Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/netipsec - sanitize key debugging so that we don't print...



details:   https://anonhg.NetBSD.org/src/rev/4f43df721946
branches:  trunk
changeset: 356475:4f43df721946
user:      christos <christos%NetBSD.org@localhost>
date:      Thu Sep 28 17:21:42 2017 +0000

description:
- sanitize key debugging so that we don't print extra newlines or unassociated
  debugging messages.
- remove unused functions and make internal ones static
- print information in one line per message

diffstat:

 sys/netipsec/ipsec.c     |   13 +-
 sys/netipsec/key.c       |   13 +-
 sys/netipsec/key_debug.c |  467 +++++++++++++++++++++-------------------------
 sys/netipsec/key_debug.h |   21 +-
 sys/netipsec/keysock.c   |    6 +-
 5 files changed, 231 insertions(+), 289 deletions(-)

diffs (truncated from 975 to 300 lines):

diff -r c2ff7ea9176a -r 4f43df721946 sys/netipsec/ipsec.c
--- a/sys/netipsec/ipsec.c      Thu Sep 28 17:07:20 2017 +0000
+++ b/sys/netipsec/ipsec.c      Thu Sep 28 17:21:42 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ipsec.c,v 1.119 2017/09/19 02:44:14 ozaki-r Exp $      */
+/*     $NetBSD: ipsec.c,v 1.120 2017/09/28 17:21:42 christos Exp $     */
 /*     $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $       */
 /*     $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.119 2017/09/19 02:44:14 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.120 2017/09/28 17:21:42 christos Exp $");
 
 /*
  * IPsec controller part.
@@ -1132,8 +1132,7 @@
        KASSERT(m != NULL);
 
        if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DUMP)) {
-               printf("%s:\n", __func__);
-               kdebug_mbuf(m);
+               kdebug_mbuf(__func__, m);
        }
 
        /* set default */
@@ -1375,8 +1374,7 @@
        xpl = (const struct sadb_x_policy *)request;
 
        if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DUMP)) {
-               printf("%s: passed policy\n", __func__);
-               kdebug_sadb_x_policy((const struct sadb_ext *)xpl);
+               kdebug_sadb_xpolicy("set passed policy", request);
        }
 
        /* check policy type */
@@ -1431,8 +1429,7 @@
 
        (*mp)->m_type = MT_DATA;
        if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DUMP)) {
-               printf("%s:\n", __func__);
-               kdebug_mbuf(*mp);
+               kdebug_mbuf(__func__, *mp);
        }
 
        return 0;
diff -r c2ff7ea9176a -r 4f43df721946 sys/netipsec/key.c
--- a/sys/netipsec/key.c        Thu Sep 28 17:07:20 2017 +0000
+++ b/sys/netipsec/key.c        Thu Sep 28 17:21:42 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: key.c,v 1.227 2017/09/27 09:55:52 ozaki-r Exp $        */
+/*     $NetBSD: key.c,v 1.228 2017/09/28 17:21:42 christos Exp $       */
 /*     $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $        */
 /*     $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $   */
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.227 2017/09/27 09:55:52 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.228 2017/09/28 17:21:42 christos Exp $");
 
 /*
  * This code is referd to RFC 2367
@@ -881,15 +881,13 @@
 
        /* get a SP entry */
        if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DATA)) {
-               printf("*** objects\n");
-               kdebug_secpolicyindex(spidx);
+               kdebug_secpolicyindex("objects", spidx);
        }
 
        s = pserialize_read_enter();
        SPLIST_READER_FOREACH(sp, dir) {
                if (KEYDEBUG_ON(KEYDEBUG_IPSEC_DATA)) {
-                       printf("*** in SPD\n");
-                       kdebug_secpolicyindex(&sp->spidx);
+                       kdebug_secpolicyindex("in SPD", &sp->spidx);
                }
 
                if (sp->state == IPSEC_SPSTATE_DEAD)
@@ -7680,8 +7678,7 @@
 
 #if 0  /*kdebug_sadb assumes msg in linear buffer*/
        if (KEYDEBUG_ON(KEYDEBUG_KEY_DUMP)) {
-               IPSECLOG(LOG_DEBUG, "passed sadb_msg\n");
-               kdebug_sadb(msg);
+               kdebug_sadb("passed sadb_msg", msg);
        }
 #endif
 
diff -r c2ff7ea9176a -r 4f43df721946 sys/netipsec/key_debug.c
--- a/sys/netipsec/key_debug.c  Thu Sep 28 17:07:20 2017 +0000
+++ b/sys/netipsec/key_debug.c  Thu Sep 28 17:21:42 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: key_debug.c,v 1.20 2017/08/08 08:23:10 ozaki-r Exp $   */
+/*     $NetBSD: key_debug.c,v 1.21 2017/09/28 17:21:42 christos Exp $  */
 /*     $FreeBSD: src/sys/netipsec/key_debug.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $  */
 /*     $KAME: key_debug.c,v 1.26 2001/06/27 10:46:50 sakane Exp $      */
 
@@ -33,7 +33,7 @@
 
 #ifdef _KERNEL
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key_debug.c,v 1.20 2017/08/08 08:23:10 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key_debug.c,v 1.21 2017/09/28 17:21:42 christos Exp $");
 #endif
 
 #if defined(_KERNEL_OPT)
@@ -62,27 +62,38 @@
 #include <ctype.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <err.h>
 #endif /* !_KERNEL */
 
-static void kdebug_sadb_prop (const struct sadb_ext *);
-static void kdebug_sadb_identity (const struct sadb_ext *);
-static void kdebug_sadb_supported (const struct sadb_ext *);
-static void kdebug_sadb_lifetime (const struct sadb_ext *);
-static void kdebug_sadb_sa (const struct sadb_ext *);
-static void kdebug_sadb_address (const struct sadb_ext *);
-static void kdebug_sadb_key (const struct sadb_ext *);
-static void kdebug_sadb_x_sa2 (const struct sadb_ext *);
+static void kdebug_sadb_prop(const struct sadb_ext *);
+static void kdebug_sadb_identity(const struct sadb_ext *);
+static void kdebug_sadb_supported(const struct sadb_ext *);
+static void kdebug_sadb_lifetime(const struct sadb_ext *);
+static void kdebug_sadb_sa(const struct sadb_ext *);
+static void kdebug_sadb_address(const struct sadb_ext *);
+static void kdebug_sadb_key(const struct sadb_ext *);
+static void kdebug_sadb_x_sa2(const struct sadb_ext *);
+static void kdebug_sadb_x_policy(const struct sadb_ext *);
+
+static void kdebug__secpolicyindex(const struct secpolicyindex *);
+
+static void kdebug_hexdump(const char *, const void *, size_t);
+static void kdebug_sockaddr(const struct sockaddr *);
+static void kdebug_secasindex(const struct secasindex *);
+static void kdebug_mbufhdr(const struct mbuf *);
 
 #ifdef _KERNEL
-static void kdebug_secreplay (const struct secreplay *);
+#if 0
+static void kdebug_secasv(const struct secasvar *);
+static void kdebug_secreplay(const struct secreplay *);
+#endif
 #endif
 
 #ifndef _KERNEL
-#define panic(param)   { printf(param); exit(-1); }
+#define panic(...)     err(EXIT_FAILURE, __VA_ARGS__)
 #endif
 
 /* NOTE: host byte order */
-
 /* %%%: about struct sadb_msg */
 void
 kdebug_sadb(const struct sadb_msg *base)
@@ -92,30 +103,27 @@
 
        /* sanity check */
        if (base == NULL)
-               panic("kdebug_sadb: NULL pointer was passed");
+               panic("%s: NULL pointer was passed", __func__);
 
-       printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n",
+       printf("sadb { version=%u type=%u errno=%u satype=%u",
            base->sadb_msg_version, base->sadb_msg_type,
            base->sadb_msg_errno, base->sadb_msg_satype);
-       printf("  len=%u reserved=%u seq=%u pid=%u\n",
+       printf(" len=%u reserved=%u seq=%u pid=%u",
            base->sadb_msg_len, base->sadb_msg_reserved,
            base->sadb_msg_seq, base->sadb_msg_pid);
 
        tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg);
-       ext = (const struct sadb_ext *)((const char *)base + sizeof(struct sadb_msg));
+       ext = (const void *)(base + 1);
 
        while (tlen > 0) {
-               printf("sadb_ext{ len=%u type=%u }\n",
+               if (ext->sadb_ext_len == 0 || ext->sadb_ext_len > tlen) {
+                       panic("%s: invalid ext_len=%d tlen=%d was passed",
+                           __func__, ext->sadb_ext_len, tlen);
+               }
+
+               printf(" sadb_ext { len=%u type=%u }",
                    PFKEY_UNUNIT64(ext->sadb_ext_len), ext->sadb_ext_type);
 
-               if (ext->sadb_ext_len == 0) {
-                       printf("kdebug_sadb: invalid ext_len=0 was passed.\n");
-                       return;
-               }
-               if (ext->sadb_ext_len > tlen) {
-                       printf("kdebug_sadb: ext_len exceeds end of buffer.\n");
-                       return;
-               }
 
                switch (ext->sadb_ext_type) {
                case SADB_EXT_SA:
@@ -158,17 +166,15 @@
                        kdebug_sadb_x_sa2(ext);
                        break;
                default:
-                       printf("kdebug_sadb: invalid ext_type %u was passed.\n",
-                           ext->sadb_ext_type);
-                       return;
+                       panic("%s: invalid ext_type %u was passed",
+                           __func__, ext->sadb_ext_type);
                }
 
                extlen = PFKEY_UNUNIT64(ext->sadb_ext_len);
                tlen -= extlen;
-               ext = (const struct sadb_ext *)((const char *)ext + extlen);
+               ext = (const void *)((const char *)ext + extlen);
        }
-
-       return;
+       printf("\n");
 }
 
 static void
@@ -180,42 +186,42 @@
 
        /* sanity check */
        if (ext == NULL)
-               panic("kdebug_sadb_prop: NULL pointer was passed");
+               panic("%s: NULL pointer was passed", __func__);
 
        len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop))
                / sizeof(*comb);
-       comb = (const struct sadb_comb *)(prop + 1);
-       printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay);
+       comb = (const void *)(prop + 1);
+       printf(" sadb_prop { replay=%u", prop->sadb_prop_replay);
 
        while (len--) {
-               printf("sadb_comb{ auth=%u encrypt=%u "
-                       "flags=0x%04x reserved=0x%08x\n",
-                       comb->sadb_comb_auth, comb->sadb_comb_encrypt,
-                       comb->sadb_comb_flags, comb->sadb_comb_reserved);
+               printf(" sadb_comb { auth=%u encrypt=%u"
+                   "flags=%#04x reserved=%#08x ",
+                   comb->sadb_comb_auth, comb->sadb_comb_encrypt,
+                   comb->sadb_comb_flags, comb->sadb_comb_reserved);
 
-               printf("  auth_minbits=%u auth_maxbits=%u "
-                       "encrypt_minbits=%u encrypt_maxbits=%u\n",
-                       comb->sadb_comb_auth_minbits,
-                       comb->sadb_comb_auth_maxbits,
-                       comb->sadb_comb_encrypt_minbits,
-                       comb->sadb_comb_encrypt_maxbits);
+               printf(" auth_minbits=%u auth_maxbits=%u"
+                   "encrypt_minbits=%u encrypt_maxbits=%u",
+                   comb->sadb_comb_auth_minbits,
+                   comb->sadb_comb_auth_maxbits,
+                   comb->sadb_comb_encrypt_minbits,
+                   comb->sadb_comb_encrypt_maxbits);
 
-               printf("  soft_alloc=%u hard_alloc=%u "
-                       "soft_bytes=%lu hard_bytes=%lu\n",
-                       comb->sadb_comb_soft_allocations,
-                       comb->sadb_comb_hard_allocations,
-                       (unsigned long)comb->sadb_comb_soft_bytes,
-                       (unsigned long)comb->sadb_comb_hard_bytes);
+               printf(" soft_alloc=%u hard_alloc=%u"
+                   "soft_bytes=%lu hard_bytes=%lu",
+                   comb->sadb_comb_soft_allocations,
+                   comb->sadb_comb_hard_allocations,
+                   (unsigned long)comb->sadb_comb_soft_bytes,
+                   (unsigned long)comb->sadb_comb_hard_bytes);
 
-               printf("  soft_alloc=%lu hard_alloc=%lu "
-                       "soft_bytes=%lu hard_bytes=%lu }\n",
-                       (unsigned long)comb->sadb_comb_soft_addtime,
-                       (unsigned long)comb->sadb_comb_hard_addtime,
-                       (unsigned long)comb->sadb_comb_soft_usetime,
-                       (unsigned long)comb->sadb_comb_hard_usetime);
+               printf(" soft_alloc=%lu hard_alloc=%lu"
+                   "soft_bytes=%lu hard_bytes=%lu }",
+                   (unsigned long)comb->sadb_comb_soft_addtime,
+                   (unsigned long)comb->sadb_comb_hard_addtime,
+                   (unsigned long)comb->sadb_comb_soft_usetime,
+                   (unsigned long)comb->sadb_comb_hard_usetime);
                comb++;
        }
-       printf("}\n");
+       printf(" }");
 
        return;
 }
@@ -228,38 +234,22 @@
 
        /* sanity check */
        if (ext == NULL)
-               panic("kdebug_sadb_identity: NULL pointer was passed");
+               panic("%s: NULL pointer was passed", __func__);



Home | Main Index | Thread Index | Old Index