X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/1c79356b52d46aa6b508fb032f5ae709b1f2897b..c18c124eaa464aaaa5549e99e5a70fc9cbb50944:/bsd/netkey/keydb.c diff --git a/bsd/netkey/keydb.c b/bsd/netkey/keydb.c index 9c2bebccf..362ce530f 100644 --- a/bsd/netkey/keydb.c +++ b/bsd/netkey/keydb.c @@ -29,13 +29,6 @@ * SUCH DAMAGE. */ -#if (defined(__FreeBSD__) && __FreeBSD__ >= 3) || defined(__NetBSD__) -#include "opt_inet.h" -#ifdef __NetBSD__ -#include "opt_ipsec.h" -#endif -#endif - #include #include #include @@ -56,11 +49,11 @@ #include -#if defined(__FreeBSD__) && __FreeBSD__ >= 3 +extern lck_mtx_t *sadb_mutex; + MALLOC_DEFINE(M_SECA, "key mgmt", "security associations, key management"); -#endif -static void keydb_delsecasvar __P((struct secasvar *)); +// static void keydb_delsecasvar(struct secasvar *); // not used /* * secpolicy management @@ -70,7 +63,9 @@ keydb_newsecpolicy() { struct secpolicy *p; - p = (struct secpolicy *)_MALLOC(sizeof(*p), M_SECA, M_NOWAIT); + lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_NOTOWNED); + + p = (struct secpolicy *)_MALLOC(sizeof(*p), M_SECA, M_WAITOK); if (!p) return p; bzero(p, sizeof(*p)); @@ -94,8 +89,15 @@ keydb_newsecashead() struct secashead *p; int i; + lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED); + p = (struct secashead *)_MALLOC(sizeof(*p), M_SECA, M_NOWAIT); - if (!p) + if (!p) { + lck_mtx_unlock(sadb_mutex); + p = (struct secashead *)_MALLOC(sizeof(*p), M_SECA, M_WAITOK); + lck_mtx_lock(sadb_mutex); + } + if (!p) return p; bzero(p, sizeof(*p)); for (i = 0; i < sizeof(p->savtree)/sizeof(p->savtree[0]); i++) @@ -103,6 +105,7 @@ keydb_newsecashead() return p; } +#if 0 void keydb_delsecashead(p) struct secashead *p; @@ -111,7 +114,9 @@ keydb_delsecashead(p) _FREE(p, M_SECA); } -/* + + +/* * secasvar management (reference counted) */ struct secasvar * @@ -119,7 +124,9 @@ keydb_newsecasvar() { struct secasvar *p; - p = (struct secasvar *)_MALLOC(sizeof(*p), M_SECA, M_NOWAIT); + lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_NOTOWNED); + + p = (struct secasvar *)_MALLOC(sizeof(*p), M_SECA, M_WAITOK); if (!p) return p; bzero(p, sizeof(*p)); @@ -131,32 +138,23 @@ void keydb_refsecasvar(p) struct secasvar *p; { - int s; -#ifdef __NetBSD__ - s = splsoftnet(); -#else - s = splnet(); -#endif + lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED); + p->refcnt++; - splx(s); } void keydb_freesecasvar(p) struct secasvar *p; { - int s; -#ifdef __NetBSD__ - s = splsoftnet(); -#else - s = splnet(); -#endif + lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED); + p->refcnt--; - if (p->refcnt == 0) + /* negative refcnt will cause panic intentionally */ + if (p->refcnt <= 0) keydb_delsecasvar(p); - splx(s); } static void @@ -169,6 +167,7 @@ keydb_delsecasvar(p) _FREE(p, M_SECA); } +#endif /* * secreplay management @@ -178,8 +177,15 @@ keydb_newsecreplay(wsize) size_t wsize; { struct secreplay *p; + + lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED); p = (struct secreplay *)_MALLOC(sizeof(*p), M_SECA, M_NOWAIT); + if (!p) { + lck_mtx_unlock(sadb_mutex); + p = (struct secreplay *)_MALLOC(sizeof(*p), M_SECA, M_WAITOK); + lck_mtx_lock(sadb_mutex); + } if (!p) return p; @@ -187,8 +193,13 @@ keydb_newsecreplay(wsize) if (wsize != 0) { p->bitmap = (caddr_t)_MALLOC(wsize, M_SECA, M_NOWAIT); if (!p->bitmap) { - _FREE(p, M_SECA); - return NULL; + lck_mtx_unlock(sadb_mutex); + p->bitmap = (caddr_t)_MALLOC(wsize, M_SECA, M_WAITOK); + lck_mtx_lock(sadb_mutex); + if (!p->bitmap) { + _FREE(p, M_SECA); + return NULL; + } } bzero(p->bitmap, wsize); } @@ -206,7 +217,8 @@ keydb_delsecreplay(p) _FREE(p, M_SECA); } -/* +#if 0 +/* NOT USED * secreg management */ struct secreg * @@ -214,7 +226,7 @@ keydb_newsecreg() { struct secreg *p; - p = (struct secreg *)_MALLOC(sizeof(*p), M_SECA, M_NOWAIT); + p = (struct secreg *)_MALLOC(sizeof(*p), M_SECA, M_WAITOK); if (p) bzero(p, sizeof(*p)); return p; @@ -227,3 +239,4 @@ keydb_delsecreg(p) _FREE(p, M_SECA); } +#endif