diff options
| author | glebius <glebius@FreeBSD.org> | 2014-11-07 09:39:05 +0000 |
|---|---|---|
| committer | glebius <glebius@FreeBSD.org> | 2014-11-07 09:39:05 +0000 |
| commit | 99f4ec50e80b1d866aac04ceef8235524e0c274f (patch) | |
| tree | 5d3184d9ac4d7fbae5828f14c4607daa3a058258 /sys/netipsec | |
| parent | ac67ed6c194ba300683a539b60da4270a2558d03 (diff) | |
| download | FreeBSD-src-99f4ec50e80b1d866aac04ceef8235524e0c274f.zip FreeBSD-src-99f4ec50e80b1d866aac04ceef8235524e0c274f.tar.gz | |
Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed.
Sponsored by: Nginx, Inc.
Diffstat (limited to 'sys/netipsec')
| -rw-r--r-- | sys/netipsec/ipsec.c | 80 | ||||
| -rw-r--r-- | sys/netipsec/key.c | 48 | ||||
| -rw-r--r-- | sys/netipsec/xform_ah.c | 8 | ||||
| -rw-r--r-- | sys/netipsec/xform_esp.c | 4 | ||||
| -rw-r--r-- | sys/netipsec/xform_ipcomp.c | 4 | ||||
| -rw-r--r-- | sys/netipsec/xform_ipip.c | 4 |
6 files changed, 74 insertions, 74 deletions
diff --git a/sys/netipsec/ipsec.c b/sys/netipsec/ipsec.c index c26642d..e5ca8d2 100644 --- a/sys/netipsec/ipsec.c +++ b/sys/netipsec/ipsec.c @@ -141,38 +141,38 @@ FEATURE(ipsec_natt, "UDP Encapsulation of IPsec ESP Packets ('NAT-T')"); SYSCTL_DECL(_net_inet_ipsec); /* net.inet.ipsec */ -SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DEF_POLICY, def_policy, - CTLFLAG_RW, &VNET_NAME(ip4_def_policy).policy, 0, +SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEF_POLICY, def_policy, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_def_policy).policy, 0, "IPsec default policy."); -SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DEF_ESP_TRANSLEV, esp_trans_deflev, - CTLFLAG_RW, &VNET_NAME(ip4_esp_trans_deflev), 0, +SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEF_ESP_TRANSLEV, esp_trans_deflev, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_esp_trans_deflev), 0, "Default ESP transport mode level"); -SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DEF_ESP_NETLEV, esp_net_deflev, - CTLFLAG_RW, &VNET_NAME(ip4_esp_net_deflev), 0, +SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEF_ESP_NETLEV, esp_net_deflev, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_esp_net_deflev), 0, "Default ESP tunnel mode level."); -SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DEF_AH_TRANSLEV, ah_trans_deflev, - CTLFLAG_RW, &VNET_NAME(ip4_ah_trans_deflev), 0, +SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEF_AH_TRANSLEV, ah_trans_deflev, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_ah_trans_deflev), 0, "AH transfer mode default level."); -SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DEF_AH_NETLEV, ah_net_deflev, - CTLFLAG_RW, &VNET_NAME(ip4_ah_net_deflev), 0, +SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEF_AH_NETLEV, ah_net_deflev, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_ah_net_deflev), 0, "AH tunnel mode default level."); -SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_AH_CLEARTOS, ah_cleartos, - CTLFLAG_RW, &VNET_NAME(ah_cleartos), 0, +SYSCTL_INT(_net_inet_ipsec, IPSECCTL_AH_CLEARTOS, ah_cleartos, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ah_cleartos), 0, "If set clear type-of-service field when doing AH computation."); -SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_AH_OFFSETMASK, ah_offsetmask, - CTLFLAG_RW, &VNET_NAME(ip4_ah_offsetmask), 0, +SYSCTL_INT(_net_inet_ipsec, IPSECCTL_AH_OFFSETMASK, ah_offsetmask, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_ah_offsetmask), 0, "If not set clear offset field mask when doing AH computation."); -SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DFBIT, dfbit, - CTLFLAG_RW, &VNET_NAME(ip4_ipsec_dfbit), 0, +SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DFBIT, dfbit, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_ipsec_dfbit), 0, "Do not fragment bit on encap."); -SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_ECN, ecn, - CTLFLAG_RW, &VNET_NAME(ip4_ipsec_ecn), 0, +SYSCTL_INT(_net_inet_ipsec, IPSECCTL_ECN, ecn, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_ipsec_ecn), 0, "Explicit Congestion Notification handling."); -SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DEBUG, debug, - CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0, +SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEBUG, debug, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0, "Enable IPsec debugging output when set."); -SYSCTL_VNET_INT(_net_inet_ipsec, OID_AUTO, crypto_support, - CTLFLAG_RW, &VNET_NAME(crypto_support), 0, +SYSCTL_INT(_net_inet_ipsec, OID_AUTO, crypto_support, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(crypto_support), 0, "Crypto driver selection."); SYSCTL_VNET_PCPUSTAT(_net_inet_ipsec, OID_AUTO, ipsecstats, struct ipsecstat, ipsec4stat, "IPsec IPv4 statistics."); @@ -183,16 +183,16 @@ SYSCTL_VNET_PCPUSTAT(_net_inet_ipsec, OID_AUTO, ipsecstats, struct ipsecstat, * This allows to verify if the other side has proper replay attacks detection. */ VNET_DEFINE(int, ipsec_replay) = 0; -SYSCTL_VNET_INT(_net_inet_ipsec, OID_AUTO, test_replay, - CTLFLAG_RW, &VNET_NAME(ipsec_replay), 0, +SYSCTL_INT(_net_inet_ipsec, OID_AUTO, test_replay, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_replay), 0, "Emulate replay attack"); /* * When set 1, IPsec will send packets with corrupted HMAC. * This allows to verify if the other side properly detects modified packets. */ VNET_DEFINE(int, ipsec_integrity) = 0; -SYSCTL_VNET_INT(_net_inet_ipsec, OID_AUTO, test_integrity, - CTLFLAG_RW, &VNET_NAME(ipsec_integrity), 0, +SYSCTL_INT(_net_inet_ipsec, OID_AUTO, test_integrity, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_integrity), 0, "Emulate man-in-the-middle attack"); #endif @@ -213,26 +213,26 @@ VNET_DEFINE(int, ip6_ipsec_ecn) = 0; /* ECN ignore(-1)/forbidden(0)/allowed(1) * SYSCTL_DECL(_net_inet6_ipsec6); /* net.inet6.ipsec6 */ -SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_DEF_POLICY, def_policy, CTLFLAG_RW, - &VNET_NAME(ip4_def_policy).policy, 0, +SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_DEF_POLICY, def_policy, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_def_policy).policy, 0, "IPsec default policy."); -SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_DEF_ESP_TRANSLEV, - esp_trans_deflev, CTLFLAG_RW, &VNET_NAME(ip6_esp_trans_deflev), 0, +SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_DEF_ESP_TRANSLEV, esp_trans_deflev, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_esp_trans_deflev), 0, "Default ESP transport mode level."); -SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_DEF_ESP_NETLEV, - esp_net_deflev, CTLFLAG_RW, &VNET_NAME(ip6_esp_net_deflev), 0, +SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_DEF_ESP_NETLEV, esp_net_deflev, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_esp_net_deflev), 0, "Default ESP tunnel mode level."); -SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_DEF_AH_TRANSLEV, - ah_trans_deflev, CTLFLAG_RW, &VNET_NAME(ip6_ah_trans_deflev), 0, +SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_DEF_AH_TRANSLEV, ah_trans_deflev, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_ah_trans_deflev), 0, "AH transfer mode default level."); -SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_DEF_AH_NETLEV, - ah_net_deflev, CTLFLAG_RW, &VNET_NAME(ip6_ah_net_deflev), 0, +SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_DEF_AH_NETLEV, ah_net_deflev, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_ah_net_deflev), 0, "AH tunnel mode default level."); -SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_ECN, - ecn, CTLFLAG_RW, &VNET_NAME(ip6_ipsec_ecn), 0, +SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_ECN, ecn, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_ipsec_ecn), 0, "Explicit Congestion Notification handling."); -SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_DEBUG, debug, CTLFLAG_RW, - &VNET_NAME(ipsec_debug), 0, +SYSCTL_INT(_net_inet6_ipsec6, IPSECCTL_DEBUG, debug, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0, "Enable IPsec debugging output when set."); SYSCTL_VNET_PCPUSTAT(_net_inet6_ipsec6, IPSECCTL_STATS, ipsecstats, struct ipsecstat, ipsec6stat, "IPsec IPv6 statistics."); diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c index 8b189d4..1034f23 100644 --- a/sys/netipsec/key.c +++ b/sys/netipsec/key.c @@ -282,52 +282,52 @@ static VNET_DEFINE(int, ipsec_ah_keymin) = 128; SYSCTL_DECL(_net_key); #endif -SYSCTL_VNET_INT(_net_key, KEYCTL_DEBUG_LEVEL, debug, - CTLFLAG_RW, &VNET_NAME(key_debug_level), 0, ""); +SYSCTL_INT(_net_key, KEYCTL_DEBUG_LEVEL, debug, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_debug_level), 0, ""); /* max count of trial for the decision of spi value */ -SYSCTL_VNET_INT(_net_key, KEYCTL_SPI_TRY, spi_trycnt, - CTLFLAG_RW, &VNET_NAME(key_spi_trycnt), 0, ""); +SYSCTL_INT(_net_key, KEYCTL_SPI_TRY, spi_trycnt, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_trycnt), 0, ""); /* minimum spi value to allocate automatically. */ -SYSCTL_VNET_INT(_net_key, KEYCTL_SPI_MIN_VALUE, - spi_minval, CTLFLAG_RW, &VNET_NAME(key_spi_minval), 0, ""); +SYSCTL_INT(_net_key, KEYCTL_SPI_MIN_VALUE, spi_minval, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_minval), 0, ""); /* maximun spi value to allocate automatically. */ -SYSCTL_VNET_INT(_net_key, KEYCTL_SPI_MAX_VALUE, - spi_maxval, CTLFLAG_RW, &VNET_NAME(key_spi_maxval), 0, ""); +SYSCTL_INT(_net_key, KEYCTL_SPI_MAX_VALUE, spi_maxval, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_spi_maxval), 0, ""); /* interval to initialize randseed */ -SYSCTL_VNET_INT(_net_key, KEYCTL_RANDOM_INT, - int_random, CTLFLAG_RW, &VNET_NAME(key_int_random), 0, ""); +SYSCTL_INT(_net_key, KEYCTL_RANDOM_INT, int_random, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_int_random), 0, ""); /* lifetime for larval SA */ -SYSCTL_VNET_INT(_net_key, KEYCTL_LARVAL_LIFETIME, - larval_lifetime, CTLFLAG_RW, &VNET_NAME(key_larval_lifetime), 0, ""); +SYSCTL_INT(_net_key, KEYCTL_LARVAL_LIFETIME, larval_lifetime, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_larval_lifetime), 0, ""); /* counter for blocking to send SADB_ACQUIRE to IKEd */ -SYSCTL_VNET_INT(_net_key, KEYCTL_BLOCKACQ_COUNT, - blockacq_count, CTLFLAG_RW, &VNET_NAME(key_blockacq_count), 0, ""); +SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_COUNT, blockacq_count, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_count), 0, ""); /* lifetime for blocking to send SADB_ACQUIRE to IKEd */ -SYSCTL_VNET_INT(_net_key, KEYCTL_BLOCKACQ_LIFETIME, - blockacq_lifetime, CTLFLAG_RW, &VNET_NAME(key_blockacq_lifetime), 0, ""); +SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_LIFETIME, blockacq_lifetime, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_blockacq_lifetime), 0, ""); /* ESP auth */ -SYSCTL_VNET_INT(_net_key, KEYCTL_ESP_AUTH, esp_auth, - CTLFLAG_RW, &VNET_NAME(ipsec_esp_auth), 0, ""); +SYSCTL_INT(_net_key, KEYCTL_ESP_AUTH, esp_auth, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_auth), 0, ""); /* minimum ESP key length */ -SYSCTL_VNET_INT(_net_key, KEYCTL_ESP_KEYMIN, - esp_keymin, CTLFLAG_RW, &VNET_NAME(ipsec_esp_keymin), 0, ""); +SYSCTL_INT(_net_key, KEYCTL_ESP_KEYMIN, esp_keymin, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_esp_keymin), 0, ""); /* minimum AH key length */ -SYSCTL_VNET_INT(_net_key, KEYCTL_AH_KEYMIN, ah_keymin, - CTLFLAG_RW, &VNET_NAME(ipsec_ah_keymin), 0, ""); +SYSCTL_INT(_net_key, KEYCTL_AH_KEYMIN, ah_keymin, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipsec_ah_keymin), 0, ""); /* perfered old SA rather than new SA */ -SYSCTL_VNET_INT(_net_key, KEYCTL_PREFERED_OLDSA, - preferred_oldsa, CTLFLAG_RW, &VNET_NAME(key_preferred_oldsa), 0, ""); +SYSCTL_INT(_net_key, KEYCTL_PREFERED_OLDSA, preferred_oldsa, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(key_preferred_oldsa), 0, ""); #define __LIST_CHAINED(elm) \ (!((elm)->chain.le_next == NULL && (elm)->chain.le_prev == NULL)) diff --git a/sys/netipsec/xform_ah.c b/sys/netipsec/xform_ah.c index 0c0a5a8..42083db 100644 --- a/sys/netipsec/xform_ah.c +++ b/sys/netipsec/xform_ah.c @@ -100,10 +100,10 @@ VNET_PCPUSTAT_SYSUNINIT(ahstat); #ifdef INET SYSCTL_DECL(_net_inet_ah); -SYSCTL_VNET_INT(_net_inet_ah, OID_AUTO, - ah_enable, CTLFLAG_RW, &VNET_NAME(ah_enable), 0, ""); -SYSCTL_VNET_INT(_net_inet_ah, OID_AUTO, - ah_cleartos, CTLFLAG_RW, &VNET_NAME(ah_cleartos), 0, ""); +SYSCTL_INT(_net_inet_ah, OID_AUTO, ah_enable, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ah_enable), 0, ""); +SYSCTL_INT(_net_inet_ah, OID_AUTO, ah_cleartos, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ah_cleartos), 0, ""); SYSCTL_VNET_PCPUSTAT(_net_inet_ah, IPSECCTL_STATS, stats, struct ahstat, ahstat, "AH statistics (struct ahstat, netipsec/ah_var.h)"); #endif diff --git a/sys/netipsec/xform_esp.c b/sys/netipsec/xform_esp.c index e7a3432..8fae36a 100644 --- a/sys/netipsec/xform_esp.c +++ b/sys/netipsec/xform_esp.c @@ -87,8 +87,8 @@ VNET_PCPUSTAT_SYSUNINIT(espstat); #endif /* VIMAGE */ SYSCTL_DECL(_net_inet_esp); -SYSCTL_VNET_INT(_net_inet_esp, OID_AUTO, - esp_enable, CTLFLAG_RW, &VNET_NAME(esp_enable), 0, ""); +SYSCTL_INT(_net_inet_esp, OID_AUTO, esp_enable, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(esp_enable), 0, ""); SYSCTL_VNET_PCPUSTAT(_net_inet_esp, IPSECCTL_STATS, stats, struct espstat, espstat, "ESP statistics (struct espstat, netipsec/esp_var.h"); diff --git a/sys/netipsec/xform_ipcomp.c b/sys/netipsec/xform_ipcomp.c index 1fa1057..1096c99 100644 --- a/sys/netipsec/xform_ipcomp.c +++ b/sys/netipsec/xform_ipcomp.c @@ -78,8 +78,8 @@ VNET_PCPUSTAT_SYSUNINIT(ipcompstat); #endif /* VIMAGE */ SYSCTL_DECL(_net_inet_ipcomp); -SYSCTL_VNET_INT(_net_inet_ipcomp, OID_AUTO, - ipcomp_enable, CTLFLAG_RW, &VNET_NAME(ipcomp_enable), 0, ""); +SYSCTL_INT(_net_inet_ipcomp, OID_AUTO, ipcomp_enable, + CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ipcomp_enable), 0, ""); SYSCTL_VNET_PCPUSTAT(_net_inet_ipcomp, IPSECCTL_STATS, stats, struct ipcompstat, ipcompstat, "IPCOMP statistics (struct ipcompstat, netipsec/ipcomp_var.h"); diff --git a/sys/netipsec/xform_ipip.c b/sys/netipsec/xform_ipip.c index c0ce7b7..830521a 100644 --- a/sys/netipsec/xform_ipip.c +++ b/sys/netipsec/xform_ipip.c @@ -97,8 +97,8 @@ VNET_PCPUSTAT_SYSUNINIT(ipipstat); #endif /* VIMAGE */ SYSCTL_DECL(_net_inet_ipip); -SYSCTL_VNET_INT(_net_inet_ipip, OID_AUTO, - ipip_allow, CTLFLAG_RW, &VNET_NAME(ipip_allow), 0, ""); +SYSCTL_INT(_net_inet_ipip, OID_AUTO, ipip_allow, CTLFLAG_VNET | CTLFLAG_RW, + &VNET_NAME(ipip_allow), 0, ""); SYSCTL_VNET_PCPUSTAT(_net_inet_ipip, IPSECCTL_STATS, stats, struct ipipstat, ipipstat, "IPIP statistics (struct ipipstat, netipsec/ipip_var.h)"); |
