diff options
author | zec <zec@FreeBSD.org> | 2008-10-02 15:37:58 +0000 |
---|---|---|
committer | zec <zec@FreeBSD.org> | 2008-10-02 15:37:58 +0000 |
commit | 8797d4caecd5881e312923ee1d07be3de68755dc (patch) | |
tree | 53fef93d1ff076abec439159e0a765427992dee1 /sys/netipsec/ipsec_output.c | |
parent | e682bfadb0a191a81290af2b846d8610ef3aff5c (diff) | |
download | FreeBSD-src-8797d4caecd5881e312923ee1d07be3de68755dc.zip FreeBSD-src-8797d4caecd5881e312923ee1d07be3de68755dc.tar.gz |
Step 1.5 of importing the network stack virtualization infrastructure
from the vimage project, as per plan established at devsummit 08/08:
http://wiki.freebsd.org/Image/Notes200808DevSummit
Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator
macros, and CURVNET_SET() context setting macros, all currently
resolving to NOPs.
Prepare for virtualization of selected SYSCTL objects by introducing a
family of SYSCTL_V_*() macros, currently resolving to their global
counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().
Move selected #defines from sys/sys/vimage.h to newly introduced header
files specific to virtualized subsystems (sys/net/vnet.h,
sys/netinet/vinet.h etc.).
All the changes are verified to have zero functional impact at this
point in time by doing MD5 comparision between pre- and post-change
object files(*).
(*) netipsec/keysock.c did not validate depending on compile time options.
Implemented by: julian, bz, brooks, zec
Reviewed by: julian, bz, brooks, kris, rwatson, ...
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
Diffstat (limited to 'sys/netipsec/ipsec_output.c')
-rw-r--r-- | sys/netipsec/ipsec_output.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/sys/netipsec/ipsec_output.c b/sys/netipsec/ipsec_output.c index 88ff2f6..7b79294 100644 --- a/sys/netipsec/ipsec_output.c +++ b/sys/netipsec/ipsec_output.c @@ -91,6 +91,7 @@ int ipsec_process_done(struct mbuf *m, struct ipsecrequest *isr) { + INIT_VNET_IPSEC(curvnet); struct tdb_ident *tdbi; struct m_tag *mtag; struct secasvar *sav; @@ -207,6 +208,7 @@ ipsec_nextisr( { #define IPSEC_OSTAT(x,y,z) (isr->saidx.proto == IPPROTO_ESP ? (x)++ : \ isr->saidx.proto == IPPROTO_AH ? (y)++ : (z)++) + INIT_VNET_IPSEC(curvnet); struct secasvar *sav; IPSECREQUEST_LOCK_ASSERT(isr); @@ -350,6 +352,7 @@ ipsec4_process_packet( int flags, int tunalready) { + INIT_VNET_IPSEC(curvnet); struct secasindex saidx; struct secasvar *sav; struct ip *ip; @@ -563,6 +566,7 @@ ipsec6_output_trans( int flags, int *tun) { + INIT_VNET_IPSEC(curvnet); struct ipsecrequest *isr; struct secasindex saidx; int error = 0; @@ -630,6 +634,7 @@ bad: static int ipsec6_encapsulate(struct mbuf *m, struct secasvar *sav) { + INIT_VNET_IPSEC(curvnet); struct ip6_hdr *oip6; struct ip6_hdr *ip6; size_t plen; @@ -699,6 +704,8 @@ ipsec6_encapsulate(struct mbuf *m, struct secasvar *sav) int ipsec6_output_tunnel(struct ipsec_output_state *state, struct secpolicy *sp, int flags) { + INIT_VNET_INET6(curvnet); + INIT_VNET_IPSEC(curvnet); struct ip6_hdr *ip6; struct ipsecrequest *isr; struct secasindex saidx; |