ipsec: rename ipsec_ip_input to ipsec_ip_input_checkpolicy

Because it just checks if a packet passes security policies.
2020-08-28 06:20:44 +00:00 · 2020-08-28 06:20:44 +00:00 · b494441ddd
parent c1e00d7df1
commit b494441ddd
5 changed files with 15 additions and 15 deletions
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@ -1,4 +1,4 @@
-/*	$NetBSD: ip_input.c,v 1.394 2020/08/28 06:19:13 ozaki-r Exp $	*/
+/*	$NetBSD: ip_input.c,v 1.395 2020/08/28 06:20:44 ozaki-r Exp $	*/
 /*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -91,7 +91,7 @@
 */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.394 2020/08/28 06:19:13 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.395 2020/08/28 06:20:44 ozaki-r Exp $");
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@ -740,7 +740,7 @@ ip_input(struct mbuf *m)
 #ifdef IPSEC
 		/* Check the security policy (SP) for the packet */
 		if (ipsec_used) {
-			if (ipsec_ip_input(m, true) != 0) {
+			if (ipsec_ip_input_checkpolicy(m, true) != 0) {
 				IP_STATINC(IP_STAT_IPSECDROP_IN);
 				goto out;
 			}
@ -788,7 +788,7 @@ ours:
 	 */
 	if (ipsec_used &&
 	    (inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) != 0) {
-		if (ipsec_ip_input(m, false) != 0) {
+		if (ipsec_ip_input_checkpolicy(m, false) != 0) {
 			IP_STATINC(IP_STAT_IPSECDROP_IN);
 			goto out;
 		}
--- a/sys/netinet6/ip6_input.c
+++ b/sys/netinet6/ip6_input.c
@ -1,4 +1,4 @@
-/*	$NetBSD: ip6_input.c,v 1.219 2020/08/28 06:19:13 ozaki-r Exp $	*/
+/*	$NetBSD: ip6_input.c,v 1.220 2020/08/28 06:20:44 ozaki-r Exp $	*/
 /*	$KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $	*/
 /*
@ -62,7 +62,7 @@
 */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.219 2020/08/28 06:19:13 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.220 2020/08/28 06:20:44 ozaki-r Exp $");
 #ifdef _KERNEL_OPT
 #include "opt_gateway.h"
@ -755,7 +755,7 @@ hbhcheck:
 			    & PR_LASTHDR) != 0) {
 				int error;
-				error = ipsec_ip_input(m, false);
+				error = ipsec_ip_input_checkpolicy(m, false);
 				if (error) {
 					IP6_STATINC(IP6_STAT_IPSECDROP_IN);
 					goto bad;
--- a/sys/netipsec/ipsec.c
+++ b/sys/netipsec/ipsec.c
@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.171 2020/08/28 06:19:13 ozaki-r Exp $ */
+/* $NetBSD: ipsec.c,v 1.172 2020/08/28 06:20:44 ozaki-r Exp $ */
 /* $FreeBSD: ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
 /* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@ -32,7 +32,7 @@
 */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.171 2020/08/28 06:19:13 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.172 2020/08/28 06:20:44 ozaki-r Exp $");
 /*
 * IPsec controller part.
@ -705,7 +705,7 @@ ipsec4_output(struct mbuf *m, struct inpcb *inp, int flags,
 }
 int
-ipsec_ip_input(struct mbuf *m, bool forward)
+ipsec_ip_input_checkpolicy(struct mbuf *m, bool forward)
 {
 	struct secpolicy *sp;
 	int error, s;
--- a/sys/netipsec/ipsec.h
+++ b/sys/netipsec/ipsec.h
@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec.h,v 1.90 2020/08/28 06:19:13 ozaki-r Exp $	*/
+/*	$NetBSD: ipsec.h,v 1.91 2020/08/28 06:20:44 ozaki-r Exp $	*/
 /*	$FreeBSD: ipsec.h,v 1.2.4.2 2004/02/14 22:23:23 bms Exp $	*/
 /*	$KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $	*/
@ -277,7 +277,7 @@ void ipsec_invalpcbcacheall(void);
 struct inpcb;
 int ipsec4_output(struct mbuf *, struct inpcb *, int, u_long *, bool *, bool *, bool *);
-int ipsec_ip_input(struct mbuf *, bool);
+int ipsec_ip_input_checkpolicy(struct mbuf *, bool);
 void ipsec_mtu(struct mbuf *, int *);
 #ifdef INET6
 void ipsec6_udp_cksum(struct mbuf *);
--- a/sys/rump/librump/rumpnet/net_stub.c
+++ b/sys/rump/librump/rumpnet/net_stub.c
@ -1,4 +1,4 @@
-/*	$NetBSD: net_stub.c,v 1.37 2018/12/12 01:46:47 rin Exp $	*/
+/*	$NetBSD: net_stub.c,v 1.38 2020/08/28 06:20:44 ozaki-r Exp $	*/
 /*
 * Copyright (c) 2008 Antti Kantee.  All Rights Reserved.
@ -26,7 +26,7 @@
 */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: net_stub.c,v 1.37 2018/12/12 01:46:47 rin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: net_stub.c,v 1.38 2020/08/28 06:20:44 ozaki-r Exp $");
 #include <sys/mutex.h>
 #include <sys/param.h>
@ -102,7 +102,7 @@ __weak_alias(ipsec6_common_input,rumpnet_stub);
 __weak_alias(ipsec6_check_policy,rumpnet_stub);
 __weak_alias(ipsec6_process_packet,rumpnet_stub);
 __weak_alias(ipsec_mtu,rumpnet_stub);
-__weak_alias(ipsec_ip_input,rumpnet_stub);
+__weak_alias(ipsec_ip_input_checkpolicy,rumpnet_stub);
 __weak_alias(ipsec_set_policy,rumpnet_stub);
 __weak_alias(ipsec_get_policy,rumpnet_stub);
 __weak_alias(ipsec_delete_pcbpolicy,rumpnet_stub);