Date: Thu, 17 Mar 2005 04:38:40 +0900 From: Hajimu UMEMOTO <ume@freebsd.org> To: Sam Leffler <sam@errno.com> Cc: freebsd-stable@freebsd.org Subject: Re: RELENG_5 and FAST_IPSEC limits Message-ID: <ygeis3rbcu7.wl%ume@mahoroba.org> In-Reply-To: <4238782A.7010606@errno.com> References: <6.2.1.2.0.20050315112131.054b56f8@64.7.153.2> <4237523B.7090005@errno.com> <ygek6o7inb5.wl%ume@mahoroba.org> <4238782A.7010606@errno.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
>>>>> On Wed, 16 Mar 2005 10:17:14 -0800
>>>>> Sam Leffler <sam@errno.com> said:
sam> Note the change lacks any locking so if your SA db is changing there's a
sam> good chance you'll blow up.
Ah, yes. I forgot the fact that FAST_IPSEC is mpsafe.
How about this? This is againt sys/netipsec/key.c with my previous
patch applied.
Index: sys/netipsec/key.c
diff -u -p sys/netipsec/key.c.old sys/netipsec/key.c
--- sys/netipsec/key.c.old Thu Mar 17 03:52:18 2005
+++ sys/netipsec/key.c Thu Mar 17 04:01:50 2005
@@ -2408,6 +2408,7 @@ key_setspddump(errorp)
/* search SPD entry and get buffer size. */
cnt = 0;
+ SPTREE_LOCK();
for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
LIST_FOREACH(sp, &sptree[dir], chain) {
cnt++;
@@ -2415,6 +2416,7 @@ key_setspddump(errorp)
}
if (cnt == 0) {
+ SPTREE_UNLOCK();
*errorp = ENOENT;
return (NULL);
}
@@ -2426,6 +2428,7 @@ key_setspddump(errorp)
n = key_setdumpsp(sp, SADB_X_SPDDUMP, cnt, 0);
if (!n) {
+ SPTREE_UNLOCK();
*errorp = ENOBUFS;
m_freem(m);
return (NULL);
@@ -2438,6 +2441,7 @@ key_setspddump(errorp)
}
}
}
+ SPTREE_UNLOCK();
*errorp = 0;
return (m);
@@ -6572,6 +6576,7 @@ key_setdump(req_satype, errorp)
/* count sav entries to be sent to the userland. */
cnt = 0;
+ SAHTREE_LOCK();
LIST_FOREACH(sah, &sahtree, chain) {
if (req_satype != SADB_SATYPE_UNSPEC &&
proto != sah->saidx.proto)
@@ -6588,6 +6593,7 @@ key_setdump(req_satype, errorp)
}
if (cnt == 0) {
+ SAHTREE_UNLOCK();
*errorp = ENOENT;
return (NULL);
}
@@ -6601,6 +6607,7 @@ key_setdump(req_satype, errorp)
/* map proto to satype */
if ((satype = key_proto2satype(sah->saidx.proto)) == 0) {
+ SAHTREE_UNLOCK();
m_freem(m);
*errorp = EINVAL;
return (NULL);
@@ -6614,6 +6621,7 @@ key_setdump(req_satype, errorp)
n = key_setdumpsa(sav, SADB_DUMP, satype,
--cnt, 0);
if (!n) {
+ SAHTREE_UNLOCK();
m_freem(m);
*errorp = ENOBUFS;
return (NULL);
@@ -6626,6 +6634,7 @@ key_setdump(req_satype, errorp)
}
}
}
+ SAHTREE_UNLOCK();
if (!m) {
*errorp = EINVAL;
Sincerely,
--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@mahoroba.org ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ygeis3rbcu7.wl%ume>