MFC: Locks SPTREE when setting some SP entries to state DEAD.

This can prevent kernel panics when updating SPs while there is some traffic for them. Obtained from: NETASQ
author: vanhu <vanhu@FreeBSD.org> 2010-05-17 15:31:24 +0000
committer: vanhu <vanhu@FreeBSD.org> 2010-05-17 15:31:24 +0000
commit: 8bca11513bec04b329a7ce2c4feae120d3175694 (patch)
tree: 94eb5d4b6bef9fdca7e4be9898d8b367c9f29113 /sys/netipsec
parent: e058c73bc5fcf603d4ea8f776c416ac1b7b0bf13 (diff)
download: FreeBSD-src-8bca11513bec04b329a7ce2c4feae120d3175694.zip
FreeBSD-src-8bca11513bec04b329a7ce2c4feae120d3175694.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c
index b43acb8..71e1249 100644
--- a/sys/netipsec/key.c
+++ b/sys/netipsec/key.c
@@ -1882,7 +1882,9 @@ key_spdadd(so, m, mhp)
 	newsp = key_getsp(&spidx);
 	if (mhp->msg->sadb_msg_type == SADB_X_SPDUPDATE) {
 		if (newsp) {
+			SPTREE_LOCK();
 			newsp->state = IPSEC_SPSTATE_DEAD;
+			SPTREE_UNLOCK();
 			KEY_FREESP(&newsp);
 		}
 	} else {
@@ -2127,7 +2129,9 @@ key_spddelete(so, m, mhp)
 	/* save policy id to buffer to be returned. */
 	xpl0->sadb_x_policy_id = sp->id;
 
+	SPTREE_LOCK();
 	sp->state = IPSEC_SPSTATE_DEAD;
+	SPTREE_UNLOCK();
 	KEY_FREESP(&sp);
 
     {
@@ -2194,7 +2198,9 @@ key_spddelete2(so, m, mhp)
 		return key_senderror(so, m, EINVAL);
 	}
 
+	SPTREE_LOCK();
 	sp->state = IPSEC_SPSTATE_DEAD;
+	SPTREE_UNLOCK();
 	KEY_FREESP(&sp);
 
     {
author	vanhu <vanhu@FreeBSD.org>	2010-05-17 15:31:24 +0000
committer	vanhu <vanhu@FreeBSD.org>	2010-05-17 15:31:24 +0000
commit	8bca11513bec04b329a7ce2c4feae120d3175694 (patch)
tree	94eb5d4b6bef9fdca7e4be9898d8b367c9f29113 /sys/netipsec
parent	e058c73bc5fcf603d4ea8f776c416ac1b7b0bf13 (diff)
download	FreeBSD-src-8bca11513bec04b329a7ce2c4feae120d3175694.zip FreeBSD-src-8bca11513bec04b329a7ce2c4feae120d3175694.tar.gz