elad%NetBSD.org@localhost (Elad Efrat) writes:
The attached diff addresses this last abuse for uidinfo for
authorization by doing the following:
1. Reorganize the switch statements so they are easier to understand.
They differ only slightly, and as the networking stacks have enough
duplicated code as it is, this is a step in the right direction if
we are to eventually clean them up.
As discussed yesterday, your 'beautified' code just muddles the
separation between privileged and unprivileged case. And if you
think that this is an optimization (and I disagree), it should be
applied in a separate change.
2. Remove the 'priv' field of the SP PCB structures from both IPSEC
and FAST_IPSEC. Isolate it to the relevant context, and retrieve
its value in runtime and don't cache it.
I think the cached value is there for a reason. Replacing it
with runtime checks silently changes semantics and adds significant
overhead to each outgoing IP packet.
3. Replace uid comparison for privileged/unprivileged distinction with
kauth(9) calls. For now, these are done on the generic scope as I
have other changes in the pipe; once committed, these will be
changed to use the network scope.
That's the one thing you should have done...