diff options
Diffstat (limited to 'sys/netipsec')
-rw-r--r-- | sys/netipsec/ipsec.h | 3 | ||||
-rw-r--r-- | sys/netipsec/key.c | 16 |
2 files changed, 18 insertions, 1 deletions
diff --git a/sys/netipsec/ipsec.h b/sys/netipsec/ipsec.h index 7704629..dddbf4c 100644 --- a/sys/netipsec/ipsec.h +++ b/sys/netipsec/ipsec.h @@ -89,6 +89,9 @@ struct secpolicy { /* if policy == IPSEC else this value == NULL.*/ u_int refcnt; /* reference count */ u_int policy; /* policy_type per pfkeyv2.h */ + u_int state; +#define IPSEC_SPSTATE_DEAD 0 +#define IPSEC_SPSTATE_ALIVE 1 u_int32_t id; /* It's unique number on the system. */ /* * lifetime handler. diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c index a3df5b5..c19dd47 100644 --- a/sys/netipsec/key.c +++ b/sys/netipsec/key.c @@ -1193,8 +1193,14 @@ key_unlink(struct secpolicy *sp) SPTREE_UNLOCK_ASSERT(); SPTREE_WLOCK(); + if (sp->state == IPSEC_SPSTATE_DEAD) { + SPTREE_WUNLOCK(); + return; + } + sp->state = IPSEC_SPSTATE_DEAD; TAILQ_REMOVE(&V_sptree[sp->spidx.dir], sp, chain); SPTREE_WUNLOCK(); + KEY_FREESP(&sp); } /* @@ -1895,6 +1901,7 @@ key_spdadd(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp) SPTREE_WLOCK(); TAILQ_INSERT_TAIL(&V_sptree[newsp->spidx.dir], newsp, chain); + newsp->state = IPSEC_SPSTATE_ALIVE; SPTREE_WUNLOCK(); /* delete the entry in spacqtree */ @@ -2332,6 +2339,12 @@ key_spdflush(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp) for (dir = 0; dir < IPSEC_DIR_MAX; dir++) { TAILQ_CONCAT(&drainq, &V_sptree[dir], chain); } + /* + * We need to set state to DEAD for each policy to be sure, + * that another thread won't try to unlink it. + */ + TAILQ_FOREACH(sp, &drainq, chain) + sp->state = IPSEC_SPSTATE_DEAD; SPTREE_WUNLOCK(); sp = TAILQ_FIRST(&drainq); while (sp != NULL) { @@ -4207,9 +4220,10 @@ restart: now - sp->created > sp->lifetime) || (sp->validtime && now - sp->lastused > sp->validtime)) { + SP_ADDREF(sp); SPTREE_RUNLOCK(); - key_unlink(sp); key_spdexpire(sp); + key_unlink(sp); KEY_FREESP(&sp); goto restart; } |