Questions about PF_KEY interface
blue
susan.lan at zyxel.com.tw
Mon Jun 25 06:50:08 UTC 2007
Dear all:
I found there are two directories about PF_KEY interface: netkey and
netipsec under $FreeBSD src$\sys\.
Looking into the makefile, the one that is currently used and built in
is netkey.
However, I am wondering what's the purpose for netipsec?
Besides, the handling for the global variable "regtree", which is used
for key registery, in netipsec seems more proper to me.
For example, when a key is needed to register, the static function,
key_register(), which is defined in [netkey/netipsec]/key.c, will be called.
However, in netkey/key.c, key_register() will not call mtx_lock before
the operation of the global variable, regtree. On the other hand, in
netipsec/key.c, key_register() will mtx_lock. In my opinion, I think the
latter should be correct since there may be various processes to call
the function. Without the protection, race condition will occur!
Many thanks.
blue
More information about the freebsd-net
mailing list