svn commit: r192880 - head/sys/netipsec
VANHULLEBUS Yvan
vanhu at FreeBSD.org
Wed May 27 09:31:50 UTC 2009
Author: vanhu
Date: Wed May 27 09:31:50 2009
New Revision: 192880
URL: http://svn.freebsd.org/changeset/base/192880
Log:
Only decrease refcnt once when flushing SPD entries, to
avoid flushing entries which are still used.
Approved by: gnn(mentor)
Obtained from: NETASQ
MFC after: 1 month
Modified:
head/sys/netipsec/key.c
Modified: head/sys/netipsec/key.c
==============================================================================
--- head/sys/netipsec/key.c Wed May 27 07:30:32 2009 (r192879)
+++ head/sys/netipsec/key.c Wed May 27 09:31:50 2009 (r192880)
@@ -4103,10 +4103,21 @@ restart:
if (sp->scangen == gen) /* previously handled */
continue;
sp->scangen = gen;
- if (sp->state == IPSEC_SPSTATE_DEAD) {
- /* NB: clean entries created by key_spdflush */
+ if (sp->state == IPSEC_SPSTATE_DEAD &&
+ sp->refcnt == 1) {
+ /*
+ * Ensure that we only decrease refcnt once,
+ * when we're the last consumer.
+ * Directly call SP_DELREF/key_delsp instead
+ * of KEY_FREESP to avoid unlocking/relocking
+ * SPTREE_LOCK before key_delsp: may refcnt
+ * be increased again during that time ?
+ * NB: also clean entries created by
+ * key_spdflush
+ */
+ SP_DELREF(sp);
+ key_delsp(sp);
SPTREE_UNLOCK();
- KEY_FREESP(&sp);
goto restart;
}
if (sp->lifetime == 0 && sp->validtime == 0)
@@ -4116,7 +4127,6 @@ restart:
sp->state = IPSEC_SPSTATE_DEAD;
SPTREE_UNLOCK();
key_spdexpire(sp);
- KEY_FREESP(&sp);
goto restart;
}
}
More information about the svn-src-head
mailing list