Check if solock of PCB is held when SP caches in the PCB are accessed
To this end, a back pointer from inpcbpolicy to inpcb_hdr is added.
This commit is contained in:
parent
a06215af07
commit
5cfcce1f60
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: in_pcb.c,v 1.177 2017/04/20 08:45:09 ozaki-r Exp $ */
|
||||
/* $NetBSD: in_pcb.c,v 1.178 2017/04/25 05:44:11 ozaki-r Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
||||
|
@ -93,7 +93,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: in_pcb.c,v 1.177 2017/04/20 08:45:09 ozaki-r Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: in_pcb.c,v 1.178 2017/04/25 05:44:11 ozaki-r Exp $");
|
||||
|
||||
#ifdef _KERNEL_OPT
|
||||
#include "opt_inet.h"
|
||||
|
@ -211,6 +211,7 @@ in_pcballoc(struct socket *so, void *v)
|
|||
pool_put(&inpcb_pool, inp);
|
||||
return error;
|
||||
}
|
||||
inp->inp_sp->sp_inph = (struct inpcb_hdr *)inp;
|
||||
}
|
||||
#endif
|
||||
so->so_pcb = inp;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: in_pcb_hdr.h,v 1.11 2014/05/30 01:39:03 christos Exp $ */
|
||||
/* $NetBSD: in_pcb_hdr.h,v 1.12 2017/04/25 05:44:11 ozaki-r Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (C) 2003 WIDE Project.
|
||||
|
@ -84,6 +84,7 @@ struct inpcb_hdr {
|
|||
};
|
||||
|
||||
#define sotoinpcb_hdr(so) ((struct inpcb_hdr *)(so)->so_pcb)
|
||||
#define inph_locked(inph) (solocked((inph)->inph_socket))
|
||||
|
||||
LIST_HEAD(inpcbhead, inpcb_hdr);
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: in6_pcb.c,v 1.160 2017/04/20 08:45:09 ozaki-r Exp $ */
|
||||
/* $NetBSD: in6_pcb.c,v 1.161 2017/04/25 05:44:11 ozaki-r Exp $ */
|
||||
/* $KAME: in6_pcb.c,v 1.84 2001/02/08 18:02:08 itojun Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -62,7 +62,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: in6_pcb.c,v 1.160 2017/04/20 08:45:09 ozaki-r Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: in6_pcb.c,v 1.161 2017/04/25 05:44:11 ozaki-r Exp $");
|
||||
|
||||
#ifdef _KERNEL_OPT
|
||||
#include "opt_inet.h"
|
||||
|
@ -178,6 +178,7 @@ in6_pcballoc(struct socket *so, void *v)
|
|||
pool_put(&in6pcb_pool, in6p);
|
||||
return error;
|
||||
}
|
||||
in6p->in6p_sp->sp_inph = (struct inpcb_hdr *)in6p;
|
||||
}
|
||||
#endif /* IPSEC */
|
||||
s = splsoftnet();
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: ipsec.c,v 1.83 2017/04/21 08:39:06 ozaki-r Exp $ */
|
||||
/* $NetBSD: ipsec.c,v 1.84 2017/04/25 05:44:11 ozaki-r Exp $ */
|
||||
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
|
||||
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
|
||||
|
||||
|
@ -32,7 +32,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.83 2017/04/21 08:39:06 ozaki-r Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.84 2017/04/25 05:44:11 ozaki-r Exp $");
|
||||
|
||||
/*
|
||||
* IPsec controller part.
|
||||
|
@ -214,6 +214,7 @@ ipsec_checkpcbcache(struct mbuf *m, struct inpcbpolicy *pcbsp, int dir)
|
|||
KASSERT(IPSEC_DIR_IS_VALID(dir));
|
||||
KASSERT(pcbsp != NULL);
|
||||
KASSERT(dir < sizeof(pcbsp->sp_cache)/sizeof(pcbsp->sp_cache[0]));
|
||||
KASSERT(inph_locked(pcbsp->sp_inph));
|
||||
|
||||
/* SPD table change invalidate all the caches. */
|
||||
if (ipsec_spdgen != pcbsp->sp_cache[dir].cachegen) {
|
||||
|
@ -270,6 +271,7 @@ ipsec_fillpcbcache(struct inpcbpolicy *pcbsp, struct mbuf *m,
|
|||
|
||||
KASSERT(IPSEC_DIR_IS_INOROUT(dir));
|
||||
KASSERT(dir < sizeof(pcbsp->sp_cache)/sizeof(pcbsp->sp_cache[0]));
|
||||
KASSERT(inph_locked(pcbsp->sp_inph));
|
||||
|
||||
if (pcbsp->sp_cache[dir].cachesp)
|
||||
KEY_FREESP(&pcbsp->sp_cache[dir].cachesp);
|
||||
|
@ -313,6 +315,8 @@ ipsec_invalpcbcache(struct inpcbpolicy *pcbsp, int dir)
|
|||
{
|
||||
int i;
|
||||
|
||||
KASSERT(inph_locked(pcbsp->sp_inph));
|
||||
|
||||
for (i = IPSEC_DIR_INBOUND; i <= IPSEC_DIR_OUTBOUND; i++) {
|
||||
if (dir != IPSEC_DIR_ANY && i != dir)
|
||||
continue;
|
||||
|
@ -331,6 +335,8 @@ void
|
|||
ipsec_pcbconn(struct inpcbpolicy *pcbsp)
|
||||
{
|
||||
|
||||
KASSERT(inph_locked(pcbsp->sp_inph));
|
||||
|
||||
pcbsp->sp_cacheflags |= IPSEC_PCBSP_CONNECTED;
|
||||
ipsec_invalpcbcache(pcbsp, IPSEC_DIR_ANY);
|
||||
}
|
||||
|
@ -339,6 +345,8 @@ void
|
|||
ipsec_pcbdisconn(struct inpcbpolicy *pcbsp)
|
||||
{
|
||||
|
||||
KASSERT(inph_locked(pcbsp->sp_inph));
|
||||
|
||||
pcbsp->sp_cacheflags &= ~IPSEC_PCBSP_CONNECTED;
|
||||
ipsec_invalpcbcache(pcbsp, IPSEC_DIR_ANY);
|
||||
}
|
||||
|
@ -447,6 +455,7 @@ ipsec_getpolicybysock(struct mbuf *m, u_int dir, struct inpcb_hdr *inph,
|
|||
KASSERTMSG(IPSEC_DIR_IS_INOROUT(dir), "invalid direction %u", dir);
|
||||
|
||||
KASSERT(inph->inph_socket != NULL);
|
||||
KASSERT(inph_locked(inph));
|
||||
|
||||
/* XXX FIXME inpcb/in6pcb vs socket*/
|
||||
af = inph->inph_af;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: ipsec.h,v 1.43 2017/04/20 08:46:07 ozaki-r Exp $ */
|
||||
/* $NetBSD: ipsec.h,v 1.44 2017/04/25 05:44:11 ozaki-r Exp $ */
|
||||
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.h,v 1.2.4.2 2004/02/14 22:23:23 bms Exp $ */
|
||||
/* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */
|
||||
|
||||
|
@ -130,6 +130,7 @@ struct inpcbpolicy {
|
|||
} sp_cache[3]; /* XXX 3 == IPSEC_DIR_MAX */
|
||||
int sp_cacheflags;
|
||||
#define IPSEC_PCBSP_CONNECTED 1
|
||||
struct inpcb_hdr *sp_inph; /* back pointer */
|
||||
};
|
||||
|
||||
#define IPSEC_PCB_SKIP_IPSEC(inpp, dir) \
|
||||
|
|
Loading…
Reference in New Issue