summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--sys/netipsec/key.c154
1 files changed, 50 insertions, 104 deletions
diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c
index a4b7ecb..67afed2 100644
--- a/sys/netipsec/key.c
+++ b/sys/netipsec/key.c
@@ -547,7 +547,6 @@ static const char *key_getfqdn __P((void));
static const char *key_getuserfqdn __P((void));
#endif
static void key_sa_chgstate __P((struct secasvar *, u_int8_t));
-static struct mbuf *key_alloc_mbuf __P((int));
static __inline void
sa_initref(struct secasvar *sav)
@@ -1634,15 +1633,11 @@ key_sp2msg(sp)
tlen = key_getspreqmsglen(sp);
- m = key_alloc_mbuf(tlen);
- if (!m || m->m_next) { /*XXX*/
- if (m)
- m_freem(m);
- return NULL;
- }
-
+ m = m_get2(tlen, M_NOWAIT, MT_DATA, 0);
+ if (m == NULL)
+ return (NULL);
+ m_align(m, tlen);
m->m_len = tlen;
- m->m_next = NULL;
xpl = mtod(m, struct sadb_x_policy *);
bzero(xpl, tlen);
@@ -1732,12 +1727,11 @@ key_gather_mbuf(m, mhp, ndeep, nitem, va_alist)
mtod(n, caddr_t));
} else if (i < ndeep) {
len = mhp->extlen[idx];
- n = key_alloc_mbuf(len);
- if (!n || n->m_next) { /*XXX*/
- if (n)
- m_freem(n);
+ n = m_get2(len, M_NOWAIT, MT_DATA, 0);
+ if (n == NULL)
goto fail;
- }
+ m_align(n, len);
+ n->m_len = len;
m_copydata(m, mhp->extoff[idx], mhp->extlen[idx],
mtod(n, caddr_t));
} else {
@@ -2602,13 +2596,13 @@ key_spdexpire(sp)
/* create lifetime extension (current and hard) */
len = PFKEY_ALIGN8(sizeof(*lt)) * 2;
- m = key_alloc_mbuf(len);
- if (!m || m->m_next) { /*XXX*/
- if (m)
- m_freem(m);
+ m = m_get2(len, M_NOWAIT, MT_DATA, 0);
+ if (m == NULL) {
error = ENOBUFS;
goto fail;
}
+ m_align(m, len);
+ m->m_len = len;
bzero(mtod(m, caddr_t), len);
lt = mtod(m, struct sadb_lifetime *);
lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
@@ -3602,15 +3596,12 @@ key_setsadbsa(sav)
int len;
len = PFKEY_ALIGN8(sizeof(struct sadb_sa));
- m = key_alloc_mbuf(len);
- if (!m || m->m_next) { /*XXX*/
- if (m)
- m_freem(m);
- return NULL;
- }
-
+ m = m_get2(len, M_NOWAIT, MT_DATA, 0);
+ if (m == NULL)
+ return (NULL);
+ m_align(m, len);
+ m->m_len = len;
p = mtod(m, struct sadb_sa *);
-
bzero(p, len);
p->sadb_sa_len = PFKEY_UNIT64(len);
p->sadb_sa_exttype = SADB_EXT_SA;
@@ -3636,13 +3627,11 @@ key_setsadbaddr(u_int16_t exttype, const struct sockaddr *saddr, u_int8_t prefix
len = PFKEY_ALIGN8(sizeof(struct sadb_address)) +
PFKEY_ALIGN8(saddr->sa_len);
- m = key_alloc_mbuf(len);
- if (!m || m->m_next) { /*XXX*/
- if (m)
- m_freem(m);
- return NULL;
- }
-
+ m = m_get2(len, M_NOWAIT, MT_DATA, 0);
+ if (m == NULL)
+ return (NULL);
+ m_align(m, len);
+ m->m_len = len;
p = mtod(m, struct sadb_address *);
bzero(p, len);
@@ -3682,13 +3671,11 @@ key_setsadbxsa2(u_int8_t mode, u_int32_t seq, u_int32_t reqid)
size_t len;
len = PFKEY_ALIGN8(sizeof(struct sadb_x_sa2));
- m = key_alloc_mbuf(len);
- if (!m || m->m_next) { /*XXX*/
- if (m)
- m_freem(m);
- return NULL;
- }
-
+ m = m_get2(len, M_NOWAIT, MT_DATA, 0);
+ if (m == NULL)
+ return (NULL);
+ m_align(m, len);
+ m->m_len = len;
p = mtod(m, struct sadb_x_sa2 *);
bzero(p, len);
@@ -3716,13 +3703,11 @@ key_setsadbxtype(u_int16_t type)
len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_type));
- m = key_alloc_mbuf(len);
- if (!m || m->m_next) { /*XXX*/
- if (m)
- m_freem(m);
+ m = m_get2(len, M_NOWAIT, MT_DATA, 0);
+ if (m == NULL)
return (NULL);
- }
-
+ m_align(m, len);
+ m->m_len = len;
p = mtod(m, struct sadb_x_nat_t_type *);
bzero(p, len);
@@ -3745,13 +3730,11 @@ key_setsadbxport(u_int16_t port, u_int16_t type)
len = PFKEY_ALIGN8(sizeof(struct sadb_x_nat_t_port));
- m = key_alloc_mbuf(len);
- if (!m || m->m_next) { /*XXX*/
- if (m)
- m_freem(m);
+ m = m_get2(len, M_NOWAIT, MT_DATA, 0);
+ if (m == NULL)
return (NULL);
- }
-
+ m_align(m, len);
+ m->m_len = len;
p = mtod(m, struct sadb_x_nat_t_port *);
bzero(p, len);
@@ -3822,13 +3805,11 @@ key_setsadbxpolicy(u_int16_t type, u_int8_t dir, u_int32_t id)
size_t len;
len = PFKEY_ALIGN8(sizeof(struct sadb_x_policy));
- m = key_alloc_mbuf(len);
- if (!m || m->m_next) { /*XXX*/
- if (m)
- m_freem(m);
- return NULL;
- }
-
+ m = m_get2(len, M_NOWAIT, MT_DATA, 0);
+ if (m == NULL)
+ return (NULL);
+ m_align(m, len);
+ m->m_len = len;
p = mtod(m, struct sadb_x_policy *);
bzero(p, len);
@@ -6951,13 +6932,13 @@ key_expire(struct secasvar *sav)
/* create lifetime extension (current and soft) */
len = PFKEY_ALIGN8(sizeof(*lt)) * 2;
- m = key_alloc_mbuf(len);
- if (!m || m->m_next) { /*XXX*/
- if (m)
- m_freem(m);
+ m = m_get2(len, M_NOWAIT, MT_DATA, 0);
+ if (m == NULL) {
error = ENOBUFS;
goto fail;
}
+ m_align(m, len);
+ m->m_len = len;
bzero(mtod(m, caddr_t), len);
lt = mtod(m, struct sadb_lifetime *);
lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
@@ -7959,45 +7940,6 @@ key_sa_stir_iv(sav)
key_randomfill(sav->iv, sav->ivlen);
}
-/* XXX too much? */
-static struct mbuf *
-key_alloc_mbuf(l)
- int l;
-{
- struct mbuf *m = NULL, *n;
- int len, t;
-
- len = l;
- while (len > 0) {
- MGET(n, M_NOWAIT, MT_DATA);
- if (n && len > MLEN)
- MCLGET(n, M_NOWAIT);
- if (!n) {
- m_freem(m);
- return NULL;
- }
-
- n->m_next = NULL;
- n->m_len = 0;
- n->m_len = M_TRAILINGSPACE(n);
- /* use the bottom of mbuf, hoping we can prepend afterwards */
- if (n->m_len > len) {
- t = (n->m_len - len) & ~(sizeof(long) - 1);
- n->m_data += t;
- n->m_len = len;
- }
-
- len -= n->m_len;
-
- if (m)
- m_cat(m, n);
- else
- m = n;
- }
-
- return m;
-}
-
/*
* Take one of the kernel's security keys and convert it into a PF_KEY
* structure within an mbuf, suitable for sending up to a waiting
@@ -8022,9 +7964,11 @@ key_setkey(struct seckey *src, u_int16_t exttype)
return NULL;
len = PFKEY_ALIGN8(sizeof(struct sadb_key) + _KEYLEN(src));
- m = key_alloc_mbuf(len);
+ m = m_get2(len, M_NOWAIT, MT_DATA, 0);
if (m == NULL)
return NULL;
+ m_align(m, len);
+ m->m_len = len;
p = mtod(m, struct sadb_key *);
bzero(p, len);
p->sadb_key_len = PFKEY_UNIT64(len);
@@ -8059,9 +8003,11 @@ key_setlifetime(struct seclifetime *src, u_int16_t exttype)
if (src == NULL)
return NULL;
- m = key_alloc_mbuf(len);
+ m = m_get2(len, M_NOWAIT, MT_DATA, 0);
if (m == NULL)
return m;
+ m_align(m, len);
+ m->m_len = len;
p = mtod(m, struct sadb_lifetime *);
bzero(p, len);
OpenPOWER on IntegriCloud