Hi,
In IPsec policy replace integer refcount with atomic refcount.
It is a bit strange that ipo_refcnt is never taken, but let's go
towards MP safety in small steps.
ok?
bluhm
Index: net/pfkeyv2.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/net/pfkeyv2.c,v
retrieving revision 1.231
diff -u -p -r1.231 pfkeyv2.c
--- net/pfkeyv2.c 25 Feb 2022 23:51:03 -0000 1.231
+++ net/pfkeyv2.c 8 Mar 2022 18:44:28 -0000
@@ -1996,7 +1996,7 @@ pfkeyv2_send(struct socket *so, void *me
TAILQ_INIT(&ipo->ipo_acquires);
ipo->ipo_rdomain = rdomain;
- ipo->ipo_ref_count = 1;
+ refcnt_init(&ipo->ipo_refcnt);
/* Add SPD entry */
if ((rnh = spd_table_get(rdomain)) == NULL ||
Index: netinet/ip_ipsp.h
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ip_ipsp.h,v
retrieving revision 1.235
diff -u -p -r1.235 ip_ipsp.h
--- netinet/ip_ipsp.h 2 Mar 2022 20:16:43 -0000 1.235
+++ netinet/ip_ipsp.h 8 Mar 2022 18:43:38 -0000
@@ -281,7 +281,7 @@ struct ipsec_policy {
u_int8_t ipo_sproto; /* ESP/AH; if zero, use system
dflts */
u_int ipo_rdomain;
- int ipo_ref_count;
+ struct refcnt ipo_refcnt;
struct tdb *ipo_tdb; /* [p] Cached TDB entry */
Index: netinet/ip_spd.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ip_spd.c,v
retrieving revision 1.113
diff -u -p -r1.113 ip_spd.c
--- netinet/ip_spd.c 6 Mar 2022 15:24:50 -0000 1.113
+++ netinet/ip_spd.c 8 Mar 2022 18:44:32 -0000
@@ -666,11 +666,10 @@ ipsec_delete_policy(struct ipsec_policy
struct ipsec_acquire *ipa;
struct radix_node_head *rnh;
struct radix_node *rn = (struct radix_node *)ipo;
- int err = 0;
NET_ASSERT_LOCKED();
- if (--ipo->ipo_ref_count > 0)
+ if (refcnt_rele(&ipo->ipo_refcnt) == 0)
return 0;
/* Delete from SPD. */
@@ -699,7 +698,7 @@ ipsec_delete_policy(struct ipsec_policy
pool_put(&ipsec_policy_pool, ipo);
- return err;
+ return 0;
}
void
