diff options
author | vanhu <vanhu@FreeBSD.org> | 2010-05-17 15:31:24 +0000 |
---|---|---|
committer | vanhu <vanhu@FreeBSD.org> | 2010-05-17 15:31:24 +0000 |
commit | 8bca11513bec04b329a7ce2c4feae120d3175694 (patch) | |
tree | 94eb5d4b6bef9fdca7e4be9898d8b367c9f29113 | |
parent | e058c73bc5fcf603d4ea8f776c416ac1b7b0bf13 (diff) | |
download | FreeBSD-src-8bca11513bec04b329a7ce2c4feae120d3175694.zip FreeBSD-src-8bca11513bec04b329a7ce2c4feae120d3175694.tar.gz |
MFC: Locks SPTREE when setting some SP entries to state DEAD.
This can prevent kernel panics when updating SPs while there is
some traffic for them.
Obtained from: NETASQ
-rw-r--r-- | sys/netipsec/key.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c index b43acb8..71e1249 100644 --- a/sys/netipsec/key.c +++ b/sys/netipsec/key.c @@ -1882,7 +1882,9 @@ key_spdadd(so, m, mhp) newsp = key_getsp(&spidx); if (mhp->msg->sadb_msg_type == SADB_X_SPDUPDATE) { if (newsp) { + SPTREE_LOCK(); newsp->state = IPSEC_SPSTATE_DEAD; + SPTREE_UNLOCK(); KEY_FREESP(&newsp); } } else { @@ -2127,7 +2129,9 @@ key_spddelete(so, m, mhp) /* save policy id to buffer to be returned. */ xpl0->sadb_x_policy_id = sp->id; + SPTREE_LOCK(); sp->state = IPSEC_SPSTATE_DEAD; + SPTREE_UNLOCK(); KEY_FREESP(&sp); { @@ -2194,7 +2198,9 @@ key_spddelete2(so, m, mhp) return key_senderror(so, m, EINVAL); } + SPTREE_LOCK(); sp->state = IPSEC_SPSTATE_DEAD; + SPTREE_UNLOCK(); KEY_FREESP(&sp); { |