Page MenuHomeFreeBSD
Files F151295649

D16216.id45140.diff
No OneTemporary
Actions

D16216.id45140.diff
View Options

Index: sys/netipsec/ipsec.h
===================================================================
--- sys/netipsec/ipsec.h
+++ sys/netipsec/ipsec.h
@@ -332,7 +332,7 @@
int ipsec_chkreplay(uint32_t, struct secasvar *);
int ipsec_updatereplay(uint32_t, struct secasvar *);
-int ipsec_updateid(struct secasvar *, uint64_t *, uint64_t *);
+int ipsec_updateid(struct secasvar *, crypto_session_t *, crypto_session_t *);
int ipsec_initialized(void);
void ipsec_setspidx_inpcb(struct inpcb *, struct secpolicyindex *, u_int);
Index: sys/netipsec/ipsec.c
===================================================================
--- sys/netipsec/ipsec.c
+++ sys/netipsec/ipsec.c
@@ -1322,9 +1322,10 @@
}
int
-ipsec_updateid(struct secasvar *sav, uint64_t *new, uint64_t *old)
+ipsec_updateid(struct secasvar *sav, crypto_session_t *new,
+ crypto_session_t *old)
{
- uint64_t tmp;
+ crypto_session_t tmp;
/*
* tdb_cryptoid is initialized by xform_init().
@@ -1350,8 +1351,8 @@
* XXXAE: check this more carefully.
*/
KEYDBG(IPSEC_STAMP,
- printf("%s: SA(%p) moves cryptoid %jd -> %jd\n",
- __func__, sav, (uintmax_t)(*old), (uintmax_t)(*new)));
+ printf("%s: SA(%p) moves cryptoid %p -> %p\n",
+ __func__, sav, *old, *new));
KEYDBG(IPSEC_DATA, kdebug_secasv(sav));
SECASVAR_LOCK(sav);
if (sav->tdb_cryptoid != *old) {
Index: sys/netipsec/keydb.h
===================================================================
--- sys/netipsec/keydb.h
+++ sys/netipsec/keydb.h
@@ -41,6 +41,7 @@
#include <sys/mutex.h>
#include <netipsec/key_var.h>
+#include <opencrypto/_cryptodev.h>
#ifndef _SOCKADDR_UNION_DEFINED
#define _SOCKADDR_UNION_DEFINED
@@ -162,7 +163,7 @@
const struct enc_xform *tdb_encalgxform;/* encoding algorithm */
const struct auth_hash *tdb_authalgxform;/* authentication algorithm */
const struct comp_algo *tdb_compalgxform;/* compression algorithm */
- uint64_t tdb_cryptoid; /* crypto session id */
+ crypto_session_t tdb_cryptoid; /* crypto session */
uint8_t alg_auth; /* Authentication Algorithm Identifier*/
uint8_t alg_enc; /* Cipher Algorithm Identifier */
Index: sys/netipsec/xform.h
===================================================================
--- sys/netipsec/xform.h
+++ sys/netipsec/xform.h
@@ -71,7 +71,7 @@
struct xform_data {
struct secpolicy *sp; /* security policy */
struct secasvar *sav; /* related SA */
- uint64_t cryptoid; /* used crypto session id */
+ crypto_session_t cryptoid; /* used crypto session */
u_int idx; /* IPsec request index */
int protoff; /* current protocol offset */
int skip; /* data offset */
Index: sys/netipsec/xform_ah.c
===================================================================
--- sys/netipsec/xform_ah.c
+++ sys/netipsec/xform_ah.c
@@ -245,16 +245,15 @@
int
ah_zeroize(struct secasvar *sav)
{
- int err;
if (sav->key_auth)
bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth));
- err = crypto_freesession(sav->tdb_cryptoid);
- sav->tdb_cryptoid = 0;
+ crypto_freesession(sav->tdb_cryptoid);
+ sav->tdb_cryptoid = NULL;
sav->tdb_authalgxform = NULL;
sav->tdb_xform = NULL;
- return err;
+ return 0;
}
/*
@@ -544,7 +543,7 @@
struct cryptop *crp;
struct xform_data *xd;
struct newah *ah;
- uint64_t cryptoid;
+ crypto_session_t cryptoid;
int hl, rplen, authsize, ahsize, error;
IPSEC_ASSERT(sav != NULL, ("null SA"));
@@ -669,7 +668,7 @@
crp->crp_flags |= CRYPTO_F_ASYNC | CRYPTO_F_ASYNC_KEEPORDER;
crp->crp_buf = (caddr_t) m;
crp->crp_callback = ah_input_cb;
- crp->crp_sid = cryptoid;
+ crp->crp_session = cryptoid;
crp->crp_opaque = (caddr_t) xd;
/* These are passed as-is to the callback. */
@@ -699,7 +698,7 @@
struct secasvar *sav;
struct secasindex *saidx;
caddr_t ptr;
- uint64_t cryptoid;
+ crypto_session_t cryptoid;
int authsize, rplen, ahsize, error, skip, protoff;
uint8_t nxt;
@@ -720,9 +719,9 @@
if (crp->crp_etype) {
if (crp->crp_etype == EAGAIN) {
/* Reset the session ID */
- if (ipsec_updateid(sav, &crp->crp_sid, &cryptoid) != 0)
+ if (ipsec_updateid(sav, &crp->crp_session, &cryptoid) != 0)
crypto_freesession(cryptoid);
- xd->cryptoid = crp->crp_sid;
+ xd->cryptoid = crp->crp_session;
CURVNET_RESTORE();
return (crypto_dispatch(crp));
}
@@ -849,7 +848,7 @@
struct mbuf *mi;
struct cryptop *crp;
struct newah *ah;
- uint64_t cryptoid;
+ crypto_session_t cryptoid;
uint16_t iplen;
int error, rplen, authsize, ahsize, maxpacketsize, roff;
uint8_t prot;
@@ -1052,7 +1051,7 @@
crp->crp_flags |= CRYPTO_F_ASYNC | CRYPTO_F_ASYNC_KEEPORDER;
crp->crp_buf = (caddr_t) m;
crp->crp_callback = ah_output_cb;
- crp->crp_sid = cryptoid;
+ crp->crp_session = cryptoid;
crp->crp_opaque = (caddr_t) xd;
/* These are passed as-is to the callback. */
@@ -1082,7 +1081,7 @@
struct secpolicy *sp;
struct secasvar *sav;
struct mbuf *m;
- uint64_t cryptoid;
+ crypto_session_t cryptoid;
caddr_t ptr;
u_int idx;
int skip, error;
@@ -1101,9 +1100,9 @@
if (crp->crp_etype) {
if (crp->crp_etype == EAGAIN) {
/* Reset the session ID */
- if (ipsec_updateid(sav, &crp->crp_sid, &cryptoid) != 0)
+ if (ipsec_updateid(sav, &crp->crp_session, &cryptoid) != 0)
crypto_freesession(cryptoid);
- xd->cryptoid = crp->crp_sid;
+ xd->cryptoid = crp->crp_session;
CURVNET_RESTORE();
return (crypto_dispatch(crp));
}
Index: sys/netipsec/xform_esp.c
===================================================================
--- sys/netipsec/xform_esp.c
+++ sys/netipsec/xform_esp.c
@@ -271,7 +271,7 @@
struct cryptop *crp;
struct newesp *esp;
uint8_t *ivp;
- uint64_t cryptoid;
+ crypto_session_t cryptoid;
int alen, error, hlen, plen;
IPSEC_ASSERT(sav != NULL, ("null SA"));
@@ -389,7 +389,7 @@
crp->crp_flags |= CRYPTO_F_ASYNC | CRYPTO_F_ASYNC_KEEPORDER;
crp->crp_buf = (caddr_t) m;
crp->crp_callback = esp_input_cb;
- crp->crp_sid = cryptoid;
+ crp->crp_session = cryptoid;
crp->crp_opaque = (caddr_t) xd;
/* These are passed as-is to the callback */
@@ -448,7 +448,7 @@
struct secasvar *sav;
struct secasindex *saidx;
caddr_t ptr;
- uint64_t cryptoid;
+ crypto_session_t cryptoid;
int hlen, skip, protoff, error, alen;
crd = crp->crp_desc;
@@ -468,9 +468,9 @@
if (crp->crp_etype) {
if (crp->crp_etype == EAGAIN) {
/* Reset the session ID */
- if (ipsec_updateid(sav, &crp->crp_sid, &cryptoid) != 0)
+ if (ipsec_updateid(sav, &crp->crp_session, &cryptoid) != 0)
crypto_freesession(cryptoid);
- xd->cryptoid = crp->crp_sid;
+ xd->cryptoid = crp->crp_session;
CURVNET_RESTORE();
return (crypto_dispatch(crp));
}
@@ -637,7 +637,8 @@
struct secasindex *saidx;
unsigned char *pad;
uint8_t *ivp;
- uint64_t cntr, cryptoid;
+ uint64_t cntr;
+ crypto_session_t cryptoid;
int hlen, rlen, padding, blks, alen, i, roff;
int error, maxpacketsize;
uint8_t prot;
@@ -852,7 +853,7 @@
crp->crp_buf = (caddr_t) m;
crp->crp_callback = esp_output_cb;
crp->crp_opaque = (caddr_t) xd;
- crp->crp_sid = cryptoid;
+ crp->crp_session = cryptoid;
if (esph) {
/* Authentication descriptor. */
@@ -883,7 +884,7 @@
struct secpolicy *sp;
struct secasvar *sav;
struct mbuf *m;
- uint64_t cryptoid;
+ crypto_session_t cryptoid;
u_int idx;
int error;
@@ -899,9 +900,9 @@
if (crp->crp_etype) {
if (crp->crp_etype == EAGAIN) {
/* Reset the session ID */
- if (ipsec_updateid(sav, &crp->crp_sid, &cryptoid) != 0)
+ if (ipsec_updateid(sav, &crp->crp_session, &cryptoid) != 0)
crypto_freesession(cryptoid);
- xd->cryptoid = crp->crp_sid;
+ xd->cryptoid = crp->crp_session;
CURVNET_RESTORE();
return (crypto_dispatch(crp));
}
Index: sys/netipsec/xform_ipcomp.c
===================================================================
--- sys/netipsec/xform_ipcomp.c
+++ sys/netipsec/xform_ipcomp.c
@@ -178,11 +178,10 @@
static int
ipcomp_zeroize(struct secasvar *sav)
{
- int err;
- err = crypto_freesession(sav->tdb_cryptoid);
- sav->tdb_cryptoid = 0;
- return err;
+ crypto_freesession(sav->tdb_cryptoid);
+ sav->tdb_cryptoid = NULL;
+ return 0;
}
/*
@@ -258,7 +257,7 @@
xd->vnet = curvnet;
SECASVAR_LOCK(sav);
- crp->crp_sid = xd->cryptoid = sav->tdb_cryptoid;
+ crp->crp_session = xd->cryptoid = sav->tdb_cryptoid;
SECASVAR_UNLOCK(sav);
return crypto_dispatch(crp);
@@ -280,7 +279,7 @@
struct secasvar *sav;
struct secasindex *saidx;
caddr_t addr;
- uint64_t cryptoid;
+ crypto_session_t cryptoid;
int hlen = IPCOMP_HLENGTH, error, clen;
int skip, protoff;
uint8_t nproto;
@@ -301,9 +300,9 @@
if (crp->crp_etype) {
if (crp->crp_etype == EAGAIN) {
/* Reset the session ID */
- if (ipsec_updateid(sav, &crp->crp_sid, &cryptoid) != 0)
+ if (ipsec_updateid(sav, &crp->crp_session, &cryptoid) != 0)
crypto_freesession(cryptoid);
- xd->cryptoid = crp->crp_sid;
+ xd->cryptoid = crp->crp_session;
CURVNET_RESTORE();
return (crypto_dispatch(crp));
}
@@ -508,7 +507,7 @@
crp->crp_opaque = (caddr_t) xd;
SECASVAR_LOCK(sav);
- crp->crp_sid = xd->cryptoid = sav->tdb_cryptoid;
+ crp->crp_session = xd->cryptoid = sav->tdb_cryptoid;
SECASVAR_UNLOCK(sav);
return crypto_dispatch(crp);
@@ -531,7 +530,7 @@
struct secpolicy *sp;
struct secasvar *sav;
struct mbuf *m;
- uint64_t cryptoid;
+ crypto_session_t cryptoid;
u_int idx;
int error, skip, protoff;
@@ -549,9 +548,9 @@
if (crp->crp_etype) {
if (crp->crp_etype == EAGAIN) {
/* Reset the session ID */
- if (ipsec_updateid(sav, &crp->crp_sid, &cryptoid) != 0)
+ if (ipsec_updateid(sav, &crp->crp_session, &cryptoid) != 0)
crypto_freesession(cryptoid);
- xd->cryptoid = crp->crp_sid;
+ xd->cryptoid = crp->crp_session;
CURVNET_RESTORE();
return (crypto_dispatch(crp));
}

File Metadata

Mime Type
text/plain
Expires
Wed, Apr 8, 9:47 AM (12 h, 48 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
31092625
Default Alt Text
D16216.id45140.diff (9 KB)

Event Timeline