tech-net: Re: Patch for Fast-IPsec over loopback

Subject: Re: Patch for Fast-IPsec over loopback
To: None <tech-net@NetBSD.org>
From: Jonathan Stone <jonathan@DSG.Stanford.EDU>
List: tech-net
Date: 08/22/2003 15:51:23
Here is one proposal to address various concerns about deletion of
tags in if_loop: we introduce the idea of `persistent' packet tags.
The API definess persistent tags as staying with an mbuf until the
mbuf is freed. (I will handwave away issues with copying versus moving
packet-tag,s for now).

We introduce a new function, m_tag_delete_nonpsersistent(), as below.
It will then be correct to call m_tag_delete_nonpersistent() when
reflecting ICMP packets, or from within if_loop. Yet the API still
meets the needs of other *BSD users of the packet-tag API who need
persistence for their tags.

Comments?
 


Index: sys/mbuf.h
===================================================================
RCS file: /cvsroot/src/sys/sys/mbuf.h,v
retrieving revision 1.87
diff -u -r1.87 mbuf.h
--- sys/mbuf.h	2003/08/07 16:34:08	1.87
+++ sys/mbuf.h	2003/08/22 22:43:02
@@ -892,6 +892,7 @@
 void	m_tag_unlink(struct mbuf *, struct m_tag *);
 void	m_tag_delete(struct mbuf *, struct m_tag *);
 void	m_tag_delete_chain(struct mbuf *, struct m_tag *);
+void	m_tag_delete_nonpersistent(struct mbuf *, struct m_tag *);
 struct	m_tag *m_tag_find(struct mbuf *, int, struct m_tag *);
 struct	m_tag *m_tag_copy(struct m_tag *);
 int	m_tag_copy_chain(struct mbuf *, struct mbuf *);
Index: kern/uipc_mbuf2.c
===================================================================
RCS file: /cvsroot/src/sys/kern/uipc_mbuf2.c,v
retrieving revision 1.15
diff -u -r1.15 uipc_mbuf2.c
--- kern/uipc_mbuf2.c	2003/08/07 16:31:58	1.15
+++ kern/uipc_mbuf2.c	2003/08/22 22:43:02
@@ -268,7 +268,7 @@
 }
 
 /* Unlink and free a packet tag chain, starting from given tag. */
-void
+__inline void
 m_tag_delete_chain(struct mbuf *m, struct m_tag *t)
 {
 	struct m_tag *p, *q;
@@ -283,6 +283,19 @@
 		m_tag_delete(m, q);
 	m_tag_delete(m, p);
 }
+
+/*
+ * Delete all non-persistent tags in a packet-tag chain.  Once set,
+ * persistent tags must stay with an mbuf chain until the chain is freed.
+ * Tags used for mandatory access controls would, e.g.,  be persistent.
+ */
+void
+m_tag_delete_nonpersistent(struct mbuf *m)
+{
+	/* NetBSD as yet has no persistent tags */
+	return m_tag_delete_chain(m, NULL);
+}
+
 
 /* Find a tag, starting from a given position. */
 struct m_tag *