Update to FreeBSD head 2018-02-01

Git mirror commit d079ae0442af8fa3cfd6d7ede190d04e64a2c0d4. Update #3472.
author: Sebastian Huber <sebastian.huber@embedded-brains.de> 2018-08-20 15:53:03 +0200
committer: Sebastian Huber <sebastian.huber@embedded-brains.de> 2018-09-21 10:29:39 +0200
commit: 18fa92c2dcc6c52e0bf27d214d80f0c25a89b47d (patch)
tree: a3020ac5b1f366f2f0920941b589808e435dbcee /freebsd/sys/netipsec
parent: Update to FreeBSD head 2017-12-01 (diff)
download: rtems-libbsd-18fa92c2dcc6c52e0bf27d214d80f0c25a89b47d.tar.bz2
4 files changed, 47 insertions, 59 deletions
diff --git a/freebsd/sys/netipsec/key.c b/freebsd/sys/netipsec/key.c
index 3652524c..31269058 100644
--- a/freebsd/sys/netipsec/key.c
+++ b/freebsd/sys/netipsec/key.c
@@ -5746,7 +5746,6 @@ static int
 key_setident(struct secashead *sah, const struct sadb_msghdr *mhp)
 {
 	const struct sadb_ident *idsrc, *iddst;
-	int idsrclen, iddstlen;
 
 	IPSEC_ASSERT(sah != NULL, ("null secashead"));
 	IPSEC_ASSERT(mhp != NULL, ("null msghdr"));
@@ -5768,8 +5767,6 @@ key_setident(struct secashead *sah, const struct sadb_msghdr *mhp)
 
 	idsrc = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_SRC];
 	iddst = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_DST];
-	idsrclen = mhp->extlen[SADB_EXT_IDENTITY_SRC];
-	iddstlen = mhp->extlen[SADB_EXT_IDENTITY_DST];
 
 	/* validity check */
 	if (idsrc->sadb_ident_type != iddst->sadb_ident_type) {
@@ -7466,7 +7463,6 @@ key_dump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
 	SAHTREE_RLOCK_TRACKER;
 	struct secashead *sah;
 	struct secasvar *sav;
-	struct sadb_msg *newmsg;
 	struct mbuf *n;
 	uint32_t cnt;
 	uint8_t proto, satype;
@@ -7503,7 +7499,6 @@ key_dump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
 	}
 
 	/* send this to the userland, one at a time. */
-	newmsg = NULL;
 	TAILQ_FOREACH(sah, &V_sahtree, chain) {
 		if (mhp->msg->sadb_msg_satype != SADB_SATYPE_UNSPEC &&
 		    proto != sah->saidx.proto)
@@ -8149,7 +8144,10 @@ key_destroy(void)
 		TAILQ_CONCAT(&drainq, &V_sptree[i], chain);
 		TAILQ_CONCAT(&drainq, &V_sptree_ifnet[i], chain);
 	}
+	for (i = 0; i < V_sphash_mask + 1; i++)
+		LIST_INIT(&V_sphashtbl[i]);
 	SPTREE_WUNLOCK();
+
 	sp = TAILQ_FIRST(&drainq);
 	while (sp != NULL) {
 		nextsp = TAILQ_NEXT(sp, chain);
@@ -8200,6 +8198,10 @@ key_destroy(void)
 		free(acq, M_IPSEC_SAQ);
 		acq = nextacq;
 	}
+	for (i = 0; i < V_acqaddrhash_mask + 1; i++)
+		LIST_INIT(&V_acqaddrhashtbl[i]);
+	for (i = 0; i < V_acqseqhash_mask + 1; i++)
+		LIST_INIT(&V_acqseqhashtbl[i]);
 	ACQ_UNLOCK();
 
 	SPACQ_LOCK();
@@ -8215,6 +8217,18 @@ key_destroy(void)
 	hashdestroy(V_acqaddrhashtbl, M_IPSEC_SAQ, V_acqaddrhash_mask);
 	hashdestroy(V_acqseqhashtbl, M_IPSEC_SAQ, V_acqseqhash_mask);
 	uma_zdestroy(V_key_lft_zone);
+
+	if (!IS_DEFAULT_VNET(curvnet))
+		return;
+#ifndef IPSEC_DEBUG2
+	callout_drain(&key_timer);
+#endif
+	XFORMS_LOCK_DESTROY();
+	SPTREE_LOCK_DESTROY();
+	REGTREE_LOCK_DESTROY();
+	SAHTREE_LOCK_DESTROY();
+	ACQ_LOCK_DESTROY();
+	SPACQ_LOCK_DESTROY();
 }
 #endif
 
diff --git a/freebsd/sys/netipsec/xform_ah.c b/freebsd/sys/netipsec/xform_ah.c
index 5667f78f..9125ba40 100644
--- a/freebsd/sys/netipsec/xform_ah.c
+++ b/freebsd/sys/netipsec/xform_ah.c
@@ -266,7 +266,7 @@ ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out)
 #ifdef INET6
 	struct ip6_ext *ip6e;
 	struct ip6_hdr ip6;
-	int alloc, len, ad;
+	int ad, alloc, nxt, noff;
 #endif /* INET6 */
 
 	switch (proto) {
@@ -295,7 +295,7 @@ ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out)
 		else
 			ip->ip_off = htons(0);
 
-		ptr = mtod(m, unsigned char *) + sizeof(struct ip);
+		ptr = mtod(m, unsigned char *);
 
 		/* IPv4 option processing */
 		for (off = sizeof(struct ip); off < skip;) {
@@ -376,7 +376,7 @@ ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out)
 
 				/* Zeroize all other options. */
 				count = ptr[off + 1];
-				bcopy(ipseczeroes, ptr, count);
+				bcopy(ipseczeroes, ptr + off, count);
 				off += count;
 				break;
 			}
@@ -449,61 +449,44 @@ ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out)
 		} else
 			break;
 
-		off = ip6.ip6_nxt & 0xff; /* Next header type. */
+		nxt = ip6.ip6_nxt & 0xff; /* Next header type. */
 
-		for (len = 0; len < skip - sizeof(struct ip6_hdr);)
-			switch (off) {
+		for (off = 0; off < skip - sizeof(struct ip6_hdr);)
+			switch (nxt) {
 			case IPPROTO_HOPOPTS:
 			case IPPROTO_DSTOPTS:
-				ip6e = (struct ip6_ext *) (ptr + len);
+				ip6e = (struct ip6_ext *)(ptr + off);
+				noff = off + ((ip6e->ip6e_len + 1) << 3);
+
+				/* Sanity check. */
+				if (noff > skip - sizeof(struct ip6_hdr))
+					goto error6;
 
 				/*
-				 * Process the mutable/immutable
-				 * options -- borrows heavily from the
-				 * KAME code.
+				 * Zero out mutable options.
 				 */
-				for (count = len + sizeof(struct ip6_ext);
-				     count < len + ((ip6e->ip6e_len + 1) << 3);) {
+				for (count = off + sizeof(struct ip6_ext);
+				     count < noff;) {
 					if (ptr[count] == IP6OPT_PAD1) {
 						count++;
 						continue; /* Skip padding. */
 					}
 
-					/* Sanity check. */
-					if (count > len +
-					    ((ip6e->ip6e_len + 1) << 3)) {
-						m_freem(m);
-
-						/* Free, if we allocated. */
-						if (alloc)
-							free(ptr, M_XDATA);
-						return EINVAL;
-					}
-
-					ad = ptr[count + 1];
+					ad = ptr[count + 1] + 2;
+					if (count + ad > noff)
+						goto error6;
 
-					/* If mutable option, zeroize. */
 					if (ptr[count] & IP6OPT_MUTABLE)
-						bcopy(ipseczeroes, ptr + count,
-						    ptr[count + 1]);
-
+						memset(ptr + count, 0, ad);
 					count += ad;
-
-					/* Sanity check. */
-					if (count >
-					    skip - sizeof(struct ip6_hdr)) {
-						m_freem(m);
-
-						/* Free, if we allocated. */
-						if (alloc)
-							free(ptr, M_XDATA);
-						return EINVAL;
-					}
 				}
 
+				if (count != noff)
+					goto error6;
+
 				/* Advance. */
-				len += ((ip6e->ip6e_len + 1) << 3);
-				off = ip6e->ip6e_nxt;
+				off += ((ip6e->ip6e_len + 1) << 3);
+				nxt = ip6e->ip6e_nxt;
 				break;
 
 			case IPPROTO_ROUTING:
@@ -511,14 +494,15 @@ ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out)
 				 * Always include routing headers in
 				 * computation.
 				 */
-				ip6e = (struct ip6_ext *) (ptr + len);
-				len += ((ip6e->ip6e_len + 1) << 3);
-				off = ip6e->ip6e_nxt;
+				ip6e = (struct ip6_ext *) (ptr + off);
+				off += ((ip6e->ip6e_len + 1) << 3);
+				nxt = ip6e->ip6e_nxt;
 				break;
 
 			default:
 				DPRINTF(("%s: unexpected IPv6 header type %d",
 					__func__, off));
+error6:
 				if (alloc)
 					free(ptr, M_XDATA);
 				m_freem(m);
@@ -687,9 +671,7 @@ ah_input_cb(struct cryptop *crp)
 {
 	IPSEC_DEBUG_DECLARE(char buf[IPSEC_ADDRSTRLEN]);
 	unsigned char calc[AH_ALEN_MAX];
-	const struct auth_hash *ahx;
 	struct mbuf *m;
-	struct cryptodesc *crd;
 	struct xform_data *xd;
 	struct secasvar *sav;
 	struct secasindex *saidx;
@@ -698,7 +680,6 @@ ah_input_cb(struct cryptop *crp)
 	int authsize, rplen, error, skip, protoff;
 	uint8_t nxt;
 
-	crd = crp->crp_desc;
 	m = (struct mbuf *) crp->crp_buf;
 	xd = (struct xform_data *) crp->crp_opaque;
 	sav = xd->sav;
@@ -711,8 +692,6 @@ ah_input_cb(struct cryptop *crp)
 		saidx->dst.sa.sa_family == AF_INET6,
 		("unexpected protocol family %u", saidx->dst.sa.sa_family));
 
-	ahx = sav->tdb_authalgxform;
-
 	/* Check for crypto errors. */
 	if (crp->crp_etype) {
 		if (crp->crp_etype == EAGAIN) {
diff --git a/freebsd/sys/netipsec/xform_esp.c b/freebsd/sys/netipsec/xform_esp.c
index 8af95f7d..f26b8ae7 100644
--- a/freebsd/sys/netipsec/xform_esp.c
+++ b/freebsd/sys/netipsec/xform_esp.c
@@ -443,7 +443,6 @@ esp_input_cb(struct cryptop *crp)
 	IPSEC_DEBUG_DECLARE(char buf[128]);
 	u_int8_t lastthree[3], aalg[AH_HMAC_MAXHASHLEN];
 	const struct auth_hash *esph;
-	const struct enc_xform *espx;
 	struct mbuf *m;
 	struct cryptodesc *crd;
 	struct xform_data *xd;
@@ -464,7 +463,6 @@ esp_input_cb(struct cryptop *crp)
 	cryptoid = xd->cryptoid;
 	saidx = &sav->sah->saidx;
 	esph = sav->tdb_authalgxform;
-	espx = sav->tdb_encalgxform;
 
 	/* Check for crypto errors */
 	if (crp->crp_etype) {
diff --git a/freebsd/sys/netipsec/xform_ipcomp.c b/freebsd/sys/netipsec/xform_ipcomp.c
index 4764e609..956383d5 100644
--- a/freebsd/sys/netipsec/xform_ipcomp.c
+++ b/freebsd/sys/netipsec/xform_ipcomp.c
@@ -276,7 +276,6 @@ static int
 ipcomp_input_cb(struct cryptop *crp)
 {
 	IPSEC_DEBUG_DECLARE(char buf[IPSEC_ADDRSTRLEN]);
-	struct cryptodesc *crd;
 	struct xform_data *xd;
 	struct mbuf *m;
 	struct secasvar *sav;
@@ -287,8 +286,6 @@ ipcomp_input_cb(struct cryptop *crp)
 	int skip, protoff;
 	uint8_t nproto;
 
-	crd = crp->crp_desc;
-
 	m = (struct mbuf *) crp->crp_buf;
 	xd = (struct xform_data *) crp->crp_opaque;
 	sav = xd->sav;
author	Sebastian Huber <sebastian.huber@embedded-brains.de>	2018-08-20 15:53:03 +0200
committer	Sebastian Huber <sebastian.huber@embedded-brains.de>	2018-09-21 10:29:39 +0200
commit	18fa92c2dcc6c52e0bf27d214d80f0c25a89b47d (patch)
tree	a3020ac5b1f366f2f0920941b589808e435dbcee /freebsd/sys/netipsec
parent	Update to FreeBSD head 2017-12-01 (diff)
download	rtems-libbsd-18fa92c2dcc6c52e0bf27d214d80f0c25a89b47d.tar.bz2