASSERT(_isr)	mtx_assert(&(_isr)->lock, MA_OWNED)
+
 /* security policy in PCB */
 struct inpcbpolicy {
 	struct secpolicy *sp_in;
@@ -368,7 +387,9 @@
 
 struct m_tag;
 extern void ah4_input(struct mbuf *m, int off);
+extern void ah4_ctlinput(int cmd, struct sockaddr *sa, void *);
 extern void esp4_input(struct mbuf *m, int off);
+extern void esp4_ctlinput(int cmd, struct sockaddr *sa, void *);
 extern void ipcomp4_input(struct mbuf *m, int off);
 extern int ipsec4_common_input(struct mbuf *m, ...);
 extern int ipsec4_common_input_cb(struct mbuf *m, struct secasvar *sav,

==== //depot/projects/netperf/sys/netipsec/key.c#7 (text+ko) ====

@@ -746,7 +746,7 @@
 	 * temporarily null out below.  Need to rethink how we
 	 * handle bundled SA's in the callback thread.
 	 */
-	mtx_assert(&isr->lock, MA_OWNED);
+	IPSECREQUEST_LOCK_ASSERT(isr);
 
 	/* get current level */
 	level = ipsec_get_reqlevel(isr);
@@ -1281,7 +1281,7 @@
 	newsp = (struct secpolicy *)
 		malloc(sizeof(struct secpolicy), M_IPSEC_SP, M_NOWAIT|M_ZERO);
 	if (newsp) {
-		mtx_init(&newsp->lock, "ipsec policy", NULL, MTX_DEF);
+		SECPOLICY_LOCK_INIT(newsp);
 		newsp->refcnt = 1;
 		newsp->req = NULL;
 	}
@@ -1295,7 +1295,7 @@
 static void
 _key_delsp(struct secpolicy *sp)
 {
-	mtx_destroy(&sp->lock);
+	SECPOLICY_LOCK_DESTROY(sp);
 	free(sp, M_IPSEC_SP);
 }
 
@@ -2029,7 +2029,7 @@
 	xpl0->sadb_x_policy_id = sp->id;
 
 	sp->state = IPSEC_SPSTATE_DEAD;
-	mtx_destroy(&sp->lock);
+	SECPOLICY_LOCK_DESTROY(sp);
 	KEY_FREESP(&sp);
 
     {
@@ -2093,7 +2093,7 @@
 	}
 
 	sp->state = IPSEC_SPSTATE_DEAD;
-	mtx_destroy(&sp->lock);
+	SECPOLICY_LOCK_DESTROY(sp);
 	KEY_FREESP(&sp);
 
     {
@@ -2736,7 +2736,7 @@
 		}
 	}
 
-	mtx_init(&newsav->lock, "ipsec sa", NULL, MTX_DEF);
+	SECASVAR_LOCK_INIT(newsav);
 
 	/* reset created */
 	newsav->created = time_second;
@@ -2826,7 +2826,7 @@
 	if (__LIST_CHAINED(sav))
 		LIST_REMOVE(sav, chain);
 	key_cleansav(sav);
-	mtx_destroy(&sav->lock);
+	SECASVAR_LOCK_DESTROY(sav);
 	free(sav, M_IPSEC_SA);
 }
 

==== //depot/projects/netperf/sys/netipsec/keydb.h#4 (text+ko) ====

@@ -125,6 +125,13 @@
 	u_int64_t tdb_cryptoid;		/* crypto session id */
 };
 
+#define	SECASVAR_LOCK_INIT(_sav) \
+	mtx_init(&(_sav)->lock, "ipsec association", NULL, MTX_DEF)
+#define	SECASVAR_LOCK(_sav)		mtx_lock(&(_sav)->lock)
+#define	SECASVAR_UNLOCK(_sav)		mtx_unlock(&(_sav)->lock)
+#define	SECASVAR_LOCK_DESTROY(_sav)	mtx_destroy(&(_sav)->lock)
+#define	SECASVAR_LOCK_ASSERT(_sav)	mtx_assert(&(_sav)->lock, MA_OWNED)
+
 /* replay prevention */
 struct secreplay {
 	u_int32_t count;

==== //depot/projects/netperf/sys/netipsec/xform_ah.c#5 (text+ko) ====

@@ -1122,7 +1122,7 @@
 	m = (struct mbuf *) crp->crp_buf;
 
 	isr = tc->tc_isr;
-	mtx_lock(&isr->lock);
+	IPSECREQUEST_LOCK(isr);
 	sav = KEY_ALLOCSA(&tc->tc_dst, tc->tc_proto, tc->tc_spi);
 	if (sav == NULL) {
 		ahstat.ahs_notdb++;
@@ -1139,7 +1139,7 @@
 
 		if (crp->crp_etype == EAGAIN) {
 			KEY_FREESAV(&sav);
-			mtx_unlock(&isr->lock);
+			IPSECREQUEST_UNLOCK(isr);
 			return crypto_dispatch(crp);
 		}
 
@@ -1171,13 +1171,13 @@
 	/* NB: m is reclaimed by ipsec_process_done. */
 	err = ipsec_process_done(m, isr);
 	KEY_FREESAV(&sav);
-	mtx_unlock(&isr->lock);
+	IPSECREQUEST_UNLOCK(isr);
 
 	return err;
 bad:
 	if (sav)
 		KEY_FREESAV(&sav);
-	mtx_unlock(&isr->lock);
+	IPSECREQUEST_UNLOCK(isr);
 	if (m)
 		m_freem(m);
 	free(tc, M_XDATA);

==== //depot/projects/netperf/sys/netipsec/xform_esp.c#5 (text+ko) ====

@@ -866,7 +866,7 @@
 	m = (struct mbuf *) crp->crp_buf;
 
 	isr = tc->tc_isr;
-	mtx_lock(&isr->lock);
+	IPSECREQUEST_LOCK(isr);
 	sav = KEY_ALLOCSA(&tc->tc_dst, tc->tc_proto, tc->tc_spi);
 	if (sav == NULL) {
 		espstat.esps_notdb++;
@@ -887,7 +887,7 @@
 
 		if (crp->crp_etype == EAGAIN) {
 			KEY_FREESAV(&sav);
-			mtx_unlock(&isr->lock);
+			IPSECREQUEST_UNLOCK(isr);
 			return crypto_dispatch(crp);
 		}
 
@@ -915,13 +915,13 @@
 	/* NB: m is reclaimed by ipsec_process_done. */
 	err = ipsec_process_done(m, isr);
 	KEY_FREESAV(&sav);
-	mtx_unlock(&isr->lock);
+	IPSECREQUEST_UNLOCK(isr);
 
 	return err;
 bad:
 	if (sav)
 		KEY_FREESAV(&sav);
-	mtx_unlock(&isr->lock);
+	IPSECREQUEST_UNLOCK(isr);
 	if (m)
 		m_freem(m);
 	free(tc, M_XDATA);

==== //depot/projects/netperf/sys/netipsec/xform_ipcomp.c#5 (text+ko) ====

@@ -500,7 +500,7 @@
 	rlen = crp->crp_ilen - skip;
 
 	isr = tc->tc_isr;
-	mtx_lock(&isr->lock);
+	IPSECREQUEST_LOCK(isr);
 	sav = KEY_ALLOCSA(&tc->tc_dst, tc->tc_proto, tc->tc_spi);
 	if (sav == NULL) {
 		ipcompstat.ipcomps_notdb++;
@@ -518,7 +518,7 @@
 
 		if (crp->crp_etype == EAGAIN) {
 			KEY_FREESAV(&sav);
-			mtx_unlock(&isr->lock);
+			IPSECREQUEST_UNLOCK(isr);
 			return crypto_dispatch(crp);
 		}
 		ipcompstat.ipcomps_noxform++;
@@ -571,13 +571,13 @@
 	/* NB: m is reclaimed by ipsec_process_done. */
 	error = ipsec_process_done(m, isr);
 	KEY_FREESAV(&sav);
-	mtx_unlock(&isr->lock);
+	IPSECREQUEST_UNLOCK(isr);
 
 	return error;
 bad:
 	if (sav)
 		KEY_FREESAV(&sav);
-	mtx_unlock(&isr->lock);
+	IPSECREQUEST_UNLOCK(isr);
 	if (m)
 		m_freem(m);
 	free(tc, M_XDATA);

More information about the p4-projects mailing list