svn commit: r195053 - in stable/7/sys: . contrib/pf netipsec

[VANHULLEBUS Yvan]

Author: vanhu
Date: Fri Jun 26 13:37:53 2009
New Revision: 195053
URL: http://svn.freebsd.org/changeset/base/195053

Log:
  MFC: Only decrease refcnt once when flushing SPD entries, to
  avoid flushing entries which are still used.
  
  Obtained from:	NETASQ

Modified:
  stable/7/sys/   (props changed)
  stable/7/sys/contrib/pf/   (props changed)
  stable/7/sys/netipsec/key.c

Modified: stable/7/sys/netipsec/key.c
==============================================================================
--- stable/7/sys/netipsec/key.c	Fri Jun 26 11:58:15 2009	(r195052)
+++ stable/7/sys/netipsec/key.c	Fri Jun 26 13:37:53 2009	(r195053)
@@ -4057,10 +4057,21 @@ restart:
 			if (sp->scangen == gen)		/* previously handled */
 				continue;
 			sp->scangen = gen;
-			if (sp->state == IPSEC_SPSTATE_DEAD) {
-				/* NB: clean entries created by key_spdflush */
+			if (sp->state == IPSEC_SPSTATE_DEAD &&
+			    sp->refcnt == 1) {
+				/*
+				 * Ensure that we only decrease refcnt once,
+				 * when we're the last consumer.
+				 * Directly call SP_DELREF/key_delsp instead
+				 * of KEY_FREESP to avoid unlocking/relocking
+				 * SPTREE_LOCK before key_delsp: may refcnt
+				 * be increased again during that time ?
+				 * NB: also clean entries created by
+				 * key_spdflush
+				 */
+				SP_DELREF(sp);
+				key_delsp(sp);
 				SPTREE_UNLOCK();
-				KEY_FREESP(&sp);
 				goto restart;
 			}
 			if (sp->lifetime == 0 && sp->validtime == 0)
@@ -4070,7 +4081,6 @@ restart:
 				sp->state = IPSEC_SPSTATE_DEAD;
 				SPTREE_UNLOCK();
 				key_spdexpire(sp);
-				KEY_FREESP(&sp);
 				goto restart;
 			}
 		}