 @@ -1,14 +1,14 @@
-/*	$NetBSD: key.c,v 1.163.2.4 2017/11/30 15:57:37 martin Exp $	*/
+/*	$NetBSD: key.c,v 1.163.2.5 2017/12/01 09:21:15 martin Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $	*/
 /*	$KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $	*/
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
 @@ -22,27 +22,27 @@
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.163.2.4 2017/11/30 15:57:37 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.163.2.5 2017/12/01 09:21:15 martin Exp $");
 /*
  * This code is referred to RFC 2367
  */
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
 #include "opt_ipsec.h"
 #include "opt_gateway.h"
 #include "opt_net_mpsafe.h"
 #endif
 #include <sys/types.h>
 @@ -790,66 +790,62 @@ static void key_timehandler(void *);
 static void key_timehandler_work(struct work *, void *);
 static struct callout	key_timehandler_ch;
 static struct workqueue	*key_timehandler_wq;
 static struct work	key_timehandler_wk;
 u_int
 key_sp_refcnt(const struct secpolicy *sp)
+{
 	/* FIXME */
 	return 0;
+}
 #ifdef NET_MPSAFE
 static void
 key_spd_pserialize_perform(void)
+{
 	KASSERT(mutex_owned(&key_spd.lock));
 	while (key_spd.psz_performing)
 		cv_wait(&key_spd.cv_psz, &key_spd.lock);
 	key_spd.psz_performing = true;
 	mutex_exit(&key_spd.lock);
 	pserialize_perform(key_spd.psz);
 	mutex_enter(&key_spd.lock);
 	key_spd.psz_performing = false;
 	cv_broadcast(&key_spd.cv_psz);
+}
 #endif
 /*
  * Remove the sp from the key_spd.splist and wait for references to the sp
  * to be released. key_spd.lock must be held.
  */
 static void
 key_unlink_sp(struct secpolicy *sp)
+{
 	KASSERT(mutex_owned(&key_spd.lock));
 	sp->state = IPSEC_SPSTATE_DEAD;
 	SPLIST_WRITER_REMOVE(sp);
 	/* Invalidate all cached SPD pointers in the PCBs. */
 	ipsec_invalpcbcacheall();
-#ifdef NET_MPSAFE
+	KDASSERT(mutex_ownable(softnet_lock));
 	KASSERT(mutex_ownable(softnet_lock));
 	key_spd_pserialize_perform();
 #endif
 	localcount_drain(&sp->localcount, &key_spd.cv_lc, &key_spd.lock);
+}
 /*
  * Return 0 when there are known to be no SP's for the specified
  * direction.  Otherwise return 1.  This is used by IPsec code
  * to optimize performance.
  */
 int
 key_havesp(u_int dir)
+{
 	return (dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND ?
 @@ -1483,62 +1479,58 @@ key_freesp_so(struct secpolicy **sp)
 	KASSERT(sp != NULL);
 	KASSERT(*sp != NULL);
 	if ((*sp)->policy == IPSEC_POLICY_ENTRUST ||
 	    (*sp)->policy == IPSEC_POLICY_BYPASS)
 		return;
 	KASSERTMSG((*sp)->policy == IPSEC_POLICY_IPSEC,
 	    "invalid policy %u", (*sp)->policy);
 	KEY_SP_UNREF(&sp);
+}
 #endif
 #ifdef NET_MPSAFE
 static void
 key_sad_pserialize_perform(void)
+{
 	KASSERT(mutex_owned(&key_sad.lock));
 	while (key_sad.psz_performing)
 		cv_wait(&key_sad.cv_psz, &key_sad.lock);
 	key_sad.psz_performing = true;
 	mutex_exit(&key_sad.lock);
 	pserialize_perform(key_sad.psz);
 	mutex_enter(&key_sad.lock);
 	key_sad.psz_performing = false;
 	cv_broadcast(&key_sad.cv_psz);
+}
 #endif
 /*
  * Remove the sav from the savlist of its sah and wait for references to the sav
  * to be released. key_sad.lock must be held.
  */
 static void
 key_unlink_sav(struct secasvar *sav)
+{
 	KASSERT(mutex_owned(&key_sad.lock));
 	SAVLIST_WRITER_REMOVE(sav);
-#ifdef NET_MPSAFE
+	KDASSERT(mutex_ownable(softnet_lock));
 	KASSERT(mutex_ownable(softnet_lock));
 	key_sad_pserialize_perform();
 #endif
 	localcount_drain(&sav->localcount, &key_sad.cv_lc, &key_sad.lock);
+}
 /*
  * Destroy an sav where the sav must be unlinked from an sah
  * by say key_unlink_sav.
  */
 static void
 key_destroy_sav(struct secasvar *sav)
+{
 	ASSERT_SLEEPABLE();
 @@ -1557,30 +1549,28 @@ key_destroy_sav_with_ref(struct secasvar
+{
 	ASSERT_SLEEPABLE();
 	mutex_enter(&key_sad.lock);
 	sav->state = SADB_SASTATE_DEAD;
 	SAVLIST_WRITER_REMOVE(sav);
 	mutex_exit(&key_sad.lock);
 	/* We cannot unref with holding key_sad.lock */
 	KEY_SA_UNREF(&sav);
 	mutex_enter(&key_sad.lock);
-#ifdef NET_MPSAFE
+	KDASSERT(mutex_ownable(softnet_lock));
 	KASSERT(mutex_ownable(softnet_lock));
 	key_sad_pserialize_perform();
 #endif
 	localcount_drain(&sav->localcount, &key_sad.cv_lc, &key_sad.lock);
 	mutex_exit(&key_sad.lock);
 	key_destroy_sav(sav);
+}
 /* %%% SPD management */
 /*
  * free security policy entry.
  */
 static void
 key_destroy_sp(struct secpolicy *sp)
+{
 @@ -3038,30 +3028,28 @@ key_sah_has_sav(struct secashead *sah)
+}
 static void
 key_unlink_sah(struct secashead *sah)
+{
 	KASSERT(!cpu_softintr_p());
 	KASSERT(mutex_owned(&key_sad.lock));
 	KASSERT(sah->state == SADB_SASTATE_DEAD);
 	/* Remove from the sah list */
 	SAHLIST_WRITER_REMOVE(sah);
-#ifdef NET_MPSAFE
+	KDASSERT(mutex_ownable(softnet_lock));
 	KASSERT(mutex_ownable(softnet_lock));
 	key_sad_pserialize_perform();
 #endif
 	localcount_drain(&sah->localcount, &key_sad.cv_lc, &key_sad.lock);
+}
 static void
 key_destroy_sah(struct secashead *sah)
+{
 	rtcache_free(&sah->sa_route);
 	SAHLIST_ENTRY_DESTROY(sah);
 	localcount_fini(&sah->localcount);
 @@ -4852,44 +4840,40 @@ key_timehandler_spacq(time_t now)
+}
 static unsigned int key_timehandler_work_enqueued = 0;
 /*
  * time handler.
  * scanning SPD and SAD to check status for each entries,
  * and do to remove or to expire.
  */
 static void
 key_timehandler_work(struct work *wk, void *arg)
+{
 	time_t now = time_uptime;
 	IPSEC_DECLARE_LOCK_VARIABLE;
 	/* We can allow enqueuing another work at this point */
 	atomic_swap_uint(&key_timehandler_work_enqueued, 0);
 	IPSEC_ACQUIRE_GLOBAL_LOCKS();
 	key_timehandler_spd(now);
 	key_timehandler_sad(now);
 	key_timehandler_acq(now);
 	key_timehandler_spacq(now);
 	key_acquire_sendup_pending_mbuf();
 	/* do exchange to tick time !! */
 	callout_reset(&key_timehandler_ch, hz, key_timehandler, NULL);
 	IPSEC_RELEASE_GLOBAL_LOCKS();
 	return;
+}
 static void
 key_timehandler(void *arg)
+{
 	/* Avoid enqueuing another work when one is already enqueued */
 	if (atomic_swap_uint(&key_timehandler_work_enqueued, 1) == 1)
 		return;
 	workqueue_enqueue(key_timehandler_wq, &key_timehandler_wk, NULL);
+}