On Thu, Mar 30, 2006 at 02:37:03PM -0600, David Young wrote:
> I am afraid the kernel may be sprinkled throughout with unsafe uses of
> mtod() and m_data.  Just off the top of my head, it seems like we could
> benefit from a const version of mtod(), constification of mbufs, and
> a richer set of mbuf accessors.  Maybe we can borrow/invent a Coverity
> model that groks shared/read-only mbufs?

Yes. I was thinkng about this exactly.

My idea is making a mstruct(struct mbuf *m, datatype), which would
return a pointer to the data in m, cast to (datatype *), while doing an
equivalent of m_pullup(m, sizeof(datatype)) and m_makewritable(&m, 0,
sizeof(datatype)). And a mcstruct which would not do the m_makewritable,
but cast the pointer to (const datatype *). And also variants with an
explicit offset which would do the equivalent of m_pulldown.

I did not make a patch yet because I did not have the energy to read and
understand all the current uses of mtod outside device drivers...

Pavel