Questions about PF_KEY interface
susan.lan at zyxel.com.tw
Mon Jun 25 06:50:08 UTC 2007
I found there are two directories about PF_KEY interface: netkey and
netipsec under $FreeBSD src$\sys\.
Looking into the makefile, the one that is currently used and built in
However, I am wondering what's the purpose for netipsec?
Besides, the handling for the global variable "regtree", which is used
for key registery, in netipsec seems more proper to me.
For example, when a key is needed to register, the static function,
key_register(), which is defined in [netkey/netipsec]/key.c, will be called.
However, in netkey/key.c, key_register() will not call mtx_lock before
the operation of the global variable, regtree. On the other hand, in
netipsec/key.c, key_register() will mtx_lock. In my opinion, I think the
latter should be correct since there may be various processes to call
the function. Without the protection, race condition will occur!
More information about the freebsd-net