Page MenuHomeFreeBSD
Differential D36123

keysock: do not use raw socket code
ClosedPublic
Actions

Authored by glebius on Aug 10 2022, 10:07 PM.
Tags
None
Referenced Files
Unknown Object (File)
May 13 2024, 4:52 PM
Unknown Object (File)
May 2 2024, 4:24 AM
Unknown Object (File)
May 2 2024, 4:23 AM
Unknown Object (File)
Apr 30 2024, 2:06 PM
Unknown Object (File)
Apr 30 2024, 1:58 PM
Unknown Object (File)
Apr 30 2024, 1:57 PM
Unknown Object (File)
Apr 27 2024, 4:04 PM
Unknown Object (File)
Apr 27 2024, 3:18 PM
View All 29 Files
Subscribers
ae
imp

Details

Reviewers
melifaro
Group Reviewers
network
Commits
rGea7be1293b48: keysock: do not use raw socket code
Summary

This makes key socket implementation self contained and removes one
of the last dependencies on the raw socket code and pr_output method.

There are very subtle API visible changes:

  • now key socket would return EOPNOTSUPP instead of EINVAL on syscalls that are not supposed to be called on a key socket.
  • key socket buffer sizes are now controlled by net.key sysctls instead of net.raw. The latter were not documented anywhere, and even Internet search doesn't find any references or discussions related to them.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

glebius created this revision.Aug 10 2022, 10:07 PM
Herald added subscribers: ae, imp. · View Herald TranscriptAug 10 2022, 10:07 PM
glebius requested review of this revision.Aug 10 2022, 10:07 PM
glebius added a parent revision: D36122: rtsock: do not use raw socket code.
Harbormaster completed remote builds in B46840: Diff 109127.Aug 10 2022, 10:07 PM
glebius added a child revision: D36124: Retire 4.4BSD raw sockets.Aug 10 2022, 10:39 PM
melifaro accepted this revision.Aug 11 2022, 8:30 AM

LGTM.
Could you please share output of netipsec/ tests in the testing section?

This revision is now accepted and ready to land.Aug 11 2022, 8:30 AM
glebius added a comment.Aug 11 2022, 2:44 PM
In D36123#820358, @melifaro wrote:

LGTM.
Could you please share output of netipsec/ tests in the testing section?

We don't have much there, unfortunately. The netipsec/tunnel tests all pass. Also, I have compiled sbin/setkey/test-pfkey.c and checked that it operates equally before and after the patch. Note: it was not able to process all of its tests before patch as well.

This revision was landed with ongoing or failed builds.Aug 11 2022, 4:20 PM
Closed by commit rGea7be1293b48: keysock: do not use raw socket code (authored by glebius). · Explain Why
This revision was automatically updated to reflect the committed changes.
glebius added a commit: rGea7be1293b48: keysock: do not use raw socket code.

Revision Contents
Changeset List

PathSize
sys/
netipsec/
9 lines
5 lines
218 lines

Diff 109176

View Options

sys/netipsec/key.c

Loading...
View Options

sys/netipsec/keysock.h

Loading...
View Options

sys/netipsec/keysock.c

Loading...