Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

opencrypto: Make crp_callback, krp_callback return void. 

Nothing uses the return values inside opencrypto, so let's stop
making users return them.
This commit is contained in:
riastradh 2022-05-22 11:30:40 +00:00
parent 661374afa3
commit 3ae8d479fa
5 changed files with 74 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
sys/netipsec/xform_ah.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: xform_ah.c,v 1.109 2019/11/01 04:23:21 knakahara Exp $ */ /* $NetBSD: xform_ah.c,v 1.110 2022/05/22 11:30:40 riastradh Exp $ */
/* $FreeBSD: xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */ /* $FreeBSD: xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */ /* $OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */
/* /*
@ -39,7 +39,7 @@
*/ */
#include <sys/cdefs.h> #include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.109 2019/11/01 04:23:21 knakahara Exp $"); __KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.110 2022/05/22 11:30:40 riastradh Exp $");
#if defined(_KERNEL_OPT) #if defined(_KERNEL_OPT)
#include "opt_inet.h" #include "opt_inet.h"
@ -108,8 +108,8 @@ static const char ipseczeroes[256];
int ah_max_authsize; /* max authsize over all algorithms */ int ah_max_authsize; /* max authsize over all algorithms */
static int ah_input_cb(struct cryptop *); static void ah_input_cb(struct cryptop *);
static int ah_output_cb(struct cryptop *); static void ah_output_cb(struct cryptop *);
const uint8_t ah_stats[256] = { SADB_AALG_STATS_INIT }; const uint8_t ah_stats[256] = { SADB_AALG_STATS_INIT };
@ -713,24 +713,24 @@ bad:
#ifdef INET6 #ifdef INET6
#define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) do { \ #define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) do { \
if (saidx->dst.sa.sa_family == AF_INET6) { \ if (saidx->dst.sa.sa_family == AF_INET6) { \
error = ipsec6_common_input_cb(m, sav, skip, protoff); \ (void)ipsec6_common_input_cb(m, sav, skip, protoff); \
} else { \ } else { \
error = ipsec4_common_input_cb(m, sav, skip, protoff); \ (void)ipsec4_common_input_cb(m, sav, skip, protoff); \
} \ } \
} while (0) } while (0)
#else #else
#define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) \ #define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) \
(error = ipsec4_common_input_cb(m, sav, skip, protoff)) ((void)ipsec4_common_input_cb(m, sav, skip, protoff))
#endif #endif
/* /*
* AH input callback from the crypto driver. * AH input callback from the crypto driver.
*/ */
static int static void
ah_input_cb(struct cryptop *crp) ah_input_cb(struct cryptop *crp)
{ {
char buf[IPSEC_ADDRSTRLEN]; char buf[IPSEC_ADDRSTRLEN];
int rplen, ahsize, error, skip, protoff; int rplen, ahsize, skip, protoff;
unsigned char calc[AH_ALEN_MAX]; unsigned char calc[AH_ALEN_MAX];
struct mbuf *m; struct mbuf *m;
struct tdb_crypto *tc; struct tdb_crypto *tc;
@ -776,12 +776,12 @@ ah_input_cb(struct cryptop *crp)
if (crp->crp_etype == EAGAIN) { if (crp->crp_etype == EAGAIN) {
IPSEC_RELEASE_GLOBAL_LOCKS(); IPSEC_RELEASE_GLOBAL_LOCKS();
return crypto_dispatch(crp); (void)crypto_dispatch(crp);
return;
} }
AH_STATINC(AH_STAT_NOXFORM); AH_STATINC(AH_STAT_NOXFORM);
DPRINTF("crypto error %d\n", crp->crp_etype); DPRINTF("crypto error %d\n", crp->crp_etype);
error = crp->crp_etype;
goto bad; goto bad;
} else { } else {
AH_STATINC(AH_STAT_HIST + ah_stats[sav->alg_auth]); AH_STATINC(AH_STAT_HIST + ah_stats[sav->alg_auth]);
@ -814,7 +814,6 @@ ah_input_cb(struct cryptop *crp)
pppp[4], pppp[5], pppp[6], pppp[7], pppp[4], pppp[5], pppp[6], pppp[7],
pppp[8], pppp[9], pppp[10], pppp[11]); pppp[8], pppp[9], pppp[10], pppp[11]);
AH_STATINC(AH_STAT_BADAUTH); AH_STATINC(AH_STAT_BADAUTH);
error = EACCES;
goto bad; goto bad;
} }
@ -845,7 +844,6 @@ ah_input_cb(struct cryptop *crp)
sizeof(seq), &seq); sizeof(seq), &seq);
if (ipsec_updatereplay(ntohl(seq), sav)) { if (ipsec_updatereplay(ntohl(seq), sav)) {
AH_STATINC(AH_STAT_REPLAY); AH_STATINC(AH_STAT_REPLAY);
error = EACCES;
goto bad; goto bad;
} }
} }
@ -853,8 +851,7 @@ ah_input_cb(struct cryptop *crp)
/* /*
* Remove the AH header and authenticator from the mbuf. * Remove the AH header and authenticator from the mbuf.
*/ */
error = m_striphdr(m, skip, ahsize); if (m_striphdr(m, skip, ahsize) != 0) {
if (error) {
DPRINTF("mangled mbuf chain for SA %s/%08lx\n", DPRINTF("mangled mbuf chain for SA %s/%08lx\n",
ipsec_address(&saidx->dst, buf, sizeof(buf)), ipsec_address(&saidx->dst, buf, sizeof(buf)),
(u_long) ntohl(sav->spi)); (u_long) ntohl(sav->spi));
@ -867,7 +864,7 @@ ah_input_cb(struct cryptop *crp)
KEY_SA_UNREF(&sav); KEY_SA_UNREF(&sav);
IPSEC_RELEASE_GLOBAL_LOCKS(); IPSEC_RELEASE_GLOBAL_LOCKS();
return error; return;
bad: bad:
if (sav) if (sav)
@ -883,7 +880,7 @@ bad:
} }
if (crp != NULL) if (crp != NULL)
crypto_freereq(crp); crypto_freereq(crp);
return error; return;
} }
/* /*
@ -1135,16 +1132,16 @@ bad:
/* /*
* AH output callback from the crypto driver. * AH output callback from the crypto driver.
*/ */
static int static void
ah_output_cb(struct cryptop *crp) ah_output_cb(struct cryptop *crp)
{ {
int skip, error; int skip;
struct tdb_crypto *tc; struct tdb_crypto *tc;
const struct ipsecrequest *isr; const struct ipsecrequest *isr;
struct secasvar *sav; struct secasvar *sav;
struct mbuf *m; struct mbuf *m;
void *ptr; void *ptr;
int err, flags; int flags;
size_t size; size_t size;
bool pool_used; bool pool_used;
IPSEC_DECLARE_LOCK_VARIABLE; IPSEC_DECLARE_LOCK_VARIABLE;
@ -1169,12 +1166,12 @@ ah_output_cb(struct cryptop *crp)
if (crp->crp_etype == EAGAIN) { if (crp->crp_etype == EAGAIN) {
IPSEC_RELEASE_GLOBAL_LOCKS(); IPSEC_RELEASE_GLOBAL_LOCKS();
return crypto_dispatch(crp); (void)crypto_dispatch(crp);
return;
} }
AH_STATINC(AH_STAT_NOXFORM); AH_STATINC(AH_STAT_NOXFORM);
DPRINTF("crypto error %d\n", crp->crp_etype); DPRINTF("crypto error %d\n", crp->crp_etype);
error = crp->crp_etype;
goto bad; goto bad;
} }
@ -1209,11 +1206,11 @@ ah_output_cb(struct cryptop *crp)
#endif #endif
/* NB: m is reclaimed by ipsec_process_done. */ /* NB: m is reclaimed by ipsec_process_done. */
err = ipsec_process_done(m, isr, sav, flags); (void)ipsec_process_done(m, isr, sav, flags);
KEY_SA_UNREF(&sav); KEY_SA_UNREF(&sav);
KEY_SP_UNREF(&isr->sp); KEY_SP_UNREF(&isr->sp);
IPSEC_RELEASE_GLOBAL_LOCKS(); IPSEC_RELEASE_GLOBAL_LOCKS();
return err; return;
bad: bad:
if (sav) if (sav)
KEY_SA_UNREF(&sav); KEY_SA_UNREF(&sav);
@ -1226,7 +1223,6 @@ bad:
else else
kmem_intr_free(tc, size); kmem_intr_free(tc, size);
crypto_freereq(crp); crypto_freereq(crp);
return error;
} }
static struct xformsw ah_xformsw = { static struct xformsw ah_xformsw = {

45
sys/netipsec/xform_esp.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: xform_esp.c,v 1.101 2020/10/05 09:51:25 knakahara Exp $ */ /* $NetBSD: xform_esp.c,v 1.102 2022/05/22 11:30:40 riastradh Exp $ */
/* $FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */ /* $FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */ /* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
@ -39,7 +39,7 @@
*/ */
#include <sys/cdefs.h> #include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.101 2020/10/05 09:51:25 knakahara Exp $"); __KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.102 2022/05/22 11:30:40 riastradh Exp $");
#if defined(_KERNEL_OPT) #if defined(_KERNEL_OPT)
#include "opt_inet.h" #include "opt_inet.h"
@ -90,8 +90,8 @@ int esp_enable = 1;
static int esp_max_ivlen; /* max iv length over all algorithms */ static int esp_max_ivlen; /* max iv length over all algorithms */
static int esp_input_cb(struct cryptop *op); static void esp_input_cb(struct cryptop *op);
static int esp_output_cb(struct cryptop *crp); static void esp_output_cb(struct cryptop *crp);
const uint8_t esp_stats[256] = { SADB_EALG_STATS_INIT }; const uint8_t esp_stats[256] = { SADB_EALG_STATS_INIT };
@ -488,25 +488,25 @@ out:
#ifdef INET6 #ifdef INET6
#define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) do { \ #define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) do { \
if (saidx->dst.sa.sa_family == AF_INET6) { \ if (saidx->dst.sa.sa_family == AF_INET6) { \
error = ipsec6_common_input_cb(m, sav, skip, protoff); \ (void)ipsec6_common_input_cb(m, sav, skip, protoff); \
} else { \ } else { \
error = ipsec4_common_input_cb(m, sav, skip, protoff); \ (void)ipsec4_common_input_cb(m, sav, skip, protoff); \
} \ } \
} while (0) } while (0)
#else #else
#define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) \ #define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) \
(error = ipsec4_common_input_cb(m, sav, skip, protoff)) ((void)ipsec4_common_input_cb(m, sav, skip, protoff))
#endif #endif
/* /*
* ESP input callback from the crypto driver. * ESP input callback from the crypto driver.
*/ */
static int static void
esp_input_cb(struct cryptop *crp) esp_input_cb(struct cryptop *crp)
{ {
char buf[IPSEC_ADDRSTRLEN]; char buf[IPSEC_ADDRSTRLEN];
uint8_t lastthree[3], aalg[AH_ALEN_MAX]; uint8_t lastthree[3], aalg[AH_ALEN_MAX];
int hlen, skip, protoff, error; int hlen, skip, protoff;
struct mbuf *m; struct mbuf *m;
const struct auth_hash *esph; const struct auth_hash *esph;
struct tdb_crypto *tc; struct tdb_crypto *tc;
@ -542,12 +542,12 @@ esp_input_cb(struct cryptop *crp)
if (crp->crp_etype == EAGAIN) { if (crp->crp_etype == EAGAIN) {
KEY_SA_UNREF(&sav); KEY_SA_UNREF(&sav);
IPSEC_RELEASE_GLOBAL_LOCKS(); IPSEC_RELEASE_GLOBAL_LOCKS();
return crypto_dispatch(crp); (void)crypto_dispatch(crp);
return;
} }
ESP_STATINC(ESP_STAT_NOXFORM); ESP_STATINC(ESP_STAT_NOXFORM);
DPRINTF("crypto error %d\n", crp->crp_etype); DPRINTF("crypto error %d\n", crp->crp_etype);
error = crp->crp_etype;
goto bad; goto bad;
} }
@ -574,7 +574,6 @@ esp_input_cb(struct cryptop *crp)
ipsec_address(&saidx->dst, buf, ipsec_address(&saidx->dst, buf,
sizeof(buf)), (u_long) ntohl(sav->spi)); sizeof(buf)), (u_long) ntohl(sav->spi));
ESP_STATINC(ESP_STAT_BADAUTH); ESP_STATINC(ESP_STAT_BADAUTH);
error = EACCES;
goto bad; goto bad;
} }
@ -606,7 +605,6 @@ esp_input_cb(struct cryptop *crp)
DPRINTF("packet replay check for %s\n", DPRINTF("packet replay check for %s\n",
ipsec_logsastr(sav, logbuf, sizeof(logbuf))); ipsec_logsastr(sav, logbuf, sizeof(logbuf)));
ESP_STATINC(ESP_STAT_REPLAY); ESP_STATINC(ESP_STAT_REPLAY);
error = EACCES;
goto bad; goto bad;
} }
} }
@ -618,8 +616,7 @@ esp_input_cb(struct cryptop *crp)
hlen = sizeof(struct newesp) + sav->ivlen; hlen = sizeof(struct newesp) + sav->ivlen;
/* Remove the ESP header and IV from the mbuf. */ /* Remove the ESP header and IV from the mbuf. */
error = m_striphdr(m, skip, hlen); if (m_striphdr(m, skip, hlen) != 0) {
if (error) {
ESP_STATINC(ESP_STAT_HDROPS); ESP_STATINC(ESP_STAT_HDROPS);
DPRINTF("bad mbuf chain, SA %s/%08lx\n", DPRINTF("bad mbuf chain, SA %s/%08lx\n",
ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)), ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)),
@ -638,7 +635,6 @@ esp_input_cb(struct cryptop *crp)
lastthree[1], m->m_pkthdr.len - skip, lastthree[1], m->m_pkthdr.len - skip,
ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)), ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)),
(u_long) ntohl(sav->spi)); (u_long) ntohl(sav->spi));
error = EINVAL;
goto bad; goto bad;
} }
@ -652,7 +648,6 @@ esp_input_cb(struct cryptop *crp)
sizeof(buf)), (u_long) ntohl(sav->spi)); sizeof(buf)), (u_long) ntohl(sav->spi));
DPRINTF("%x %x\n", lastthree[0], DPRINTF("%x %x\n", lastthree[0],
lastthree[1]); lastthree[1]);
error = EINVAL;
goto bad; goto bad;
} }
} }
@ -667,7 +662,7 @@ esp_input_cb(struct cryptop *crp)
KEY_SA_UNREF(&sav); KEY_SA_UNREF(&sav);
IPSEC_RELEASE_GLOBAL_LOCKS(); IPSEC_RELEASE_GLOBAL_LOCKS();
return error; return;
bad: bad:
if (sav) if (sav)
KEY_SA_UNREF(&sav); KEY_SA_UNREF(&sav);
@ -678,7 +673,6 @@ bad:
pool_cache_put(esp_tdb_crypto_pool_cache, tc); pool_cache_put(esp_tdb_crypto_pool_cache, tc);
if (crp != NULL) if (crp != NULL)
crypto_freereq(crp); crypto_freereq(crp);
return error;
} }
/* /*
@ -949,14 +943,14 @@ bad:
/* /*
* ESP output callback from the crypto driver. * ESP output callback from the crypto driver.
*/ */
static int static void
esp_output_cb(struct cryptop *crp) esp_output_cb(struct cryptop *crp)
{ {
struct tdb_crypto *tc; struct tdb_crypto *tc;
const struct ipsecrequest *isr; const struct ipsecrequest *isr;
struct secasvar *sav; struct secasvar *sav;
struct mbuf *m; struct mbuf *m;
int err, error, flags; int flags;
IPSEC_DECLARE_LOCK_VARIABLE; IPSEC_DECLARE_LOCK_VARIABLE;
KASSERT(crp->crp_opaque != NULL); KASSERT(crp->crp_opaque != NULL);
@ -976,12 +970,12 @@ esp_output_cb(struct cryptop *crp)
if (crp->crp_etype == EAGAIN) { if (crp->crp_etype == EAGAIN) {
IPSEC_RELEASE_GLOBAL_LOCKS(); IPSEC_RELEASE_GLOBAL_LOCKS();
return crypto_dispatch(crp); (void)crypto_dispatch(crp);
return;
} }
ESP_STATINC(ESP_STAT_NOXFORM); ESP_STATINC(ESP_STAT_NOXFORM);
DPRINTF("crypto error %d\n", crp->crp_etype); DPRINTF("crypto error %d\n", crp->crp_etype);
error = crp->crp_etype;
goto bad; goto bad;
} }
@ -1013,11 +1007,11 @@ esp_output_cb(struct cryptop *crp)
#endif #endif
/* NB: m is reclaimed by ipsec_process_done. */ /* NB: m is reclaimed by ipsec_process_done. */
err = ipsec_process_done(m, isr, sav, flags); (void)ipsec_process_done(m, isr, sav, flags);
KEY_SA_UNREF(&sav); KEY_SA_UNREF(&sav);
KEY_SP_UNREF(&isr->sp); KEY_SP_UNREF(&isr->sp);
IPSEC_RELEASE_GLOBAL_LOCKS(); IPSEC_RELEASE_GLOBAL_LOCKS();
return err; return;
bad: bad:
if (sav) if (sav)
@ -1028,7 +1022,6 @@ bad:
m_freem(m); m_freem(m);
pool_cache_put(esp_tdb_crypto_pool_cache, tc); pool_cache_put(esp_tdb_crypto_pool_cache, tc);
crypto_freereq(crp); crypto_freereq(crp);
return error;
} }
static struct xformsw esp_xformsw = { static struct xformsw esp_xformsw = {

45
sys/netipsec/xform_ipcomp.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: xform_ipcomp.c,v 1.69 2019/11/01 04:23:21 knakahara Exp $ */ /* $NetBSD: xform_ipcomp.c,v 1.70 2022/05/22 11:30:40 riastradh Exp $ */
/* $FreeBSD: xform_ipcomp.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */ /* $FreeBSD: xform_ipcomp.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_ipcomp.c,v 1.1 2001/07/05 12:08:52 jjbg Exp $ */ /* $OpenBSD: ip_ipcomp.c,v 1.1 2001/07/05 12:08:52 jjbg Exp $ */
@ -30,7 +30,7 @@
*/ */
#include <sys/cdefs.h> #include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.69 2019/11/01 04:23:21 knakahara Exp $"); __KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.70 2022/05/22 11:30:40 riastradh Exp $");
/* IP payload compression protocol (IPComp), see RFC 2393 */ /* IP payload compression protocol (IPComp), see RFC 2393 */
#if defined(_KERNEL_OPT) #if defined(_KERNEL_OPT)
@ -75,8 +75,8 @@ percpu_t *ipcompstat_percpu;
int ipcomp_enable = 1; int ipcomp_enable = 1;
static int ipcomp_input_cb(struct cryptop *crp); static void ipcomp_input_cb(struct cryptop *crp);
static int ipcomp_output_cb(struct cryptop *crp); static void ipcomp_output_cb(struct cryptop *crp);
const uint8_t ipcomp_stats[256] = { SADB_CALG_STATS_INIT }; const uint8_t ipcomp_stats[256] = { SADB_CALG_STATS_INIT };
@ -225,20 +225,20 @@ error_m:
#ifdef INET6 #ifdef INET6
#define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) do { \ #define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) do { \
if (saidx->dst.sa.sa_family == AF_INET6) { \ if (saidx->dst.sa.sa_family == AF_INET6) { \
error = ipsec6_common_input_cb(m, sav, skip, protoff); \ (void)ipsec6_common_input_cb(m, sav, skip, protoff); \
} else { \ } else { \
error = ipsec4_common_input_cb(m, sav, skip, protoff); \ (void)ipsec4_common_input_cb(m, sav, skip, protoff); \
} \ } \
} while (0) } while (0)
#else #else
#define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) \ #define IPSEC_COMMON_INPUT_CB(m, sav, skip, protoff) \
(error = ipsec4_common_input_cb(m, sav, skip, protoff)) ((void)ipsec4_common_input_cb(m, sav, skip, protoff))
#endif #endif
/* /*
* IPComp input callback from the crypto driver. * IPComp input callback from the crypto driver.
*/ */
static int static void
ipcomp_input_cb(struct cryptop *crp) ipcomp_input_cb(struct cryptop *crp)
{ {
char buf[IPSEC_ADDRSTRLEN]; char buf[IPSEC_ADDRSTRLEN];
@ -247,7 +247,7 @@ ipcomp_input_cb(struct cryptop *crp)
struct mbuf *m; struct mbuf *m;
struct secasvar *sav; struct secasvar *sav;
struct secasindex *saidx __diagused; struct secasindex *saidx __diagused;
int hlen = IPCOMP_HLENGTH, error, clen; int hlen = IPCOMP_HLENGTH, clen;
uint8_t nproto; uint8_t nproto;
struct ipcomp *ipc; struct ipcomp *ipc;
IPSEC_DECLARE_LOCK_VARIABLE; IPSEC_DECLARE_LOCK_VARIABLE;
@ -275,12 +275,12 @@ ipcomp_input_cb(struct cryptop *crp)
if (crp->crp_etype == EAGAIN) { if (crp->crp_etype == EAGAIN) {
KEY_SA_UNREF(&sav); KEY_SA_UNREF(&sav);
IPSEC_RELEASE_GLOBAL_LOCKS(); IPSEC_RELEASE_GLOBAL_LOCKS();
return crypto_dispatch(crp); (void)crypto_dispatch(crp);
return;
} }
IPCOMP_STATINC(IPCOMP_STAT_NOXFORM); IPCOMP_STATINC(IPCOMP_STAT_NOXFORM);
DPRINTF("crypto error %d\n", crp->crp_etype); DPRINTF("crypto error %d\n", crp->crp_etype);
error = crp->crp_etype;
goto bad; goto bad;
} }
@ -309,7 +309,6 @@ ipcomp_input_cb(struct cryptop *crp)
if (m->m_len < skip + hlen && (m = m_pullup(m, skip + hlen)) == 0) { if (m->m_len < skip + hlen && (m = m_pullup(m, skip + hlen)) == 0) {
IPCOMP_STATINC(IPCOMP_STAT_HDROPS); IPCOMP_STATINC(IPCOMP_STAT_HDROPS);
DPRINTF("m_pullup failed\n"); DPRINTF("m_pullup failed\n");
error = EINVAL;
goto bad; goto bad;
} }
ipc = (struct ipcomp *)(mtod(m, uint8_t *) + skip); ipc = (struct ipcomp *)(mtod(m, uint8_t *) + skip);
@ -323,15 +322,13 @@ ipcomp_input_cb(struct cryptop *crp)
DPRINTF("nested ipcomp, IPCA %s/%08lx\n", DPRINTF("nested ipcomp, IPCA %s/%08lx\n",
ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)), ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)),
(u_long) ntohl(sav->spi)); (u_long) ntohl(sav->spi));
error = EINVAL;
goto bad; goto bad;
default: default:
break; break;
} }
/* Remove the IPCOMP header */ /* Remove the IPCOMP header */
error = m_striphdr(m, skip, hlen); if (m_striphdr(m, skip, hlen) != 0) {
if (error) {
IPCOMP_STATINC(IPCOMP_STAT_HDROPS); IPCOMP_STATINC(IPCOMP_STAT_HDROPS);
DPRINTF("bad mbuf chain, IPCA %s/%08lx\n", DPRINTF("bad mbuf chain, IPCA %s/%08lx\n",
ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)), ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)),
@ -346,7 +343,7 @@ ipcomp_input_cb(struct cryptop *crp)
KEY_SA_UNREF(&sav); KEY_SA_UNREF(&sav);
IPSEC_RELEASE_GLOBAL_LOCKS(); IPSEC_RELEASE_GLOBAL_LOCKS();
return error; return;
bad: bad:
if (sav) if (sav)
@ -358,7 +355,6 @@ bad:
pool_cache_put(ipcomp_tdb_crypto_pool_cache, tc); pool_cache_put(ipcomp_tdb_crypto_pool_cache, tc);
if (crp) if (crp)
crypto_freereq(crp); crypto_freereq(crp);
return error;
} }
/* /*
@ -517,7 +513,7 @@ bad:
/* /*
* IPComp output callback from the crypto driver. * IPComp output callback from the crypto driver.
*/ */
static int static void
ipcomp_output_cb(struct cryptop *crp) ipcomp_output_cb(struct cryptop *crp)
{ {
char buf[IPSEC_ADDRSTRLEN]; char buf[IPSEC_ADDRSTRLEN];
@ -525,7 +521,7 @@ ipcomp_output_cb(struct cryptop *crp)
const struct ipsecrequest *isr; const struct ipsecrequest *isr;
struct secasvar *sav; struct secasvar *sav;
struct mbuf *m, *mo; struct mbuf *m, *mo;
int error, skip, rlen, roff, flags; int skip, rlen, roff, flags;
uint8_t prot; uint8_t prot;
uint16_t cpi; uint16_t cpi;
struct ipcomp * ipcomp; struct ipcomp * ipcomp;
@ -550,11 +546,11 @@ ipcomp_output_cb(struct cryptop *crp)
if (crp->crp_etype == EAGAIN) { if (crp->crp_etype == EAGAIN) {
IPSEC_RELEASE_GLOBAL_LOCKS(); IPSEC_RELEASE_GLOBAL_LOCKS();
return crypto_dispatch(crp); (void)crypto_dispatch(crp);
return;
} }
IPCOMP_STATINC(IPCOMP_STAT_NOXFORM); IPCOMP_STATINC(IPCOMP_STAT_NOXFORM);
DPRINTF("crypto error %d\n", crp->crp_etype); DPRINTF("crypto error %d\n", crp->crp_etype);
error = crp->crp_etype;
goto bad; goto bad;
} }
@ -569,7 +565,6 @@ ipcomp_output_cb(struct cryptop *crp)
"IPCA %s/%08lx\n", "IPCA %s/%08lx\n",
ipsec_address(&sav->sah->saidx.dst, buf, ipsec_address(&sav->sah->saidx.dst, buf,
sizeof(buf)), (u_long) ntohl(sav->spi)); sizeof(buf)), (u_long) ntohl(sav->spi));
error = ENOBUFS;
goto bad; goto bad;
} }
ipcomp = (struct ipcomp *)(mtod(mo, char *) + roff); ipcomp = (struct ipcomp *)(mtod(mo, char *) + roff);
@ -620,7 +615,6 @@ ipcomp_output_cb(struct cryptop *crp)
sav->sah->saidx.dst.sa.sa_family, sav->sah->saidx.dst.sa.sa_family,
ipsec_address(&sav->sah->saidx.dst, buf, ipsec_address(&sav->sah->saidx.dst, buf,
sizeof(buf)), (u_long) ntohl(sav->spi)); sizeof(buf)), (u_long) ntohl(sav->spi));
error = EPFNOSUPPORT;
goto bad; goto bad;
} }
} else { } else {
@ -636,11 +630,11 @@ ipcomp_output_cb(struct cryptop *crp)
crypto_freereq(crp); crypto_freereq(crp);
/* NB: m is reclaimed by ipsec_process_done. */ /* NB: m is reclaimed by ipsec_process_done. */
error = ipsec_process_done(m, isr, sav, flags); (void)ipsec_process_done(m, isr, sav, flags);
KEY_SA_UNREF(&sav); KEY_SA_UNREF(&sav);
KEY_SP_UNREF(&isr->sp); KEY_SP_UNREF(&isr->sp);
IPSEC_RELEASE_GLOBAL_LOCKS(); IPSEC_RELEASE_GLOBAL_LOCKS();
return error; return;
bad: bad:
if (sav) if (sav)
@ -651,7 +645,6 @@ bad:
m_freem(m); m_freem(m);
pool_cache_put(ipcomp_tdb_crypto_pool_cache, tc); pool_cache_put(ipcomp_tdb_crypto_pool_cache, tc);
crypto_freereq(crp); crypto_freereq(crp);
return error;
} }
static struct xformsw ipcomp_xformsw = { static struct xformsw ipcomp_xformsw = {

28
sys/opencrypto/cryptodev.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: cryptodev.c,v 1.116 2022/05/22 11:29:54 riastradh Exp $ */ /* $NetBSD: cryptodev.c,v 1.117 2022/05/22 11:30:41 riastradh Exp $ */
/* $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $ */ /* $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $ */
/* $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $ */ /* $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $ */
@ -64,7 +64,7 @@
*/ */
#include <sys/cdefs.h> #include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.116 2022/05/22 11:29:54 riastradh Exp $"); __KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.117 2022/05/22 11:30:41 riastradh Exp $");
#include <sys/param.h> #include <sys/param.h>
#include <sys/systm.h> #include <sys/systm.h>
@ -188,11 +188,11 @@ static int cryptodev_key(struct crypt_kop *);
static int cryptodev_mkey(struct fcrypt *, struct crypt_n_kop *, int); static int cryptodev_mkey(struct fcrypt *, struct crypt_n_kop *, int);
static int cryptodev_msessionfin(struct fcrypt *, int, u_int32_t *); static int cryptodev_msessionfin(struct fcrypt *, int, u_int32_t *);
static int cryptodev_cb(struct cryptop *); static void cryptodev_cb(struct cryptop *);
static int cryptodevkey_cb(struct cryptkop *); static void cryptodevkey_cb(struct cryptkop *);
static int cryptodev_mcb(struct cryptop *); static void cryptodev_mcb(struct cryptop *);
static int cryptodevkey_mcb(struct cryptkop *); static void cryptodevkey_mcb(struct cryptkop *);
static int cryptodev_getmstatus(struct fcrypt *, struct crypt_result *, static int cryptodev_getmstatus(struct fcrypt *, struct crypt_result *,
int); int);
@ -711,7 +711,7 @@ bail:
return error; return error;
} }
static int static void
cryptodev_cb(struct cryptop *crp) cryptodev_cb(struct cryptop *crp)
{ {
struct csession *cse = crp->crp_opaque; struct csession *cse = crp->crp_opaque;
@ -720,7 +720,7 @@ cryptodev_cb(struct cryptop *crp)
if ((error = crp->crp_etype) == EAGAIN) { if ((error = crp->crp_etype) == EAGAIN) {
error = crypto_dispatch(crp); error = crypto_dispatch(crp);
if (error == 0) if (error == 0)
return 0; return;
} }
mutex_enter(&cryptodev_mtx); mutex_enter(&cryptodev_mtx);
@ -728,10 +728,9 @@ cryptodev_cb(struct cryptop *crp)
crp->crp_devflags |= CRYPTODEV_F_RET; crp->crp_devflags |= CRYPTODEV_F_RET;
cv_signal(&crp->crp_cv); cv_signal(&crp->crp_cv);
mutex_exit(&cryptodev_mtx); mutex_exit(&cryptodev_mtx);
return 0;
} }
static int static void
cryptodev_mcb(struct cryptop *crp) cryptodev_mcb(struct cryptop *crp)
{ {
struct csession *cse = crp->crp_opaque; struct csession *cse = crp->crp_opaque;
@ -740,7 +739,7 @@ cryptodev_mcb(struct cryptop *crp)
if ((error = crp->crp_etype) == EAGAIN) { if ((error = crp->crp_etype) == EAGAIN) {
error = crypto_dispatch(crp); error = crypto_dispatch(crp);
if (error == 0) if (error == 0)
return 0; return;
} }
mutex_enter(&cryptodev_mtx); mutex_enter(&cryptodev_mtx);
@ -748,10 +747,9 @@ cryptodev_mcb(struct cryptop *crp)
TAILQ_INSERT_TAIL(&crp->fcrp->crp_ret_mq, crp, crp_next); TAILQ_INSERT_TAIL(&crp->fcrp->crp_ret_mq, crp, crp_next);
selnotify(&crp->fcrp->sinfo, 0, 0); selnotify(&crp->fcrp->sinfo, 0, 0);
mutex_exit(&cryptodev_mtx); mutex_exit(&cryptodev_mtx);
return 0;
} }
static int static void
cryptodevkey_cb(struct cryptkop *krp) cryptodevkey_cb(struct cryptkop *krp)
{ {
@ -759,10 +757,9 @@ cryptodevkey_cb(struct cryptkop *krp)
krp->krp_devflags |= CRYPTODEV_F_RET; krp->krp_devflags |= CRYPTODEV_F_RET;
cv_signal(&krp->krp_cv); cv_signal(&krp->krp_cv);
mutex_exit(&cryptodev_mtx); mutex_exit(&cryptodev_mtx);
return 0;
} }
static int static void
cryptodevkey_mcb(struct cryptkop *krp) cryptodevkey_mcb(struct cryptkop *krp)
{ {
@ -771,7 +768,6 @@ cryptodevkey_mcb(struct cryptkop *krp)
TAILQ_INSERT_TAIL(&krp->fcrp->crp_ret_mkq, krp, krp_next); TAILQ_INSERT_TAIL(&krp->fcrp->crp_ret_mkq, krp, krp_next);
selnotify(&krp->fcrp->sinfo, 0, 0); selnotify(&krp->fcrp->sinfo, 0, 0);
mutex_exit(&cryptodev_mtx); mutex_exit(&cryptodev_mtx);
return 0;
} }
static int static int

6
sys/opencrypto/cryptodev.h
View File

@ -1,4 +1,4 @@
/* $NetBSD: cryptodev.h,v 1.45 2022/05/22 11:30:05 riastradh Exp $ */ /* $NetBSD: cryptodev.h,v 1.46 2022/05/22 11:30:41 riastradh Exp $ */
/* $FreeBSD: src/sys/opencrypto/cryptodev.h,v 1.2.2.6 2003/07/02 17:04:50 sam Exp $ */ /* $FreeBSD: src/sys/opencrypto/cryptodev.h,v 1.2.2.6 2003/07/02 17:04:50 sam Exp $ */
/* $OpenBSD: cryptodev.h,v 1.33 2002/07/17 23:52:39 art Exp $ */ /* $OpenBSD: cryptodev.h,v 1.33 2002/07/17 23:52:39 art Exp $ */
@ -483,7 +483,7 @@ struct cryptop {
void * crp_opaque; /* Opaque pointer, passed along */ void * crp_opaque; /* Opaque pointer, passed along */
struct cryptodesc *crp_desc; /* Linked list of processing descriptors */ struct cryptodesc *crp_desc; /* Linked list of processing descriptors */
int (*crp_callback)(struct cryptop *); /* void (*crp_callback)(struct cryptop *); /*
* Callback function. * Callback function.
* That must not sleep as it is * That must not sleep as it is
* called in softint context. * called in softint context.
@ -538,7 +538,7 @@ struct cryptkop {
u_short krp_oparams; /* # of output parameters */ u_short krp_oparams; /* # of output parameters */
u_int32_t krp_hid; u_int32_t krp_hid;
struct crparam krp_param[CRK_MAXPARAM]; /* kvm */ struct crparam krp_param[CRK_MAXPARAM]; /* kvm */
int (*krp_callback)(struct cryptkop *); /* void (*krp_callback)(struct cryptkop *); /*
* Callback function. * Callback function.
* That must not sleep as it is * That must not sleep as it is
* called in softint context. * called in softint context.