svn commit: r206659 - head/sys/netipsec
VANHULLEBUS Yvan
vanhu at FreeBSD.org
Thu Apr 15 12:40:33 UTC 2010
Author: vanhu
Date: Thu Apr 15 12:40:33 2010
New Revision: 206659
URL: http://svn.freebsd.org/changeset/base/206659
Log:
Locks SPTREE when setting some SP entries to state DEAD.
This can prevent kernel panics when updating SPs while
there is some traffic for them.
Obtained from: NETASQ
MFC after: 1m
Modified:
head/sys/netipsec/key.c
Modified: head/sys/netipsec/key.c
==============================================================================
--- head/sys/netipsec/key.c Thu Apr 15 12:40:02 2010 (r206658)
+++ head/sys/netipsec/key.c Thu Apr 15 12:40:33 2010 (r206659)
@@ -1882,7 +1882,9 @@ key_spdadd(so, m, mhp)
newsp = key_getsp(&spidx);
if (mhp->msg->sadb_msg_type == SADB_X_SPDUPDATE) {
if (newsp) {
+ SPTREE_LOCK();
newsp->state = IPSEC_SPSTATE_DEAD;
+ SPTREE_UNLOCK();
KEY_FREESP(&newsp);
}
} else {
@@ -2117,7 +2119,9 @@ key_spddelete(so, m, mhp)
/* save policy id to buffer to be returned. */
xpl0->sadb_x_policy_id = sp->id;
+ SPTREE_LOCK();
sp->state = IPSEC_SPSTATE_DEAD;
+ SPTREE_UNLOCK();
KEY_FREESP(&sp);
{
@@ -2184,7 +2188,9 @@ key_spddelete2(so, m, mhp)
return key_senderror(so, m, EINVAL);
}
+ SPTREE_LOCK();
sp->state = IPSEC_SPSTATE_DEAD;
+ SPTREE_UNLOCK();
KEY_FREESP(&sp);
{
More information about the svn-src-head
mailing list