From owner-freebsd-net@FreeBSD.ORG Mon Jun 25 06:50:08 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 45A5E16A41F for ; Mon, 25 Jun 2007 06:50:08 +0000 (UTC) (envelope-from Susan.Lan@zyxel.com.tw) Received: from zyfb01-66.zyxel.com.tw (zyfb01-66.zyxel.com.tw [59.124.183.66]) by mx1.freebsd.org (Postfix) with ESMTP id E3A1713C468 for ; Mon, 25 Jun 2007 06:50:07 +0000 (UTC) (envelope-from Susan.Lan@zyxel.com.tw) Received: from zytwbe01.zyxel.com ([172.23.5.10]) by zyfb01-66.zyxel.com.tw with Microsoft SMTPSVC(6.0.3790.1830); Mon, 25 Jun 2007 14:50:06 +0800 Received: from zytwfe01.ZyXEL.com ([172.23.5.5]) by zytwbe01.zyxel.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 25 Jun 2007 14:50:06 +0800 Received: from [172.23.17.70] ([172.23.17.70]) by zytwfe01.ZyXEL.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 25 Jun 2007 14:50:05 +0800 Message-ID: <467F65A0.9010900@zyxel.com.tw> Date: Mon, 25 Jun 2007 14:50:08 +0800 From: blue User-Agent: Mozilla Thunderbird 0.9 (Windows/20041103) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 25 Jun 2007 06:50:05.0697 (UTC) FILETIME=[101DA710:01C7B6F5] Subject: Questions about PF_KEY interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Jun 2007 06:50:08 -0000 Dear all: I found there are two directories about PF_KEY interface: netkey and netipsec under $FreeBSD src$\sys\. Looking into the makefile, the one that is currently used and built in is netkey. However, I am wondering what's the purpose for netipsec? Besides, the handling for the global variable "regtree", which is used for key registery, in netipsec seems more proper to me. For example, when a key is needed to register, the static function, key_register(), which is defined in [netkey/netipsec]/key.c, will be called. However, in netkey/key.c, key_register() will not call mtx_lock before the operation of the global variable, regtree. On the other hand, in netipsec/key.c, key_register() will mtx_lock. In my opinion, I think the latter should be correct since there may be various processes to call the function. Without the protection, race condition will occur! Many thanks. blue