X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/9bccf70c0258c7cac2dcb80011b2a964d884c552..c18c124eaa464aaaa5549e99e5a70fc9cbb50944:/bsd/netkey/keydb.c?ds=inline diff --git a/bsd/netkey/keydb.c b/bsd/netkey/keydb.c index a96589042..362ce530f 100644 --- a/bsd/netkey/keydb.c +++ b/bsd/netkey/keydb.c @@ -49,9 +49,11 @@ #include +extern lck_mtx_t *sadb_mutex; + MALLOC_DEFINE(M_SECA, "key mgmt", "security associations, key management"); -static void keydb_delsecasvar __P((struct secasvar *)); +// static void keydb_delsecasvar(struct secasvar *); // not used /* * secpolicy management @@ -61,6 +63,8 @@ keydb_newsecpolicy() { struct secpolicy *p; + lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_NOTOWNED); + p = (struct secpolicy *)_MALLOC(sizeof(*p), M_SECA, M_WAITOK); if (!p) return p; @@ -85,8 +89,15 @@ keydb_newsecashead() struct secashead *p; int i; - p = (struct secashead *)_MALLOC(sizeof(*p), M_SECA, M_WAITOK); - if (!p) + lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED); + + p = (struct secashead *)_MALLOC(sizeof(*p), M_SECA, M_NOWAIT); + if (!p) { + lck_mtx_unlock(sadb_mutex); + p = (struct secashead *)_MALLOC(sizeof(*p), M_SECA, M_WAITOK); + lck_mtx_lock(sadb_mutex); + } + if (!p) return p; bzero(p, sizeof(*p)); for (i = 0; i < sizeof(p->savtree)/sizeof(p->savtree[0]); i++) @@ -94,6 +105,7 @@ keydb_newsecashead() return p; } +#if 0 void keydb_delsecashead(p) struct secashead *p; @@ -102,7 +114,9 @@ keydb_delsecashead(p) _FREE(p, M_SECA); } -/* + + +/* * secasvar management (reference counted) */ struct secasvar * @@ -110,6 +124,8 @@ keydb_newsecasvar() { struct secasvar *p; + lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_NOTOWNED); + p = (struct secasvar *)_MALLOC(sizeof(*p), M_SECA, M_WAITOK); if (!p) return p; @@ -122,25 +138,23 @@ void keydb_refsecasvar(p) struct secasvar *p; { - int s; - s = splnet(); + lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED); + p->refcnt++; - splx(s); } void keydb_freesecasvar(p) struct secasvar *p; { - int s; - s = splnet(); + lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED); + p->refcnt--; /* negative refcnt will cause panic intentionally */ if (p->refcnt <= 0) keydb_delsecasvar(p); - splx(s); } static void @@ -153,6 +167,7 @@ keydb_delsecasvar(p) _FREE(p, M_SECA); } +#endif /* * secreplay management @@ -162,17 +177,29 @@ keydb_newsecreplay(wsize) size_t wsize; { struct secreplay *p; - - p = (struct secreplay *)_MALLOC(sizeof(*p), M_SECA, M_WAITOK); + + lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED); + + p = (struct secreplay *)_MALLOC(sizeof(*p), M_SECA, M_NOWAIT); + if (!p) { + lck_mtx_unlock(sadb_mutex); + p = (struct secreplay *)_MALLOC(sizeof(*p), M_SECA, M_WAITOK); + lck_mtx_lock(sadb_mutex); + } if (!p) return p; bzero(p, sizeof(*p)); if (wsize != 0) { - p->bitmap = (caddr_t)_MALLOC(wsize, M_SECA, M_WAITOK); + p->bitmap = (caddr_t)_MALLOC(wsize, M_SECA, M_NOWAIT); if (!p->bitmap) { - _FREE(p, M_SECA); - return NULL; + lck_mtx_unlock(sadb_mutex); + p->bitmap = (caddr_t)_MALLOC(wsize, M_SECA, M_WAITOK); + lck_mtx_lock(sadb_mutex); + if (!p->bitmap) { + _FREE(p, M_SECA); + return NULL; + } } bzero(p->bitmap, wsize); } @@ -190,7 +217,8 @@ keydb_delsecreplay(p) _FREE(p, M_SECA); } -/* +#if 0 +/* NOT USED * secreg management */ struct secreg * @@ -211,3 +239,4 @@ keydb_delsecreg(p) _FREE(p, M_SECA); } +#endif