global: cleanup openbsd lock defines

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

4 files changed, 26 insertions, 60 deletions

diff --git a/src/compat.h b/src/compat.h
index 66798f9..d173eb2 100644
--- a/src/compat.h
+++ b/src/compat.h
@@ -2,8 +2,8 @@
  *
  * Copyright (C) 2021 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
  *
- * compat.h contains functions that are backported from FreeBSD's main branch. It is different from
- * support.h, which is for things that aren't _yet_ upstream or from OpenBSD.
+ * compat.h contains code that is backported from FreeBSD's main branch.
+ * It is different from support.h, which is for code that is not _yet_ upstream.
  */
 
 #include <sys/param.h>
diff --git a/src/support.h b/src/support.h
index 5eff4fb..d1c326c 100644
--- a/src/support.h
+++ b/src/support.h
@@ -1,53 +1,19 @@
 /* SPDX-License-Identifier: ISC
  *
  * Copyright (C) 2021 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2021 Matt Dunwoodie <ncon@noconroy.net>
+ * Copyright (c) 2021 Kyle Evans <kevans@FreeBSD.org>
  *
- * support.h contains functions that are either not _yet_ upstream in FreeBSD 14, or are shimmed
- * from OpenBSD. It is different from compat.h, which is strictly for backports.
+ * support.h contains code that is not _yet_ upstream in FreeBSD's main branch.
+ * It is different from compat.h, which is strictly for backports.
  */
 
 #ifndef _WG_SUPPORT
 #define _WG_SUPPORT
 
-#include <sys/types.h>
-#include <sys/limits.h>
-#include <sys/endian.h>
 #include <sys/socket.h>
-#include <sys/libkern.h>
-#include <sys/malloc.h>
-#include <sys/proc.h>
-#include <sys/lock.h>
 #include <sys/socketvar.h>
 #include <sys/protosw.h>
 #include <net/vnet.h>
-#include <vm/uma.h>
-
-/* TODO the following is openbsd compat defines to allow us to copy the wg_*
- * files from openbsd (almost) verbatim. this will greatly increase maintenance
- * across the platforms. it should be moved to it's own file. the only thing
- * we're missing from this is struct pool (freebsd: uma_zone_t), which isn't a
- * show stopper, but is something worth considering in the future.
- *  - md */
-
-#define rw_assert_wrlock(x) rw_assert(x, RA_WLOCKED)
-#define rw_enter_write rw_wlock
-#define rw_exit_write rw_wunlock
-#define rw_enter_read rw_rlock
-#define rw_exit_read rw_runlock
-#define rw_exit rw_unlock
-
-#define RW_DOWNGRADE 1
-#define rw_enter(x, y) do {		\
-	CTASSERT(y == RW_DOWNGRADE);	\
-	rw_downgrade(x);		\
-} while (0)
-
-MALLOC_DECLARE(M_WG);
-
-#ifndef ARRAY_SIZE
-#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
-#endif
 
 #ifndef PRIV_NET_WG
 #define PRIV_NET_WG PRIV_NET_HWIOCTL
@@ -65,7 +31,6 @@ MALLOC_DECLARE(M_WG);
 #define ck_pr_load_bool(src) ((bool)ck_pr_load_8((uint8_t *)(src)))
 #endif
 
-
 static inline int
 sogetsockaddr(struct socket *so, struct sockaddr **nam)
 {
diff --git a/src/wg_cookie.c b/src/wg_cookie.c
index 734249c..0a9d988 100644
--- a/src/wg_cookie.c
+++ b/src/wg_cookie.c
@@ -64,7 +64,7 @@ void
 cookie_checker_update(struct cookie_checker *cc,
     const uint8_t key[COOKIE_INPUT_SIZE])
 {
-	rw_enter_write(&cc->cc_key_lock);
+	rw_wlock(&cc->cc_key_lock);
 	if (key) {
 		cookie_precompute_key(cc->cc_mac1_key, key, COOKIE_MAC1_KEY_LABEL);
 		cookie_precompute_key(cc->cc_cookie_key, key, COOKIE_COOKIE_KEY_LABEL);
@@ -72,7 +72,7 @@ cookie_checker_update(struct cookie_checker *cc,
 		bzero(cc->cc_mac1_key, sizeof(cc->cc_mac1_key));
 		bzero(cc->cc_cookie_key, sizeof(cc->cc_cookie_key));
 	}
-	rw_exit_write(&cc->cc_key_lock);
+	rw_wunlock(&cc->cc_key_lock);
 }
 
 void
@@ -94,10 +94,10 @@ cookie_checker_create_payload(struct cookie_checker *cc,
 	cookie_checker_make_cookie(cc, cookie, sa);
 	arc4random_buf(nonce, COOKIE_NONCE_SIZE);
 
-	rw_enter_read(&cc->cc_key_lock);
+	rw_rlock(&cc->cc_key_lock);
 	xchacha20poly1305_encrypt(ecookie, cookie, COOKIE_COOKIE_SIZE,
 	    cm->mac1, COOKIE_MAC_SIZE, nonce, cc->cc_cookie_key);
-	rw_exit_read(&cc->cc_key_lock);
+	rw_runlock(&cc->cc_key_lock);
 
 	explicit_bzero(cookie, sizeof(cookie));
 }
@@ -109,7 +109,7 @@ cookie_maker_consume_payload(struct cookie_maker *cp,
 	int ret = 0;
 	uint8_t cookie[COOKIE_COOKIE_SIZE];
 
-	rw_enter_write(&cp->cp_lock);
+	rw_wlock(&cp->cp_lock);
 
 	if (!cp->cp_mac1_valid) {
 		ret = ETIMEDOUT;
@@ -127,7 +127,7 @@ cookie_maker_consume_payload(struct cookie_maker *cp,
 	cp->cp_mac1_valid = false;
 
 error:
-	rw_exit_write(&cp->cp_lock);
+	rw_wunlock(&cp->cp_lock);
 	return ret;
 }
 
@@ -135,7 +135,7 @@ void
 cookie_maker_mac(struct cookie_maker *cp, struct cookie_macs *cm, void *buf,
 		size_t len)
 {
-	rw_enter_read(&cp->cp_lock);
+	rw_rlock(&cp->cp_lock);
 
 	cookie_macs_mac1(cm, buf, len, cp->cp_mac1_key);
 
@@ -148,7 +148,7 @@ cookie_maker_mac(struct cookie_maker *cp, struct cookie_macs *cm, void *buf,
 	else
 		bzero(cm->mac2, COOKIE_MAC_SIZE);
 
-	rw_exit_read(&cp->cp_lock);
+	rw_runlock(&cp->cp_lock);
 }
 
 int
@@ -159,9 +159,9 @@ cookie_checker_validate_macs(struct cookie_checker *cc, struct cookie_macs *cm,
 	uint8_t cookie[COOKIE_COOKIE_SIZE];
 
 	/* Validate incoming MACs */
-	rw_enter_read(&cc->cc_key_lock);
+	rw_rlock(&cc->cc_key_lock);
 	cookie_macs_mac1(&our_cm, buf, len, cc->cc_mac1_key);
-	rw_exit_read(&cc->cc_key_lock);
+	rw_runlock(&cc->cc_key_lock);
 
 	/* If mac1 is invald, we want to drop the packet */
 	if (timingsafe_bcmp(our_cm.mac1, cm->mac1, COOKIE_MAC_SIZE) != 0)
@@ -240,7 +240,7 @@ cookie_checker_make_cookie(struct cookie_checker *cc,
 {
 	struct blake2s_state state;
 
-	rw_enter_write(&cc->cc_secret_lock);
+	rw_wlock(&cc->cc_secret_lock);
 	if (cookie_timer_expired(cc->cc_secret_birthdate,
 	    COOKIE_SECRET_MAX_AGE, 0)) {
 		arc4random_buf(cc->cc_secret, COOKIE_SECRET_SIZE);
@@ -248,7 +248,7 @@ cookie_checker_make_cookie(struct cookie_checker *cc,
 	}
 	blake2s_init_key(&state, COOKIE_COOKIE_SIZE, cc->cc_secret,
 	    COOKIE_SECRET_SIZE);
-	rw_exit_write(&cc->cc_secret_lock);
+	rw_wunlock(&cc->cc_secret_lock);
 
 	if (sa->sa_family == AF_INET) {
 		blake2s_update(&state, (uint8_t *)&satosin(sa)->sin_addr,
@@ -284,10 +284,10 @@ ratelimit_init(struct ratelimit *rl, uma_zone_t zone)
 static void
 ratelimit_deinit(struct ratelimit *rl)
 {
-	rw_enter_write(&rl->rl_lock);
+	rw_wlock(&rl->rl_lock);
 	ratelimit_gc(rl, 1);
 	hashdestroy(rl->rl_table, M_DEVBUF, rl->rl_table_mask);
-	rw_exit_write(&rl->rl_lock);
+	rw_wunlock(&rl->rl_lock);
 }
 
 static void
@@ -297,7 +297,7 @@ ratelimit_gc(struct ratelimit *rl, int force)
 	struct ratelimit_entry *r, *tr;
 	sbintime_t expiry, now;
 
-	rw_assert_wrlock(&rl->rl_lock);
+	rw_assert(&rl->rl_lock, RA_WLOCKED);
 
 	if (force) {
 		for (i = 0; i < RATELIMIT_SIZE; i++) {
@@ -347,7 +347,7 @@ ratelimit_allow(struct ratelimit *rl, struct sockaddr *sa)
 	else
 		return ret;
 
-	rw_enter_write(&rl->rl_lock);
+	rw_wlock(&rl->rl_lock);
 
 	LIST_FOREACH(r, &rl->rl_table[key & rl->rl_table_mask], r_entry) {
 		if (r->r_af != sa->sa_family)
@@ -416,7 +416,7 @@ ratelimit_allow(struct ratelimit *rl, struct sockaddr *sa)
 ok:
 	ret = 0;
 error:
-	rw_exit_write(&rl->rl_lock);
+	rw_wunlock(&rl->rl_lock);
 	return ret;
 }
 
diff --git a/src/wg_noise.c b/src/wg_noise.c
index 4beb9fd..4595dc7 100644
--- a/src/wg_noise.c
+++ b/src/wg_noise.c
@@ -13,6 +13,7 @@
 #include <sys/refcount.h>
 #include <sys/epoch.h>
 #include <sys/ck.h>
+#include <sys/endian.h>
 #include <crypto/siphash/siphash.h>
 
 #include "crypto.h"
@@ -442,7 +443,7 @@ noise_remote_index(struct noise_local *l, uint32_t idx) {
 static int
 noise_remote_index_remove(struct noise_local *l, struct noise_remote *r)
 {
-	rw_assert_wrlock(&r->r_handshake_lock);
+	rw_assert(&r->r_handshake_lock, RA_WLOCKED);
 	if (r->r_handshake_state != HANDSHAKE_DEAD) {
 		rw_wlock(&l->l_index_lock);
 		CK_LIST_REMOVE(&r->r_index, i_entry);
@@ -626,7 +627,7 @@ noise_add_new_keypair(struct noise_local *l, struct noise_remote *r,
 	rw_wunlock(&r->r_keypair_lock);
 
 	/* Insert into index table */
-	rw_assert_wrlock(&r->r_handshake_lock);
+	rw_assert(&r->r_handshake_lock, RA_WLOCKED);
 
 	kp->kp_index.i_is_keypair = true;
 	kp->kp_index.i_local_index = r_i->i_local_index;
@@ -645,7 +646,7 @@ noise_begin_session(struct noise_remote *r)
 {
 	struct noise_keypair *kp;
 
-	rw_assert_wrlock(&r->r_handshake_lock);
+	rw_assert(&r->r_handshake_lock, RA_WLOCKED);
 
 	if ((kp = malloc(sizeof(*kp), M_NOISE, M_NOWAIT)) == NULL)
 		return (ENOSPC);