CVSROOT: /cvs
Module name: src
Changes by: bl...@cvs.openbsd.org 2022/05/03 10:13:16
Modified files:
sys/netinet : Tag: OPENBSD_7_1 ip_ipsp.c
Log message:
When performing ipsp_ids_free(), grab `ipsec_flows_mtx' mutex(9) before do
`id_refcount' decrement. This should be consistent with `ipsp_ids_gc_list'
list modifications, otherwise concurrent ipsp_ids_insert() could remove
this dying `ids' from the list before if was placed there by
ipsp_ids_free(). This makes atomic operations with `id_refcount' useless.
Also prevent ipsp_ids_lookup() to return dying `ids'.
from mvs@; OK bluhm@
this is errata/7.1/002_ipsec.patch.sig
