RELENG_5 and FAST_IPSEC limits
Hajimu UMEMOTO
ume at freebsd.org
Wed Mar 16 11:39:07 PST 2005
Hi,
>>>>> On Wed, 16 Mar 2005 10:17:14 -0800
>>>>> Sam Leffler <sam at errno.com> said:
sam> Note the change lacks any locking so if your SA db is changing there's a
sam> good chance you'll blow up.
Ah, yes. I forgot the fact that FAST_IPSEC is mpsafe.
How about this? This is againt sys/netipsec/key.c with my previous
patch applied.
Index: sys/netipsec/key.c
diff -u -p sys/netipsec/key.c.old sys/netipsec/key.c
--- sys/netipsec/key.c.old Thu Mar 17 03:52:18 2005
+++ sys/netipsec/key.c Thu Mar 17 04:01:50 2005
@@ -2408,6 +2408,7 @@ key_setspddump(errorp)
/* search SPD entry and get buffer size. */
cnt = 0;
+ SPTREE_LOCK();
for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
LIST_FOREACH(sp, &sptree[dir], chain) {
cnt++;
@@ -2415,6 +2416,7 @@ key_setspddump(errorp)
}
if (cnt == 0) {
+ SPTREE_UNLOCK();
*errorp = ENOENT;
return (NULL);
}
@@ -2426,6 +2428,7 @@ key_setspddump(errorp)
n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt, 0);
if (!n) {
+ SPTREE_UNLOCK();
*errorp = ENOBUFS;
m_freem(m);
return (NULL);
@@ -2438,6 +2441,7 @@ key_setspddump(errorp)
}
}
}
+ SPTREE_UNLOCK();
*errorp = 0;
return (m);
@@ -6572,6 +6576,7 @@ key_setdump(req_satype, errorp)
/* count sav entries to be sent to the userland. */
cnt = 0;
+ SAHTREE_LOCK();
LIST_FOREACH(sah, &sahtree, chain) {
if (req_satype != SADB_SATYPE_UNSPEC &&
proto != sah->saidx.proto)
@@ -6588,6 +6593,7 @@ key_setdump(req_satype, errorp)
}
if (cnt == 0) {
+ SAHTREE_UNLOCK();
*errorp = ENOENT;
return (NULL);
}
@@ -6601,6 +6607,7 @@ key_setdump(req_satype, errorp)
/* map proto to satype */
if ((satype = key_proto2satype(sah->saidx.proto)) == 0) {
+ SAHTREE_UNLOCK();
m_freem(m);
*errorp = EINVAL;
return (NULL);
@@ -6614,6 +6621,7 @@ key_setdump(req_satype, errorp)
n = key_setdumpsa(sav, SADB_DUMP, satype,
--cnt, 0);
if (!n) {
+ SAHTREE_UNLOCK();
m_freem(m);
*errorp = ENOBUFS;
return (NULL);
@@ -6626,6 +6634,7 @@ key_setdump(req_satype, errorp)
}
}
}
+ SAHTREE_UNLOCK();
if (!m) {
*errorp = EINVAL;
Sincerely,
--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume at mahoroba.org ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/
More information about the freebsd-stable
mailing list