diff options
Diffstat (limited to 'sys/netipsec/keysock.c')
-rw-r--r-- | sys/netipsec/keysock.c | 89 |
1 files changed, 25 insertions, 64 deletions
diff --git a/sys/netipsec/keysock.c b/sys/netipsec/keysock.c index ee3495e..21539f12 100644 --- a/sys/netipsec/keysock.c +++ b/sys/netipsec/keysock.c @@ -81,7 +81,6 @@ key_output(struct mbuf *m, struct socket *so) { struct sadb_msg *msg; int len, error = 0; - int s; if (m == 0) panic("%s: NULL pointer was passed.\n", __func__); @@ -116,11 +115,8 @@ key_output(struct mbuf *m, struct socket *so) goto end; } - /*XXX giant lock*/ - s = splnet(); error = key_parse(m, so); m = NULL; - splx(s); end: if (m) m_freem(m); @@ -213,15 +209,19 @@ key_sendup(so, msg, len, target) while (tlen > 0) { if (tlen == len) { MGETHDR(n, M_DONTWAIT, MT_DATA); + if (n == NULL) { + pfkeystat.in_nomem++; + return ENOBUFS; + } n->m_len = MHLEN; } else { MGET(n, M_DONTWAIT, MT_DATA); + if (n == NULL) { + pfkeystat.in_nomem++; + return ENOBUFS; + } n->m_len = MLEN; } - if (!n) { - pfkeystat.in_nomem++; - return ENOBUFS; - } if (tlen >= MCLBYTES) { /*XXX better threshold? */ MCLGET(n, M_DONTWAIT); if ((n->m_flags & M_EXT) == 0) { @@ -278,22 +278,18 @@ key_sendup_mbuf(so, m, target) pfkeystat.in_total++; pfkeystat.in_bytes += m->m_pkthdr.len; if (m->m_len < sizeof(struct sadb_msg)) { -#if 1 m = m_pullup(m, sizeof(struct sadb_msg)); if (m == NULL) { pfkeystat.in_nomem++; return ENOBUFS; } -#else - /* don't bother pulling it up just for stats */ -#endif } if (m->m_len >= sizeof(struct sadb_msg)) { struct sadb_msg *msg; msg = mtod(m, struct sadb_msg *); pfkeystat.in_msgtype[msg->sadb_msg_type]++; } - + mtx_lock(&rawcb_mtx); LIST_FOREACH(rp, &rawcb_list, list) { if (rp->rcb_proto.sp_family != PF_KEY) @@ -344,11 +340,13 @@ key_sendup_mbuf(so, m, target) if ((n = m_copy(m, 0, (int)M_COPYALL)) == NULL) { m_freem(m); pfkeystat.in_nomem++; + mtx_unlock(&rawcb_mtx); return ENOBUFS; } if ((error = key_sendup0(rp, n, 0)) != 0) { m_freem(m); + mtx_unlock(&rawcb_mtx); return error; } @@ -362,6 +360,7 @@ key_sendup_mbuf(so, m, target) error = 0; m_freem(m); } + mtx_unlock(&rawcb_mtx); return error; } @@ -372,7 +371,6 @@ key_sendup_mbuf(so, m, target) static void key_abort(struct socket *so) { - raw_usrreqs.pru_abort(so); } @@ -384,29 +382,21 @@ static int key_attach(struct socket *so, int proto, struct thread *td) { struct keycb *kp; - int s, error; + int error; + + KASSERT(so->so_pcb == NULL, ("key_attach: so_pcb != NULL")); - if (sotorawcb(so) != 0) - return EISCONN; /* XXX panic? */ - kp = (struct keycb *)malloc(sizeof *kp, M_PCB, M_WAITOK|M_ZERO); /* XXX */ + /* XXX */ + MALLOC(kp, struct keycb *, sizeof *kp, M_PCB, M_WAITOK | M_ZERO); if (kp == 0) return ENOBUFS; - /* - * The splnet() is necessary to block protocols from sending - * error notifications (like RTM_REDIRECT or RTM_LOSING) while - * this PCB is extant but incompletely initialized. - * Probably we should try to do more of this work beforehand and - * eliminate the spl. - */ - s = splnet(); so->so_pcb = (caddr_t)kp; - error = raw_usrreqs.pru_attach(so, proto, td); + error = raw_attach(so, proto); kp = (struct keycb *)sotorawcb(so); if (error) { free(kp, M_PCB); so->so_pcb = (caddr_t) 0; - splx(s); return error; } @@ -420,7 +410,6 @@ key_attach(struct socket *so, int proto, struct thread *td) soisconnected(so); so->so_options |= SO_USELOOPBACK; - splx(s); return 0; } @@ -431,11 +420,7 @@ key_attach(struct socket *so, int proto, struct thread *td) static int key_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { - int s, error; - s = splnet(); - error = raw_usrreqs.pru_bind(so, nam, td); /* xxx just EINVAL */ - splx(s); - return error; + return EINVAL; } /* @@ -456,11 +441,7 @@ key_close(struct socket *so) static int key_connect(struct socket *so, struct sockaddr *nam, struct thread *td) { - int s, error; - s = splnet(); - error = raw_usrreqs.pru_connect(so, nam, td); /* XXX just EINVAL */ - splx(s); - return error; + return EINVAL; } /* @@ -489,11 +470,7 @@ key_detach(struct socket *so) static int key_disconnect(struct socket *so) { - int s, error; - s = splnet(); - error = raw_usrreqs.pru_disconnect(so); - splx(s); - return error; + return(raw_usrreqs.pru_disconnect(so)); } /* @@ -503,11 +480,7 @@ key_disconnect(struct socket *so) static int key_peeraddr(struct socket *so, struct sockaddr **nam) { - int s, error; - s = splnet(); - error = raw_usrreqs.pru_peeraddr(so, nam); - splx(s); - return error; + return(raw_usrreqs.pru_peeraddr(so, nam)); } /* @@ -518,11 +491,7 @@ static int key_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, struct mbuf *control, struct thread *td) { - int s, error; - s = splnet(); - error = raw_usrreqs.pru_send(so, flags, m, nam, control, td); - splx(s); - return error; + return(raw_usrreqs.pru_send(so, flags, m, nam, control, td)); } /* @@ -532,11 +501,7 @@ key_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, static int key_shutdown(struct socket *so) { - int s, error; - s = splnet(); - error = raw_usrreqs.pru_shutdown(so); - splx(s); - return error; + return(raw_usrreqs.pru_shutdown(so)); } /* @@ -546,11 +511,7 @@ key_shutdown(struct socket *so) static int key_sockaddr(struct socket *so, struct sockaddr **nam) { - int s, error; - s = splnet(); - error = raw_usrreqs.pru_sockaddr(so, nam); - splx(s); - return error; + return(raw_usrreqs.pru_sockaddr(so, nam)); } struct pr_usrreqs key_usrreqs = { |