PERFORCE change 137736 for review
John Baldwin
jhb at FreeBSD.org
Fri Mar 14 19:00:08 UTC 2008
http://perforce.freebsd.org/chv.cgi?CH=137736
Change 137736 by jhb at jhb_mutex on 2008/03/14 18:59:26
IFC @137732
Affected files ...
.. //depot/projects/smpng/sys/dev/hwpmc/pmc_events.h#2 integrate
.. //depot/projects/smpng/sys/dev/usb/usb_quirks.c#25 integrate
.. //depot/projects/smpng/sys/dev/usb/usbdevs#109 integrate
.. //depot/projects/smpng/sys/kern/sched_ule.c#82 integrate
.. //depot/projects/smpng/sys/netinet/ip_ipsec.c#6 integrate
.. //depot/projects/smpng/sys/netinet6/ip6_ipsec.c#2 integrate
.. //depot/projects/smpng/sys/netinet6/ip6_ipsec.h#2 integrate
.. //depot/projects/smpng/sys/netinet6/ip6_output.c#52 integrate
.. //depot/projects/smpng/sys/netipsec/ipsec_output.c#13 integrate
.. //depot/projects/smpng/sys/netipsec/key.c#20 integrate
.. //depot/projects/smpng/sys/pc98/include/nexusvar.h#1 branch
Differences ...
==== //depot/projects/smpng/sys/dev/hwpmc/pmc_events.h#2 (text+ko) ====
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/dev/hwpmc/pmc_events.h,v 1.1 2005/06/09 19:45:07 jkoshy Exp $
+ * $FreeBSD: src/sys/dev/hwpmc/pmc_events.h,v 1.2 2008/03/14 06:16:18 jkoshy Exp $
*/
#ifndef _DEV_HWPMC_PMC_EVENTS_H_
@@ -386,7 +386,11 @@
#define PMC_EV_K8_LAST PMC_EV_K8_NB_HT_BUS2_BANDWIDTH
-/* Intel Pentium Events */
+/*
+ * Intel Pentium and Pentium MMX Events, from the "Intel 64 and IA-32
+ * Intel(R) Architectures Software Developer's Manual, Volume 3B:
+ * System Programming Guide, Part 2, August 2007".
+ */
#define __PMC_EV_P5() \
__PMC_EV(P5, DATA_READ, p5-data-read) \
__PMC_EV(P5, DATA_WRITE, p5-data-write) \
@@ -396,7 +400,7 @@
__PMC_EV(P5, WRITE_HIT_TO_M_OR_E_STATE_LINES, \
p5-write-hit-to-m-or-e-state-lines) \
__PMC_EV(P5, DATA_CACHE_LINES_WRITTEN_BACK, \
- p4-data-cache-lines-written-back) \
+ p5-data-cache-lines-written-back) \
__PMC_EV(P5, EXTERNAL_SNOOPS, p5-external-snoops) \
__PMC_EV(P5, EXTERNAL_DATA_CACHE_SNOOP_HITS, \
p5-external-data-cache-snoop-hits) \
==== //depot/projects/smpng/sys/dev/usb/usb_quirks.c#25 (text+ko) ====
@@ -38,7 +38,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/dev/usb/usb_quirks.c,v 1.64 2007/11/11 20:57:08 brix Exp $");
+__FBSDID("$FreeBSD: src/sys/dev/usb/usb_quirks.c,v 1.65 2008/03/14 15:59:30 jkim Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -94,6 +94,8 @@
/* Devices which should be ignored by uhid */
{ USB_VENDOR_APC, USB_PRODUCT_APC_UPS,
ANY, { UQ_HID_IGNORE }},
+ { USB_VENDOR_ASUS, USB_PRODUCT_ASUS_LCM,
+ ANY, { UQ_HID_IGNORE }},
{ USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_F6C550AVR,
ANY, { UQ_HID_IGNORE }},
{ USB_VENDOR_DELORME, USB_PRODUCT_DELORME_EARTHMATE,
==== //depot/projects/smpng/sys/dev/usb/usbdevs#109 (text+ko) ====
@@ -1,4 +1,4 @@
-$FreeBSD: src/sys/dev/usb/usbdevs,v 1.341 2008/03/05 14:13:30 rink Exp $
+$FreeBSD: src/sys/dev/usb/usbdevs,v 1.342 2008/03/14 15:59:30 jkim Exp $
/* $NetBSD: usbdevs,v 1.392 2004/12/29 08:38:44 imp Exp $ */
/*-
@@ -872,6 +872,7 @@
product ASUS A9T_WIFI 0x171b A9T wireless
product ASUS RT2573_1 0x1723 RT2573
product ASUS RT2573_2 0x1724 RT2573
+product ASUS LCM 0x1726 LCM display
/* ATen products */
product ATEN UC1284 0x2001 Parallel printer
==== //depot/projects/smpng/sys/kern/sched_ule.c#82 (text+ko) ====
@@ -36,7 +36,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/sched_ule.c,v 1.232 2008/03/12 10:11:59 jeff Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/sched_ule.c,v 1.233 2008/03/14 15:22:38 jhb Exp $");
#include "opt_hwpmc_hooks.h"
#include "opt_sched.h"
@@ -528,7 +528,7 @@
for ((cpu) = 0; (cpu) < sizeof((mask)) * 8; (cpu)++) \
if ((mask) & 1 << (cpu))
-__inline int cpu_search(struct cpu_group *cg, struct cpu_search *low,
+static __inline int cpu_search(struct cpu_group *cg, struct cpu_search *low,
struct cpu_search *high, const int match);
int cpu_search_lowest(struct cpu_group *cg, struct cpu_search *low);
int cpu_search_highest(struct cpu_group *cg, struct cpu_search *high);
@@ -576,7 +576,7 @@
* match argument. It is reduced to the minimum set for each case. It is
* also recursive to the depth of the tree.
*/
-static inline int
+static __inline int
cpu_search(struct cpu_group *cg, struct cpu_search *low,
struct cpu_search *high, const int match)
{
==== //depot/projects/smpng/sys/netinet/ip_ipsec.c#6 (text+ko) ====
@@ -28,12 +28,13 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/netinet/ip_ipsec.c,v 1.8 2007/10/07 20:44:23 silby Exp $");
+__FBSDID("$FreeBSD: src/sys/netinet/ip_ipsec.c,v 1.9 2008/03/14 16:38:10 bz Exp $");
#include "opt_ipsec.h"
#include <sys/param.h>
#include <sys/systm.h>
+#include <sys/errno.h>
#include <sys/kernel.h>
#include <sys/malloc.h>
#include <sys/mbuf.h>
@@ -329,6 +330,17 @@
/* NB: callee frees mbuf */
*error = ipsec4_process_packet(*m, sp->req, *flags, 0);
+ if (*error == EJUSTRETURN) {
+ /*
+ * We had a SP with a level of 'use' and no SA. We
+ * will just continue to process the packet without
+ * IPsec processing and return without error.
+ */
+ *error = 0;
+ ip->ip_len = ntohs(ip->ip_len);
+ ip->ip_off = ntohs(ip->ip_off);
+ goto done;
+ }
/*
* Preserve KAME behaviour: ENOENT can be returned
* when an SA acquire is in progress. Don't propagate
==== //depot/projects/smpng/sys/netinet6/ip6_ipsec.c#2 (text+ko) ====
@@ -28,7 +28,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/netinet6/ip6_ipsec.c,v 1.7 2007/12/10 16:03:38 obrien Exp $");
+__FBSDID("$FreeBSD: src/sys/netinet6/ip6_ipsec.c,v 1.9 2008/03/14 11:55:04 bz Exp $");
#include "opt_ipsec.h"
@@ -257,7 +257,7 @@
* NB: null pointer to avoid free at
* done: below.
*/
- KEY_FREESP(sp), sp = NULL;
+ KEY_FREESP(sp), *sp = NULL;
/* XXX splx(s); */
goto done;
}
@@ -298,21 +298,16 @@
}
}
done:
- if (sp != NULL)
- if (*sp != NULL)
- KEY_FREESP(sp);
return 0;
do_ipsec:
return -1;
bad:
- if (sp != NULL)
- if (*sp != NULL)
- KEY_FREESP(sp);
return 1;
#endif /* IPSEC */
return 0;
}
+#if 0
/*
* Compute the MTU for a forwarded packet that gets IPSEC encapsulated.
* Called from ip_forward().
@@ -328,16 +323,15 @@
* tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
* XXX quickhack!!!
*/
+#ifdef IPSEC
struct secpolicy *sp = NULL;
int ipsecerror;
int ipsechdr;
struct route *ro;
-#ifdef IPSEC
sp = ipsec_getpolicybyaddr(m,
IPSEC_DIR_OUTBOUND,
IP_FORWARDING,
&ipsecerror);
-#endif /* IPSEC */
if (sp != NULL) {
/* count IPsec header size */
ipsechdr = ipsec4_hdrsiz(m,
@@ -360,10 +354,10 @@
mtu -= ipsechdr;
}
}
-#ifdef IPSEC
KEY_FREESP(&sp);
+ }
#endif /* IPSEC */
- }
+ /* XXX else case missing. */
return mtu;
}
-
+#endif
==== //depot/projects/smpng/sys/netinet6/ip6_ipsec.h#2 (text+ko) ====
@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/netinet6/ip6_ipsec.h,v 1.3 2007/12/10 16:03:38 obrien Exp $
+ * $FreeBSD: src/sys/netinet6/ip6_ipsec.h,v 1.4 2008/03/14 11:44:30 bz Exp $
*/
#ifndef _NETINET_IP6_IPSEC_H_
@@ -35,7 +35,9 @@
int ip6_ipsec_filtertunnel(struct mbuf *);
int ip6_ipsec_fwd(struct mbuf *);
int ip6_ipsec_input(struct mbuf *, int);
-int ip6_ipsec_mtu(struct mbuf *);
int ip6_ipsec_output(struct mbuf **, struct inpcb *, int *, int *,
struct ifnet **, struct secpolicy **sp);
+#if 0
+int ip6_ipsec_mtu(struct mbuf *);
+#endif
#endif
==== //depot/projects/smpng/sys/netinet6/ip6_output.c#52 (text+ko) ====
@@ -61,7 +61,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/netinet6/ip6_output.c,v 1.114 2008/02/02 14:11:31 bz Exp $");
+__FBSDID("$FreeBSD: src/sys/netinet6/ip6_output.c,v 1.117 2008/03/14 16:38:11 bz Exp $");
#include "opt_inet.h"
#include "opt_inet6.h"
@@ -384,7 +384,14 @@
error = ipsec6_output_trans(&state, nexthdrp, mprev, sp, flags,
&needipsectun);
m = state.m;
- if (error) {
+ if (error == EJUSTRETURN) {
+ /*
+ * We had a SP with a level of 'use' and no SA. We
+ * will just continue to process the packet without
+ * IPsec processing.
+ */
+ ;
+ } else if (error) {
/* mbuf is already reclaimed in ipsec6_output_trans. */
m = NULL;
switch (error) {
@@ -395,7 +402,8 @@
case ENOMEM:
break;
default:
- printf("ip6_output (ipsec): error code %d\n", error);
+ printf("[%s:%d] (ipsec): error code %d\n",
+ __func__, __LINE__, error);
/* FALLTHROUGH */
case ENOENT:
/* don't show these error codes to the user */
@@ -550,7 +558,14 @@
m = state.m;
ro = (struct route_in6 *)state.ro;
dst = (struct sockaddr_in6 *)state.dst;
- if (error) {
+ if (error == EJUSTRETURN) {
+ /*
+ * We had a SP with a level of 'use' and no SA. We
+ * will just continue to process the packet without
+ * IPsec processing.
+ */
+ ;
+ } else if (error) {
/* mbuf is already reclaimed in ipsec6_output_tunnel. */
m0 = m = NULL;
m = NULL;
@@ -562,7 +577,8 @@
case ENOMEM:
break;
default:
- printf("ip6_output (ipsec): error code %d\n", error);
+ printf("[%s:%d] (ipsec): error code %d\n",
+ __func__, __LINE__, error);
/* FALLTHROUGH */
case ENOENT:
/* don't show these error codes to the user */
@@ -1080,6 +1096,10 @@
} else if (ro_pmtu == &ip6route && ro_pmtu->ro_rt) {
RTFREE(ro_pmtu->ro_rt);
}
+#ifdef IPSEC
+ if (sp != NULL)
+ KEY_FREESP(&sp);
+#endif
return (error);
==== //depot/projects/smpng/sys/netipsec/ipsec_output.c#13 (text+ko) ====
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/netipsec/ipsec_output.c,v 1.17 2007/11/28 22:33:52 bz Exp $
+ * $FreeBSD: src/sys/netipsec/ipsec_output.c,v 1.18 2008/03/14 16:38:11 bz Exp $
*/
/*
@@ -286,17 +286,19 @@
goto bad;
}
sav = isr->sav;
- if (sav == NULL) { /* XXX valid return */
+ if (sav == NULL) {
IPSEC_ASSERT(ipsec_get_reqlevel(isr) == IPSEC_LEVEL_USE,
("no SA found, but required; level %u",
ipsec_get_reqlevel(isr)));
IPSECREQUEST_UNLOCK(isr);
isr = isr->next;
- if (isr == NULL) {
- /*XXXstatistic??*/
- *error = EINVAL; /*XXX*/
+ /*
+ * If isr is NULL, we found a 'use' policy w/o SA.
+ * Return w/o error and w/o isr so we can drop out
+ * and continue w/o IPsec processing.
+ */
+ if (isr == NULL)
return isr;
- }
IPSECREQUEST_LOCK(isr);
goto again;
}
@@ -356,8 +358,11 @@
IPSECREQUEST_LOCK(isr); /* insure SA contents don't change */
isr = ipsec_nextisr(m, isr, AF_INET, &saidx, &error);
- if (isr == NULL)
- goto bad;
+ if (isr == NULL) {
+ if (error != 0)
+ goto bad;
+ return EJUSTRETURN;
+ }
sav = isr->sav;
@@ -581,21 +586,24 @@
IPSECREQUEST_LOCK(isr); /* insure SA contents don't change */
isr = ipsec_nextisr(m, isr, AF_INET6, &saidx, &error);
if (isr == NULL) {
+ if (error != 0) {
#ifdef notdef
- /* XXX should notification be done for all errors ? */
- /*
- * Notify the fact that the packet is discarded
- * to ourselves. I believe this is better than
- * just silently discarding. (jinmei at kame.net)
- * XXX: should we restrict the error to TCP packets?
- * XXX: should we directly notify sockets via
- * pfctlinputs?
- */
- icmp6_error(m, ICMP6_DST_UNREACH,
- ICMP6_DST_UNREACH_ADMIN, 0);
- m = NULL; /* NB: icmp6_error frees mbuf */
+ /* XXX should notification be done for all errors ? */
+ /*
+ * Notify the fact that the packet is discarded
+ * to ourselves. I believe this is better than
+ * just silently discarding. (jinmei at kame.net)
+ * XXX: should we restrict the error to TCP packets?
+ * XXX: should we directly notify sockets via
+ * pfctlinputs?
+ */
+ icmp6_error(m, ICMP6_DST_UNREACH,
+ ICMP6_DST_UNREACH_ADMIN, 0);
+ m = NULL; /* NB: icmp6_error frees mbuf */
#endif
- goto bad;
+ goto bad;
+ }
+ return EJUSTRETURN;
}
error = (*isr->sav->tdb_xform->xf_output)(m, isr, NULL,
@@ -712,8 +720,11 @@
IPSECREQUEST_LOCK(isr); /* insure SA contents don't change */
isr = ipsec_nextisr(m, isr, AF_INET6, &saidx, &error);
- if (isr == NULL)
- goto bad;
+ if (isr == NULL) {
+ if (error != 0)
+ goto bad;
+ return EJUSTRETURN;
+ }
#ifdef DEV_ENC
/* pass the mbuf to enc0 for bpf processing */
==== //depot/projects/smpng/sys/netipsec/key.c#20 (text+ko) ====
@@ -1,4 +1,4 @@
-/* $FreeBSD: src/sys/netipsec/key.c,v 1.29 2008/03/02 17:12:28 bz Exp $ */
+/* $FreeBSD: src/sys/netipsec/key.c,v 1.30 2008/03/14 16:25:40 bz Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
/*-
@@ -7122,7 +7122,7 @@
/* initialize key statistics */
keystat.getspi_count = 1;
- printf("Fast IPsec: Initialized Security Association Processing.\n");
+ printf("IPsec: Initialized Security Association Processing.\n");
return;
}
More information about the p4-projects
mailing list