Date: Mon, 2 Jan 2017 10:16:41 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r311097 - in projects/ipsec/sys: net netipsec Message-ID: <201701021016.v02AGfga026047@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Mon Jan 2 10:16:41 2017 New Revision: 311097 URL: https://svnweb.freebsd.org/changeset/base/311097 Log: Revert r309611. At least racoon depends on such notifications. Also fix SP reference leak. Modified: projects/ipsec/sys/net/if_ipsec.c projects/ipsec/sys/netipsec/key.c Modified: projects/ipsec/sys/net/if_ipsec.c ============================================================================== --- projects/ipsec/sys/net/if_ipsec.c Mon Jan 2 09:50:51 2017 (r311096) +++ projects/ipsec/sys/net/if_ipsec.c Mon Jan 2 10:16:41 2017 (r311097) @@ -956,8 +956,11 @@ ipsec_set_tunnel(struct ipsec_softc *sc, } sc->ifp->if_drv_flags |= IFF_DRV_RUNNING; - if (f != 0) + if (f != 0) { key_unregister_ifnet(oldsp, IPSEC_SPCOUNT); + for (i = 0; i < IPSEC_SPCOUNT; i++) + key_freesp(&oldsp[i]); + } return (0); } @@ -986,5 +989,7 @@ ipsec_delete_tunnel(struct ifnet *ifp, i if (!locked) IPSEC_SC_WUNLOCK(); key_unregister_ifnet(oldsp, IPSEC_SPCOUNT); + for (i = 0; i < IPSEC_SPCOUNT; i++) + key_freesp(&oldsp[i]); } } Modified: projects/ipsec/sys/netipsec/key.c ============================================================================== --- projects/ipsec/sys/netipsec/key.c Mon Jan 2 09:50:51 2017 (r311096) +++ projects/ipsec/sys/netipsec/key.c Mon Jan 2 10:16:41 2017 (r311097) @@ -1132,6 +1132,7 @@ done: int key_register_ifnet(struct secpolicy **spp, u_int count) { + struct mbuf *m; u_int i; SPTREE_WLOCK(); @@ -1161,12 +1162,21 @@ key_register_ifnet(struct secpolicy **sp spp[i]->state = IPSEC_SPSTATE_IFNET; } SPTREE_WUNLOCK(); + /* + * Notify user processes about new SP. + */ + for (i = 0; i < count; i++) { + m = key_setdumpsp(spp[i], SADB_X_SPDADD, 0, 0); + if (m != NULL) + key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL); + } return (0); } void key_unregister_ifnet(struct secpolicy **spp, u_int count) { + struct mbuf *m; u_int i; SPTREE_WLOCK(); @@ -1183,6 +1193,12 @@ key_unregister_ifnet(struct secpolicy ** LIST_REMOVE(spp[i], idhash); } SPTREE_WUNLOCK(); + + for (i = 0; i < count; i++) { + m = key_setdumpsp(spp[i], SADB_X_SPDDELETE, 0, 0); + if (m != NULL) + key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL); + } } /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201701021016.v02AGfga026047>