From 2c1d530904cce19ff67dafd44cdcb86aadde8484 Mon Sep 17 00:00:00 2001 From: ozaki-r Date: Wed, 14 Feb 2018 09:13:03 +0000 Subject: [PATCH] Dedup common codes in error paths (NFCI) --- sys/netipsec/xform_esp.c | 29 ++++++++++++--------------- sys/netipsec/xform_ipcomp.c | 40 ++++++++++++++++++------------------- 2 files changed, 33 insertions(+), 36 deletions(-) diff --git a/sys/netipsec/xform_esp.c b/sys/netipsec/xform_esp.c index a8cf5589a238..188164c3acf1 100644 --- a/sys/netipsec/xform_esp.c +++ b/sys/netipsec/xform_esp.c @@ -1,4 +1,4 @@ -/* $NetBSD: xform_esp.c,v 1.74 2018/02/14 08:59:23 ozaki-r Exp $ */ +/* $NetBSD: xform_esp.c,v 1.75 2018/02/14 09:13:03 ozaki-r Exp $ */ /* $FreeBSD: src/sys/netipsec/xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */ /* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */ @@ -39,7 +39,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.74 2018/02/14 08:59:23 ozaki-r Exp $"); +__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.75 2018/02/14 09:13:03 ozaki-r Exp $"); #if defined(_KERNEL_OPT) #include "opt_inet.h" @@ -306,9 +306,8 @@ esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) const struct auth_hash *esph; const struct enc_xform *espx; struct tdb_crypto *tc; - int plen, alen, hlen, error; + int plen, alen, hlen, error, stat = ESP_STAT_CRYPTO; struct newesp *esp; - struct cryptodesc *crde; struct cryptop *crp; @@ -353,9 +352,9 @@ esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) " SA %s/%08lx\n", __func__, plen, espx->blocksize, ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)), (u_long) ntohl(sav->spi))); - ESP_STATINC(ESP_STAT_BADILEN); - m_freem(m); - return EINVAL; + stat = ESP_STAT_BADILEN; + error = EINVAL; + goto out; } /* @@ -365,9 +364,9 @@ esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) char logbuf[IPSEC_LOGSASTRLEN]; DPRINTF(("%s: packet replay check for %s\n", __func__, ipsec_logsastr(sav, logbuf, sizeof(logbuf)))); /*XXX*/ - ESP_STATINC(ESP_STAT_REPLAY); - m_freem(m); - return ENOBUFS; /*XXX*/ + stat = ESP_STAT_REPLAY; + error = ENOBUFS; /*XXX*/ + goto out; } /* Update the counters */ @@ -441,11 +440,9 @@ esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) */ if (__predict_false(sav->state == SADB_SASTATE_DEAD)) { pserialize_read_exit(s); - pool_cache_put(esp_tdb_crypto_pool_cache, tc); - crypto_freereq(crp); - ESP_STATINC(ESP_STAT_NOTDB); - m_freem(m); - return ENOENT; + stat = ESP_STAT_NOTDB; + error = ENOENT; + goto out2; } KEY_SA_REF(sav); pserialize_read_exit(s); @@ -490,7 +487,7 @@ out2: out1: crypto_freereq(crp); out: - ESP_STATINC(ESP_STAT_CRYPTO); + ESP_STATINC(stat); m_freem(m); return error; } diff --git a/sys/netipsec/xform_ipcomp.c b/sys/netipsec/xform_ipcomp.c index 4bf365fc5f1c..2c6501ddcc27 100644 --- a/sys/netipsec/xform_ipcomp.c +++ b/sys/netipsec/xform_ipcomp.c @@ -1,4 +1,4 @@ -/* $NetBSD: xform_ipcomp.c,v 1.54 2018/02/14 08:59:23 ozaki-r Exp $ */ +/* $NetBSD: xform_ipcomp.c,v 1.55 2018/02/14 09:13:03 ozaki-r Exp $ */ /* $FreeBSD: src/sys/netipsec/xform_ipcomp.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */ /* $OpenBSD: ip_ipcomp.c,v 1.1 2001/07/05 12:08:52 jjbg Exp $ */ @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.54 2018/02/14 08:59:23 ozaki-r Exp $"); +__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.55 2018/02/14 09:13:03 ozaki-r Exp $"); /* IP payload compression protocol (IPComp), see RFC 2393 */ #if defined(_KERNEL_OPT) @@ -152,36 +152,29 @@ ipcomp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) struct tdb_crypto *tc; struct cryptodesc *crdc; struct cryptop *crp; - int error, hlen = IPCOMP_HLENGTH; + int error, hlen = IPCOMP_HLENGTH, stat = IPCOMP_STAT_CRYPTO; IPSEC_SPLASSERT_SOFTNET(__func__); /* Get crypto descriptors */ crp = crypto_getreq(1); if (crp == NULL) { - m_freem(m); DPRINTF(("%s: no crypto descriptors\n", __func__)); - IPCOMP_STATINC(IPCOMP_STAT_CRYPTO); - return ENOBUFS; + error = ENOBUFS; + goto error_m; } /* Get IPsec-specific opaque pointer */ tc = pool_cache_get(ipcomp_tdb_crypto_pool_cache, PR_NOWAIT); if (tc == NULL) { - m_freem(m); - crypto_freereq(crp); DPRINTF(("%s: cannot allocate tdb_crypto\n", __func__)); - IPCOMP_STATINC(IPCOMP_STAT_CRYPTO); - return ENOBUFS; + error = ENOBUFS; + goto error_crp; } error = m_makewritable(&m, 0, m->m_pkthdr.len, M_NOWAIT); if (error) { DPRINTF(("%s: m_makewritable failed\n", __func__)); - m_freem(m); - pool_cache_put(ipcomp_tdb_crypto_pool_cache, tc); - crypto_freereq(crp); - IPCOMP_STATINC(IPCOMP_STAT_CRYPTO); - return error; + goto error_tc; } { @@ -192,11 +185,9 @@ ipcomp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) */ if (__predict_false(sav->state == SADB_SASTATE_DEAD)) { pserialize_read_exit(s); - m_freem(m); - pool_cache_put(ipcomp_tdb_crypto_pool_cache, tc); - crypto_freereq(crp); - IPCOMP_STATINC(IPCOMP_STAT_NOTDB); - return ENOENT; + stat = IPCOMP_STAT_NOTDB; + error = ENOENT; + goto error_tc; } KEY_SA_REF(sav); pserialize_read_exit(s); @@ -229,6 +220,15 @@ ipcomp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) tc->tc_sav = sav; return crypto_dispatch(crp); + +error_tc: + pool_cache_put(ipcomp_tdb_crypto_pool_cache, tc); +error_crp: + crypto_freereq(crp); +error_m: + m_freem(m); + IPCOMP_STATINC(stat); + return error; } #ifdef INET6