From: bluhm Date: Thu, 8 Jul 2021 21:07:19 +0000 (+0000) Subject: The xformsw array never changes. Declare struct xformsw constant X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=5e3836acab5f2335f99e468dc210a0eafcd330a0;p=openbsd The xformsw array never changes. Declare struct xformsw constant and map data read only. OK deraadt@ mvs@ mpi@ --- diff --git a/sys/netinet/ip_ah.c b/sys/netinet/ip_ah.c index 7943d5f6207..f6b5640239a 100644 --- a/sys/netinet/ip_ah.c +++ b/sys/netinet/ip_ah.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ah.c,v 1.149 2021/07/08 15:13:14 bluhm Exp $ */ +/* $OpenBSD: ip_ah.c,v 1.150 2021/07/08 21:07:19 bluhm Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -99,7 +99,7 @@ ah_attach(void) * ah_init() is called when an SPI is being set up. */ int -ah_init(struct tdb *tdbp, struct xformsw *xsp, struct ipsecinit *ii) +ah_init(struct tdb *tdbp, const struct xformsw *xsp, struct ipsecinit *ii) { const struct auth_hash *thash = NULL; struct cryptoini cria, crin; diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c index 34607dc0b40..c5f27645b13 100644 --- a/sys/netinet/ip_esp.c +++ b/sys/netinet/ip_esp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp.c,v 1.166 2021/07/08 15:13:14 bluhm Exp $ */ +/* $OpenBSD: ip_esp.c,v 1.167 2021/07/08 21:07:19 bluhm Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -93,7 +93,7 @@ esp_attach(void) * esp_init() is called when an SPI is being set up. */ int -esp_init(struct tdb *tdbp, struct xformsw *xsp, struct ipsecinit *ii) +esp_init(struct tdb *tdbp, const struct xformsw *xsp, struct ipsecinit *ii) { const struct enc_xform *txform = NULL; const struct auth_hash *thash = NULL; diff --git a/sys/netinet/ip_ipcomp.c b/sys/netinet/ip_ipcomp.c index 5f9433fd5bd..1b29d702593 100644 --- a/sys/netinet/ip_ipcomp.c +++ b/sys/netinet/ip_ipcomp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipcomp.c,v 1.70 2021/07/08 15:13:14 bluhm Exp $ */ +/* $OpenBSD: ip_ipcomp.c,v 1.71 2021/07/08 21:07:19 bluhm Exp $ */ /* * Copyright (c) 2001 Jean-Jacques Bernard-Gundol (jj@wabbitt.org) @@ -80,7 +80,7 @@ ipcomp_attach(void) * ipcomp_init() is called when an CPI is being set up. */ int -ipcomp_init(struct tdb *tdbp, struct xformsw *xsp, struct ipsecinit *ii) +ipcomp_init(struct tdb *tdbp, const struct xformsw *xsp, struct ipsecinit *ii) { const struct comp_algo *tcomp = NULL; struct cryptoini cric; diff --git a/sys/netinet/ip_ipip.c b/sys/netinet/ip_ipip.c index c3c261f7566..baaff9ef231 100644 --- a/sys/netinet/ip_ipip.c +++ b/sys/netinet/ip_ipip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipip.c,v 1.92 2021/07/08 15:13:14 bluhm Exp $ */ +/* $OpenBSD: ip_ipip.c,v 1.93 2021/07/08 21:07:19 bluhm Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -554,7 +554,7 @@ ipe4_attach(void) } int -ipe4_init(struct tdb *tdbp, struct xformsw *xsp, struct ipsecinit *ii) +ipe4_init(struct tdb *tdbp, const struct xformsw *xsp, struct ipsecinit *ii) { tdbp->tdb_xform = xsp; return 0; diff --git a/sys/netinet/ip_ipsp.c b/sys/netinet/ip_ipsp.c index 5c4cf2f9efe..23ccb8829a4 100644 --- a/sys/netinet/ip_ipsp.c +++ b/sys/netinet/ip_ipsp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipsp.c,v 1.239 2021/07/08 15:13:14 bluhm Exp $ */ +/* $OpenBSD: ip_ipsp.c,v 1.240 2021/07/08 21:07:19 bluhm Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr), @@ -119,7 +119,7 @@ RBT_GENERATE(ipsec_ids_flows, ipsec_ids, id_node_id, ipsp_ids_flow_cmp); * This is the proper place to define the various encapsulation transforms. */ -struct xformsw xformsw[] = { +const struct xformsw xformsw[] = { #ifdef IPSEC { .xf_type = XF_IP4, @@ -176,7 +176,7 @@ struct xformsw xformsw[] = { #endif /* TCP_SIGNATURE */ }; -struct xformsw *xformswNXFORMSW = &xformsw[nitems(xformsw)]; +const struct xformsw *const xformswNXFORMSW = &xformsw[nitems(xformsw)]; #define TDB_HASHSIZE_INIT 32 @@ -902,7 +902,7 @@ tdb_reaper(void *xtdbp) int tdb_init(struct tdb *tdbp, u_int16_t alg, struct ipsecinit *ii) { - struct xformsw *xsp; + const struct xformsw *xsp; int err; #ifdef ENCDEBUG char buf[INET6_ADDRSTRLEN]; diff --git a/sys/netinet/ip_ipsp.h b/sys/netinet/ip_ipsp.h index fea61e91770..f1aec7e6605 100644 --- a/sys/netinet/ip_ipsp.h +++ b/sys/netinet/ip_ipsp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipsp.h,v 1.199 2021/07/08 09:22:30 bluhm Exp $ */ +/* $OpenBSD: ip_ipsp.h,v 1.200 2021/07/08 21:07:19 bluhm Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr), @@ -320,7 +320,7 @@ struct tdb { /* tunnel descriptor block */ struct tdb *tdb_inext; struct tdb *tdb_onext; - struct xformsw *tdb_xform; /* Transform to use */ + const struct xformsw *tdb_xform; /* Transform to use */ const struct enc_xform *tdb_encalgxform; /* Enc algorithm */ const struct auth_hash *tdb_authalgxform; /* Auth algorithm */ const struct comp_algo *tdb_compalgxform; /* Compression algo */ @@ -473,7 +473,8 @@ struct xformsw { u_short xf_flags; /* flags (see below) */ char *xf_name; /* human-readable name */ int (*xf_attach)(void); /* called at config time */ - int (*xf_init)(struct tdb *, struct xformsw *, struct ipsecinit *); + int (*xf_init)(struct tdb *, const struct xformsw *, + struct ipsecinit *); int (*xf_zeroize)(struct tdb *); /* termination */ int (*xf_input)(struct mbuf *, struct tdb *, int, int); /* input */ int (*xf_output)(struct mbuf *, struct tdb *, struct mbuf **, @@ -559,13 +560,13 @@ int tdb_walk(u_int, int (*)(struct tdb *, void *, int), void *); /* XF_IP4 */ int ipe4_attach(void); -int ipe4_init(struct tdb *, struct xformsw *, struct ipsecinit *); +int ipe4_init(struct tdb *, const struct xformsw *, struct ipsecinit *); int ipe4_zeroize(struct tdb *); int ipe4_input(struct mbuf *, struct tdb *, int, int); /* XF_AH */ int ah_attach(void); -int ah_init(struct tdb *, struct xformsw *, struct ipsecinit *); +int ah_init(struct tdb *, const struct xformsw *, struct ipsecinit *); int ah_zeroize(struct tdb *); int ah_input(struct mbuf *, struct tdb *, int, int); int ah_input_cb(struct tdb *, struct tdb_crypto *, struct mbuf *, int); @@ -584,7 +585,7 @@ int ah6_input(struct mbuf **, int *, int, int); /* XF_ESP */ int esp_attach(void); -int esp_init(struct tdb *, struct xformsw *, struct ipsecinit *); +int esp_init(struct tdb *, const struct xformsw *, struct ipsecinit *); int esp_zeroize(struct tdb *); int esp_input(struct mbuf *, struct tdb *, int, int); int esp_input_cb(struct tdb *, struct tdb_crypto *, struct mbuf *, int); @@ -602,7 +603,7 @@ int esp6_input(struct mbuf **, int *, int, int); /* XF_IPCOMP */ int ipcomp_attach(void); -int ipcomp_init(struct tdb *, struct xformsw *, struct ipsecinit *); +int ipcomp_init(struct tdb *, const struct xformsw *, struct ipsecinit *); int ipcomp_zeroize(struct tdb *); int ipcomp_input(struct mbuf *, struct tdb *, int, int); int ipcomp_input_cb(struct tdb *, struct tdb_crypto *, struct mbuf *, int); @@ -617,7 +618,7 @@ int ipcomp6_input(struct mbuf **, int *, int, int); /* XF_TCPSIGNATURE */ int tcp_signature_tdb_attach(void); -int tcp_signature_tdb_init(struct tdb *, struct xformsw *, +int tcp_signature_tdb_init(struct tdb *, const struct xformsw *, struct ipsecinit *); int tcp_signature_tdb_zeroize(struct tdb *); int tcp_signature_tdb_input(struct mbuf *, struct tdb *, int, int); diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index 6ec0fb79c3c..6b83571c777 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_subr.c,v 1.177 2021/06/30 11:26:49 bluhm Exp $ */ +/* $OpenBSD: tcp_subr.c,v 1.178 2021/07/08 21:07:19 bluhm Exp $ */ /* $NetBSD: tcp_subr.c,v 1.22 1996/02/13 23:44:00 christos Exp $ */ /* @@ -930,7 +930,7 @@ tcp_signature_tdb_attach(void) } int -tcp_signature_tdb_init(struct tdb *tdbp, struct xformsw *xsp, +tcp_signature_tdb_init(struct tdb *tdbp, const struct xformsw *xsp, struct ipsecinit *ii) { if ((ii->ii_authkeylen < 1) || (ii->ii_authkeylen > 80))