Revert "Use per-CPU counters for tunnel descriptor block" diff.

Panic reported by Hrvoje Popovski.

diff --git a/sys/net/pfkeyv2_convert.c b/sys/net/pfkeyv2_convert.c
index d0faf91..893a4a1 100644 (file)
--- a/sys/net/pfkeyv2_convert.c
+++ b/sys/net/pfkeyv2_convert.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: pfkeyv2_convert.c,v 1.73 2021/07/26 23:17:06 mvs Exp $        */
+/*     $OpenBSD: pfkeyv2_convert.c,v 1.74 2021/07/27 17:13:03 mvs Exp $        */
 /*
  * The author of this code is Angelos D. Keromytis (angelos@keromytis.org)
  *
@@ -960,21 +960,18 @@ export_satype(void **p, struct tdb *tdb)
 void
 export_counter(void **p, struct tdb *tdb)
 {
-       uint64_t counters[tdb_ncounters];
        struct sadb_x_counter *scnt = (struct sadb_x_counter *)*p;
 
-       counters_read(tdb->tdb_counters, counters, tdb_ncounters);
-
        scnt->sadb_x_counter_len = sizeof(struct sadb_x_counter) /
            sizeof(uint64_t);
        scnt->sadb_x_counter_pad = 0;
-       scnt->sadb_x_counter_ipackets = counters[tdb_ipackets];
-       scnt->sadb_x_counter_opackets = counters[tdb_opackets];
-       scnt->sadb_x_counter_ibytes = counters[tdb_ibytes];
-       scnt->sadb_x_counter_obytes = counters[tdb_obytes];
-       scnt->sadb_x_counter_idrops = counters[tdb_idrops];
-       scnt->sadb_x_counter_odrops = counters[tdb_odrops];
-       scnt->sadb_x_counter_idecompbytes = counters[tdb_idecompbytes];
-       scnt->sadb_x_counter_ouncompbytes = counters[tdb_ouncompbytes];
+       scnt->sadb_x_counter_ipackets = tdb->tdb_ipackets;
+       scnt->sadb_x_counter_opackets = tdb->tdb_opackets;
+       scnt->sadb_x_counter_ibytes = tdb->tdb_ibytes;
+       scnt->sadb_x_counter_obytes = tdb->tdb_obytes;
+       scnt->sadb_x_counter_idrops = tdb->tdb_idrops;
+       scnt->sadb_x_counter_odrops = tdb->tdb_odrops;
+       scnt->sadb_x_counter_idecompbytes = tdb->tdb_idecompbytes;
+       scnt->sadb_x_counter_ouncompbytes = tdb->tdb_ouncompbytes;
        *p += sizeof(struct sadb_x_counter);
 }

diff --git a/sys/netinet/ip_ah.c b/sys/netinet/ip_ah.c
index 56ee5ed..7c11974 100644 (file)
--- a/sys/netinet/ip_ah.c
+++ b/sys/netinet/ip_ah.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ip_ah.c,v 1.153 2021/07/26 23:17:06 mvs Exp $ */
+/*     $OpenBSD: ip_ah.c,v 1.154 2021/07/27 17:13:03 mvs Exp $ */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -609,7 +609,7 @@ ah_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
        /* Update the counters. */
        ibytes = (m->m_pkthdr.len - skip - hl * sizeof(u_int32_t));
        tdb->tdb_cur_bytes += ibytes;
-       tdbstat_add(tdb, tdb_ibytes, ibytes);
+       tdb->tdb_ibytes += ibytes;
        ahstat_add(ahs_ibytes, ibytes);
 
        /* Hard expiration. */

diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c
index 641c115..0ff7f0e 100644 (file)
--- a/sys/netinet/ip_esp.c
+++ b/sys/netinet/ip_esp.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ip_esp.c,v 1.171 2021/07/26 23:17:06 mvs Exp $ */
+/*     $OpenBSD: ip_esp.c,v 1.172 2021/07/27 17:13:03 mvs Exp $ */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -426,7 +426,7 @@ esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
        /* Update the counters */
        ibytes = m->m_pkthdr.len - skip - hlen - alen;
        tdb->tdb_cur_bytes += ibytes;
-       tdbstat_add(tdb, tdb_ibytes, ibytes);
+       tdb->tdb_ibytes += ibytes;
        espstat_add(esps_ibytes, ibytes);
 
        /* Hard expiration */

diff --git a/sys/netinet/ip_ipcomp.c b/sys/netinet/ip_ipcomp.c
index ce6d028..c42ee40 100644 (file)
--- a/sys/netinet/ip_ipcomp.c
+++ b/sys/netinet/ip_ipcomp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_ipcomp.c,v 1.73 2021/07/26 23:17:06 mvs Exp $ */
+/* $OpenBSD: ip_ipcomp.c,v 1.74 2021/07/27 17:13:03 mvs Exp $ */
 
 /*
  * Copyright (c) 2001 Jean-Jacques Bernard-Gundol (jj@wabbitt.org)
@@ -213,7 +213,7 @@ ipcomp_input_cb(struct tdb *tdb, struct tdb_crypto *tc, struct mbuf *m, int clen
        /* update the counters */
        ibytes = m->m_pkthdr.len - (skip + hlen);
        tdb->tdb_cur_bytes += ibytes;
-       tdbstat_add(tdb, tdb_ibytes, ibytes);
+       tdb->tdb_ibytes += ibytes;
        ipcompstat_add(ipcomps_ibytes, ibytes);
 
        /* Hard expiration */

diff --git a/sys/netinet/ip_ipsp.c b/sys/netinet/ip_ipsp.c
index 0df16f3..8140f46 100644 (file)
--- a/sys/netinet/ip_ipsp.c
+++ b/sys/netinet/ip_ipsp.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ip_ipsp.c,v 1.243 2021/07/26 23:17:06 mvs Exp $       */
+/*     $OpenBSD: ip_ipsp.c,v 1.244 2021/07/27 17:13:03 mvs Exp $       */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr),
@@ -830,9 +830,6 @@ tdb_alloc(u_int rdomain)
        tdbp->tdb_rdomain = rdomain;
        tdbp->tdb_rdomain_post = rdomain;
 
-       /* Initialize counters. */
-       tdbp->tdb_counters = counters_alloc(tdb_ncounters);
-
        /* Initialize timeouts. */
        timeout_set_proc(&tdbp->tdb_timer_tmo, tdb_timeout, tdbp);
        timeout_set_proc(&tdbp->tdb_first_tmo, tdb_firstuse, tdbp);
@@ -885,8 +882,6 @@ tdb_free(struct tdb *tdbp)
        if ((tdbp->tdb_inext) && (tdbp->tdb_inext->tdb_onext == tdbp))
                tdbp->tdb_inext->tdb_onext = NULL;
 
-       counters_free(tdbp->tdb_counters, tdb_ncounters);
-
        /* Remove expiration timeouts. */
        tdbp->tdb_flags &= ~(TDBF_FIRSTUSE | TDBF_SOFT_FIRSTUSE | TDBF_TIMER |
            TDBF_SOFT_TIMER);

diff --git a/sys/netinet/ip_ipsp.h b/sys/netinet/ip_ipsp.h
index 4453d41..5fc42aa 100644 (file)
--- a/sys/netinet/ip_ipsp.h
+++ b/sys/netinet/ip_ipsp.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ip_ipsp.h,v 1.204 2021/07/26 23:17:07 mvs Exp $       */
+/*     $OpenBSD: ip_ipsp.h,v 1.205 2021/07/27 17:13:03 mvs Exp $       */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr),
@@ -135,6 +135,17 @@ struct ipsecstat {
        uint64_t        ipsec_noxform;          /* Crypto error */
 };
 
+struct tdb_data {
+       uint64_t        tdd_ipackets;           /* Input IPsec packets */
+       uint64_t        tdd_opackets;           /* Output IPsec packets */
+       uint64_t        tdd_ibytes;             /* Input bytes */
+       uint64_t        tdd_obytes;             /* Output bytes */
+       uint64_t        tdd_idrops;             /* Dropped on input */
+       uint64_t        tdd_odrops;             /* Dropped on output */
+       uint64_t        tdd_idecompbytes;       /* Input bytes, decompressed */
+       uint64_t        tdd_ouncompbytes;       /* Output bytes, uncompressed */
+};
+
 #ifdef _KERNEL
 
 #include <sys/timeout.h>
@@ -358,8 +369,7 @@ struct tdb {                                /* tunnel descriptor block */
        u_int64_t       tdb_last_used;  /* When was this SA last used */
        u_int64_t       tdb_last_marked;/* Last SKIPCRYPTO status change */
 
-       struct cpumem   *tdb_counters;  /* stats about this TDB */
-
+       struct tdb_data tdb_data;       /* stats about this TDB */
        u_int64_t       tdb_cryptoid;   /* Crypto session ID */
 
        u_int32_t       tdb_spi;        /* SPI */
@@ -405,37 +415,15 @@ struct tdb {                              /* tunnel descriptor block */
        TAILQ_HEAD(tdb_policy_head, ipsec_policy)       tdb_policy_head;
        TAILQ_ENTRY(tdb)        tdb_sync_entry;
 };
+#define tdb_ipackets           tdb_data.tdd_ipackets
+#define tdb_opackets           tdb_data.tdd_opackets
+#define tdb_ibytes             tdb_data.tdd_ibytes
+#define tdb_obytes             tdb_data.tdd_obytes
+#define tdb_idrops             tdb_data.tdd_idrops
+#define tdb_odrops             tdb_data.tdd_odrops
+#define tdb_idecompbytes       tdb_data.tdd_idecompbytes
+#define tdb_ouncompbytes       tdb_data.tdd_ouncompbytes
 
-enum tdb_counters {
-       tdb_ipackets,           /* Input IPsec packets */
-       tdb_opackets,           /* Output IPsec packets */
-       tdb_ibytes,             /* Input bytes */
-       tdb_obytes,             /* Output bytes */
-       tdb_idrops,             /* Dropped on input */
-       tdb_odrops,             /* Dropped on output */
-       tdb_idecompbytes,       /* Input bytes, decompressed */
-       tdb_ouncompbytes,       /* Output bytes, uncompressed */
-       tdb_ncounters
-};
-
-static inline void
-tdbstat_inc(struct tdb *tdb, enum tdb_counters c)
-{
-       counters_inc(tdb->tdb_counters, c);
-}
-
-static inline void
-tdbstat_add(struct tdb *tdb, enum tdb_counters c, uint64_t v)
-{
-       counters_add(tdb->tdb_counters, c, v);
-}
-
-static inline void
-tdbstat_pkt(struct tdb *tdb, enum tdb_counters pc, enum tdb_counters bc,
-    uint64_t bytes)
-{
-       counters_pkt(tdb->tdb_counters, pc, bc, bytes);
-}
 
 struct tdb_ident {
        u_int32_t spi;

diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c
index 984f624..a739f1f 100644 (file)
--- a/sys/netinet/ip_output.c
+++ b/sys/netinet/ip_output.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ip_output.c,v 1.373 2021/07/26 23:17:07 mvs Exp $     */
+/*     $OpenBSD: ip_output.c,v 1.374 2021/07/27 17:13:03 mvs Exp $     */
 /*     $NetBSD: ip_output.c,v 1.28 1996/02/13 23:43:07 christos Exp $  */
 
 /*
@@ -646,7 +646,7 @@ ip_output_ipsec_send(struct tdb *tdb, struct mbuf *m, struct route *ro, int fwd)
        error = ipsp_process_packet(m, tdb, AF_INET, 0);
        if (error) {
                ipsecstat_inc(ipsec_odrops);
-               tdbstat_inc(tdb, tdb_odrops);
+               tdb->tdb_odrops++;
        }
        return error;
 }

diff --git a/sys/netinet/ipsec_input.c b/sys/netinet/ipsec_input.c
index a982624..eb0fd6f 100644 (file)
--- a/sys/netinet/ipsec_input.c
+++ b/sys/netinet/ipsec_input.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ipsec_input.c,v 1.178 2021/07/26 23:17:07 mvs Exp $   */
+/*     $OpenBSD: ipsec_input.c,v 1.179 2021/07/27 17:13:03 mvs Exp $   */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -350,7 +350,8 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto,
                            tdbp->tdb_soft_first_use);
        }
 
-       tdbstat_pkt(tdbp, tdb_ipackets, tdb_ibytes, m->m_pkthdr.len);
+       tdbp->tdb_ipackets++;
+       tdbp->tdb_ibytes += m->m_pkthdr.len;
 
        /*
         * Call appropriate transform and return -- callback takes care of
@@ -359,14 +360,14 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto,
        error = (*(tdbp->tdb_xform->xf_input))(m, tdbp, skip, protoff);
        if (error) {
                ipsecstat_inc(ipsec_idrops);
-               tdbstat_inc(tdbp, tdb_idrops);
+               tdbp->tdb_idrops++;
        }
        return error;
 
  drop:
        ipsecstat_inc(ipsec_idrops);
        if (tdbp != NULL)
-               tdbstat_inc(tdbp, tdb_idrops);
+               tdbp->tdb_idrops++;
        m_freem(m);
        return error;
 }
@@ -435,14 +436,14 @@ ipsec_input_cb(struct cryptop *crp)
 
        if (error) {
                ipsecstat_inc(ipsec_idrops);
-               tdbstat_inc(tdb, tdb_idrops);
+               tdb->tdb_idrops++;
        }
        return;
 
  drop:
        ipsecstat_inc(ipsec_idrops);
        if (tdb != NULL)
-               tdbstat_inc(tdb, tdb_idrops);
+               tdb->tdb_idrops++;
        free(tc, M_XDATA, 0);
        m_freem(m);
        crypto_freereq(crp);
@@ -687,7 +688,7 @@ ipsec_common_input_cb(struct mbuf *m, struct tdb *tdbp, int skip, int protoff)
                m->m_flags |= M_TUNNEL;
 
        ipsecstat_add(ipsec_idecompbytes, m->m_pkthdr.len);
-       tdbstat_add(tdbp, tdb_idecompbytes, m->m_pkthdr.len);
+       tdbp->tdb_idecompbytes += m->m_pkthdr.len;
 
 #if NBPFILTER > 0
        if ((encif = enc_getif(tdbp->tdb_rdomain_post, tdbp->tdb_tap)) != NULL) {

diff --git a/sys/netinet/ipsec_output.c b/sys/netinet/ipsec_output.c
index 2a882eb..9fb432a 100644 (file)
--- a/sys/netinet/ipsec_output.c
+++ b/sys/netinet/ipsec_output.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ipsec_output.c,v 1.85 2021/07/26 23:17:07 mvs Exp $ */
+/*     $OpenBSD: ipsec_output.c,v 1.86 2021/07/27 17:13:03 mvs Exp $ */
 /*
  * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
  *
@@ -365,7 +365,7 @@ ipsp_process_packet(struct mbuf *m, struct tdb *tdb, int af, int tunalready)
        }
 
        ipsecstat_add(ipsec_ouncompbytes, m->m_pkthdr.len);
-       tdbstat_add(tdb, tdb_ouncompbytes, m->m_pkthdr.len);
+       tdb->tdb_ouncompbytes += m->m_pkthdr.len;
 
        /* Non expansion policy for IPCOMP */
        if (tdb->tdb_sproto == IPPROTO_IPCOMP) {
@@ -451,13 +451,13 @@ ipsec_output_cb(struct cryptop *crp)
 
        if (error) {
                ipsecstat_inc(ipsec_odrops);
-               tdbstat_inc(tdb, tdb_odrops);
+               tdb->tdb_odrops++;
        }
        return;
 
  drop:
        if (tdb != NULL)
-               tdbstat_inc(tdb, tdb_odrops);
+               tdb->tdb_odrops++;
        m_freem(m);
        free(tc, M_XDATA, 0);
        crypto_freereq(crp);
@@ -585,7 +585,8 @@ ipsp_process_done(struct mbuf *m, struct tdb *tdb)
 
        ipsecstat_inc(ipsec_opackets);
        ipsecstat_add(ipsec_obytes, m->m_pkthdr.len);
-       tdbstat_pkt(tdb, tdb_opackets, tdb_obytes, m->m_pkthdr.len);
+       tdb->tdb_opackets++;
+       tdb->tdb_obytes += m->m_pkthdr.len;
 
        /* If there's another (bundled) TDB to apply, do so. */
        if (tdb->tdb_onext)

diff --git a/sys/netinet6/ip6_output.c b/sys/netinet6/ip6_output.c
index d830a0e..fe75a0d 100644 (file)
--- a/sys/netinet6/ip6_output.c
+++ b/sys/netinet6/ip6_output.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ip6_output.c,v 1.259 2021/07/26 23:17:07 mvs Exp $    */
+/*     $OpenBSD: ip6_output.c,v 1.260 2021/07/27 17:13:03 mvs Exp $    */
 /*     $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $    */
 
 /*
@@ -2872,7 +2872,7 @@ ip6_output_ipsec_send(struct tdb *tdb, struct mbuf *m, struct route_in6 *ro,
        error = ipsp_process_packet(m, tdb, AF_INET6, tunalready);
        if (error) {
                ipsecstat_inc(ipsec_odrops);
-               tdbstat_inc(tdb, tdb_odrops);
+               tdb->tdb_odrops++;
        }
        return error;
 }