Revision: 18223
http://sourceforge.net/p/edk2/code/18223
Author: jiaxinwu
Date: 2015-08-14 07:41:51 +0000 (Fri, 14 Aug 2015)
Log Message:
-----------
NetworkPkg: Fix hang issue after system reconnected when IPSec has set up
IpSecStop() is incompetent to send out the delete information since the
underlying
IP child has been destroyed. Delete all established IKE SAs and related
Child SAs directly.
Cc: Ye Ting <[email protected]>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <[email protected]>
Reviewed-by: Ye Ting <[email protected]>
Modified Paths:
--------------
trunk/edk2/NetworkPkg/IpSecDxe/IkeService.c
trunk/edk2/NetworkPkg/IpSecDxe/IkeService.h
trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Exchange.c
trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Utility.c
trunk/edk2/NetworkPkg/IpSecDxe/IpSecDriver.c
Modified: trunk/edk2/NetworkPkg/IpSecDxe/IkeService.c
===================================================================
--- trunk/edk2/NetworkPkg/IpSecDxe/IkeService.c 2015-08-14 07:20:09 UTC (rev
18222)
+++ trunk/edk2/NetworkPkg/IpSecDxe/IkeService.c 2015-08-14 07:41:51 UTC (rev
18223)
@@ -15,7 +15,6 @@
#include "IkeService.h"
#include "IpSecConfigImpl.h"
-#include "Ikev2/Utility.h"
IKE_EXCHANGE_INTERFACE *mIkeExchange[] = {
&mIkev1Exchange,
Modified: trunk/edk2/NetworkPkg/IpSecDxe/IkeService.h
===================================================================
--- trunk/edk2/NetworkPkg/IpSecDxe/IkeService.h 2015-08-14 07:20:09 UTC (rev
18222)
+++ trunk/edk2/NetworkPkg/IpSecDxe/IkeService.h 2015-08-14 07:41:51 UTC (rev
18223)
@@ -1,7 +1,7 @@
/** @file
Prototypes definitions of IKE service.
- Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -19,6 +19,7 @@
#include "Ike.h"
#include "IpSecImpl.h"
#include "IkeCommon.h"
+#include "Ikev2/Utility.h"
#define IPSEC_CRYPTO_LIB_MEMORY 128 * 1024
Modified: trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Exchange.c
===================================================================
--- trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Exchange.c 2015-08-14 07:20:09 UTC
(rev 18222)
+++ trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Exchange.c 2015-08-14 07:41:51 UTC
(rev 18223)
@@ -1,7 +1,7 @@
/** @file
The general interfaces of the IKEv2.
- Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -330,7 +330,7 @@
//
// Send out the Packet
//
- if (UdpService != NULL) {
+ if (UdpService != NULL && UdpService->Output != NULL) {
Status = Ikev2SendIkePacket (UdpService, (UINT8 *) SaCommon, IkePacket,
0);
if (EFI_ERROR (Status)) {
@@ -357,7 +357,7 @@
//
// Send out the Packet
//
- if (UdpService != NULL) {
+ if (UdpService != NULL && UdpService->Output != NULL) {
Status = Ikev2SendIkePacket (UdpService, (UINT8 *)
&ChildSaSession->SessionCommon, IkePacket, 0);
if (EFI_ERROR (Status)) {
Modified: trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Utility.c
===================================================================
--- trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Utility.c 2015-08-14 07:20:09 UTC
(rev 18222)
+++ trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Utility.c 2015-08-14 07:41:51 UTC
(rev 18223)
@@ -2,7 +2,7 @@
The Common operations used by IKE Exchange Process.
(C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>
- Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -891,9 +891,7 @@
RemoteSelector = NULL;
UdpService = IkeSaSession->SessionCommon.UdpService;
- Private = (UdpService->IpVersion == IP_VERSION_4) ?
- IPSEC_PRIVATE_DATA_FROM_UDP4LIST(UdpService->ListHead) :
- IPSEC_PRIVATE_DATA_FROM_UDP6LIST(UdpService->ListHead);
+ Private = IkeSaSession->SessionCommon.Private;
//
// Remove the Established SA from ChildSaEstablishlist.
Modified: trunk/edk2/NetworkPkg/IpSecDxe/IpSecDriver.c
===================================================================
--- trunk/edk2/NetworkPkg/IpSecDxe/IpSecDriver.c 2015-08-14 07:20:09 UTC
(rev 18222)
+++ trunk/edk2/NetworkPkg/IpSecDxe/IpSecDriver.c 2015-08-14 07:41:51 UTC
(rev 18223)
@@ -1,7 +1,7 @@
/** @file
Driver Binding Protocol for IPsec Driver.
- Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -178,6 +178,7 @@
IKE_UDP_SERVICE *UdpSrv;
LIST_ENTRY *Entry;
LIST_ENTRY *Next;
+ IKEV2_SA_SESSION *Ikev2SaSession;
//
// Locate ipsec protocol to get private data.
@@ -196,7 +197,27 @@
//
if ((IpVersion == IP_VERSION_4 && Private->Udp6Num ==0) ||
(IpVersion == IP_VERSION_6 && Private->Udp4Num ==0)) {
- IkeDeleteAllSas (Private, FALSE);
+ //
+ // If IKEv2 SAs are under establishing, delete it directly.
+ //
+ if (!IsListEmpty (&Private->Ikev2SessionList)) {
+ NET_LIST_FOR_EACH_SAFE (Entry, Next, &Private->Ikev2SessionList) {
+ Ikev2SaSession = IKEV2_SA_SESSION_BY_SESSION (Entry);
+ RemoveEntryList (&Ikev2SaSession->BySessionTable);
+ Ikev2SaSessionFree (Ikev2SaSession);
+ }
+ }
+
+ //
+ // Delete established IKEv2 SAs.
+ //
+ if (!IsListEmpty (&Private->Ikev2EstablishedList)) {
+ NET_LIST_FOR_EACH_SAFE (Entry, Next, &Private->Ikev2EstablishedList) {
+ Ikev2SaSession = IKEV2_SA_SESSION_BY_SESSION (Entry);
+ RemoveEntryList (&Ikev2SaSession->BySessionTable);
+ Ikev2SaSessionFree (Ikev2SaSession);
+ }
+ }
}
if (IpVersion == IP_VERSION_4) {
------------------------------------------------------------------------------
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
