summaryrefslogtreecommitdiffstats
path: root/sys/netipsec/keysock.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/netipsec/keysock.c')
-rw-r--r--sys/netipsec/keysock.c89
1 files changed, 25 insertions, 64 deletions
diff --git a/sys/netipsec/keysock.c b/sys/netipsec/keysock.c
index ee3495e..21539f12 100644
--- a/sys/netipsec/keysock.c
+++ b/sys/netipsec/keysock.c
@@ -81,7 +81,6 @@ key_output(struct mbuf *m, struct socket *so)
{
struct sadb_msg *msg;
int len, error = 0;
- int s;
if (m == 0)
panic("%s: NULL pointer was passed.\n", __func__);
@@ -116,11 +115,8 @@ key_output(struct mbuf *m, struct socket *so)
goto end;
}
- /*XXX giant lock*/
- s = splnet();
error = key_parse(m, so);
m = NULL;
- splx(s);
end:
if (m)
m_freem(m);
@@ -213,15 +209,19 @@ key_sendup(so, msg, len, target)
while (tlen > 0) {
if (tlen == len) {
MGETHDR(n, M_DONTWAIT, MT_DATA);
+ if (n == NULL) {
+ pfkeystat.in_nomem++;
+ return ENOBUFS;
+ }
n->m_len = MHLEN;
} else {
MGET(n, M_DONTWAIT, MT_DATA);
+ if (n == NULL) {
+ pfkeystat.in_nomem++;
+ return ENOBUFS;
+ }
n->m_len = MLEN;
}
- if (!n) {
- pfkeystat.in_nomem++;
- return ENOBUFS;
- }
if (tlen >= MCLBYTES) { /*XXX better threshold? */
MCLGET(n, M_DONTWAIT);
if ((n->m_flags & M_EXT) == 0) {
@@ -278,22 +278,18 @@ key_sendup_mbuf(so, m, target)
pfkeystat.in_total++;
pfkeystat.in_bytes += m->m_pkthdr.len;
if (m->m_len < sizeof(struct sadb_msg)) {
-#if 1
m = m_pullup(m, sizeof(struct sadb_msg));
if (m == NULL) {
pfkeystat.in_nomem++;
return ENOBUFS;
}
-#else
- /* don't bother pulling it up just for stats */
-#endif
}
if (m->m_len >= sizeof(struct sadb_msg)) {
struct sadb_msg *msg;
msg = mtod(m, struct sadb_msg *);
pfkeystat.in_msgtype[msg->sadb_msg_type]++;
}
-
+ mtx_lock(&rawcb_mtx);
LIST_FOREACH(rp, &rawcb_list, list)
{
if (rp->rcb_proto.sp_family != PF_KEY)
@@ -344,11 +340,13 @@ key_sendup_mbuf(so, m, target)
if ((n = m_copy(m, 0, (int)M_COPYALL)) == NULL) {
m_freem(m);
pfkeystat.in_nomem++;
+ mtx_unlock(&rawcb_mtx);
return ENOBUFS;
}
if ((error = key_sendup0(rp, n, 0)) != 0) {
m_freem(m);
+ mtx_unlock(&rawcb_mtx);
return error;
}
@@ -362,6 +360,7 @@ key_sendup_mbuf(so, m, target)
error = 0;
m_freem(m);
}
+ mtx_unlock(&rawcb_mtx);
return error;
}
@@ -372,7 +371,6 @@ key_sendup_mbuf(so, m, target)
static void
key_abort(struct socket *so)
{
-
raw_usrreqs.pru_abort(so);
}
@@ -384,29 +382,21 @@ static int
key_attach(struct socket *so, int proto, struct thread *td)
{
struct keycb *kp;
- int s, error;
+ int error;
+
+ KASSERT(so->so_pcb == NULL, ("key_attach: so_pcb != NULL"));
- if (sotorawcb(so) != 0)
- return EISCONN; /* XXX panic? */
- kp = (struct keycb *)malloc(sizeof *kp, M_PCB, M_WAITOK|M_ZERO); /* XXX */
+ /* XXX */
+ MALLOC(kp, struct keycb *, sizeof *kp, M_PCB, M_WAITOK | M_ZERO);
if (kp == 0)
return ENOBUFS;
- /*
- * The splnet() is necessary to block protocols from sending
- * error notifications (like RTM_REDIRECT or RTM_LOSING) while
- * this PCB is extant but incompletely initialized.
- * Probably we should try to do more of this work beforehand and
- * eliminate the spl.
- */
- s = splnet();
so->so_pcb = (caddr_t)kp;
- error = raw_usrreqs.pru_attach(so, proto, td);
+ error = raw_attach(so, proto);
kp = (struct keycb *)sotorawcb(so);
if (error) {
free(kp, M_PCB);
so->so_pcb = (caddr_t) 0;
- splx(s);
return error;
}
@@ -420,7 +410,6 @@ key_attach(struct socket *so, int proto, struct thread *td)
soisconnected(so);
so->so_options |= SO_USELOOPBACK;
- splx(s);
return 0;
}
@@ -431,11 +420,7 @@ key_attach(struct socket *so, int proto, struct thread *td)
static int
key_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
{
- int s, error;
- s = splnet();
- error = raw_usrreqs.pru_bind(so, nam, td); /* xxx just EINVAL */
- splx(s);
- return error;
+ return EINVAL;
}
/*
@@ -456,11 +441,7 @@ key_close(struct socket *so)
static int
key_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
{
- int s, error;
- s = splnet();
- error = raw_usrreqs.pru_connect(so, nam, td); /* XXX just EINVAL */
- splx(s);
- return error;
+ return EINVAL;
}
/*
@@ -489,11 +470,7 @@ key_detach(struct socket *so)
static int
key_disconnect(struct socket *so)
{
- int s, error;
- s = splnet();
- error = raw_usrreqs.pru_disconnect(so);
- splx(s);
- return error;
+ return(raw_usrreqs.pru_disconnect(so));
}
/*
@@ -503,11 +480,7 @@ key_disconnect(struct socket *so)
static int
key_peeraddr(struct socket *so, struct sockaddr **nam)
{
- int s, error;
- s = splnet();
- error = raw_usrreqs.pru_peeraddr(so, nam);
- splx(s);
- return error;
+ return(raw_usrreqs.pru_peeraddr(so, nam));
}
/*
@@ -518,11 +491,7 @@ static int
key_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam,
struct mbuf *control, struct thread *td)
{
- int s, error;
- s = splnet();
- error = raw_usrreqs.pru_send(so, flags, m, nam, control, td);
- splx(s);
- return error;
+ return(raw_usrreqs.pru_send(so, flags, m, nam, control, td));
}
/*
@@ -532,11 +501,7 @@ key_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam,
static int
key_shutdown(struct socket *so)
{
- int s, error;
- s = splnet();
- error = raw_usrreqs.pru_shutdown(so);
- splx(s);
- return error;
+ return(raw_usrreqs.pru_shutdown(so));
}
/*
@@ -546,11 +511,7 @@ key_shutdown(struct socket *so)
static int
key_sockaddr(struct socket *so, struct sockaddr **nam)
{
- int s, error;
- s = splnet();
- error = raw_usrreqs.pru_sockaddr(so, nam);
- splx(s);
- return error;
+ return(raw_usrreqs.pru_sockaddr(so, nam));
}
struct pr_usrreqs key_usrreqs = {
OpenPOWER on IntegriCloud