Dan McDonald wrote:
> Hello folks!
>
> As background, please consult the following webrev:
>
> http://cr.opensolaris.org/~danmcd/6777776/
I don't thinking swapping the order in ipsecesp_ddi_destroy() makes any
difference. If you get here and there are taskqs that haven't completed
yet, then those taskqs better have a way to check that the netstack is
still around.
Of course, if you take Jim's suggesting to hold a ref for each
taskq_dispatch, then you will never get to ipsecesp_ddi_destroy() with
references around.
> You'll notice that for the actual bugfix, my taskq callback function checks
> and verifies that the IP instance of the packet still exists. The taskq is
> instantiated once for ESP, so I figured checking for IP Instances
> disappearing (as we do with esp_kcf_callback() and its callers) is a good
> idea.
>
> Since I used the taskq, however, I looked at the other taskq callers, and the
> only other callbacks are ipsecesp.c:inbound_task() (and its ipsecah
> counterpart) and sadb_clear_buf_pkt(). Both of those are called after key
> management (e.g. IKE) finish SADB_UPDATE or SADB_ADD entries respectively.
>
> Is it theoretically possible for an instance to get nuked between taskq
> submission and taskq callback execution?
I don't know of an upper bound on the time from a taskq_dispatch until
the task runs. So some safety would seem prudent.
Erik
_______________________________________________
networking-discuss mailing list
[email protected]
