Locks SPTREE when setting some SP entries to state DEAD.

This can prevent kernel panics when updating SPs while there is some traffic for them. Obtained from: NETASQ MFC after: 1m
author: vanhu <vanhu@FreeBSD.org> 2010-04-15 12:40:33 +0000
committer: vanhu <vanhu@FreeBSD.org> 2010-04-15 12:40:33 +0000
commit: 1f00f9ada8a046ee4db4a1aa486a9d5b6fc39998 (patch)
tree: dcd4c408860be8be907ddc3fc845a74c1c00e5ad /sys/netipsec
parent: 6fc5d132fefd5f485e33d73a48db74f485e4e750 (diff)
download: FreeBSD-src-1f00f9ada8a046ee4db4a1aa486a9d5b6fc39998.zip
FreeBSD-src-1f00f9ada8a046ee4db4a1aa486a9d5b6fc39998.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c
index e3a61ac..2b17fb0 100644
--- a/sys/netipsec/key.c
+++ b/sys/netipsec/key.c
@@ -1882,7 +1882,9 @@ key_spdadd(so, m, mhp)
 	newsp = key_getsp(&spidx);
 	if (mhp->msg->sadb_msg_type == SADB_X_SPDUPDATE) {
 		if (newsp) {
+			SPTREE_LOCK();
 			newsp->state = IPSEC_SPSTATE_DEAD;
+			SPTREE_UNLOCK();
 			KEY_FREESP(&newsp);
 		}
 	} else {
@@ -2117,7 +2119,9 @@ key_spddelete(so, m, mhp)
 	/* save policy id to buffer to be returned. */
 	xpl0->sadb_x_policy_id = sp->id;
 
+	SPTREE_LOCK();
 	sp->state = IPSEC_SPSTATE_DEAD;
+	SPTREE_UNLOCK();
 	KEY_FREESP(&sp);
 
     {
@@ -2184,7 +2188,9 @@ key_spddelete2(so, m, mhp)
 		return key_senderror(so, m, EINVAL);
 	}
 
+	SPTREE_LOCK();
 	sp->state = IPSEC_SPSTATE_DEAD;
+	SPTREE_UNLOCK();
 	KEY_FREESP(&sp);
 
     {
author	vanhu <vanhu@FreeBSD.org>	2010-04-15 12:40:33 +0000
committer	vanhu <vanhu@FreeBSD.org>	2010-04-15 12:40:33 +0000
commit	1f00f9ada8a046ee4db4a1aa486a9d5b6fc39998 (patch)
tree	dcd4c408860be8be907ddc3fc845a74c1c00e5ad /sys/netipsec
parent	6fc5d132fefd5f485e33d73a48db74f485e4e750 (diff)
download	FreeBSD-src-1f00f9ada8a046ee4db4a1aa486a9d5b6fc39998.zip FreeBSD-src-1f00f9ada8a046ee4db4a1aa486a9d5b6fc39998.tar.gz