[src/trunk]: src/sys/netipsec Make sure a sav is inserted to a sah list after...

[ozaki-r <ozaki-r%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/c5759b806b47
branches:  trunk
changeset: 825340:c5759b806b47
user:      ozaki-r <ozaki-r%NetBSD.org@localhost>
date:      Mon Jul 10 07:45:10 2017 +0000

description:
Make sure a sav is inserted to a sah list after its initialization completes

diffstat:

 sys/netipsec/key.c |  94 ++++++++++++++++++++++++++++-------------------------
 1 files changed, 50 insertions(+), 44 deletions(-)

diffs (228 lines):

diff -r 9b8c11efc916 -r c5759b806b47 sys/netipsec/key.c
--- a/sys/netipsec/key.c        Mon Jul 10 07:40:23 2017 +0000
+++ b/sys/netipsec/key.c        Mon Jul 10 07:45:10 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: key.c,v 1.170 2017/07/10 07:40:23 ozaki-r Exp $        */
+/*     $NetBSD: key.c,v 1.171 2017/07/10 07:45:10 ozaki-r Exp $        */
 /*     $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $        */
 /*     $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $   */
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.170 2017/07/10 07:40:23 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.171 2017/07/10 07:45:10 ozaki-r Exp $");
 
 /*
  * This code is referd to RFC 2367
@@ -421,11 +421,10 @@
 static int key_spdexpire (struct secpolicy *);
 static struct secashead *key_newsah (const struct secasindex *);
 static void key_delsah (struct secashead *);
-static struct secasvar *key_newsav (struct mbuf *,
-       const struct sadb_msghdr *, struct secashead *, int *,
-       const char*, int);
-#define        KEY_NEWSAV(m, sadb, sah, e)                             \
-       key_newsav(m, sadb, sah, e, __func__, __LINE__)
+static struct secasvar *key_newsav(struct mbuf *,
+       const struct sadb_msghdr *, int *, const char*, int);
+#define        KEY_NEWSAV(m, sadb, e)                          \
+       key_newsav(m, sadb, e, __func__, __LINE__)
 static void key_delsav (struct secasvar *);
 static struct secashead *key_getsah(const struct secasindex *, int);
 static struct secasvar *key_checkspidup (const struct secasindex *, u_int32_t);
@@ -433,7 +432,7 @@
 static int key_setsaval (struct secasvar *, struct mbuf *,
        const struct sadb_msghdr *);
 static void key_freesaval(struct secasvar *);
-static int key_mature (struct secasvar *);
+static int key_init_xform(struct secasvar *);
 static void key_clear_xform(struct secasvar *);
 static struct mbuf *key_setdumpsa (struct secasvar *, u_int8_t,
        u_int8_t, u_int32_t, u_int32_t);
@@ -1375,6 +1374,11 @@
 
        if (nv == 0) {
                *psav = NULL;
+
+               /* remove from SA header */
+               KASSERT(__LIST_CHAINED(sav));
+               LIST_REMOVE(sav, chain);
+
                key_delsav(sav);
        }
 }
@@ -2903,8 +2907,7 @@
  */
 static struct secasvar *
 key_newsav(struct mbuf *m, const struct sadb_msghdr *mhp,
-          struct secashead *sah, int *errp,
-          const char* where, int tag)
+    int *errp, const char* where, int tag)
 {
        struct secasvar *newsav;
        const struct sadb_sa *xsa;
@@ -2913,7 +2916,6 @@
        KASSERT(m != NULL);
        KASSERT(mhp != NULL);
        KASSERT(mhp->msg != NULL);
-       KASSERT(sah != NULL);
 
        newsav = kmem_zalloc(sizeof(struct secasvar), KM_SLEEP);
 
@@ -2958,12 +2960,6 @@
        newsav->created = time_uptime;
        newsav->pid = mhp->msg->sadb_msg_pid;
 
-       /* add to satree */
-       newsav->sah = sah;
-       newsav->refcnt = 1;
-       newsav->state = SADB_SASTATE_LARVAL;
-       LIST_INSERT_TAIL(&sah->savtree[SADB_SASTATE_LARVAL], newsav,
-           secasvar, chain);
        KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
            "DP from %s:%u return SA:%p\n", where, tag, newsav);
        return newsav;
@@ -3008,10 +3004,6 @@
        KASSERT(sav != NULL);
        KASSERTMSG(sav->refcnt == 0, "reference count %u > 0", sav->refcnt);
 
-       /* remove from SA header */
-       KASSERT(__LIST_CHAINED(sav));
-       LIST_REMOVE(sav, chain);
-
        key_clear_xform(sav);
        key_freesaval(sav);
        kmem_intr_free(sav, sizeof(*sav));
@@ -3348,10 +3340,13 @@
  *     other:  errno
  */
 static int
-key_mature(struct secasvar *sav)
+key_init_xform(struct secasvar *sav)
 {
        int error;
 
+       /* We shouldn't initialize sav variables while someone uses it. */
+       KASSERT(sav->refcnt == 0);
+
        /* check SPI value */
        switch (sav->sah->saidx.proto) {
        case IPPROTO_ESP:
@@ -3416,9 +3411,8 @@
                error = EPROTONOSUPPORT;
                break;
        }
-       if (error == 0)
-               key_sa_chgstate(sav, SADB_SASTATE_MATURE);
-       return (error);
+
+       return error;
 }
 
 /*
@@ -4887,7 +4881,7 @@
 
        /* get a new SA */
        /* XXX rewrite */
-       newsav = KEY_NEWSAV(m, mhp, newsah, &error);
+       newsav = KEY_NEWSAV(m, mhp, &error);
        if (newsav == NULL) {
                /* XXX don't free new SA index allocated in above. */
                return key_senderror(so, m, error);
@@ -4896,6 +4890,13 @@
        /* set spi */
        newsav->spi = htonl(spi);
 
+       /* add to satree */
+       newsav->refcnt = 1;
+       newsav->sah = newsah;
+       newsav->state = SADB_SASTATE_LARVAL;
+       LIST_INSERT_TAIL(&newsah->savtree[SADB_SASTATE_LARVAL], newsav,
+           secasvar, chain);
+
 #ifndef IPSEC_NONBLOCK_ACQUIRE
        /* delete the entry in acqtree */
        if (mhp->msg->sadb_msg_seq != 0) {
@@ -5306,32 +5307,31 @@
        newsav->seq = sav->seq;
        newsav->created = sav->created;
        newsav->pid = sav->pid;
+       newsav->sah = sav->sah;
 
        error = key_setsaval(newsav, m, mhp);
        if (error) {
-               KEY_FREESAV(&newsav);
+               key_delsav(newsav);
                return key_senderror(so, m, error);
        }
 
        error = key_handle_natt_info(newsav, mhp);
        if (error != 0) {
-               KEY_FREESAV(&newsav);
+               key_delsav(newsav);
+               return key_senderror(so, m, error);
+       }
+
+       error = key_init_xform(newsav);
+       if (error != 0) {
+               key_delsav(newsav);
                return key_senderror(so, m, error);
        }
 
        /* add to satree */
-       newsav->sah = sah;
        newsav->refcnt = 1;
-       newsav->state = sav->state;
-       /* We have to keep the order */
-       LIST_INSERT_AFTER(sav, newsav, chain);
-
-       /* check SA values to be mature. */
-       error = key_mature(newsav);
-       if (error != 0) {
-               KEY_FREESAV(&newsav);
-               return key_senderror(so, m, error);
-       }
+       newsav->state = SADB_SASTATE_MATURE;
+       LIST_INSERT_TAIL(&sah->savtree[SADB_SASTATE_MATURE], newsav,
+           secasvar, chain);
 
        key_sa_chgstate(sav, SADB_SASTATE_DEAD);
        KEY_FREESAV(&sav);
@@ -5486,24 +5486,30 @@
                IPSECLOG(LOG_DEBUG, "SA already exists.\n");
                return key_senderror(so, m, EEXIST);
        }
-       newsav = KEY_NEWSAV(m, mhp, newsah, &error);
+       newsav = KEY_NEWSAV(m, mhp, &error);
        if (newsav == NULL) {
                return key_senderror(so, m, error);
        }
+       newsav->sah = newsah;
 
        error = key_handle_natt_info(newsav, mhp);
        if (error != 0) {
-               KEY_FREESAV(&newsav);
+               key_delsav(newsav);
                return key_senderror(so, m, EINVAL);
        }
 
-       /* check SA values to be mature. */
-       error = key_mature(newsav);
+       error = key_init_xform(newsav);
        if (error != 0) {
-               KEY_FREESAV(&newsav);
+               key_delsav(newsav);
                return key_senderror(so, m, error);
        }
 
+       /* add to satree */
+       newsav->refcnt = 1;
+       newsav->state = SADB_SASTATE_MATURE;
+       LIST_INSERT_TAIL(&newsah->savtree[SADB_SASTATE_MATURE], newsav,
+           secasvar, chain);
+
        /*
         * don't call key_freesav() here, as we would like to keep the SA
         * in the database on success.